Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Virenprogramm lässt sich nicht mehr installieren

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 25.02.2016, 19:51   #1
Kanso
 
Virenprogramm lässt sich nicht mehr installieren - Standard

Virenprogramm lässt sich nicht mehr installieren



Guten Abend,

heute Morgen hat sich mein Computer ohne Vorwarnung von selbst ausgeschaltet. Danach lies sich mein Virenprogramm (benutze Norton Security) nicht mehr öffnen bzw. ich konnte mich nicht mehr anmelden. Also habe ich den Support von Norton kontaktiert. Dort hat sich ein Mitarbeiter Zugang zu meinem Desktop verschafft um das Problem zu lösen. Nach mehrmaligen Versuchen das Programm neu zu installieren kam immer eine Fehlermeldung, dass mein PC evtl. infiziert ist und deshalb keine Neuinstallation möglich ist. Ein Techniker von Norton will sich morgen nochmal bei mir melden. Aber vielleicht lässt sich das Problem ja von euch irgendwie lösen, befürchte mittlerweile auch mein PC hat sich irgendwas eingefangen, auch wenn ich sonst eigentlich keine weiteren Probleme habe. Danke schonmal für die Hilfe.

Gruß Kanso

Alt 26.02.2016, 06:46   #2
Larusso
/// Selecta Jahrusso
 
Virenprogramm lässt sich nicht mehr installieren - Standard

Virenprogramm lässt sich nicht mehr installieren



http://www.trojaner-board.de/69886-a...-beachten.html
__________________

__________________

Alt 26.02.2016, 08:47   #3
Kanso
 
Virenprogramm lässt sich nicht mehr installieren - Standard

Virenprogramm lässt sich nicht mehr installieren



Alles klar hier die Logfiles.

FRST.txt

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:24-02-2016
durchgeführt von Admin (Administrator) auf ADMIN-PC (26-02-2016 09:37:05)
Gestartet von C:\Users\Admin\Desktop
Geladene Profile: Admin (Verfügbare Profile: Admin & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.16941.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [402344 2015-12-19] ()
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-03-12] (Intel Corporation)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [896632 2015-07-22] (BlueStack Systems, Inc.)
HKU\S-1-5-21-988284940-210793992-766847566-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-16] (InstallShield Software Corporation)
HKU\S-1-5-21-988284940-210793992-766847566-1000\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [175368 2016-02-09] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK-Konfigurationstool.lnk [2014-02-28]
ShortcutTarget: TP-LINK-Konfigurationstool.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{38fa8d64-1429-4eb3-94d0-479866b2cb77}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-988284940-210793992-766847566-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-988284940-210793992-766847566-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-988284940-210793992-766847566-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll => Keine Datei
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll => Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sxq420uz.default
FF Session Restore: -> ist aktiviert.
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-15] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-15] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2011-04-05] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-02-09] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-02-09] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2015-06-19] (Pando Networks)
FF Plugin HKU\S-1-5-21-988284940-210793992-766847566-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-988284940-210793992-766847566-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-09-10] ()
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sxq420uz.default\searchplugins\safesearch.xml [2015-06-25]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sxq420uz.default\Extensions\adblockpopups@jessehakanen.net.xpi [2015-05-29]
FF Extension: NoScript - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sxq420uz.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-02-12]
FF Extension: WOT - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sxq420uz.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-09]
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sxq420uz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1616440 2015-10-31] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7220792 2016-01-30] (GOG.com)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
S4 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S4 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2016-02-25] (Symantec Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2014-06-19] ()
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
R3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [3870464 2015-10-01] (Realtek Semiconductor Corporation                           )
R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [767648 2014-10-08] (Microsoft Corporation)
R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [273576 2014-10-08] (Microsoft Corporation)
R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [29864 2014-10-08] (Microsoft Corporation)
R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [23208 2014-10-08] (Microsoft Corporation)
R4 SRTSPX; C:\Windows\system32\drivers\NSx64\1605040.018\SRTSPX64.SYS [50936 2015-09-23] (Symantec Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 condrv; System32\drivers\condrv.sys [X]
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-26 09:37 - 2016-02-26 09:37 - 00015621 _____ C:\Users\Admin\Desktop\FRST.txt
2016-02-26 09:35 - 2016-02-26 09:37 - 00000000 ____D C:\FRST
2016-02-26 09:34 - 2016-02-26 09:34 - 02371072 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2016-02-26 05:36 - 2016-02-26 05:38 - 00000000 ____D C:\Program Files (x86)\Norton Security
2016-02-26 05:36 - 2016-02-26 05:36 - 00001364 _____ C:\Users\Admin\Desktop\Norton-Installationsdateien.lnk
2016-02-26 05:36 - 2016-02-26 05:36 - 00000000 ____D C:\WINDOWS\system32\Drivers\NSx64
2016-02-26 05:35 - 2016-02-26 05:36 - 01110464 _____ (Symantec Corporation) C:\Users\Admin\Downloads\NSDownloader(2).exe
2016-02-26 05:30 - 2016-02-26 09:36 - 00362550 _____ C:\WINDOWS\ntbtlog.txt
2016-02-26 05:28 - 2016-02-26 05:28 - 10079720 _____ (Symantec Corporation) C:\Users\Admin\Downloads\NPE (2).exe
2016-02-26 05:12 - 2016-02-26 05:14 - 00412020 _____ C:\WINDOWS\Minidump\022616-17640-01.dmp
2016-02-25 11:37 - 2016-02-25 11:37 - 00000432 _____ C:\Users\Admin\AppData\Local\LMIR0001.tmp.bat
2016-02-25 11:37 - 2016-02-25 11:37 - 00000357 _____ C:\Users\Admin\AppData\Local\LMIR0001.tmp_r.bat
2016-02-25 11:33 - 2016-02-25 11:36 - 00000000 ____D C:\Program Files (x86)\LogMeIn Rescue RC - 0bfdcd33-f52c-4b3b-a4a7-71770fabb626
2016-02-25 11:28 - 2016-02-26 05:42 - 00000000 ____D C:\ProgramData\Norton
2016-02-25 11:28 - 2016-02-26 05:42 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
2016-02-25 11:28 - 2016-02-26 05:38 - 00000000 ____D C:\ProgramData\NortonInstaller
2016-02-25 11:22 - 2016-02-25 11:23 - 00895080 _____ C:\Users\Admin\Downloads\Norton_Removal_Tool(2).exe
2016-02-25 11:17 - 2016-02-25 11:17 - 00002324 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec (10).lnk
2016-02-25 11:15 - 2016-02-25 11:15 - 10079720 _____ (Symantec Corporation) C:\Users\Admin\Downloads\NPE (1).exe
2016-02-25 11:13 - 2016-02-25 11:13 - 00895080 _____ C:\Users\Admin\Downloads\Norton_Removal_Tool(1).exe
2016-02-25 11:10 - 2016-02-25 11:10 - 00002324 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec (9).lnk
2016-02-25 10:51 - 2016-02-25 10:51 - 00002324 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec (8).lnk
2016-02-25 10:48 - 2016-02-25 10:48 - 00000000 __SHD C:\found.000
2016-02-25 10:40 - 2016-02-25 10:40 - 00002324 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec (7).lnk
2016-02-25 10:37 - 2016-02-25 10:37 - 00002286 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec (6).lnk
2016-02-25 10:29 - 2016-02-25 11:26 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-02-25 10:29 - 2016-02-25 10:29 - 00002286 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec (5).lnk
2016-02-25 10:28 - 2016-02-25 10:28 - 00000000 ____D C:\WINDOWS\pss
2016-02-25 10:17 - 2016-02-25 10:17 - 00002324 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec (4).lnk
2016-02-25 10:07 - 2016-02-26 05:31 - 00000000 ____D C:\NPE
2016-02-25 10:07 - 2016-02-25 10:07 - 00002324 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec (3).lnk
2016-02-25 10:05 - 2016-02-26 05:33 - 00000000 ____D C:\Users\Admin\AppData\Local\NPE
2016-02-25 10:05 - 2016-02-25 10:05 - 10079720 _____ (Symantec Corporation) C:\Users\Admin\Downloads\NPE.exe
2016-02-25 10:02 - 2016-02-25 10:02 - 01110464 _____ (Symantec Corporation) C:\Users\Admin\Downloads\NSDownloader (1).exe
2016-02-25 09:58 - 2016-02-26 05:21 - 00004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3CF3C132-6859-4994-8DAC-3B31CD8D194C}
2016-02-25 09:57 - 2016-02-25 09:57 - 00002324 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec (2).lnk
2016-02-25 09:54 - 2016-02-25 09:55 - 00895080 _____ C:\Users\Admin\Downloads\Norton_Removal_Tool.exe
2016-02-25 09:48 - 2016-02-25 09:48 - 00000248 _____ C:\rescue.info
2016-02-25 09:46 - 2016-02-25 09:46 - 01857576 _____ (LogMeIn, Inc.) C:\Users\Admin\Downloads\Support-LogMeInRescue.exe
2016-02-25 09:46 - 2016-02-25 09:46 - 00002324 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec.lnk
2016-02-25 09:46 - 2016-02-25 09:46 - 00000000 ____D C:\Users\Admin\AppData\Local\LogMeIn Rescue Applet
2016-02-24 21:57 - 2016-02-24 21:57 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\HuniePot
2016-02-24 21:55 - 2016-02-24 21:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HuniePop [GOG.com]
2016-02-16 00:11 - 2016-02-16 00:11 - 00002202 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2016-02-16 00:10 - 2016-02-16 00:10 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-02-16 00:10 - 2016-02-09 06:04 - 00111672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-02-16 00:09 - 2016-02-09 09:25 - 42983480 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 37616184 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 31119296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 24944064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 21201784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 20741880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 17631304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 17224664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 17175248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 17116936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 02541504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 02187712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 01924152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436191.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 01573432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436191.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00950328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00882232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00786688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00745408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00689600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00632336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00541000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00445728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00423360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00383424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00379448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00378968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00348216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00317144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00175368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00153392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-02-14 10:24 - 2016-02-14 10:26 - 00353028 _____ C:\WINDOWS\Minidump\021416-29546-01.dmp
2016-02-12 06:29 - 2016-02-24 09:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-09 19:52 - 2016-01-29 07:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-09 19:52 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-09 19:52 - 2016-01-27 07:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-09 19:52 - 2016-01-27 07:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-09 19:52 - 2016-01-27 07:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-09 19:52 - 2016-01-27 07:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-09 19:52 - 2016-01-27 07:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-09 19:52 - 2016-01-27 06:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-09 19:52 - 2016-01-27 06:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-09 19:52 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-09 19:52 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-09 19:52 - 2016-01-27 06:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-09 19:52 - 2016-01-27 06:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-02-09 19:52 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-09 19:52 - 2016-01-27 06:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-09 19:52 - 2016-01-27 06:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-09 19:52 - 2016-01-27 06:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-09 19:52 - 2016-01-27 06:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-09 19:52 - 2016-01-27 06:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-02-09 19:52 - 2016-01-27 06:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-09 19:52 - 2016-01-27 06:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-09 19:52 - 2016-01-27 06:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-09 19:52 - 2016-01-27 06:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-02-09 19:52 - 2016-01-27 06:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-02-09 19:52 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-09 19:52 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-09 19:52 - 2016-01-27 06:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-02-09 19:52 - 2016-01-27 06:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-02-09 19:52 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-09 19:52 - 2016-01-27 06:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-02-09 19:52 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-09 19:52 - 2016-01-27 06:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-09 19:52 - 2016-01-27 06:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-09 19:52 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-09 19:52 - 2016-01-27 06:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-09 19:52 - 2016-01-27 06:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-02-09 19:52 - 2016-01-27 06:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-02-09 19:52 - 2016-01-27 06:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-02-09 19:52 - 2016-01-27 06:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-09 19:52 - 2016-01-27 06:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-09 19:52 - 2016-01-27 06:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-02-09 19:52 - 2016-01-27 06:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-09 19:52 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-09 19:52 - 2016-01-27 05:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-09 19:52 - 2016-01-27 05:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-09 19:52 - 2016-01-27 05:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-09 19:52 - 2016-01-27 05:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-09 19:52 - 2016-01-27 05:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-09 19:52 - 2016-01-27 05:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-09 19:52 - 2016-01-27 05:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-09 19:52 - 2016-01-27 05:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-09 19:52 - 2016-01-27 05:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-09 19:52 - 2016-01-27 05:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-09 19:52 - 2016-01-27 05:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-09 19:52 - 2016-01-27 05:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-09 19:52 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-09 19:52 - 2016-01-27 05:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-09 19:52 - 2016-01-27 05:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-02-09 19:52 - 2016-01-27 05:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-09 19:52 - 2016-01-27 05:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-09 19:52 - 2016-01-27 05:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-09 19:52 - 2016-01-27 05:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-09 19:52 - 2016-01-27 05:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-09 19:52 - 2016-01-27 05:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-09 19:52 - 2016-01-27 05:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-03 19:18 - 2016-02-03 19:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher® 3 - Wild Hunt [GOG.com]
2016-02-02 19:33 - 2016-02-02 19:35 - 10026464 _____ C:\Users\Admin\Downloads\Worlds Apart (Sami Zayn)_Megalouis100v4.m4a
2016-01-31 12:53 - 2016-02-08 00:23 - 00000000 ____D C:\Users\Admin\Documents\Broken Sword - Director's Cut
2016-01-31 12:19 - 2016-01-31 12:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Broken Sword - Director's Cut [GOG.com]
2016-01-31 01:02 - 2016-01-23 04:31 - 01924152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436175.dll
2016-01-31 01:02 - 2016-01-23 04:31 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436175.dll
2016-01-29 19:10 - 2016-01-29 19:10 - 00000000 ____D C:\Users\Admin\Documents\League of Legends
2016-01-29 19:03 - 2016-02-25 09:55 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2016-01-29 18:55 - 2016-01-29 18:55 - 01110464 _____ (Symantec Corporation) C:\Users\Admin\Downloads\NSDownloader(1).exe
2016-01-29 17:44 - 2016-01-29 17:44 - 00102616 _____ (Symantec Corporation) C:\WINDOWS\SMSS-PFRO5d7c.tmp
2016-01-27 19:53 - 2016-01-16 07:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-01-27 19:53 - 2016-01-16 07:36 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-27 19:53 - 2016-01-16 07:36 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-27 19:53 - 2016-01-16 07:34 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-27 19:53 - 2016-01-16 07:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-01-27 19:53 - 2016-01-16 07:23 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-01-27 19:53 - 2016-01-16 07:23 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-27 19:53 - 2016-01-16 07:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-27 19:53 - 2016-01-16 07:23 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-01-27 19:53 - 2016-01-16 07:23 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-01-27 19:53 - 2016-01-16 07:23 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-01-27 19:53 - 2016-01-16 07:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-01-27 19:53 - 2016-01-16 07:20 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-01-27 19:53 - 2016-01-16 07:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-27 19:53 - 2016-01-16 07:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-01-27 19:53 - 2016-01-16 07:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-01-27 19:53 - 2016-01-16 07:19 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-27 19:53 - 2016-01-16 07:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-01-27 19:53 - 2016-01-16 07:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-01-27 19:53 - 2016-01-16 07:09 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-01-27 19:53 - 2016-01-16 07:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-01-27 19:53 - 2016-01-16 07:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-01-27 19:53 - 2016-01-16 06:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-01-27 19:53 - 2016-01-16 06:45 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-27 19:53 - 2016-01-16 06:44 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-01-27 19:53 - 2016-01-16 06:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-01-27 19:53 - 2016-01-16 06:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-01-27 19:53 - 2016-01-16 06:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-01-27 19:53 - 2016-01-16 06:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-01-27 19:53 - 2016-01-16 06:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-01-27 19:53 - 2016-01-16 06:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-01-27 19:53 - 2016-01-16 06:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-01-27 19:53 - 2016-01-16 06:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-01-27 19:53 - 2016-01-16 06:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-01-27 19:53 - 2016-01-16 06:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-01-27 19:53 - 2016-01-16 06:38 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-01-27 19:53 - 2016-01-16 06:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-01-27 19:53 - 2016-01-16 06:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-01-27 19:53 - 2016-01-16 06:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-01-27 19:53 - 2016-01-16 06:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-01-27 19:53 - 2016-01-16 06:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-01-27 19:53 - 2016-01-16 06:37 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-01-27 19:53 - 2016-01-16 06:37 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-01-27 19:53 - 2016-01-16 06:36 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-27 19:53 - 2016-01-16 06:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-01-27 19:53 - 2016-01-16 06:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-01-27 19:53 - 2016-01-16 06:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-01-27 19:53 - 2016-01-16 06:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-01-27 19:53 - 2016-01-16 06:35 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-27 19:53 - 2016-01-16 06:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-01-27 19:53 - 2016-01-16 06:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-01-27 19:53 - 2016-01-16 06:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-01-27 19:53 - 2016-01-16 06:34 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-01-27 19:53 - 2016-01-16 06:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-01-27 19:53 - 2016-01-16 06:34 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-01-27 19:53 - 2016-01-16 06:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-01-27 19:53 - 2016-01-16 06:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-01-27 19:53 - 2016-01-16 06:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-01-27 19:53 - 2016-01-16 06:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-01-27 19:53 - 2016-01-16 06:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-01-27 19:53 - 2016-01-16 06:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-01-27 19:53 - 2016-01-16 06:31 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-01-27 19:53 - 2016-01-16 06:31 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-01-27 19:53 - 2016-01-16 06:31 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-01-27 19:53 - 2016-01-16 06:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-01-27 19:53 - 2016-01-16 06:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-01-27 19:53 - 2016-01-16 06:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-01-27 19:53 - 2016-01-16 06:30 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-01-27 19:53 - 2016-01-16 06:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-01-27 19:53 - 2016-01-16 06:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-01-27 19:53 - 2016-01-16 06:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-01-27 19:53 - 2016-01-16 06:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-01-27 19:53 - 2016-01-16 06:29 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-01-27 19:53 - 2016-01-16 06:28 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-01-27 19:53 - 2016-01-16 06:28 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-01-27 19:53 - 2016-01-16 06:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-01-27 19:53 - 2016-01-16 06:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-01-27 19:53 - 2016-01-16 06:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-01-27 19:53 - 2016-01-16 06:26 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-01-27 19:53 - 2016-01-16 06:26 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-01-27 19:53 - 2016-01-16 06:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-01-27 19:53 - 2016-01-16 06:26 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-01-27 19:53 - 2016-01-16 06:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-01-27 19:53 - 2016-01-16 06:25 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-01-27 19:53 - 2016-01-16 06:25 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-01-27 19:53 - 2016-01-16 06:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-01-27 19:53 - 2016-01-16 06:24 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-01-27 19:53 - 2016-01-16 06:24 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-01-27 19:53 - 2016-01-16 06:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-01-27 19:53 - 2016-01-16 06:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-01-27 19:53 - 2016-01-16 06:23 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-01-27 19:53 - 2016-01-16 06:21 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-01-27 19:53 - 2016-01-16 06:20 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-01-27 19:53 - 2016-01-16 06:20 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-01-27 19:53 - 2016-01-16 06:20 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-01-27 19:53 - 2016-01-16 06:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-01-27 19:53 - 2016-01-16 06:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-01-27 19:53 - 2016-01-16 06:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-01-27 19:53 - 2016-01-16 06:19 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-01-27 19:53 - 2016-01-16 06:19 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-01-27 19:53 - 2016-01-16 06:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-27 19:53 - 2016-01-16 06:17 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-01-27 19:53 - 2016-01-16 06:16 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-01-27 19:53 - 2016-01-16 06:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-27 19:53 - 2016-01-16 06:15 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-01-27 19:53 - 2016-01-16 06:14 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-01-27 19:53 - 2016-01-16 06:14 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-01-27 19:53 - 2016-01-16 06:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-26 05:36 - 2015-12-03 04:01 - 02091230 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-26 05:36 - 2015-10-30 19:35 - 00889534 _____ C:\WINDOWS\system32\perfh007.dat
2016-02-26 05:36 - 2015-10-30 19:35 - 00197858 _____ C:\WINDOWS\system32\perfc007.dat
2016-02-26 05:36 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-02-26 05:31 - 2015-12-03 03:57 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-02-26 05:30 - 2015-12-03 04:17 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-26 05:30 - 2015-12-03 03:58 - 00000000 ____D C:\ProgramData\NVIDIA
2016-02-26 05:30 - 2015-10-30 08:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-02-26 05:30 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-02-26 05:12 - 2015-12-04 19:37 - 00000000 ____D C:\WINDOWS\Minidump
2016-02-26 05:12 - 2014-03-07 16:29 - 890432205 _____ C:\WINDOWS\MEMORY.DMP
2016-02-25 20:43 - 2014-10-15 18:28 - 00000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2016-02-25 20:39 - 2015-03-05 20:41 - 00000000 ____D C:\GOG Games
2016-02-25 20:39 - 2015-03-05 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2016-02-25 20:39 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-02-25 20:36 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-02-25 09:59 - 2014-11-29 21:19 - 00000000 __SHD C:\Users\Admin\AppData\Local\EmieUserList
2016-02-25 09:59 - 2014-11-29 21:19 - 00000000 __SHD C:\Users\Admin\AppData\Local\EmieSiteList
2016-02-25 09:58 - 2015-02-05 18:42 - 00000000 __SHD C:\Users\Admin\AppData\LocalLow\EmieUserList
2016-02-25 09:58 - 2015-02-05 18:42 - 00000000 __SHD C:\Users\Admin\AppData\LocalLow\EmieSiteList
2016-02-25 09:03 - 2015-12-03 04:01 - 00000000 ____D C:\Users\Admin
2016-02-25 08:44 - 2015-08-06 20:56 - 00000000 __SHD C:\Users\Admin\IntelGraphicsProfiles
2016-02-24 20:23 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-24 18:56 - 2015-06-01 19:35 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2016-02-23 19:56 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-22 01:16 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-02-21 23:27 - 2015-01-27 10:27 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-02-21 00:02 - 2014-02-10 11:42 - 00000000 ____D C:\Users\Admin\AppData\Roaming\SoftGrid Client
2016-02-20 22:15 - 2014-08-10 22:06 - 00000000 ____D C:\Program Files (x86)\Steam
2016-02-16 00:11 - 2015-12-03 03:57 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-02-16 00:11 - 2014-02-26 20:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-02-14 10:24 - 2015-01-26 02:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-13 20:35 - 2014-02-10 12:11 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-13 20:32 - 2014-02-10 12:11 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-12 02:22 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-02-10 19:34 - 2015-08-06 20:56 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-02-10 10:37 - 2015-10-30 19:47 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 07:27 - 2015-09-22 23:03 - 12478528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-02-09 22:20 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-09 09:25 - 2015-09-22 23:03 - 19779648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-02-09 09:25 - 2015-09-22 23:03 - 14115136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-02-09 09:25 - 2015-09-22 23:03 - 03649576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-02-09 09:25 - 2015-09-22 23:03 - 03231544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-02-09 09:25 - 2015-09-22 23:03 - 00035832 _____ C:\WINDOWS\system32\nvinfo.pb
2016-02-09 06:29 - 2015-12-03 03:57 - 06368824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-02-09 06:29 - 2015-12-03 03:57 - 02992064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-02-09 06:29 - 2015-12-03 03:57 - 02561472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-02-09 06:29 - 2015-12-03 03:57 - 01263040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-02-09 06:29 - 2015-12-03 03:57 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-02-09 06:29 - 2015-12-03 03:57 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-02-09 06:29 - 2014-11-24 17:02 - 00530368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-02-09 06:29 - 2014-11-24 17:02 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-02-07 23:20 - 2015-05-20 16:56 - 00000000 ____D C:\Program Files (x86)\GalaxyClient
2016-02-07 20:41 - 2014-04-12 17:17 - 00000000 ____D C:\Users\Admin\AppData\Roaming\TS3Client
2016-02-06 15:58 - 2015-12-03 03:57 - 06154909 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-02-03 20:01 - 2015-10-30 08:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-03 20:01 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-31 12:19 - 2014-08-31 18:56 - 00466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2016-01-31 12:19 - 2014-08-31 18:56 - 00444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2016-01-31 12:19 - 2014-08-31 18:56 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2016-01-31 12:19 - 2014-08-31 18:56 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2016-01-31 01:02 - 2015-12-03 03:57 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-01-29 18:55 - 2015-07-25 17:47 - 00000000 ____D C:\Users\Public\Downloads\Norton
2016-01-29 17:37 - 2015-12-03 03:57 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-01-28 22:48 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-01-28 22:48 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-01-28 22:48 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-01-28 22:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-01-28 22:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-01-28 22:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-28 22:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-02-25 11:37 - 2016-02-25 11:37 - 0000432 _____ () C:\Users\Admin\AppData\Local\LMIR0001.tmp.bat
2016-02-25 11:37 - 2016-02-25 11:37 - 0000357 _____ () C:\Users\Admin\AppData\Local\LMIR0001.tmp_r.bat
2015-12-03 03:57 - 2015-12-03 03:57 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


ACHTUNG: ==> Auf den BCD konnte nicht zugegriffen werden. 


LastRegBack: 2016-02-17 09:32

==================== Ende von FRST.txt ============================
         
Addition.txt

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:24-02-2016
durchgeführt von Admin (2016-02-26 09:37:59)
Gestartet von C:\Users\Admin\Desktop
Windows 10 Pro Version 1511 (X64) (2015-12-03 03:22:42)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Admin (S-1-5-21-988284940-210793992-766847566-1000 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-988284940-210793992-766847566-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-988284940-210793992-766847566-503 - Limited - Disabled)
Gast (S-1-5-21-988284940-210793992-766847566-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-988284940-210793992-766847566-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

1954 Alcatraz (HKLM-x32\...\Steam App 255280) (Version:  - Daedalic Entertainment)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Assassins Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Assassin's Creed Revelations 1.03 (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.03 - Ubisoft)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Baldur's Gate -  The Original Saga (German) (HKLM-x32\...\GOGPACKBALDURSGATE1_is1) (Version: 2.0.0.20 - GOG.com)
Batman: Arkham City GOTY (HKLM-x32\...\Steam App 200260) (Version:  - Rocksteady Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BioShock (HKLM-x32\...\Steam App 7670) (Version:  - 2K Boston)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{C1F53C9F-C560-4292-9237-12786FE6BF62}) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
Broken Sword - Director's Cut (HKLM-x32\...\1207658900_is1) (Version: 2.1.0.16 - GOG.com)
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version:  - FromSoftware)
DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version:  - FromSoftware, Inc)
Darksiders (HKLM-x32\...\Steam App 50620) (Version:  - Vigil Games)
DarksidersInstaller (HKLM-x32\...\{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}) (Version: 1.00.1000 - Ihr Firmenname)
Deus Ex: Human Revolution - Director's Cut (HKLM-x32\...\Steam App 238010) (Version:  - Eidos Montreal)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
DVD Architect Studio 5.0 (HKLM-x32\...\{E42939AE-9660-11E2-9A0D-F04DA23A5C58}) (Version: 5.0.178 - Sony)
Dxtory version 2.0.130 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.130 - ExKode Co. Ltd.)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FINAL FANTASY XIV: A Realm Reborn (HKLM-x32\...\Steam App 39210) (Version:  - SQUARE ENIX)
Geheimakte Tunguska (HKLM-x32\...\{3B416FDA-CB3E-4514-9616-763E5B0D1140}) (Version: 1.03.02 - Deep Silver)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
How to Survive (HKLM-x32\...\Steam App 250400) (Version:  - )
HuniePop (HKLM-x32\...\1443428641_is1) (Version: 2.0.0.1 - GOG.com)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Leisure Suit Larry - Reloaded (HKLM-x32\...\1207659243_is1) (Version: 2.1.0.11 - GOG.com)
Magic Bullet QuickLooks for Movie Studio 64 bit (HKLM-x32\...\InstallShield_{03B2F2B1-247A-4216-997F-2BE0372FFEC9}) (Version: 1.4.3 - Ihr Firmenname)
Magic Bullet QuickLooks for Movie Studio 64 bit (Version: 1.4.3 - Ihr Firmenname) Hidden
MagicYUV Lossless Video Codec version 1.0 (HKLM-x32\...\{90410593-E0EB-4F9B-B984-65BEA8F07B91}_is1) (Version: 1.0 - INNOMAGIC, Ltd.)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - 4A Games)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.6122.5000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.6129.5001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MKVToolNix 7.5.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 7.5.0 - Moritz Bunkus)
Movie Studio Platinum 12.0 (64-bit) (HKLM\...\{6C3C3A70-958D-11E2-B0E5-F04DA23A5C58}) (Version: 12.0.896 - Sony)
Mozilla Firefox 44.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
NewBlue VideoFX for Sony Vegas MSPPS (HKLM\...\NewBlue VideoFX for Sony Vegas MSPPS) (Version: 2.0 - NewBlue)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.53.2 - Black Tree Gaming)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 361.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.91 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.91 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{6F9D5A0B-202C-4161-BC7F-0664EA39E7E7}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
ON_OFF Charge 2 B13.0403.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
ON_OFF Charge 2 B13.0403.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Papers, Please (HKLM-x32\...\1207659209_is1) (Version: 2.5.0.11 - GOG.com)
PhotoFiltre 7 (HKU\S-1-5-21-988284940-210793992-766847566-1000\...\PhotoFiltre 7) (Version:  - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Rayman Origins (HKLM-x32\...\Steam App 207490) (Version:  - UBIart Montpellier)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder)
RollerCoaster Tycoon 3: Platinum! (HKLM-x32\...\Steam App 2700) (Version:  - Frontier)
Sacred 2 Gold (HKLM-x32\...\Steam App 225640) (Version:  - Ascaron)
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Sid Meier's Civilization IV (HKLM-x32\...\Steam App 3900) (Version:  - Firaxis Games)
Sony Vocal Eraser (HKLM-x32\...\Sony Vocal Eraser_is1) (Version: 1.00 - iZotope, Inc.)
Sound Forge Audio Studio 10.0 (HKLM-x32\...\{BC7B099E-4643-11E3-9A41-F04DA23A5C58}) (Version: 10.0.252 - Sony)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version:  - Obsidian Entertainment)
Spelunky (HKLM-x32\...\Steam App 239350) (Version:  - )
State of Decay (HKLM-x32\...\Steam App 241540) (Version:  - Undead Labs)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-988284940-210793992-766847566-1000\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Last Remnant (HKLM-x32\...\Steam App 23310) (Version:  - SQUARE ENIX)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.12.1.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.12.1.0 - GOG.com)
The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.12.1.0 - GOG.com)
The Wolf Among Us (HKLM-x32\...\Steam App 250320) (Version:  - Telltale Games)
Torchlight (HKLM-x32\...\Steam App 41500) (Version:  - Runic Games)
TP-LINK 300Mbps Wireless USB Adapter Treiber (HKLM-x32\...\{852E893E-E4FD-45BB-8B17-72ADDF686974}) (Version: 1.3.1 - TP-LINK)
TP-LINK-Konfigurationstool (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Tropico (HKLM-x32\...\Steam App 33520) (Version:  - PopTop Software)
Two Worlds: Epic Edition (HKLM-x32\...\Steam App 1930) (Version:  - Reality Pump Studios)
Unity Web Player (HKU\S-1-5-21-988284940-210793992-766847566-1000\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.10 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.1 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02A600D9-1622-4911-9725-509354AEEC6E} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {0D117D4E-EE80-429D-9B8F-D88A92248012} - System32\Tasks\{A7EDC86C-AC88-4B0D-8EBF-801BB3377055} => pcalua.exe -a "C:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Prerequisites\vcredist_x64.exe" -d "C:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Prerequisites"
Task: {0E38147A-4851-42DC-9070-354ABDEA17FC} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {17C1BB3F-9616-44CB-922F-FF23AE97B1C0} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {1AC1141E-5152-4088-903E-CA244D117CC3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {1F12A9F8-7D8D-4065-B944-4AEA70A1E4D3} - System32\Tasks\{F1F9B1E2-1649-459F-8D19-CE3F57076C12} => pcalua.exe -a "C:\Users\Admin\Downloads\chromeinstall-8u31 (1).exe" -d C:\Users\Admin\Downloads
Task: {27010340-37CF-488A-BE23-11555D46A73B} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {2DB268B3-0211-4F20-A876-262F2EEAD600} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {2F4F6831-28EB-427C-968C-08B0E3E853D5} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {3B0FA0E6-512C-4CB7-86BF-2CA54168DC9E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-13] (Microsoft Corporation)
Task: {40F43CEE-3685-41BD-BD05-D3E30DDF1876} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {4184E456-B813-43F0-9B55-96D23C9CD64C} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {41C95DAF-DDF2-405F-A8C4-7C2A140FA0E7} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {4EBCE7C4-AC84-4EAF-B36A-56BD4FF4205A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {5A65B13D-C7DD-442B-BC9F-E849177D96B1} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {5B136352-F75E-4BE9-8434-23C71C470FAC} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {5DC6463A-620C-498C-B8CC-3F26CD93C061} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {6D44F053-69EA-461A-ABFA-2E9FC7A0C0A4} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {6E01809B-A6A1-48BD-B4CA-115117903BF4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {6FC1A9A9-FC4E-40C5-A882-8E0B53ECC4D0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {734D0CE1-F91D-46C2-AEF6-86D2515E6550} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {73907E84-CF68-44D4-BC7D-C426518C8A13} - System32\Tasks\{459661D1-D2F6-419D-ADE9-E7E05FD0DA52} => pcalua.exe -a C:\ProgramData\HealthAlert\uninstall.exe -c /kb=y /ic=1
Task: {75DDAAA5-05CE-48D1-917F-D076DB6B8997} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {7CD1B924-1215-4D6F-B79B-0807B81C65DD} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {927B26A2-EDC4-4E89-A784-2709B910E102} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {975DC5FC-0BF4-4734-A115-4331365C7EC0} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {9B842312-0CD7-412B-9771-E75313F50259} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {A3A38E1E-FA91-4361-A90B-CB608B7FE192} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {ABF95328-BD1A-4C58-AA4C-7D9E44654241} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {ADAA0D57-05AF-4D42-97A2-CA60B486A4FD} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {B0297718-FC73-4D55-A112-237A0A2FA275} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {BCF1AC20-C954-415B-90EB-09B341F654CA} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {DA3C86F9-5E29-40D8-8035-3E189AC2D6E3} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {DEADD6EE-4754-42BF-96F9-AF94B6F06D4D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {E04234EA-61B8-4CE5-B5DF-08E264BCF2FC} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {E5FA8F18-29CC-41E7-BDEC-EC7888343D95} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {EDACD965-B245-4FD8-8F97-275FB23FECAB} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {F1A14AE5-8D99-4F21-9EEF-F5C2007E7C6B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {F855E92F-2699-4DE3-AF41-951E76CED339} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-03 03:57 - 2016-02-09 06:29 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-12-03 19:37 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-03 19:37 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-21 20:31 - 2016-01-21 20:32 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-17 20:43 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-17 20:43 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-12 20:52 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-12 20:52 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-27 19:53 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-27 19:53 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-02-05 20:15 - 2016-02-05 20:15 - 00015872 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-02-05 20:15 - 2016-02-05 20:15 - 14869504 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-11-19 18:55 - 2015-11-19 18:56 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-01-21 20:31 - 2016-01-21 20:32 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-21 20:31 - 2016-01-21 20:32 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-03-30 22:38 - 2016-01-12 05:43 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:8CE646EE

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2015-01-26 20:44 - 00000027 ____N C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-988284940-210793992-766847566-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\Pictures\Wallpaper\the_witcher_3_wild_hunt_wallpaper_3-1920x1200.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
HKLM\...\StartupApproved\StartupFolder: => "TP-LINK-Konfigurationstool.lnk"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKU\S-1-5-21-988284940-210793992-766847566-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-988284940-210793992-766847566-1000\...\StartupApproved\Run: => "Dxtory Update Checker 2.0"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{6E420D0A-379E-4325-997B-5705899CAC39}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{B96ABC35-9B8B-4784-A9DB-0C1EA97B9030}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{0F6FC0BD-FCD4-42C7-B4AA-5BC87EE1A220}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe
FirewallRules: [{B314AF56-BBF0-45AF-8C29-039C4BD429B8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe
FirewallRules: [{256921F5-44A9-4B3A-BD2B-2A570C22DE55}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{57D125E4-42FB-44D2-A0EE-0F02B56DFC57}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F971CB50-BA99-4142-B8DF-8B89A8E07B33}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{E7D8D473-00F7-4EE1-9530-60C4A0F4C150}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{4925243F-FBE6-44B7-A975-BCCB0C180AF7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{30FDAB68-6C8E-4A7B-AA22-CCEA454D4F1A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{506017D7-8AC0-4E6C-A834-C122FCF909C4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Two Worlds - Epic Edition\TwoWorlds_RADEON.exe
FirewallRules: [{795906C9-BC9B-49FA-8325-C7C8870C2EF3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Two Worlds - Epic Edition\TwoWorlds_RADEON.exe
FirewallRules: [{E9A061A9-73B5-482C-997D-862ACF115145}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Two Worlds - Epic Edition\TwoWorlds.exe
FirewallRules: [{F4EBEA40-A7D8-43C7-AE9D-778C4CA5D7CA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Two Worlds - Epic Edition\TwoWorlds.exe
FirewallRules: [{65C91C97-F856-4271-9C73-C98B7567A801}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{360AEBC8-A0BE-4E94-8A33-AE6EAEC656E8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{315E15EB-B4F1-43E8-A4E6-402275B529A5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FF509E52-645D-4365-84AD-FB0C261C9868}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C5998C02-632D-43E9-90CA-60097EF8E86A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{991121E2-9026-4743-B7E5-7A8E55384142}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{86DF2C1A-1739-488B-875A-1AC9DB9C5060}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{6064EF51-4B50-4444-B1A4-EFA61BFF49F6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{1B15FC00-36FB-4A93-AE32-9647175F8F76}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{DC722C51-C46D-40EC-8668-E362EAE276B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{C3A04E99-322D-46E9-B9BD-703483A7B189}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{0F98958F-E861-40DD-BDC6-995B42040165}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\How to Survive\Detect.exe
FirewallRules: [{36EB300B-5DA7-4BF0-90A6-F1DE17CD6573}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\How to Survive\Detect.exe
FirewallRules: [{49455361-4214-40EC-B265-FC6266F267D5}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe
FirewallRules: [{3956483D-656F-4265-BDA2-02173B16C080}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe
FirewallRules: [{D307758E-88ED-41D1-BA4D-784FC8711CA3}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe
FirewallRules: [{83F8AF97-7FB9-454C-A591-89EB18A99069}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe
FirewallRules: [{711528E3-97F2-4F8A-9EA5-082E57617A17}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\UPlayBrowser.exe
FirewallRules: [{C5046C9C-B48A-4D3C-AE86-93A41B7D5923}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\UPlayBrowser.exe
FirewallRules: [{7DB14810-4D82-4530-8D15-AC1FCBB8292F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Secret World\ClientPatcher.exe
FirewallRules: [{D2A93941-11DF-48F6-860B-F94D40812543}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Secret World\ClientPatcher.exe
FirewallRules: [{43838B64-8209-499B-ADF7-50A08698FC1C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sacred 2 Gold\system\sacred2.exe
FirewallRules: [{04679FA5-74EB-4F69-9CF8-D680702FF885}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sacred 2 Gold\system\sacred2.exe
FirewallRules: [TCP Query User{AA756576-BAC1-4E66-88B8-E0048499E0E2}C:\program files (x86)\steam\steamapps\common\sacred 2 gold\system\s2gs.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\sacred 2 gold\system\s2gs.exe
FirewallRules: [UDP Query User{D89FE854-8AF1-4764-9460-3B065BD66B94}C:\program files (x86)\steam\steamapps\common\sacred 2 gold\system\s2gs.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\sacred 2 gold\system\s2gs.exe
FirewallRules: [{3248C1A6-D190-4F12-8664-CE8FC448256F}] => (Block) C:\program files (x86)\steam\steamapps\common\sacred 2 gold\system\s2gs.exe
FirewallRules: [{3C04B63A-6BE8-44F6-9601-3F5512BD4BD5}] => (Block) C:\program files (x86)\steam\steamapps\common\sacred 2 gold\system\s2gs.exe
FirewallRules: [{C5EB114E-20B2-4E5A-A3C0-42DB2A0E0E3B}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{B3BEF09D-7E43-474E-B668-25C680E2C25F}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{E739C62B-55ED-493C-8218-9EA012051BBD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1DDA49CF-21C4-4183-902F-D13104F301A1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2C3D6D71-6A44-4A80-B2A7-219C1420825F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D560325B-8725-48E5-8ABC-2E1FF99FCE98}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E48773F8-4DF5-4A58-A166-1B312C9269EF}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRSP.exe
FirewallRules: [{412CA1BF-B6E1-4713-B8FB-7EBC424876D0}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRSP.exe
FirewallRules: [{2D959B1C-9A0A-4CAC-A4FC-75936D9D49F2}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRMP.exe
FirewallRules: [{C0F791F9-DF54-4563-8410-219F17F6D25F}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRMP.exe
FirewallRules: [{6CE64287-2232-4D23-AE8C-292D1C5D4F93}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\AssassinsCreedRevelations.exe
FirewallRules: [{4E8BD3CA-B72A-4C48-A323-F5A3B2EBF83E}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\AssassinsCreedRevelations.exe
FirewallRules: [{00AB475C-77DB-4C57-B574-1D524BA5CA20}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{9AAD1A10-DA90-478C-9C63-08C7D8B02EC8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{090A43EF-2DD9-4261-990A-CAFE332D8E92}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{2102550E-749E-41E2-8FEE-B7EBBD08C1CA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{4BCFAB4F-2B9D-45DE-B077-F08168D5D67C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{E42C92D2-79D8-4882-87F6-3B1B1594FDE7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [TCP Query User{C1109CDB-71AE-439E-B1C2-50213C8C7A5B}C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe
FirewallRules: [UDP Query User{83D4C6C7-813C-44E2-B75B-C4BE83A4CB62}C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe
FirewallRules: [{36973D42-9A1C-4CFE-BF4D-E518212F5373}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ValveTestApp207490\Rayman Origins.exe
FirewallRules: [{7D9C5840-7C9D-46DF-B0A2-BC21610BF4A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ValveTestApp207490\Rayman Origins.exe
FirewallRules: [{C879E974-3CD9-40F1-9C30-303E9B43905F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{C7E055CB-D40D-4E27-B447-69B9B33F8345}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{12825260-A3BB-45E7-9C28-A1420FF60F33}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{997E46D0-78E6-4A77-8D4F-3A92C07FE6B0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{CFB6F006-D750-49A3-BAE0-6BDFB7E2AC9C}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{6B5F1130-E279-488D-AE55-A2DAE030F088}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{CEED23D0-3A11-4786-864D-3081A7F322BE}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{DE762189-4EF7-4EC1-A60F-21B017CB8085}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{6D55673B-0FF9-4D59-A9A2-9F7BDF50B34C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{A2B93ADD-9986-4733-9E48-06254363C283}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{9E681173-7A4C-46C3-86A6-A36B1C2B5BA3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe
FirewallRules: [{05AA5451-BEE9-4D9E-94C0-0B0EC6026DC5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe
FirewallRules: [{7D4D3518-150E-4447-B19A-4B0748E50D4B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spelunky\Spelunky.exe
FirewallRules: [{AF8D2895-5885-495F-9C5B-E3B660A1F778}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spelunky\Spelunky.exe
FirewallRules: [TCP Query User{A544BD62-14C2-4259-AAEF-022952556857}C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [UDP Query User{3909E355-B5FB-4A27-9199-194854704AAD}C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [{545D9B8D-9953-4CB7-8C25-D73B6336E07A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{29E901E5-DBD7-43C3-A1BC-B594CC13EA25}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{3259E222-4518-4F5A-8904-4EE437F4BBFB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Alan Wake\AlanWake.exe
FirewallRules: [{0F2CF57D-DE06-430D-82E2-7174208088DC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Alan Wake\AlanWake.exe
FirewallRules: [{1F3813EE-F4C8-49CB-8E88-BD546DB1DA23}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{6E7F3C96-0F1D-4656-9A5C-740C8216C7D9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{C9ACFBFE-A603-4442-A109-BCD1CC90A1DD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{05C428E6-A1B0-451B-B550-113694555C8E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{460DC9FE-CE1D-4C6B-B70E-1703B62E80E1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{4E52E920-FB9E-4B2F-85DE-B8FBBB13529B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{286BEAE6-98AE-4193-BA0D-534FE8742A51}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{C22367D4-EBB9-418D-B4E8-5F73846A2869}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{BC8E747A-F61E-4EB5-84D4-E88C3716963C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7DC3F700-62CA-4230-B7C6-F13844A6B5B2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BFCBE96B-6F69-480B-8884-A8212FEEAC8A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{9FFD4D7B-09F4-4441-ACF9-B3D8D37FE1B2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{871626AC-BD7C-4745-A16B-45EE7A67EB03}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders\DarksidersPC.exe
FirewallRules: [{42F54F3E-40B8-4B0B-823A-B3B14CEFC3BF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders\DarksidersPC.exe
FirewallRules: [{E97DDFC4-E97B-4704-B17D-FD5020048649}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Torchlight\Torchlight.exe
FirewallRules: [{52B0886E-3621-49AD-964F-D4A2E707BE12}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Torchlight\Torchlight.exe
FirewallRules: [{F41E3239-CD33-4579-B34B-0AAF256F6C55}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{D430042B-5DF0-418A-880D-9230DBE275EF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{2B96A400-FD44-4DFD-9CFC-D29F6FB58F7D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Metro 2033\metro2033.exe
FirewallRules: [{D793FCDF-0842-4FBC-90D7-B0973680D2EB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Metro 2033\metro2033.exe
FirewallRules: [TCP Query User{4BCF5F21-C99A-478A-95FD-4A0869F00131}C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe
FirewallRules: [UDP Query User{9E1EF25B-113D-422A-A4F8-11CBCA584F82}C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe
FirewallRules: [{3F675CC0-3184-4393-894F-B4B33B351994}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{129A599D-446F-40B7-A918-9B2D3D6375EB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{20ECE902-9A57-4F70-8E04-4C88E2419E05}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Last Remnant\Binaries\TLR.exe
FirewallRules: [{2D848495-1A91-4179-8CBB-3866ED0E0C34}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Last Remnant\Binaries\TLR.exe
FirewallRules: [{BA367573-7B8F-4777-8AB5-864A549D3CFB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{CF00F149-60EB-48EB-92C5-AF5CB3E8B370}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{02A409DB-0A4D-415A-B68D-E2C8AD421B30}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{7A43CD6B-4116-4279-9B1A-29C245724E88}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{B063BE0A-60F7-4EE4-9FA6-88A2EFB1FBE4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{3B571F71-ACD4-4B5A-9DB1-75CFA55B3D21}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{3620AD47-E894-47F8-84C8-CB1D91B3110C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{7423B0B5-233A-473C-BB3C-A4032B7EA0BE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{1505A911-84EC-4CAE-AE32-E71696A44070}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tropico\Tropico.EXE
FirewallRules: [{E32F9C77-6C08-45FD-A02D-B36226C008B3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tropico\Tropico.EXE
FirewallRules: [{F581802C-2D95-4E59-B72E-6FFD315D8182}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CF63116B-20B3-4892-A712-102390ED402D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4C6692EF-51C0-4623-8C57-40EBA18FDEF4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sacred 2 Gold\system\sacred2.exe
FirewallRules: [{49A3271C-BB1D-43DD-9654-075D79195F0E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sacred 2 Gold\system\sacred2.exe
FirewallRules: [{DCBC8CE9-D293-4FA1-879B-270196EED1A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{9A9181C1-7313-4E03-936A-64B3E573D028}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{D14185D7-9F38-4C57-965F-43D51E98A39D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{863A7EB5-4496-4987-BF95-C22A2FA2AC22}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{43CF3CA2-59D2-450E-B920-4FC4ABD57704}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\1954 Alcatraz\Alcatraz.exe
FirewallRules: [{2E4E2EBA-A40A-4895-80FD-F0DE745402A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\1954 Alcatraz\Alcatraz.exe
FirewallRules: [{CA846C69-619B-40C8-8594-E8FDF54622DF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{AC494E79-2D9F-423D-847E-3000CCD76907}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{8BFD8407-04E7-4FA9-9E1F-150B376B9783}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{F58ADA5A-4C45-4891-9DD3-8254D2E612CF}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{6ACFA7C6-CB3F-4F28-BC50-AAD2F0E06B3F}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{58515D64-FDE2-448A-9448-2FEA27E88E4C}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{876C7FEA-0DEE-4871-BFAB-053A02AED9AC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Wolf Among Us\TheWolfAmongUs.exe
FirewallRules: [{BB4BF462-7275-4801-8131-484F5D2EA2C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Wolf Among Us\TheWolfAmongUs.exe
FirewallRules: [{523A1B31-06BB-4D69-B1DE-10F60E4F3610}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A153552B-49D1-4361-A137-0D94D18D37B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D43680B8-0ACE-4C04-80C7-D8D967C754EA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{B196BF22-7291-48F4-AC03-1DE595A40997}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4FA950EC-A651-4B05-B178-761195FED113}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B94E9B0F-047D-4BF0-9928-0BE7465C6A86}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization IV\Civilization4.exe
FirewallRules: [{4C463636-3D0B-489D-8D47-B867BB940BCD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization IV\Civilization4.exe
FirewallRules: [TCP Query User{2785A175-2DF4-40EA-91A6-769AEBF450A8}C:\users\admin\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\admin\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe
FirewallRules: [UDP Query User{15F167CC-DEE4-46D4-B376-1BBC8B6631B2}C:\users\admin\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\admin\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe
FirewallRules: [{C648A936-27DA-4F97-9B13-FAF1A85070B9}] => (Allow) C:\Users\Admin\AppData\Local\Temp\7zSA08E.tmp\SymNRT.exe
FirewallRules: [{330A2776-D04B-4D5E-BA65-F84A7657D6E1}] => (Allow) C:\Users\Admin\AppData\Local\Temp\7zSA08E.tmp\SymNRT.exe
FirewallRules: [{1C6D9EA5-3BB6-4857-B833-2082CC9F4CDB}] => (Allow) C:\Users\Admin\AppData\Local\Temp\7zSC64F.tmp\SymNRT.exe
FirewallRules: [{AF593FDA-A8A7-4C9A-ABD1-92EC5903C4AF}] => (Allow) C:\Users\Admin\AppData\Local\Temp\7zSC64F.tmp\SymNRT.exe
FirewallRules: [{8975AD88-F6EA-4954-9D0A-276E0BE02EB6}] => (Allow) C:\Users\Admin\AppData\Local\Temp\7zSACAD.tmp\SymNRT.exe
FirewallRules: [{03D5B382-45AA-448A-B5EF-8C2C4A54030F}] => (Allow) C:\Users\Admin\AppData\Local\Temp\7zSACAD.tmp\SymNRT.exe

==================== Wiederherstellungspunkte =========================

22-02-2016 10:43:20 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/26/2016 05:40:58 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: HTTP-Status 403: Der Client verfügt nicht über genügend Zugriffsrechte auf das angeforderte Serverobjekt.

Error: (02/26/2016 05:23:25 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: HTTP-Status 403: Der Client verfügt nicht über genügend Zugriffsrechte auf das angeforderte Serverobjekt.

Error: (02/25/2016 08:43:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: backgroundTaskHost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d8f0
Name des fehlerhaften Moduls: Cortana.BackgroundTask.dll, Version: 0.0.0.0, Zeitstempel: 0x5699d0c9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000046a65
ID des fehlerhaften Prozesses: 0x1ba8
Startzeit der fehlerhaften Anwendung: 0xbackgroundTaskHost.exe0
Pfad der fehlerhaften Anwendung: backgroundTaskHost.exe1
Pfad des fehlerhaften Moduls: backgroundTaskHost.exe2
Berichtskennung: backgroundTaskHost.exe3
Vollständiger Name des fehlerhaften Pakets: backgroundTaskHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: backgroundTaskHost.exe5

Error: (02/25/2016 08:41:10 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: HTTP-Status 403: Der Client verfügt nicht über genügend Zugriffsrechte auf das angeforderte Serverobjekt.

Error: (02/25/2016 11:44:23 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (02/25/2016 11:40:52 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: HTTP-Status 403: Der Client verfügt nicht über genügend Zugriffsrechte auf das angeforderte Serverobjekt.

Error: (02/25/2016 11:27:00 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Admin-PC)
Description: Bei der Aktivierung der App „Microsoft.Getstarted_2.6.12.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca“ ist folgender Fehler aufgetreten: -2144927149. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/25/2016 11:01:27 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: HTTP-Status 403: Der Client verfügt nicht über genügend Zugriffsrechte auf das angeforderte Serverobjekt.

Error: (02/25/2016 10:42:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NetworkUXBroker.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d7f4
Name des fehlerhaften Moduls: NetworkUXBroker.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d7f4
Ausnahmecode: 0xe0464645
Fehleroffset: 0x000000000000a6d6
ID des fehlerhaften Prozesses: 0x1680
Startzeit der fehlerhaften Anwendung: 0xNetworkUXBroker.exe0
Pfad der fehlerhaften Anwendung: NetworkUXBroker.exe1
Pfad des fehlerhaften Moduls: NetworkUXBroker.exe2
Berichtskennung: NetworkUXBroker.exe3
Vollständiger Name des fehlerhaften Pakets: NetworkUXBroker.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: NetworkUXBroker.exe5

Error: (02/25/2016 10:41:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NetworkUXBroker.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d7f4
Name des fehlerhaften Moduls: NetworkUXBroker.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d7f4
Ausnahmecode: 0xe0464645
Fehleroffset: 0x000000000000a6d6
ID des fehlerhaften Prozesses: 0x1680
Startzeit der fehlerhaften Anwendung: 0xNetworkUXBroker.exe0
Pfad der fehlerhaften Anwendung: NetworkUXBroker.exe1
Pfad des fehlerhaften Moduls: NetworkUXBroker.exe2
Berichtskennung: NetworkUXBroker.exe3
Vollständiger Name des fehlerhaften Pakets: NetworkUXBroker.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: NetworkUXBroker.exe5


Systemfehler:
=============
Error: (02/26/2016 09:33:44 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCAdminS-1-5-21-988284940-210793992-766847566-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (02/26/2016 09:33:44 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCAdminS-1-5-21-988284940-210793992-766847566-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (02/26/2016 09:33:44 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCAdminS-1-5-21-988284940-210793992-766847566-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (02/26/2016 09:33:44 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCAdminS-1-5-21-988284940-210793992-766847566-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (02/26/2016 05:58:51 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCAdminS-1-5-21-988284940-210793992-766847566-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (02/26/2016 05:58:51 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCAdminS-1-5-21-988284940-210793992-766847566-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (02/26/2016 05:58:51 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCAdminS-1-5-21-988284940-210793992-766847566-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (02/26/2016 05:58:51 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCAdminS-1-5-21-988284940-210793992-766847566-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (02/26/2016 05:42:16 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCAdminS-1-5-21-988284940-210793992-766847566-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (02/26/2016 05:42:16 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCAdminS-1-5-21-988284940-210793992-766847566-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 16%
Installierter physikalischer RAM: 16262.64 MB
Verfügbarer physikalischer RAM: 13587.74 MB
Summe virtueller Speicher: 32646.64 MB
Verfügbarer virtueller Speicher: 29495.8 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:1862.48 GB) (Free:1008.25 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 462E0839)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== Ende von Addition.txt ============================
         
__________________

Alt 27.02.2016, 09:50   #4
Larusso
/// Selecta Jahrusso
 
Virenprogramm lässt sich nicht mehr installieren - Standard

Virenprogramm lässt sich nicht mehr installieren



Hy.

Ich sehe da jetzt keine wirkliche Malware aber paar Dinge möchte ich noch genauer überprüfen.
Norton sollte sich nicht mehr in der Liste von zu deinstallierbarer Software befinden und ist auch nicht mehr in der Windows Verwaltung zu finden. Somit sollte es eigentlich deinstalliert sein, aber es hat halt dezent viele Starteinträge hinterlassen.
Wir nennen es nicht umsonst die gelbe Pest.
Hat der Techniker da 10x das Uninstaller Tool herunter geladen und ausgeführt ?

Starte den Rechner bitte in den abgesicherten Modus. Führe dort das Removal Tool erneut aus.
Starte danach in den normalen Modus.

Je nachdem, sag mir ob es gelaufen ist.


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec*.lnk
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.



Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 27.02.2016, 11:11   #5
Kanso
 
Virenprogramm lässt sich nicht mehr installieren - Standard

Virenprogramm lässt sich nicht mehr installieren



Hallo,

ich hatte nicht den Eindruck, dass der Miarbeiter von Norton Ahnung hatte von dem was er tut. Er hat es auf jeden Fall ziemlich oft probiert Norten neu zu installieren, ohne großen Erfolg. So ich hab das Uinstall Tool im abgesicherten Modus ausgeführt. Ist auch soweit fehlerfrei durchgelaufen.

Hier der Fixlog:

Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:24-02-2016
durchgeführt von Admin (2016-02-27 11:51:12) Run:1
Gestartet von C:\Users\Admin\Desktop
Geladene Profile: Admin (Verfügbare Profile: Admin & DefaultAppPool)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec*.lnk
*****************


=========== "C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec*.lnk" ==========

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec (10).lnk => erfolgreich verschoben
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec (2).lnk => erfolgreich verschoben
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec (3).lnk => erfolgreich verschoben
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec (4).lnk => erfolgreich verschoben
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec (5).lnk => erfolgreich verschoben
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec (6).lnk => erfolgreich verschoben
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec (7).lnk => erfolgreich verschoben
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec (8).lnk => erfolgreich verschoben
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec (9).lnk => erfolgreich verschoben
C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec.lnk => erfolgreich verschoben

========= Ende -> "C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Symantec*.lnk" ========


==== Ende von Fixlog 11:51:12 ====
         
Rootkits wurden Gott sei dank keine gefunden hier der Report:

Code:
ATTFilter
11:53:57.0145 0x1b3c  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
11:54:01.0410 0x1b3c  ============================================================
11:54:01.0410 0x1b3c  Current date / time: 2016/02/27 11:54:01.0410
11:54:01.0410 0x1b3c  SystemInfo:
11:54:01.0410 0x1b3c  
11:54:01.0411 0x1b3c  OS Version: 10.0.10586 ServicePack: 0.0
11:54:01.0411 0x1b3c  Product type: Workstation
11:54:01.0411 0x1b3c  ComputerName: ADMIN-PC
11:54:01.0411 0x1b3c  UserName: Admin
11:54:01.0411 0x1b3c  Windows directory: C:\WINDOWS
11:54:01.0411 0x1b3c  System windows directory: C:\WINDOWS
11:54:01.0411 0x1b3c  Running under WOW64
11:54:01.0411 0x1b3c  Processor architecture: Intel x64
11:54:01.0411 0x1b3c  Number of processors: 4
11:54:01.0411 0x1b3c  Page size: 0x1000
11:54:01.0411 0x1b3c  Boot type: Normal boot
11:54:01.0411 0x1b3c  ============================================================
11:54:01.0877 0x1b3c  KLMD registered as C:\WINDOWS\system32\drivers\83047933.sys
11:54:02.0633 0x1b3c  System UUID: {FA7F67B2-09A3-7EBB-44B6-5ABA34BB06AF}
11:54:03.0205 0x1b3c  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:54:03.0543 0x1b3c  ============================================================
11:54:03.0543 0x1b3c  \Device\Harddisk0\DR0:
11:54:03.0565 0x1b3c  MBR partitions:
11:54:03.0565 0x1b3c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:54:03.0565 0x1b3c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xE8CF4000
11:54:03.0565 0x1b3c  ============================================================
11:54:03.0637 0x1b3c  C: <-> \Device\Harddisk0\DR0\Partition2
11:54:03.0637 0x1b3c  ============================================================
11:54:03.0637 0x1b3c  Initialize success
11:54:03.0637 0x1b3c  ============================================================
11:55:27.0270 0x09d8  ============================================================
11:55:27.0270 0x09d8  Scan started
11:55:27.0270 0x09d8  Mode: Manual; SigCheck; TDLFS; 
11:55:27.0270 0x09d8  ============================================================
11:55:27.0270 0x09d8  KSN ping started
11:55:29.0613 0x09d8  KSN ping finished: true
11:55:31.0348 0x09d8  ================ Scan system memory ========================
11:55:31.0348 0x09d8  System memory - ok
11:55:31.0348 0x09d8  ================ Scan services =============================
11:55:31.0473 0x09d8  1394ohci - ok
11:55:31.0488 0x09d8  3ware - ok
11:55:31.0488 0x09d8  ACPI - ok
11:55:31.0504 0x09d8  acpiex - ok
11:55:31.0504 0x09d8  acpipagr - ok
11:55:31.0520 0x09d8  AcpiPmi - ok
11:55:31.0520 0x09d8  acpitime - ok
11:55:31.0535 0x09d8  ADP80XX - ok
11:55:31.0551 0x09d8  AFD - ok
11:55:31.0551 0x09d8  agp440 - ok
11:55:31.0551 0x09d8  ahcache - ok
11:55:31.0551 0x09d8  AJRouter - ok
11:55:31.0567 0x09d8  ALG - ok
11:55:31.0567 0x09d8  AmdK8 - ok
11:55:31.0567 0x09d8  AmdPPM - ok
11:55:31.0582 0x09d8  amdsata - ok
11:55:31.0582 0x09d8  amdsbs - ok
11:55:31.0582 0x09d8  amdxata - ok
11:55:31.0629 0x09d8  AppHostSvc - ok
11:55:31.0645 0x09d8  AppID - ok
11:55:31.0645 0x09d8  AppIDSvc - ok
11:55:31.0660 0x09d8  Appinfo - ok
11:55:31.0660 0x09d8  AppMgmt - ok
11:55:31.0676 0x09d8  AppReadiness - ok
11:55:31.0676 0x09d8  AppXSvc - ok
11:55:31.0692 0x09d8  arcsas - ok
11:55:31.0738 0x09d8  aspnet_state - ok
11:55:31.0738 0x09d8  AsyncMac - ok
11:55:31.0754 0x09d8  atapi - ok
11:55:31.0770 0x09d8  AudioEndpointBuilder - ok
11:55:31.0770 0x09d8  Audiosrv - ok
11:55:31.0770 0x09d8  AxInstSV - ok
11:55:31.0785 0x09d8  b06bdrv - ok
11:55:31.0801 0x09d8  BasicDisplay - ok
11:55:31.0817 0x09d8  BasicRender - ok
11:55:31.0817 0x09d8  bcmfn - ok
11:55:31.0817 0x09d8  bcmfn2 - ok
11:55:31.0817 0x09d8  BDESVC - ok
11:55:31.0832 0x09d8  Beep - ok
11:55:31.0832 0x09d8  BFE - ok
11:55:31.0879 0x09d8  BITS - ok
11:55:31.0910 0x09d8  bowser - ok
11:55:31.0910 0x09d8  BrokerInfrastructure - ok
11:55:31.0910 0x09d8  Browser - ok
11:55:32.0051 0x09d8  [ 910B5BF2353D5D982D2F6B8F6454A00A, E27A0E9EDF50A935E83F4D5BD86C9B9B297F1B8193AFB7C28313B28B5A4B27A5 ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
11:55:32.0129 0x09d8  BstHdAndroidSvc - ok
11:55:32.0145 0x09d8  [ 6A4D927BDEE8D9944FAA0012AF7AD232, F0B8642FB02628899CCE526A59A18E0A89456AA2385E82CD97B25CFC64C0E92E ] BstHdDrv        C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
11:55:32.0192 0x09d8  BstHdDrv - ok
11:55:32.0223 0x09d8  [ 95B960980034877821E7FB5BFE25136E, 64EA26E9E94767C9EBEEF26FEEAA3176BB7787785F5F20CB8BBB4C75F45AAAA1 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
11:55:32.0395 0x09d8  BstHdLogRotatorSvc - ok
11:55:32.0457 0x09d8  [ 5EBFF8D302047F4709F3A4F1231236E9, 84010BB25C4C029C03C98853E8AC75F103D1F34922B0643ECD758CE21E7DE4A6 ] BstHdUpdaterSvc C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
11:55:32.0504 0x09d8  BstHdUpdaterSvc - ok
11:55:32.0535 0x09d8  BthAvrcpTg - ok
11:55:32.0551 0x09d8  BthHFEnum - ok
11:55:32.0551 0x09d8  bthhfhid - ok
11:55:32.0567 0x09d8  BthHFSrv - ok
11:55:32.0567 0x09d8  BTHMODEM - ok
11:55:32.0567 0x09d8  bthserv - ok
11:55:32.0582 0x09d8  buttonconverter - ok
11:55:32.0598 0x09d8  CapImg - ok
11:55:32.0598 0x09d8  cdfs - ok
11:55:32.0598 0x09d8  CDPSvc - ok
11:55:32.0613 0x09d8  cdrom - ok
11:55:32.0613 0x09d8  CertPropSvc - ok
11:55:32.0613 0x09d8  circlass - ok
11:55:32.0613 0x09d8  CLFS - ok
11:55:32.0629 0x09d8  ClipSVC - ok
11:55:32.0629 0x09d8  CmBatt - ok
11:55:32.0645 0x09d8  CNG - ok
11:55:32.0645 0x09d8  cnghwassist - ok
11:55:32.0692 0x09d8  CompositeBus - ok
11:55:32.0692 0x09d8  COMSysApp - ok
11:55:32.0692 0x09d8  condrv - ok
11:55:32.0692 0x09d8  CoreMessagingRegistrar - ok
11:55:32.0754 0x09d8  [ 137BC921135ECDA3E9917B56E3550D32, 6585F4FFEAB32583B867A14F7B7C09C563B1EA715AD9C3B850A7965C54A819A0 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
11:55:32.0988 0x09d8  cphs - ok
11:55:33.0004 0x09d8  CryptSvc - ok
11:55:33.0020 0x09d8  CSC - ok
11:55:33.0020 0x09d8  CscService - ok
11:55:33.0160 0x09d8  [ B4D1D62A09F09CB2DFD55628350CDAFB, 7DD3CE77D88B5AFAC4B6187F4CA6D50B7BD3398207163B2A1E4C76467801FF28 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
11:55:33.0192 0x09d8  cvhsvc - ok
11:55:33.0192 0x09d8  dam - ok
11:55:33.0192 0x09d8  DcomLaunch - ok
11:55:33.0192 0x09d8  DcpSvc - ok
11:55:33.0207 0x09d8  defragsvc - ok
11:55:33.0207 0x09d8  DeviceAssociationService - ok
11:55:33.0223 0x09d8  DeviceInstall - ok
11:55:33.0223 0x09d8  DevQueryBroker - ok
11:55:33.0238 0x09d8  Dfsc - ok
11:55:33.0238 0x09d8  Dhcp - ok
11:55:33.0301 0x09d8  diagnosticshub.standardcollector.service - ok
11:55:33.0301 0x09d8  DiagTrack - ok
11:55:33.0317 0x09d8  disk - ok
11:55:33.0332 0x09d8  DmEnrollmentSvc - ok
11:55:33.0332 0x09d8  dmvsc - ok
11:55:33.0332 0x09d8  dmwappushservice - ok
11:55:33.0332 0x09d8  Dnscache - ok
11:55:33.0348 0x09d8  dot3svc - ok
11:55:33.0348 0x09d8  DPS - ok
11:55:33.0395 0x09d8  drmkaud - ok
11:55:33.0395 0x09d8  DsmSvc - ok
11:55:33.0410 0x09d8  DsSvc - ok
11:55:33.0442 0x09d8  DXGKrnl - ok
11:55:33.0442 0x09d8  Eaphost - ok
11:55:33.0442 0x09d8  ebdrv - ok
11:55:33.0457 0x09d8  EFS - ok
11:55:33.0457 0x09d8  EhStorClass - ok
11:55:33.0473 0x09d8  EhStorTcgDrv - ok
11:55:33.0488 0x09d8  embeddedmode - ok
11:55:33.0488 0x09d8  EntAppSvc - ok
11:55:33.0488 0x09d8  ErrDev - ok
11:55:33.0520 0x09d8  EventSystem - ok
11:55:33.0520 0x09d8  exfat - ok
11:55:33.0520 0x09d8  fastfat - ok
11:55:33.0520 0x09d8  Fax - ok
11:55:33.0520 0x09d8  fdc - ok
11:55:33.0535 0x09d8  fdPHost - ok
11:55:33.0535 0x09d8  FDResPub - ok
11:55:33.0535 0x09d8  fhsvc - ok
11:55:33.0567 0x09d8  FileCrypt - ok
11:55:33.0567 0x09d8  FileInfo - ok
11:55:33.0567 0x09d8  Filetrace - ok
11:55:33.0567 0x09d8  flpydisk - ok
11:55:33.0582 0x09d8  FltMgr - ok
11:55:33.0598 0x09d8  FontCache - ok
11:55:33.0692 0x09d8  FontCache3.0.0.0 - ok
11:55:33.0707 0x09d8  FsDepends - ok
11:55:33.0707 0x09d8  Fs_Rec - ok
11:55:33.0723 0x09d8  fvevol - ok
11:55:33.0723 0x09d8  gagp30kx - ok
11:55:33.0848 0x09d8  [ 6D18B1088696CF96CBEBD31B8A519BD4, 4B47EECD18C12749FBEFA9C20B466F1A501F238166BBAE5B1793C918305A3348 ] GalaxyClientService C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe
11:55:33.0942 0x09d8  GalaxyClientService - ok
11:55:34.0207 0x09d8  [ C6B53600271EA23A03D5C23316407013, A2B672134EC6415D689F5F1BDF0500B876CB3BA2BA022E4C7FF4C15215AF7BC2 ] GalaxyCommunication C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
11:55:34.0629 0x09d8  GalaxyCommunication - ok
11:55:34.0660 0x09d8  gencounter - ok
11:55:34.0676 0x09d8  genericusbfn - ok
11:55:34.0848 0x09d8  [ 061CC5C12C39899D7398CFEBFD19F69F, 62319596863A74665FA801C305C952A0F20AAA0F1CDC2195F2F69D662790C80B ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
11:55:34.0895 0x09d8  GfExperienceService - ok
11:55:34.0895 0x09d8  GPIOClx0101 - ok
11:55:34.0926 0x09d8  gpsvc - ok
11:55:34.0926 0x09d8  GpuEnergyDrv - ok
11:55:34.0926 0x09d8  HDAudBus - ok
11:55:34.0926 0x09d8  HidBatt - ok
11:55:34.0926 0x09d8  HidBth - ok
11:55:34.0926 0x09d8  hidi2c - ok
11:55:34.0942 0x09d8  hidinterrupt - ok
11:55:34.0942 0x09d8  HidIr - ok
11:55:34.0942 0x09d8  hidserv - ok
11:55:34.0942 0x09d8  HidUsb - ok
11:55:34.0957 0x09d8  HomeGroupListener - ok
11:55:34.0957 0x09d8  HomeGroupProvider - ok
11:55:34.0957 0x09d8  HpSAMD - ok
11:55:34.0988 0x09d8  HTTP - ok
11:55:34.0988 0x09d8  hwpolicy - ok
11:55:34.0988 0x09d8  hyperkbd - ok
11:55:35.0004 0x09d8  i8042prt - ok
11:55:35.0004 0x09d8  iai2c - ok
11:55:35.0004 0x09d8  iaLPSS2i_I2C - ok
11:55:35.0004 0x09d8  iaLPSSi_GPIO - ok
11:55:35.0004 0x09d8  iaLPSSi_I2C - ok
11:55:35.0082 0x09d8  [ FA4C48E36F0B24E7E33D3E7E1844B9C9, F61F448B8E305DEFDDA5D4A6FC4E57C798C11ED4DA0ACB885847DC8A9A7B4E98 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
11:55:35.0098 0x09d8  iaStorA - ok
11:55:35.0098 0x09d8  iaStorAV - ok
11:55:35.0160 0x09d8  [ D5854F77CEEAFC5A8405F8ECCBEC09DF, 06D94EAF55787F807FB40E95011E90B0A719AC1A1529C2C110C1EABC5BE02C5B ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
11:55:35.0223 0x09d8  IAStorDataMgrSvc - ok
11:55:35.0223 0x09d8  iaStorV - ok
11:55:35.0223 0x09d8  ibbus - ok
11:55:35.0238 0x09d8  icssvc - ok
11:55:35.0301 0x09d8  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
11:55:35.0379 0x09d8  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
11:55:37.0723 0x09d8  Detect skipped due to KSN trusted
11:55:37.0723 0x09d8  IDriverT - ok
11:55:37.0723 0x09d8  IEEtwCollectorService - ok
11:55:37.0942 0x09d8  [ 34E103A5EFF7EADA5ADE6D61294FAA7F, 29AFF3C2C03D75B55D124EBA35534C1D7E2115748C23EAC79CF0FA6CBC994C1F ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
11:55:38.0270 0x09d8  igfx - ok
11:55:38.0301 0x09d8  [ 078DE1A9D9DB0BB617D4DCF1EF925928, 6E197785DE6F83FAB5E049F24CCC3838BB9B9EB20240BD48A2768103172B6242 ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
11:55:38.0348 0x09d8  igfxCUIService2.0.0.0 - ok
11:55:38.0364 0x09d8  IKEEXT - ok
11:55:38.0504 0x09d8  [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
11:55:38.0598 0x09d8  IntcAzAudAddService - ok
11:55:38.0613 0x09d8  [ 47577F77C8DD9CF4265B944CAFE1F172, A3F48F01ECFDF8E609D26754E517C06AD6382DA231F42BF64B6746D50F02FC6A ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
11:55:38.0645 0x09d8  IntcDAud - ok
11:55:38.0676 0x09d8  [ DDA8E5AD97231AB50B81FED04C28F64C, 5C9E8F7CC45A9AE7FF12A02641562E271D84894DFA7C50218AC2AAA298251B60 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
11:55:39.0176 0x09d8  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
11:55:40.0489 0x17c8  Object required for P2P: [ C6B53600271EA23A03D5C23316407013 ] GalaxyCommunication
11:55:41.0520 0x09d8  Detect skipped due to KSN trusted
11:55:41.0520 0x09d8  Intel(R) Capability Licensing Service Interface - ok
11:55:41.0582 0x09d8  [ 86FE509640D77FB0998FC8B1FF5523C6, 13E895DEB9B84379251699D7E52C5E3FD888994425DE01B6C4634F9E959D5584 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
11:55:42.0207 0x09d8  Intel(R) Capability Licensing Service TCP IP Interface - ok
11:55:42.0207 0x09d8  intelide - ok
11:55:42.0223 0x09d8  intelpep - ok
11:55:42.0223 0x09d8  intelppm - ok
11:55:42.0223 0x09d8  IoQos - ok
11:55:42.0239 0x09d8  IpFilterDriver - ok
11:55:42.0239 0x09d8  iphlpsvc - ok
11:55:42.0270 0x09d8  IPMIDRV - ok
11:55:42.0270 0x09d8  IPNAT - ok
11:55:42.0270 0x09d8  IRENUM - ok
11:55:42.0270 0x09d8  isapnp - ok
11:55:42.0270 0x09d8  iScsiPrt - ok
11:55:42.0332 0x09d8  [ BF5D3A2624177C413680DEF19A465AF8, B9909D3E6CB6F9971293116387865AD15CB9D47513C7FAA9C36BE4D2847A41EB ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
11:55:42.0410 0x09d8  jhi_service - ok
11:55:42.0426 0x09d8  kbdclass - ok
11:55:42.0426 0x09d8  kbdhid - ok
11:55:42.0426 0x09d8  kdnic - ok
11:55:42.0426 0x09d8  KeyIso - ok
11:55:42.0426 0x09d8  KSecDD - ok
11:55:42.0457 0x09d8  KSecPkg - ok
11:55:42.0457 0x09d8  ksthunk - ok
11:55:42.0473 0x09d8  KtmRm - ok
11:55:42.0473 0x09d8  LanmanServer - ok
11:55:42.0489 0x09d8  LanmanWorkstation - ok
11:55:42.0489 0x09d8  lfsvc - ok
11:55:42.0489 0x09d8  LicenseManager - ok
11:55:42.0535 0x09d8  [ 8E4CA9AFD55EF6B509C80A8715ABF8C6, 45698605D17285D346D2052607AEF492EBD89E9625367C31584C7C84757EEFE0 ] lirsgt          C:\WINDOWS\system32\DRIVERS\lirsgt.sys
11:55:42.0754 0x09d8  lirsgt - ok
11:55:42.0754 0x09d8  lltdio - ok
11:55:42.0754 0x09d8  lltdsvc - ok
11:55:42.0770 0x09d8  lmhosts - ok
11:55:42.0817 0x09d8  [ 02A9CBACE666877BBBA4FD66B22F6D4A, 0E783BA7A8F00CEC8F03CFEE03999CA5DB9E4DB7CCE62D9171CFCF36AFBE4BB1 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:55:42.0832 0x09d8  LMS - ok
11:55:42.0832 0x09d8  LSI_SAS - ok
11:55:42.0864 0x09d8  LSI_SAS2i - ok
11:55:42.0864 0x09d8  LSI_SAS3i - ok
11:55:42.0864 0x09d8  LSI_SSS - ok
11:55:42.0864 0x09d8  LSM - ok
11:55:42.0879 0x09d8  luafv - ok
11:55:42.0895 0x09d8  MapsBroker - ok
11:55:42.0957 0x17c8  Object send P2P result: true
11:55:42.0957 0x09d8  [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
11:55:42.0973 0x09d8  MBAMProtector - ok
11:55:43.0067 0x09d8  [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
11:55:43.0098 0x09d8  MBAMScheduler - ok
11:55:43.0129 0x09d8  [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
11:55:43.0145 0x09d8  MBAMService - ok
11:55:43.0176 0x09d8  [ 85CFE7AB85B43B6B7AC7961AA3983A9F, 4E88B75818FD00C0ABBDF8E02EBFB550A67B46E5E13D3B3DF52611793F7DA0DD ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
11:55:43.0176 0x09d8  MBAMWebAccessControl - ok
11:55:43.0176 0x09d8  megasas - ok
11:55:43.0176 0x09d8  megasr - ok
11:55:43.0223 0x09d8  [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
11:55:43.0239 0x09d8  MEIx64 - ok
11:55:43.0270 0x09d8  MessagingService - ok
11:55:43.0332 0x09d8  mlx4_bus - ok
11:55:43.0332 0x09d8  MMCSS - ok
11:55:43.0332 0x09d8  Modem - ok
11:55:43.0348 0x09d8  monitor - ok
11:55:43.0348 0x09d8  mouclass - ok
11:55:43.0348 0x09d8  mouhid - ok
11:55:43.0348 0x09d8  mountmgr - ok
11:55:43.0395 0x09d8  [ 5961C5D8EDD2E2A3B99F1782AE1AC21F, C383A4724A335737C4C7C3211AFCFB82D373267EC634BC47EE078A1C66E1F62A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:55:43.0489 0x09d8  MozillaMaintenance - ok
11:55:43.0489 0x09d8  mpsdrv - ok
11:55:43.0504 0x09d8  MpsSvc - ok
11:55:43.0520 0x09d8  MQAC - ok
11:55:43.0520 0x09d8  MRxDAV - ok
11:55:43.0520 0x09d8  mrxsmb - ok
11:55:43.0551 0x09d8  mrxsmb10 - ok
11:55:43.0567 0x09d8  mrxsmb20 - ok
11:55:43.0567 0x09d8  MsBridge - ok
11:55:43.0598 0x09d8  MSDTC - ok
11:55:43.0614 0x09d8  Msfs - ok
11:55:43.0629 0x09d8  msgpiowin32 - ok
11:55:43.0629 0x09d8  mshidkmdf - ok
11:55:43.0629 0x09d8  mshidumdf - ok
11:55:43.0645 0x09d8  msisadrv - ok
11:55:43.0660 0x09d8  MSiSCSI - ok
11:55:43.0660 0x09d8  msiserver - ok
11:55:43.0660 0x09d8  MSKSSRV - ok
11:55:43.0660 0x09d8  MsLldp - ok
11:55:43.0676 0x09d8  MSMQ - ok
11:55:43.0676 0x09d8  MSPCLOCK - ok
11:55:43.0676 0x09d8  MSPQM - ok
11:55:43.0676 0x09d8  MsRPC - ok
11:55:43.0676 0x09d8  mssmbios - ok
11:55:43.0676 0x09d8  MSTEE - ok
11:55:43.0692 0x09d8  MTConfig - ok
11:55:43.0692 0x09d8  Mup - ok
11:55:43.0692 0x09d8  mvumis - ok
11:55:43.0692 0x09d8  NativeWifiP - ok
11:55:43.0692 0x09d8  NcaSvc - ok
11:55:43.0707 0x09d8  NcbService - ok
11:55:43.0707 0x09d8  NcdAutoSetup - ok
11:55:43.0707 0x09d8  ndfltr - ok
11:55:43.0707 0x09d8  NDIS - ok
11:55:43.0707 0x09d8  NdisCap - ok
11:55:43.0707 0x09d8  NdisImPlatform - ok
11:55:43.0707 0x09d8  NdisTapi - ok
11:55:43.0707 0x09d8  Ndisuio - ok
11:55:43.0723 0x09d8  NdisVirtualBus - ok
11:55:43.0723 0x09d8  NdisWan - ok
11:55:43.0723 0x09d8  ndiswanlegacy - ok
11:55:43.0723 0x09d8  ndproxy - ok
11:55:43.0723 0x09d8  Ndu - ok
11:55:43.0723 0x09d8  NetBIOS - ok
11:55:43.0723 0x09d8  NetBT - ok
11:55:43.0723 0x09d8  Netlogon - ok
11:55:43.0739 0x09d8  Netman - ok
11:55:43.0754 0x09d8  NetMsmqActivator - ok
11:55:43.0754 0x09d8  NetPipeActivator - ok
11:55:43.0770 0x09d8  netprofm - ok
11:55:43.0817 0x09d8  NetSetupSvc - ok
11:55:43.0817 0x09d8  NetTcpActivator - ok
11:55:43.0817 0x09d8  NetTcpPortSharing - ok
11:55:43.0817 0x09d8  NgcCtnrSvc - ok
11:55:43.0817 0x09d8  NgcSvc - ok
11:55:43.0817 0x09d8  NlaSvc - ok
11:55:43.0817 0x09d8  Npfs - ok
11:55:43.0817 0x09d8  npsvctrig - ok
11:55:43.0832 0x09d8  nsi - ok
11:55:43.0832 0x09d8  nsiproxy - ok
11:55:43.0848 0x09d8  NTFS - ok
11:55:43.0848 0x09d8  Null - ok
11:55:43.0895 0x09d8  [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub        C:\WINDOWS\system32\drivers\nusb3hub.sys
11:55:44.0020 0x09d8  nusb3hub - ok
11:55:44.0051 0x09d8  [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc        C:\WINDOWS\system32\drivers\nusb3xhc.sys
11:55:44.0098 0x09d8  nusb3xhc - ok
11:55:44.0129 0x09d8  [ D812362E8AF615B521AD4DF19A93BD5A, B1F04122DFE9FCC3FC56BE327D86912D624C89F2EFB9684BE66FC22115D0E19F ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
11:55:44.0145 0x09d8  NVHDA - ok
11:55:44.0379 0x09d8  [ 2D766A9EE4FBE2CE60F595EA4ACBE540, 5AF3B1BD24A170D3C70EBAE79CE42FCBB14FF35CB0850DA9B08A9DC646712A5E ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
11:55:44.0817 0x09d8  nvlddmkm - ok
11:55:44.0973 0x09d8  [ 1E3277F1C9F62F90488D02869A9522B7, 464870ACE9BDF7A6A9C46701209BEED5C33454CFF44CDABEAF871E06F23FEF17 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
11:55:45.0348 0x09d8  NvNetworkService - ok
11:55:45.0457 0x09d8  nvraid - ok
11:55:45.0473 0x09d8  nvstor - ok
11:55:45.0520 0x09d8  [ 59A8DE923619F3DC0C6C63DC33FB231E, 29D20EA3EB9599DE829A0630F2063D5DFD2263E9222CD4E3559725792D1454A5 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
11:55:45.0551 0x09d8  NvStreamKms - ok
11:55:45.0692 0x09d8  [ 9B4B3747C6756F49B986398A46EC1FE0, D0A25F07CBFB39B86DCB148A2EC8F01FDDD9B6D994418C54F49AA2B782CE9811 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
11:55:45.0895 0x09d8  NvStreamNetworkSvc - ok
11:55:46.0020 0x09d8  [ 266512CCC3B2E195CDE3A7A2C98A353A, DCB6C88A32FE3EE11D4FF242DE6E52B3C576C2EA4E4A5A245B4451CDEDCE94B0 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
11:55:46.0160 0x09d8  NvStreamSvc - ok
11:55:46.0270 0x09d8  [ 4F2B65FA16319BBA3A309EC2964920A1, 733D1B203AEC92B523B182438AF61D93388F781682297A48CC7C0FA741C2D21D ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
11:55:46.0395 0x09d8  nvsvc - ok
11:55:46.0426 0x09d8  [ 64E8275CEAD43D3CA8E3A311B2F4B64A, 99E683890B9AF3243100B387317760B5F91745EF9F7FF2ABA2DC7B6551A6EAB6 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
11:55:46.0457 0x09d8  nvvad_WaveExtensible - ok
11:55:46.0457 0x09d8  nv_agp - ok
11:55:46.0473 0x09d8  OneSyncSvc - ok
11:55:46.0551 0x09d8  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:55:46.0567 0x09d8  ose - ok
11:55:46.0707 0x09d8  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:55:46.0817 0x09d8  osppsvc - ok
11:55:46.0817 0x09d8  p2pimsvc - ok
11:55:46.0817 0x09d8  p2psvc - ok
11:55:46.0817 0x09d8  Parport - ok
11:55:46.0817 0x09d8  partmgr - ok
11:55:46.0832 0x09d8  PcaSvc - ok
11:55:46.0848 0x09d8  pci - ok
11:55:46.0848 0x09d8  pciide - ok
11:55:46.0848 0x09d8  pcmcia - ok
11:55:46.0848 0x09d8  pcw - ok
11:55:46.0864 0x09d8  pdc - ok
11:55:46.0864 0x09d8  PEAUTH - ok
11:55:46.0864 0x09d8  PeerDistSvc - ok
11:55:46.0864 0x09d8  percsas2i - ok
11:55:46.0879 0x09d8  percsas3i - ok
11:55:46.0942 0x09d8  PerfHost - ok
11:55:46.0973 0x09d8  PhoneSvc - ok
11:55:46.0989 0x09d8  PimIndexMaintenanceSvc - ok
11:55:47.0020 0x09d8  pla - ok
11:55:47.0036 0x09d8  PlugPlay - ok
11:55:47.0036 0x09d8  PNRPAutoReg - ok
11:55:47.0036 0x09d8  PNRPsvc - ok
11:55:47.0051 0x09d8  PolicyAgent - ok
11:55:47.0051 0x09d8  Power - ok
11:55:47.0051 0x09d8  PptpMiniport - ok
11:55:47.0239 0x09d8  [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
11:55:47.0473 0x09d8  PrintNotify - ok
11:55:47.0473 0x09d8  Processor - ok
11:55:47.0489 0x09d8  ProfSvc - ok
11:55:47.0504 0x09d8  Psched - ok
11:55:47.0520 0x09d8  QWAVE - ok
11:55:47.0520 0x09d8  QWAVEdrv - ok
11:55:47.0536 0x09d8  RasAcd - ok
11:55:47.0536 0x09d8  RasAgileVpn - ok
11:55:47.0551 0x09d8  RasAuto - ok
11:55:47.0551 0x09d8  Rasl2tp - ok
11:55:47.0551 0x09d8  RasMan - ok
11:55:47.0567 0x09d8  RasPppoe - ok
11:55:47.0567 0x09d8  RasSstp - ok
11:55:47.0567 0x09d8  rdbss - ok
11:55:47.0567 0x09d8  rdpbus - ok
11:55:47.0582 0x09d8  RDPDR - ok
11:55:47.0582 0x09d8  RdpVideoMiniport - ok
11:55:47.0582 0x09d8  rdyboost - ok
11:55:47.0582 0x09d8  ReFSv1 - ok
11:55:47.0614 0x09d8  RemoteAccess - ok
11:55:47.0614 0x09d8  RemoteRegistry - ok
11:55:47.0614 0x09d8  RetailDemo - ok
11:55:47.0614 0x09d8  RpcEptMapper - ok
11:55:47.0629 0x09d8  RpcLocator - ok
11:55:47.0629 0x09d8  RpcSs - ok
11:55:47.0629 0x09d8  rspndr - ok
11:55:47.0629 0x09d8  rt640x64 - ok
11:55:47.0770 0x09d8  [ 844CB9DBE08797A2A875DF9E2AF108D7, 53463064C2F34DB9C5E1484FA370AC00C4A3486713EC80E2323B07150A27DD1F ] RtlWlanu        C:\WINDOWS\System32\drivers\rtwlanu.sys
11:55:47.0926 0x09d8  RtlWlanu - ok
11:55:47.0942 0x09d8  s3cap - ok
11:55:47.0957 0x09d8  SamSs - ok
11:55:47.0957 0x09d8  sbp2port - ok
11:55:47.0957 0x09d8  SCardSvr - ok
11:55:47.0957 0x09d8  ScDeviceEnum - ok
11:55:47.0973 0x09d8  scfilter - ok
11:55:47.0973 0x09d8  Schedule - ok
11:55:47.0973 0x09d8  SCPolicySvc - ok
11:55:47.0973 0x09d8  sdbus - ok
11:55:47.0973 0x09d8  SDRSVC - ok
11:55:47.0989 0x09d8  sdstor - ok
11:55:47.0989 0x09d8  seclogon - ok
11:55:47.0989 0x09d8  SENS - ok
11:55:47.0989 0x09d8  SensorDataService - ok
11:55:47.0989 0x09d8  SensorService - ok
11:55:48.0004 0x09d8  SensrSvc - ok
11:55:48.0004 0x09d8  SerCx - ok
11:55:48.0004 0x09d8  SerCx2 - ok
11:55:48.0004 0x09d8  Serenum - ok
11:55:48.0004 0x09d8  Serial - ok
11:55:48.0004 0x09d8  sermouse - ok
11:55:48.0004 0x09d8  SessionEnv - ok
11:55:48.0020 0x09d8  sfloppy - ok
11:55:48.0051 0x09d8  [ 9242988D74674C2819D454F001457BAD, D353A30D224940B0C7750161782CE98D4C47ABC5C4E04B100F8ABB6A3402B5AD ] Sftfs           C:\WINDOWS\system32\DRIVERS\Sftfswin7.sys
11:55:48.0067 0x09d8  Sftfs - ok
11:55:48.0176 0x09d8  [ 4E1BB8A9CCDB4BAF41F7F9A930EB121D, D994B20DACEB187BEB6530309E2185040B58105E4FD5AC1DA435712F9DE027D0 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
11:55:48.0192 0x09d8  sftlist - ok
11:55:48.0254 0x09d8  [ 44391FA910901E2B8A2F831340FD707A, 9ACAD655DCCCAF562CEDE9180B187C229FFCAF97BA87D78225253C7868698CB8 ] Sftplay         C:\WINDOWS\system32\DRIVERS\Sftplaywin7.sys
11:55:48.0301 0x09d8  Sftplay - ok
11:55:48.0301 0x09d8  [ 8654DBDC8ED8ED7257618D11B6C590BE, 1A410CCB7CDE99C607662E21054E959D3349647C5BD810CE744DA59EEB9C3FA2 ] Sftredir        C:\WINDOWS\system32\DRIVERS\Sftredirwin7.sys
11:55:48.0317 0x09d8  Sftredir - ok
11:55:48.0332 0x09d8  [ 648F0152A7BAE175905C22E8BD839760, 6E3FC032212FD1F39FEE96D230F47BB25355587E8A73E34776CAEA8C0C1FB58E ] Sftvol          C:\WINDOWS\system32\DRIVERS\Sftvolwin7.sys
11:55:48.0332 0x09d8  Sftvol - ok
11:55:48.0348 0x09d8  [ CECFDE5D3701B2D914862F5E6C3DFE18, E7627F90630C306324A39DC3C652B37D255F90636AC19D3302EE5B85BD504BD5 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
11:55:48.0348 0x09d8  sftvsa - ok
11:55:48.0364 0x09d8  SharedAccess - ok
11:55:48.0395 0x09d8  ShellHWDetection - ok
11:55:48.0395 0x09d8  SiSRaid2 - ok
11:55:48.0411 0x09d8  SiSRaid4 - ok
11:55:48.0411 0x09d8  smphost - ok
11:55:48.0442 0x09d8  SmsRouter - ok
11:55:48.0442 0x09d8  SNMPTRAP - ok
11:55:48.0473 0x09d8  spaceport - ok
11:55:48.0473 0x09d8  SpbCx - ok
11:55:48.0473 0x09d8  Spooler - ok
11:55:48.0473 0x09d8  sppsvc - ok
11:55:48.0473 0x09d8  srv - ok
11:55:48.0489 0x09d8  srv2 - ok
11:55:48.0489 0x09d8  srvnet - ok
11:55:48.0489 0x09d8  SSDPSRV - ok
11:55:48.0489 0x09d8  SstpSvc - ok
11:55:48.0489 0x09d8  StateRepository - ok
11:55:48.0598 0x09d8  [ 591249EA969797C2A24629AF7C71A6F8, 61F28FB495657916514DE2A7FFD4AD833A1B2BBA5591616BE0C9CCD7DAFA40B7 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
11:55:49.0098 0x09d8  Steam Client Service - ok
11:55:49.0192 0x09d8  [ 5311DAD9879DA242A9EA385EE7DD4F0D, AD7180A9176A9243A430ABA45079C7B256E4E05AFBE6215C662B8337B8760E39 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:55:50.0129 0x09d8  Stereo Service - ok
11:55:50.0129 0x09d8  stexstor - ok
11:55:50.0145 0x09d8  stisvc - ok
11:55:50.0145 0x09d8  storahci - ok
11:55:50.0161 0x09d8  storflt - ok
11:55:50.0161 0x09d8  stornvme - ok
11:55:50.0161 0x09d8  storqosflt - ok
11:55:50.0192 0x09d8  StorSvc - ok
11:55:50.0192 0x09d8  storufs - ok
11:55:50.0192 0x09d8  storvsc - ok
11:55:50.0223 0x09d8  svsvc - ok
11:55:50.0223 0x09d8  swenum - ok
11:55:50.0223 0x09d8  swprv - ok
11:55:50.0239 0x09d8  Synth3dVsc - ok
11:55:50.0254 0x09d8  SysMain - ok
11:55:50.0270 0x09d8  SystemEventsBroker - ok
11:55:50.0270 0x09d8  TabletInputService - ok
11:55:50.0286 0x09d8  TapiSrv - ok
11:55:50.0286 0x09d8  Tcpip - ok
11:55:50.0286 0x09d8  Tcpip6 - ok
11:55:50.0286 0x09d8  tcpipreg - ok
11:55:50.0301 0x09d8  tdx - ok
11:55:50.0301 0x09d8  terminpt - ok
11:55:50.0301 0x09d8  TermService - ok
11:55:50.0317 0x09d8  Themes - ok
11:55:50.0317 0x09d8  TieringEngineService - ok
11:55:50.0317 0x09d8  tiledatamodelsvc - ok
11:55:50.0332 0x09d8  TimeBroker - ok
11:55:50.0332 0x09d8  TPM - ok
11:55:50.0332 0x09d8  TrkWks - ok
11:55:50.0379 0x09d8  TrustedInstaller - ok
11:55:50.0395 0x09d8  tsusbflt - ok
11:55:50.0411 0x09d8  TsUsbGD - ok
11:55:50.0411 0x09d8  tunnel - ok
11:55:50.0426 0x09d8  tzautoupdate - ok
11:55:50.0426 0x09d8  uagp35 - ok
11:55:50.0426 0x09d8  UASPStor - ok
11:55:50.0426 0x09d8  UcmCx0101 - ok
11:55:50.0442 0x09d8  UcmUcsi - ok
11:55:50.0442 0x09d8  Ucx01000 - ok
11:55:50.0442 0x09d8  UdeCx - ok
11:55:50.0442 0x09d8  udfs - ok
11:55:50.0442 0x09d8  UEFI - ok
11:55:50.0457 0x09d8  Ufx01000 - ok
11:55:50.0457 0x09d8  UfxChipidea - ok
11:55:50.0457 0x09d8  ufxsynopsys - ok
11:55:50.0473 0x09d8  UI0Detect - ok
11:55:50.0473 0x09d8  uliagpkx - ok
11:55:50.0473 0x09d8  umbus - ok
11:55:50.0473 0x09d8  UmPass - ok
11:55:50.0473 0x09d8  UmRdpService - ok
11:55:50.0489 0x09d8  UnistoreSvc - ok
11:55:50.0489 0x09d8  upnphost - ok
11:55:50.0489 0x09d8  UrsChipidea - ok
11:55:50.0489 0x09d8  UrsCx01000 - ok
11:55:50.0504 0x09d8  UrsSynopsys - ok
11:55:50.0504 0x09d8  usbaudio - ok
11:55:50.0504 0x09d8  usbccgp - ok
11:55:50.0504 0x09d8  usbcir - ok
11:55:50.0504 0x09d8  usbehci - ok
11:55:50.0504 0x09d8  usbhub - ok
11:55:50.0504 0x09d8  USBHUB3 - ok
11:55:50.0520 0x09d8  usbohci - ok
11:55:50.0520 0x09d8  usbprint - ok
11:55:50.0520 0x09d8  usbser - ok
11:55:50.0520 0x09d8  USBSTOR - ok
11:55:50.0536 0x09d8  usbuhci - ok
11:55:50.0551 0x09d8  USBXHCI - ok
11:55:50.0551 0x09d8  UserDataSvc - ok
11:55:50.0567 0x09d8  UserManager - ok
11:55:50.0567 0x09d8  UsoSvc - ok
11:55:50.0567 0x09d8  VaultSvc - ok
11:55:50.0567 0x09d8  vdrvroot - ok
11:55:50.0567 0x09d8  vds - ok
11:55:50.0567 0x09d8  VerifierExt - ok
11:55:50.0567 0x09d8  vhdmp - ok
11:55:50.0567 0x09d8  vhf - ok
11:55:50.0582 0x09d8  vmbus - ok
11:55:50.0582 0x09d8  VMBusHID - ok
11:55:50.0598 0x09d8  vmicguestinterface - ok
11:55:50.0598 0x09d8  vmicheartbeat - ok
11:55:50.0598 0x09d8  vmickvpexchange - ok
11:55:50.0614 0x09d8  vmicrdv - ok
11:55:50.0614 0x09d8  vmicshutdown - ok
11:55:50.0614 0x09d8  vmictimesync - ok
11:55:50.0614 0x09d8  vmicvmsession - ok
11:55:50.0614 0x09d8  vmicvss - ok
11:55:50.0614 0x09d8  volmgr - ok
11:55:50.0614 0x09d8  volmgrx - ok
11:55:50.0614 0x09d8  volsnap - ok
11:55:50.0629 0x09d8  vpci - ok
11:55:50.0629 0x09d8  vsmraid - ok
11:55:50.0629 0x09d8  VSS - ok
11:55:50.0629 0x09d8  VSTXRAID - ok
11:55:50.0629 0x09d8  vwifibus - ok
11:55:50.0629 0x09d8  vwififlt - ok
11:55:50.0629 0x09d8  vwifimp - ok
11:55:50.0645 0x09d8  W32Time - ok
11:55:50.0676 0x09d8  w3logsvc - ok
11:55:50.0692 0x09d8  W3SVC - ok
11:55:50.0692 0x09d8  WacomPen - ok
11:55:50.0707 0x09d8  WalletService - ok
11:55:50.0707 0x09d8  wanarp - ok
11:55:50.0707 0x09d8  wanarpv6 - ok
11:55:50.0707 0x09d8  WAS - ok
11:55:50.0723 0x09d8  wbengine - ok
11:55:50.0723 0x09d8  WbioSrvc - ok
11:55:50.0739 0x09d8  Wcmsvc - ok
11:55:50.0739 0x09d8  wcncsvc - ok
11:55:50.0739 0x09d8  WcsPlugInService - ok
11:55:50.0739 0x09d8  WdBoot - ok
11:55:50.0739 0x09d8  Wdf01000 - ok
11:55:50.0739 0x09d8  WdFilter - ok
11:55:50.0739 0x09d8  WdiServiceHost - ok
11:55:50.0754 0x09d8  WdiSystemHost - ok
11:55:50.0754 0x09d8  wdiwifi - ok
11:55:50.0754 0x09d8  WdNisDrv - ok
11:55:50.0786 0x09d8  WdNisSvc - ok
11:55:50.0786 0x09d8  WebClient - ok
11:55:50.0801 0x09d8  Wecsvc - ok
11:55:50.0801 0x09d8  WEPHOSTSVC - ok
11:55:50.0801 0x09d8  wercplsupport - ok
11:55:50.0801 0x09d8  WerSvc - ok
11:55:50.0801 0x09d8  WFPLWFS - ok
11:55:50.0801 0x09d8  WiaRpc - ok
11:55:50.0817 0x09d8  WIMMount - ok
11:55:50.0817 0x09d8  WinDefend - ok
11:55:50.0832 0x09d8  WindowsTrustedRT - ok
11:55:50.0832 0x09d8  WindowsTrustedRTProxy - ok
11:55:50.0832 0x09d8  WinHttpAutoProxySvc - ok
11:55:50.0848 0x09d8  WinMad - ok
11:55:50.0864 0x09d8  Winmgmt - ok
11:55:50.0895 0x09d8  WinRM - ok
11:55:50.0911 0x09d8  WINUSB - ok
11:55:50.0911 0x09d8  WinVerbs - ok
11:55:50.0911 0x09d8  WlanSvc - ok
11:55:50.0926 0x09d8  wlidsvc - ok
11:55:50.0926 0x09d8  WmiAcpi - ok
11:55:50.0926 0x09d8  wmiApSrv - ok
11:55:50.0957 0x09d8  WMPNetworkSvc - ok
11:55:50.0973 0x09d8  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
11:55:51.0004 0x09d8  Wof - ok
11:55:51.0004 0x09d8  workfolderssvc - ok
11:55:51.0004 0x09d8  wpcfltr - ok
11:55:51.0004 0x09d8  WPDBusEnum - ok
11:55:51.0020 0x09d8  WpdUpFltr - ok
11:55:51.0020 0x09d8  WpnService - ok
11:55:51.0020 0x09d8  ws2ifsl - ok
11:55:51.0020 0x09d8  wscsvc - ok
11:55:51.0020 0x09d8  WSearch - ok
11:55:51.0020 0x09d8  WSService - ok
11:55:51.0051 0x09d8  wuauserv - ok
11:55:51.0051 0x09d8  WudfPf - ok
11:55:51.0051 0x09d8  wudfsvc - ok
11:55:51.0051 0x09d8  WUDFWpdFs - ok
11:55:51.0051 0x09d8  WUDFWpdMtp - ok
11:55:51.0067 0x09d8  WwanSvc - ok
11:55:51.0082 0x09d8  XblAuthManager - ok
11:55:51.0082 0x09d8  XblGameSave - ok
11:55:51.0082 0x09d8  xboxgip - ok
11:55:51.0114 0x09d8  XboxNetApiSvc - ok
11:55:51.0114 0x09d8  xinputhid - ok
11:55:51.0114 0x09d8  xusb22 - ok
11:55:51.0114 0x09d8  ================ Scan global ===============================
11:55:51.0176 0x09d8  [ Global ] - ok
11:55:51.0176 0x09d8  ================ Scan MBR ==================================
11:55:51.0192 0x09d8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:55:51.0504 0x09d8  \Device\Harddisk0\DR0 - ok
11:55:51.0504 0x09d8  ================ Scan VBR ==================================
11:55:51.0504 0x09d8  [ 81ED99DE0B1E4D870D6D05101AD292C3 ] \Device\Harddisk0\DR0\Partition1
11:55:51.0567 0x09d8  \Device\Harddisk0\DR0\Partition1 - ok
11:55:51.0567 0x09d8  [ BD06E1052A646C6802AA8FAA591C618F ] \Device\Harddisk0\DR0\Partition2
11:55:51.0629 0x09d8  \Device\Harddisk0\DR0\Partition2 - ok
11:55:51.0629 0x09d8  ================ Scan generic autorun ======================
11:55:52.0020 0x09d8  [ 65E8545F1297CD83534C354A7BED1848, 19B3F3C17A335837454DC1851C6436D0BB2D8B1595AEB4DC71265FB20868B48F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
11:55:52.0332 0x09d8  RTHDVCPL - ok
11:55:52.0364 0x09d8  [ 3A19FD28BF891CB67FD89A94BEC88C3F, 6D9F5FA55A4B8A386691E91305C8CA9323B91680FA2DC4585DDDECA69BB80FA0 ] C:\Windows\system32\igfxtray.exe
11:55:52.0379 0x09d8  IgfxTray - ok
11:55:52.0426 0x09d8  [ D94BCD3B86F5220BEFC277B395EEE845, 61D3DE5621CE855F8EA5BF2308D0DFFB3B517BF7187AEE1FEF6785C5880E7D49 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
11:55:52.0520 0x09d8  IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
11:55:54.0832 0x09d8  Detect skipped due to KSN trusted
11:55:54.0832 0x09d8  IAStorIcon - ok
11:55:54.0942 0x09d8  [ E445C0DB7E5E89C657FC89C0C4CCEDE5, ABD7A9B36CFD6740CE06456B152D9EB1856C11CD7FB2A34E06D63BAD0639B2A0 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
11:55:55.0051 0x09d8  NvBackend - ok
11:55:55.0083 0x09d8  ShadowPlay - ok
11:55:55.0145 0x09d8  [ 70BDEE03032BF7CE279838866B25E697, 007C3AC1B4380BC56EC6E14EFC022C03F165D08447AD763854351C530E19D976 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
11:55:55.0161 0x09d8  IMSS - ok
11:55:55.0176 0x09d8  [ D2AEADFD998706B4216315B2BD3FA79E, D45634355B7733F9B6754A6FB80B7EC20C0D584A08E2F710DF612B393D96A8F9 ] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
11:55:55.0223 0x09d8  ISUSScheduler - detected UnsignedFile.Multi.Generic ( 1 )
11:55:57.0567 0x09d8  Detect skipped due to KSN trusted
11:55:57.0567 0x09d8  ISUSScheduler - ok
11:55:57.0598 0x09d8  [ EBC0E8C0A4DDA2C32A7D5863462A321A, 2F410138DB66D0219254339F1F098E401CEDAA032596F1F67BC54F394256FC68 ] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
11:55:57.0708 0x09d8  amd_dc_opt - detected UnsignedFile.Multi.Generic ( 1 )
11:56:00.0051 0x09d8  Detect skipped due to KSN trusted
11:56:00.0051 0x09d8  amd_dc_opt - ok
11:56:00.0176 0x09d8  [ D470EB94988531FE20A2A78766BB6858, 59F46FBC2267584422D7C4EC5BCC4071BB8DCF544C3AB44BEEBAE091EDCB9947 ] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
11:56:00.0223 0x09d8  BlueStacks Agent - ok
11:56:00.0286 0x09d8  OneDriveSetup - ok
11:56:00.0286 0x09d8  OneDriveSetup - ok
11:56:00.0301 0x09d8  [ A379B75A6FFE4DFD3184F35F0141CE91, C777B01B4361456D4D829E96723C85CCDC2E3647C4CF25894AC83100552E36AB ] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
11:56:00.0442 0x09d8  ISUSPM Startup - detected UnsignedFile.Multi.Generic ( 1 )
11:56:00.0520 0x156c  Object required for P2P: [ 4F2B65FA16319BBA3A309EC2964920A1 ] nvsvc
11:56:02.0786 0x09d8  Detect skipped due to KSN trusted
11:56:02.0786 0x09d8  ISUSPM Startup - ok
11:56:02.0848 0x09d8  [ 406E7DF08CE79BE3016CC6D15E2ED956, 9DA8D10AE642B9411A3EB253F97918A6F470F1772F0057964267497CE0BDA53A ] C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe
11:56:02.0895 0x09d8  Dxtory Update Checker 2.0 - detected UnsignedFile.Multi.Generic ( 1 )
11:56:02.0942 0x156c  Object send P2P result: true
11:56:05.0239 0x09d8  Detect skipped due to KSN trusted
11:56:05.0239 0x09d8  Dxtory Update Checker 2.0 - ok
11:56:05.0411 0x09d8  [ 91DD4AD85BB341CC8CF5187EA06FD171, 68330A5EBDA7E4A51926EC2085D71C11BD2857A6EB1D4749DEE7A6D1D5679B98 ] C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
11:56:05.0426 0x09d8  OneDrive - ok
11:56:05.0426 0x09d8  OneDriveSetup - ok
11:56:05.0458 0x09d8  WAB Migrate - ok
11:56:05.0458 0x09d8  Waiting for KSN requests completion. In queue: 2
11:56:06.0473 0x09d8  Waiting for KSN requests completion. In queue: 2
11:56:07.0489 0x09d8  Waiting for KSN requests completion. In queue: 1
11:56:08.0520 0x09d8  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x61100 ( enabled : updated )
11:56:08.0536 0x09d8  Win FW state via NFP2: enabled ( trusted )
11:56:10.0926 0x09d8  ============================================================
11:56:10.0926 0x09d8  Scan finished
11:56:10.0926 0x09d8  ============================================================
11:56:10.0942 0x030c  Detected object count: 0
11:56:10.0942 0x030c  Actual detected object count: 0
         


Alt 27.02.2016, 11:12   #6
Kanso
 
Virenprogramm lässt sich nicht mehr installieren - Standard

Virenprogramm lässt sich nicht mehr installieren



FRST.txt:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:24-02-2016
durchgeführt von Admin (Administrator) auf ADMIN-PC (27-02-2016 12:06:26)
Gestartet von C:\Users\Admin\Desktop
Geladene Profile: Admin (Verfügbare Profile: Admin & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Kaspersky Lab ZAO) C:\Users\Admin\Desktop\tdsskiller.exe
(Kaspersky Lab ZAO) C:\Users\Admin\AppData\Local\Temp\{F961F371-BEAD-4706-A050-0AEF9D9A4216}\{9CC410C8-AFCD-40DD-9A05-0AF1C39898D7}.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [402344 2015-12-19] ()
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-03-12] (Intel Corporation)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [896632 2015-07-22] (BlueStack Systems, Inc.)
HKU\S-1-5-21-988284940-210793992-766847566-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-16] (InstallShield Software Corporation)
HKU\S-1-5-21-988284940-210793992-766847566-1000\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [175368 2016-02-09] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK-Konfigurationstool.lnk [2014-02-28]
ShortcutTarget: TP-LINK-Konfigurationstool.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{38fa8d64-1429-4eb3-94d0-479866b2cb77}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-988284940-210793992-766847566-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-988284940-210793992-766847566-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-988284940-210793992-766847566-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll => Keine Datei
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll => Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sxq420uz.default
FF Session Restore: -> ist aktiviert.
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-15] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-15] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2011-04-05] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-02-09] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-02-09] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2015-06-19] (Pando Networks)
FF Plugin HKU\S-1-5-21-988284940-210793992-766847566-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-988284940-210793992-766847566-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-09-10] ()
FF SearchPlugin: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sxq420uz.default\searchplugins\safesearch.xml [2015-06-25]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sxq420uz.default\Extensions\adblockpopups@jessehakanen.net.xpi [2015-05-29]
FF Extension: NoScript - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sxq420uz.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-02-12]
FF Extension: WOT - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sxq420uz.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-09]
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\sxq420uz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1616440 2015-10-31] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7220792 2016-01-30] (GOG.com)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation)
S4 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S4 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2014-06-19] ()
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
R3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [3870464 2015-10-01] (Realtek Semiconductor Corporation                           )
R3 Sftfs; C:\Windows\System32\DRIVERS\Sftfswin7.sys [767648 2014-10-08] (Microsoft Corporation)
R3 Sftplay; C:\Windows\System32\DRIVERS\Sftplaywin7.sys [273576 2014-10-08] (Microsoft Corporation)
R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [29864 2014-10-08] (Microsoft Corporation)
R3 Sftvol; C:\Windows\System32\DRIVERS\Sftvolwin7.sys [23208 2014-10-08] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 condrv; System32\drivers\condrv.sys [X]
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-27 12:06 - 2016-02-27 12:07 - 00015268 _____ C:\Users\Admin\Desktop\FRST.txt
2016-02-27 12:05 - 2016-02-27 12:06 - 02371072 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2016-02-27 11:54 - 2016-02-27 11:54 - 00246848 ____N (Kaspersky Lab, Yury Parshin) C:\WINDOWS\system32\Drivers\83047933.sys
2016-02-27 11:53 - 2016-02-27 11:56 - 00078164 _____ C:\TDSSKiller.3.1.0.9_27.02.2016_11.53.57_log.txt
2016-02-27 11:52 - 2016-02-27 11:53 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Admin\Desktop\tdsskiller.exe
2016-02-27 11:51 - 2016-02-27 11:51 - 00001845 _____ C:\Users\Admin\Desktop\Fixlog.txt
2016-02-26 09:35 - 2016-02-27 12:06 - 00000000 ____D C:\FRST
2016-02-26 05:36 - 2016-02-26 05:36 - 00001364 _____ C:\Users\Admin\Desktop\Norton-Installationsdateien.lnk
2016-02-26 05:36 - 2016-02-26 05:36 - 00000000 ____D C:\WINDOWS\system32\Drivers\NSx64
2016-02-26 05:35 - 2016-02-26 05:36 - 01110464 _____ (Symantec Corporation) C:\Users\Admin\Downloads\NSDownloader(2).exe
2016-02-26 05:30 - 2016-02-26 19:27 - 00364004 _____ C:\WINDOWS\ntbtlog.txt
2016-02-26 05:28 - 2016-02-26 05:28 - 10079720 _____ (Symantec Corporation) C:\Users\Admin\Downloads\NPE (2).exe
2016-02-26 05:12 - 2016-02-26 05:14 - 00412020 _____ C:\WINDOWS\Minidump\022616-17640-01.dmp
2016-02-25 11:37 - 2016-02-25 11:37 - 00000432 _____ C:\Users\Admin\AppData\Local\LMIR0001.tmp.bat
2016-02-25 11:37 - 2016-02-25 11:37 - 00000357 _____ C:\Users\Admin\AppData\Local\LMIR0001.tmp_r.bat
2016-02-25 11:33 - 2016-02-25 11:36 - 00000000 ____D C:\Program Files (x86)\LogMeIn Rescue RC - 0bfdcd33-f52c-4b3b-a4a7-71770fabb626
2016-02-25 11:28 - 2016-02-27 11:45 - 00000000 ____D C:\ProgramData\Norton
2016-02-25 11:28 - 2016-02-26 19:28 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
2016-02-25 11:28 - 2016-02-26 05:38 - 00000000 ____D C:\ProgramData\NortonInstaller
2016-02-25 11:15 - 2016-02-25 11:15 - 10079720 _____ (Symantec Corporation) C:\Users\Admin\Downloads\NPE (1).exe
2016-02-25 11:13 - 2016-02-25 11:13 - 00895080 _____ C:\Users\Admin\Downloads\Norton_Removal_Tool(1).exe
2016-02-25 10:48 - 2016-02-25 10:48 - 00000000 __SHD C:\found.000
2016-02-25 10:29 - 2016-02-27 11:44 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-02-25 10:28 - 2016-02-25 10:28 - 00000000 ____D C:\WINDOWS\pss
2016-02-25 10:07 - 2016-02-26 05:31 - 00000000 ____D C:\NPE
2016-02-25 10:05 - 2016-02-26 05:33 - 00000000 ____D C:\Users\Admin\AppData\Local\NPE
2016-02-25 10:05 - 2016-02-25 10:05 - 10079720 _____ (Symantec Corporation) C:\Users\Admin\Downloads\NPE.exe
2016-02-25 10:02 - 2016-02-25 10:02 - 01110464 _____ (Symantec Corporation) C:\Users\Admin\Downloads\NSDownloader (1).exe
2016-02-25 09:58 - 2016-02-27 07:56 - 00004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3CF3C132-6859-4994-8DAC-3B31CD8D194C}
2016-02-25 09:54 - 2016-02-25 09:55 - 00895080 _____ C:\Users\Admin\Downloads\Norton_Removal_Tool.exe
2016-02-25 09:48 - 2016-02-25 09:48 - 00000248 _____ C:\rescue.info
2016-02-25 09:46 - 2016-02-25 09:46 - 01857576 _____ (LogMeIn, Inc.) C:\Users\Admin\Downloads\Support-LogMeInRescue.exe
2016-02-25 09:46 - 2016-02-25 09:46 - 00000000 ____D C:\Users\Admin\AppData\Local\LogMeIn Rescue Applet
2016-02-24 21:57 - 2016-02-24 21:57 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\HuniePot
2016-02-24 21:55 - 2016-02-24 21:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HuniePop [GOG.com]
2016-02-16 00:11 - 2016-02-16 00:11 - 00002202 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2016-02-16 00:10 - 2016-02-16 00:10 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-02-16 00:10 - 2016-02-09 06:04 - 00111672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-02-16 00:09 - 2016-02-09 09:25 - 42983480 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 37616184 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 31119296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 24944064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 21201784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 20741880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 17631304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 17224664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 17175248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 17116936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 02541504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 02187712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 01924152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436191.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 01573432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436191.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00950328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00882232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00786688 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00745408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00689600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00632336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00541000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00445728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00423360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00383424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00379448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00378968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00348216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00317144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00175368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00153392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2016-02-16 00:09 - 2016-02-09 09:25 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2016-02-14 10:24 - 2016-02-14 10:26 - 00353028 _____ C:\WINDOWS\Minidump\021416-29546-01.dmp
2016-02-12 06:29 - 2016-02-24 09:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-09 19:52 - 2016-01-29 07:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-09 19:52 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-09 19:52 - 2016-01-27 07:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-09 19:52 - 2016-01-27 07:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-09 19:52 - 2016-01-27 07:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-09 19:52 - 2016-01-27 07:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-09 19:52 - 2016-01-27 07:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-09 19:52 - 2016-01-27 06:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-09 19:52 - 2016-01-27 06:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-09 19:52 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-09 19:52 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-09 19:52 - 2016-01-27 06:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-09 19:52 - 2016-01-27 06:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-02-09 19:52 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-09 19:52 - 2016-01-27 06:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-09 19:52 - 2016-01-27 06:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-09 19:52 - 2016-01-27 06:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-09 19:52 - 2016-01-27 06:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-09 19:52 - 2016-01-27 06:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-02-09 19:52 - 2016-01-27 06:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-09 19:52 - 2016-01-27 06:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-09 19:52 - 2016-01-27 06:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-09 19:52 - 2016-01-27 06:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-02-09 19:52 - 2016-01-27 06:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-02-09 19:52 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-09 19:52 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-09 19:52 - 2016-01-27 06:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-02-09 19:52 - 2016-01-27 06:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-02-09 19:52 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-09 19:52 - 2016-01-27 06:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-02-09 19:52 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-09 19:52 - 2016-01-27 06:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-09 19:52 - 2016-01-27 06:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-09 19:52 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-09 19:52 - 2016-01-27 06:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-09 19:52 - 2016-01-27 06:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-02-09 19:52 - 2016-01-27 06:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-02-09 19:52 - 2016-01-27 06:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-02-09 19:52 - 2016-01-27 06:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-09 19:52 - 2016-01-27 06:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-09 19:52 - 2016-01-27 06:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-02-09 19:52 - 2016-01-27 06:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-09 19:52 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-09 19:52 - 2016-01-27 05:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-09 19:52 - 2016-01-27 05:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-09 19:52 - 2016-01-27 05:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-09 19:52 - 2016-01-27 05:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-09 19:52 - 2016-01-27 05:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-09 19:52 - 2016-01-27 05:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-09 19:52 - 2016-01-27 05:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-09 19:52 - 2016-01-27 05:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-09 19:52 - 2016-01-27 05:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-09 19:52 - 2016-01-27 05:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-09 19:52 - 2016-01-27 05:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-09 19:52 - 2016-01-27 05:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-09 19:52 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-09 19:52 - 2016-01-27 05:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-09 19:52 - 2016-01-27 05:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-02-09 19:52 - 2016-01-27 05:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-09 19:52 - 2016-01-27 05:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-09 19:52 - 2016-01-27 05:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-09 19:52 - 2016-01-27 05:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-09 19:52 - 2016-01-27 05:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-09 19:52 - 2016-01-27 05:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-09 19:52 - 2016-01-27 05:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-02-03 19:18 - 2016-02-03 19:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher® 3 - Wild Hunt [GOG.com]
2016-02-02 19:33 - 2016-02-02 19:35 - 10026464 _____ C:\Users\Admin\Downloads\Worlds Apart (Sami Zayn)_Megalouis100v4.m4a
2016-01-31 12:53 - 2016-02-08 00:23 - 00000000 ____D C:\Users\Admin\Documents\Broken Sword - Director's Cut
2016-01-31 12:19 - 2016-01-31 12:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Broken Sword - Director's Cut [GOG.com]
2016-01-31 01:02 - 2016-01-23 04:31 - 01924152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436175.dll
2016-01-31 01:02 - 2016-01-23 04:31 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436175.dll
2016-01-29 19:10 - 2016-01-29 19:10 - 00000000 ____D C:\Users\Admin\Documents\League of Legends
2016-01-29 19:03 - 2016-02-25 09:55 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2016-01-29 18:55 - 2016-01-29 18:55 - 01110464 _____ (Symantec Corporation) C:\Users\Admin\Downloads\NSDownloader(1).exe
2016-01-29 17:44 - 2016-01-29 17:44 - 00102616 _____ (Symantec Corporation) C:\WINDOWS\SMSS-PFRO5d7c.tmp

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-27 11:51 - 2015-12-03 04:01 - 02091230 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-27 11:51 - 2015-10-30 19:35 - 00889534 _____ C:\WINDOWS\system32\perfh007.dat
2016-02-27 11:51 - 2015-10-30 19:35 - 00197858 _____ C:\WINDOWS\system32\perfc007.dat
2016-02-27 11:51 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-02-27 11:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-02-27 11:47 - 2015-12-03 04:17 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-27 11:47 - 2015-12-03 03:58 - 00000000 ____D C:\ProgramData\NVIDIA
2016-02-27 11:47 - 2015-12-03 03:57 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-02-27 11:46 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-02-26 19:34 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-26 19:34 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-26 05:30 - 2015-10-30 08:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-02-26 05:12 - 2015-12-04 19:37 - 00000000 ____D C:\WINDOWS\Minidump
2016-02-26 05:12 - 2014-03-07 16:29 - 890432205 _____ C:\WINDOWS\MEMORY.DMP
2016-02-25 20:43 - 2014-10-15 18:28 - 00000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2016-02-25 20:39 - 2015-03-05 20:41 - 00000000 ____D C:\GOG Games
2016-02-25 20:39 - 2015-03-05 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2016-02-25 20:39 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-02-25 09:59 - 2014-11-29 21:19 - 00000000 __SHD C:\Users\Admin\AppData\Local\EmieUserList
2016-02-25 09:59 - 2014-11-29 21:19 - 00000000 __SHD C:\Users\Admin\AppData\Local\EmieSiteList
2016-02-25 09:58 - 2015-02-05 18:42 - 00000000 __SHD C:\Users\Admin\AppData\LocalLow\EmieUserList
2016-02-25 09:58 - 2015-02-05 18:42 - 00000000 __SHD C:\Users\Admin\AppData\LocalLow\EmieSiteList
2016-02-25 09:03 - 2015-12-03 04:01 - 00000000 ____D C:\Users\Admin
2016-02-25 08:44 - 2015-08-06 20:56 - 00000000 __SHD C:\Users\Admin\IntelGraphicsProfiles
2016-02-24 18:56 - 2015-06-01 19:35 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2016-02-22 01:16 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-02-21 23:27 - 2015-01-27 10:27 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-02-21 00:02 - 2014-02-10 11:42 - 00000000 ____D C:\Users\Admin\AppData\Roaming\SoftGrid Client
2016-02-20 22:15 - 2014-08-10 22:06 - 00000000 ____D C:\Program Files (x86)\Steam
2016-02-16 00:11 - 2015-12-03 03:57 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-02-16 00:11 - 2014-02-26 20:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-02-14 10:24 - 2015-01-26 02:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-13 20:35 - 2014-02-10 12:11 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-13 20:32 - 2014-02-10 12:11 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-12 02:22 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-02-10 19:34 - 2015-08-06 20:56 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-02-10 10:37 - 2015-10-30 19:47 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 07:27 - 2015-09-22 23:03 - 12478528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-02-09 22:20 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-09 09:25 - 2015-09-22 23:03 - 19779648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-02-09 09:25 - 2015-09-22 23:03 - 14115136 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-02-09 09:25 - 2015-09-22 23:03 - 03649576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-02-09 09:25 - 2015-09-22 23:03 - 03231544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-02-09 09:25 - 2015-09-22 23:03 - 00035832 _____ C:\WINDOWS\system32\nvinfo.pb
2016-02-09 06:29 - 2015-12-03 03:57 - 06368824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-02-09 06:29 - 2015-12-03 03:57 - 02992064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-02-09 06:29 - 2015-12-03 03:57 - 02561472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-02-09 06:29 - 2015-12-03 03:57 - 01263040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-02-09 06:29 - 2015-12-03 03:57 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-02-09 06:29 - 2015-12-03 03:57 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-02-09 06:29 - 2014-11-24 17:02 - 00530368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-02-09 06:29 - 2014-11-24 17:02 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-02-07 23:20 - 2015-05-20 16:56 - 00000000 ____D C:\Program Files (x86)\GalaxyClient
2016-02-07 20:41 - 2014-04-12 17:17 - 00000000 ____D C:\Users\Admin\AppData\Roaming\TS3Client
2016-02-06 15:58 - 2015-12-03 03:57 - 06154909 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-02-03 20:01 - 2015-10-30 08:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-03 20:01 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-31 12:19 - 2014-08-31 18:56 - 00466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2016-01-31 12:19 - 2014-08-31 18:56 - 00444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2016-01-31 12:19 - 2014-08-31 18:56 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2016-01-31 12:19 - 2014-08-31 18:56 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2016-01-31 01:02 - 2015-12-03 03:57 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-01-29 18:55 - 2015-07-25 17:47 - 00000000 ____D C:\Users\Public\Downloads\Norton
2016-01-29 17:37 - 2015-12-03 03:57 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-01-28 22:48 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-01-28 22:48 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-01-28 22:48 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-01-28 22:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-01-28 22:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-01-28 22:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-28 22:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-02-25 11:37 - 2016-02-25 11:37 - 0000432 _____ () C:\Users\Admin\AppData\Local\LMIR0001.tmp.bat
2016-02-25 11:37 - 2016-02-25 11:37 - 0000357 _____ () C:\Users\Admin\AppData\Local\LMIR0001.tmp_r.bat
2015-12-03 03:57 - 2015-12-03 03:57 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


ACHTUNG: ==> Auf den BCD konnte nicht zugegriffen werden. 


LastRegBack: 2016-02-27 10:03

==================== Ende von FRST.txt ============================
         

Addition.txt:

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:24-02-2016
durchgeführt von Admin (2016-02-27 12:07:32)
Gestartet von C:\Users\Admin\Desktop
Windows 10 Pro Version 1511 (X64) (2015-12-03 03:22:42)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Admin (S-1-5-21-988284940-210793992-766847566-1000 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-988284940-210793992-766847566-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-988284940-210793992-766847566-503 - Limited - Disabled)
Gast (S-1-5-21-988284940-210793992-766847566-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-988284940-210793992-766847566-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

1954 Alcatraz (HKLM-x32\...\Steam App 255280) (Version:  - Daedalic Entertainment)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Assassins Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Assassin's Creed Revelations 1.03 (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.03 - Ubisoft)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Baldur's Gate -  The Original Saga (German) (HKLM-x32\...\GOGPACKBALDURSGATE1_is1) (Version: 2.0.0.20 - GOG.com)
Batman: Arkham City GOTY (HKLM-x32\...\Steam App 200260) (Version:  - Rocksteady Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BioShock (HKLM-x32\...\Steam App 7670) (Version:  - 2K Boston)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{C1F53C9F-C560-4292-9237-12786FE6BF62}) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
Broken Sword - Director's Cut (HKLM-x32\...\1207658900_is1) (Version: 2.1.0.16 - GOG.com)
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version:  - FromSoftware)
DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version:  - FromSoftware, Inc)
Darksiders (HKLM-x32\...\Steam App 50620) (Version:  - Vigil Games)
DarksidersInstaller (HKLM-x32\...\{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}) (Version: 1.00.1000 - Ihr Firmenname)
Deus Ex: Human Revolution - Director's Cut (HKLM-x32\...\Steam App 238010) (Version:  - Eidos Montreal)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
DVD Architect Studio 5.0 (HKLM-x32\...\{E42939AE-9660-11E2-9A0D-F04DA23A5C58}) (Version: 5.0.178 - Sony)
Dxtory version 2.0.130 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.130 - ExKode Co. Ltd.)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FINAL FANTASY XIV: A Realm Reborn (HKLM-x32\...\Steam App 39210) (Version:  - SQUARE ENIX)
Geheimakte Tunguska (HKLM-x32\...\{3B416FDA-CB3E-4514-9616-763E5B0D1140}) (Version: 1.03.02 - Deep Silver)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
How to Survive (HKLM-x32\...\Steam App 250400) (Version:  - )
HuniePop (HKLM-x32\...\1443428641_is1) (Version: 2.0.0.1 - GOG.com)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1323 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Leisure Suit Larry - Reloaded (HKLM-x32\...\1207659243_is1) (Version: 2.1.0.11 - GOG.com)
Magic Bullet QuickLooks for Movie Studio 64 bit (HKLM-x32\...\InstallShield_{03B2F2B1-247A-4216-997F-2BE0372FFEC9}) (Version: 1.4.3 - Ihr Firmenname)
Magic Bullet QuickLooks for Movie Studio 64 bit (Version: 1.4.3 - Ihr Firmenname) Hidden
MagicYUV Lossless Video Codec version 1.0 (HKLM-x32\...\{90410593-E0EB-4F9B-B984-65BEA8F07B91}_is1) (Version: 1.0 - INNOMAGIC, Ltd.)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - 4A Games)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.6122.5000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.6129.5001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MKVToolNix 7.5.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 7.5.0 - Moritz Bunkus)
Movie Studio Platinum 12.0 (64-bit) (HKLM\...\{6C3C3A70-958D-11E2-B0E5-F04DA23A5C58}) (Version: 12.0.896 - Sony)
Mozilla Firefox 44.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
NewBlue VideoFX for Sony Vegas MSPPS (HKLM\...\NewBlue VideoFX for Sony Vegas MSPPS) (Version: 2.0 - NewBlue)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.53.2 - Black Tree Gaming)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 361.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.91 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.91 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{6F9D5A0B-202C-4161-BC7F-0664EA39E7E7}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
ON_OFF Charge 2 B13.0403.1 (HKLM-x32\...\InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A}) (Version: 1.00.0000 - GIGABYTE)
ON_OFF Charge 2 B13.0403.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Papers, Please (HKLM-x32\...\1207659209_is1) (Version: 2.5.0.11 - GOG.com)
PhotoFiltre 7 (HKU\S-1-5-21-988284940-210793992-766847566-1000\...\PhotoFiltre 7) (Version:  - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Rayman Origins (HKLM-x32\...\Steam App 207490) (Version:  - UBIart Montpellier)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder)
RollerCoaster Tycoon 3: Platinum! (HKLM-x32\...\Steam App 2700) (Version:  - Frontier)
Sacred 2 Gold (HKLM-x32\...\Steam App 225640) (Version:  - Ascaron)
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Sid Meier's Civilization IV (HKLM-x32\...\Steam App 3900) (Version:  - Firaxis Games)
Sony Vocal Eraser (HKLM-x32\...\Sony Vocal Eraser_is1) (Version: 1.00 - iZotope, Inc.)
Sound Forge Audio Studio 10.0 (HKLM-x32\...\{BC7B099E-4643-11E3-9A41-F04DA23A5C58}) (Version: 10.0.252 - Sony)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version:  - Obsidian Entertainment)
Spelunky (HKLM-x32\...\Steam App 239350) (Version:  - )
State of Decay (HKLM-x32\...\Steam App 241540) (Version:  - Undead Labs)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-988284940-210793992-766847566-1000\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Last Remnant (HKLM-x32\...\Steam App 23310) (Version:  - SQUARE ENIX)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.12.1.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.12.1.0 - GOG.com)
The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.12.1.0 - GOG.com)
The Wolf Among Us (HKLM-x32\...\Steam App 250320) (Version:  - Telltale Games)
Torchlight (HKLM-x32\...\Steam App 41500) (Version:  - Runic Games)
TP-LINK 300Mbps Wireless USB Adapter Treiber (HKLM-x32\...\{852E893E-E4FD-45BB-8B17-72ADDF686974}) (Version: 1.3.1 - TP-LINK)
TP-LINK-Konfigurationstool (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Tropico (HKLM-x32\...\Steam App 33520) (Version:  - PopTop Software)
Two Worlds: Epic Edition (HKLM-x32\...\Steam App 1930) (Version:  - Reality Pump Studios)
Unity Web Player (HKU\S-1-5-21-988284940-210793992-766847566-1000\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.10 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.1 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02A600D9-1622-4911-9725-509354AEEC6E} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {0D117D4E-EE80-429D-9B8F-D88A92248012} - System32\Tasks\{A7EDC86C-AC88-4B0D-8EBF-801BB3377055} => pcalua.exe -a "C:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Prerequisites\vcredist_x64.exe" -d "C:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Prerequisites"
Task: {0E38147A-4851-42DC-9070-354ABDEA17FC} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {17C1BB3F-9616-44CB-922F-FF23AE97B1C0} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {1AC1141E-5152-4088-903E-CA244D117CC3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {1F12A9F8-7D8D-4065-B944-4AEA70A1E4D3} - System32\Tasks\{F1F9B1E2-1649-459F-8D19-CE3F57076C12} => pcalua.exe -a "C:\Users\Admin\Downloads\chromeinstall-8u31 (1).exe" -d C:\Users\Admin\Downloads
Task: {27010340-37CF-488A-BE23-11555D46A73B} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {2DB268B3-0211-4F20-A876-262F2EEAD600} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {2F4F6831-28EB-427C-968C-08B0E3E853D5} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {40F43CEE-3685-41BD-BD05-D3E30DDF1876} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {4184E456-B813-43F0-9B55-96D23C9CD64C} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {41C95DAF-DDF2-405F-A8C4-7C2A140FA0E7} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {4EBCE7C4-AC84-4EAF-B36A-56BD4FF4205A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {5A65B13D-C7DD-442B-BC9F-E849177D96B1} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {5B136352-F75E-4BE9-8434-23C71C470FAC} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {5DC6463A-620C-498C-B8CC-3F26CD93C061} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {6D44F053-69EA-461A-ABFA-2E9FC7A0C0A4} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {6E01809B-A6A1-48BD-B4CA-115117903BF4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {6FC1A9A9-FC4E-40C5-A882-8E0B53ECC4D0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {734D0CE1-F91D-46C2-AEF6-86D2515E6550} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {73907E84-CF68-44D4-BC7D-C426518C8A13} - System32\Tasks\{459661D1-D2F6-419D-ADE9-E7E05FD0DA52} => pcalua.exe -a C:\ProgramData\HealthAlert\uninstall.exe -c /kb=y /ic=1
Task: {75DDAAA5-05CE-48D1-917F-D076DB6B8997} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {7CD1B924-1215-4D6F-B79B-0807B81C65DD} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {927B26A2-EDC4-4E89-A784-2709B910E102} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {975DC5FC-0BF4-4734-A115-4331365C7EC0} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {9B842312-0CD7-412B-9771-E75313F50259} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {A3A38E1E-FA91-4361-A90B-CB608B7FE192} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {ABF95328-BD1A-4C58-AA4C-7D9E44654241} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {AD6C2470-2782-4D1D-94D2-D509E96F0AEB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-13] (Microsoft Corporation)
Task: {ADAA0D57-05AF-4D42-97A2-CA60B486A4FD} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {B0297718-FC73-4D55-A112-237A0A2FA275} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {BCF1AC20-C954-415B-90EB-09B341F654CA} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {DA3C86F9-5E29-40D8-8035-3E189AC2D6E3} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {DEADD6EE-4754-42BF-96F9-AF94B6F06D4D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {E04234EA-61B8-4CE5-B5DF-08E264BCF2FC} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {E5FA8F18-29CC-41E7-BDEC-EC7888343D95} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {EDACD965-B245-4FD8-8F97-275FB23FECAB} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {F1A14AE5-8D99-4F21-9EEF-F5C2007E7C6B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {F855E92F-2699-4DE3-AF41-951E76CED339} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-03 03:57 - 2016-02-09 06:29 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-12-03 19:37 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-03 19:37 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-21 20:31 - 2016-01-21 20:32 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-17 20:43 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-17 20:43 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-12 20:52 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-12 20:52 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-27 19:53 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-27 19:53 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-01-21 20:31 - 2016-01-21 20:32 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-21 20:31 - 2016-01-21 20:32 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-03-30 22:38 - 2016-01-12 05:43 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:8CE646EE

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2015-01-26 20:44 - 00000027 ____N C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-988284940-210793992-766847566-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\Pictures\Wallpaper\the_witcher_3_wild_hunt_wallpaper_3-1920x1200.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
HKLM\...\StartupApproved\StartupFolder: => "TP-LINK-Konfigurationstool.lnk"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKU\S-1-5-21-988284940-210793992-766847566-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-988284940-210793992-766847566-1000\...\StartupApproved\Run: => "Dxtory Update Checker 2.0"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{6E420D0A-379E-4325-997B-5705899CAC39}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{B96ABC35-9B8B-4784-A9DB-0C1EA97B9030}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{0F6FC0BD-FCD4-42C7-B4AA-5BC87EE1A220}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe
FirewallRules: [{B314AF56-BBF0-45AF-8C29-039C4BD429B8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe
FirewallRules: [{256921F5-44A9-4B3A-BD2B-2A570C22DE55}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{57D125E4-42FB-44D2-A0EE-0F02B56DFC57}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F971CB50-BA99-4142-B8DF-8B89A8E07B33}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{E7D8D473-00F7-4EE1-9530-60C4A0F4C150}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham City GOTY\Binaries\Win32\BatmanAC.exe
FirewallRules: [{4925243F-FBE6-44B7-A975-BCCB0C180AF7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{30FDAB68-6C8E-4A7B-AA22-CCEA454D4F1A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\mark_of_the_ninja\bin\game.exe
FirewallRules: [{506017D7-8AC0-4E6C-A834-C122FCF909C4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Two Worlds - Epic Edition\TwoWorlds_RADEON.exe
FirewallRules: [{795906C9-BC9B-49FA-8325-C7C8870C2EF3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Two Worlds - Epic Edition\TwoWorlds_RADEON.exe
FirewallRules: [{E9A061A9-73B5-482C-997D-862ACF115145}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Two Worlds - Epic Edition\TwoWorlds.exe
FirewallRules: [{F4EBEA40-A7D8-43C7-AE9D-778C4CA5D7CA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Two Worlds - Epic Edition\TwoWorlds.exe
FirewallRules: [{65C91C97-F856-4271-9C73-C98B7567A801}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{360AEBC8-A0BE-4E94-8A33-AE6EAEC656E8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{315E15EB-B4F1-43E8-A4E6-402275B529A5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FF509E52-645D-4365-84AD-FB0C261C9868}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C5998C02-632D-43E9-90CA-60097EF8E86A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{991121E2-9026-4743-B7E5-7A8E55384142}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{86DF2C1A-1739-488B-875A-1AC9DB9C5060}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{6064EF51-4B50-4444-B1A4-EFA61BFF49F6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{1B15FC00-36FB-4A93-AE32-9647175F8F76}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{DC722C51-C46D-40EC-8668-E362EAE276B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{C3A04E99-322D-46E9-B9BD-703483A7B189}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{0F98958F-E861-40DD-BDC6-995B42040165}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\How to Survive\Detect.exe
FirewallRules: [{36EB300B-5DA7-4BF0-90A6-F1DE17CD6573}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\How to Survive\Detect.exe
FirewallRules: [{49455361-4214-40EC-B265-FC6266F267D5}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe
FirewallRules: [{3956483D-656F-4265-BDA2-02173B16C080}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedIIGame.exe
FirewallRules: [{D307758E-88ED-41D1-BA4D-784FC8711CA3}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe
FirewallRules: [{83F8AF97-7FB9-454C-A591-89EB18A99069}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\AssassinsCreedII.exe
FirewallRules: [{711528E3-97F2-4F8A-9EA5-082E57617A17}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\UPlayBrowser.exe
FirewallRules: [{C5046C9C-B48A-4D3C-AE86-93A41B7D5923}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed II\UPlayBrowser.exe
FirewallRules: [{7DB14810-4D82-4530-8D15-AC1FCBB8292F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Secret World\ClientPatcher.exe
FirewallRules: [{D2A93941-11DF-48F6-860B-F94D40812543}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Secret World\ClientPatcher.exe
FirewallRules: [{43838B64-8209-499B-ADF7-50A08698FC1C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sacred 2 Gold\system\sacred2.exe
FirewallRules: [{04679FA5-74EB-4F69-9CF8-D680702FF885}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sacred 2 Gold\system\sacred2.exe
FirewallRules: [TCP Query User{AA756576-BAC1-4E66-88B8-E0048499E0E2}C:\program files (x86)\steam\steamapps\common\sacred 2 gold\system\s2gs.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\sacred 2 gold\system\s2gs.exe
FirewallRules: [UDP Query User{D89FE854-8AF1-4764-9460-3B065BD66B94}C:\program files (x86)\steam\steamapps\common\sacred 2 gold\system\s2gs.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\sacred 2 gold\system\s2gs.exe
FirewallRules: [{3248C1A6-D190-4F12-8664-CE8FC448256F}] => (Block) C:\program files (x86)\steam\steamapps\common\sacred 2 gold\system\s2gs.exe
FirewallRules: [{3C04B63A-6BE8-44F6-9601-3F5512BD4BD5}] => (Block) C:\program files (x86)\steam\steamapps\common\sacred 2 gold\system\s2gs.exe
FirewallRules: [{C5EB114E-20B2-4E5A-A3C0-42DB2A0E0E3B}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{B3BEF09D-7E43-474E-B668-25C680E2C25F}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{E739C62B-55ED-493C-8218-9EA012051BBD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1DDA49CF-21C4-4183-902F-D13104F301A1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2C3D6D71-6A44-4A80-B2A7-219C1420825F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D560325B-8725-48E5-8ABC-2E1FF99FCE98}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E48773F8-4DF5-4A58-A166-1B312C9269EF}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRSP.exe
FirewallRules: [{412CA1BF-B6E1-4713-B8FB-7EBC424876D0}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRSP.exe
FirewallRules: [{2D959B1C-9A0A-4CAC-A4FC-75936D9D49F2}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRMP.exe
FirewallRules: [{C0F791F9-DF54-4563-8410-219F17F6D25F}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\ACRMP.exe
FirewallRules: [{6CE64287-2232-4D23-AE8C-292D1C5D4F93}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\AssassinsCreedRevelations.exe
FirewallRules: [{4E8BD3CA-B72A-4C48-A323-F5A3B2EBF83E}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Revelations\AssassinsCreedRevelations.exe
FirewallRules: [{00AB475C-77DB-4C57-B574-1D524BA5CA20}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{9AAD1A10-DA90-478C-9C63-08C7D8B02EC8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{090A43EF-2DD9-4261-990A-CAFE332D8E92}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{2102550E-749E-41E2-8FEE-B7EBBD08C1CA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{4BCFAB4F-2B9D-45DE-B077-F08168D5D67C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [{E42C92D2-79D8-4882-87F6-3B1B1594FDE7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Batman Arkham Origins\Online\Binaries\Win32\BatmanOriginsOnline.exe
FirewallRules: [TCP Query User{C1109CDB-71AE-439E-B1C2-50213C8C7A5B}C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe
FirewallRules: [UDP Query User{83D4C6C7-813C-44E2-B75B-C4BE83A4CB62}C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe
FirewallRules: [{36973D42-9A1C-4CFE-BF4D-E518212F5373}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ValveTestApp207490\Rayman Origins.exe
FirewallRules: [{7D9C5840-7C9D-46DF-B0A2-BC21610BF4A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ValveTestApp207490\Rayman Origins.exe
FirewallRules: [{C879E974-3CD9-40F1-9C30-303E9B43905F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{C7E055CB-D40D-4E27-B447-69B9B33F8345}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{12825260-A3BB-45E7-9C28-A1420FF60F33}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{997E46D0-78E6-4A77-8D4F-3A92C07FE6B0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{CFB6F006-D750-49A3-BAE0-6BDFB7E2AC9C}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{6B5F1130-E279-488D-AE55-A2DAE030F088}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{CEED23D0-3A11-4786-864D-3081A7F322BE}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{DE762189-4EF7-4EC1-A60F-21B017CB8085}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{6D55673B-0FF9-4D59-A9A2-9F7BDF50B34C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{A2B93ADD-9986-4733-9E48-06254363C283}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{9E681173-7A4C-46C3-86A6-A36B1C2B5BA3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe
FirewallRules: [{05AA5451-BEE9-4D9E-94C0-0B0EC6026DC5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe
FirewallRules: [{7D4D3518-150E-4447-B19A-4B0748E50D4B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spelunky\Spelunky.exe
FirewallRules: [{AF8D2895-5885-495F-9C5B-E3B660A1F778}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spelunky\Spelunky.exe
FirewallRules: [TCP Query User{A544BD62-14C2-4259-AAEF-022952556857}C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [UDP Query User{3909E355-B5FB-4A27-9199-194854704AAD}C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\batman arkham asylum goty\binaries\shippingpc-bmgame.exe
FirewallRules: [{545D9B8D-9953-4CB7-8C25-D73B6336E07A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{29E901E5-DBD7-43C3-A1BC-B594CC13EA25}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands\Binaries\Borderlands.exe
FirewallRules: [{3259E222-4518-4F5A-8904-4EE437F4BBFB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Alan Wake\AlanWake.exe
FirewallRules: [{0F2CF57D-DE06-430D-82E2-7174208088DC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Alan Wake\AlanWake.exe
FirewallRules: [{1F3813EE-F4C8-49CB-8E88-BD546DB1DA23}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{6E7F3C96-0F1D-4656-9A5C-740C8216C7D9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{C9ACFBFE-A603-4442-A109-BCD1CC90A1DD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{05C428E6-A1B0-451B-B550-113694555C8E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{460DC9FE-CE1D-4C6B-B70E-1703B62E80E1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{4E52E920-FB9E-4B2F-85DE-B8FBBB13529B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{286BEAE6-98AE-4193-BA0D-534FE8742A51}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{C22367D4-EBB9-418D-B4E8-5F73846A2869}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{BC8E747A-F61E-4EB5-84D4-E88C3716963C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7DC3F700-62CA-4230-B7C6-F13844A6B5B2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BFCBE96B-6F69-480B-8884-A8212FEEAC8A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{9FFD4D7B-09F4-4441-ACF9-B3D8D37FE1B2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{871626AC-BD7C-4745-A16B-45EE7A67EB03}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders\DarksidersPC.exe
FirewallRules: [{42F54F3E-40B8-4B0B-823A-B3B14CEFC3BF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders\DarksidersPC.exe
FirewallRules: [{E97DDFC4-E97B-4704-B17D-FD5020048649}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Torchlight\Torchlight.exe
FirewallRules: [{52B0886E-3621-49AD-964F-D4A2E707BE12}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Torchlight\Torchlight.exe
FirewallRules: [{F41E3239-CD33-4579-B34B-0AAF256F6C55}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{D430042B-5DF0-418A-880D-9230DBE275EF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{2B96A400-FD44-4DFD-9CFC-D29F6FB58F7D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Metro 2033\metro2033.exe
FirewallRules: [{D793FCDF-0842-4FBC-90D7-B0973680D2EB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Metro 2033\metro2033.exe
FirewallRules: [TCP Query User{4BCF5F21-C99A-478A-95FD-4A0869F00131}C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe
FirewallRules: [UDP Query User{9E1EF25B-113D-422A-A4F8-11CBCA584F82}C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dark souls prepare to die edition\data\data.exe
FirewallRules: [{3F675CC0-3184-4393-894F-B4B33B351994}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{129A599D-446F-40B7-A918-9B2D3D6375EB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{20ECE902-9A57-4F70-8E04-4C88E2419E05}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Last Remnant\Binaries\TLR.exe
FirewallRules: [{2D848495-1A91-4179-8CBB-3866ED0E0C34}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Last Remnant\Binaries\TLR.exe
FirewallRules: [{BA367573-7B8F-4777-8AB5-864A549D3CFB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{CF00F149-60EB-48EB-92C5-AF5CB3E8B370}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{02A409DB-0A4D-415A-B68D-E2C8AD421B30}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{7A43CD6B-4116-4279-9B1A-29C245724E88}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{B063BE0A-60F7-4EE4-9FA6-88A2EFB1FBE4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{3B571F71-ACD4-4B5A-9DB1-75CFA55B3D21}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{3620AD47-E894-47F8-84C8-CB1D91B3110C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{7423B0B5-233A-473C-BB3C-A4032B7EA0BE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{1505A911-84EC-4CAE-AE32-E71696A44070}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tropico\Tropico.EXE
FirewallRules: [{E32F9C77-6C08-45FD-A02D-B36226C008B3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tropico\Tropico.EXE
FirewallRules: [{F581802C-2D95-4E59-B72E-6FFD315D8182}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CF63116B-20B3-4892-A712-102390ED402D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4C6692EF-51C0-4623-8C57-40EBA18FDEF4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sacred 2 Gold\system\sacred2.exe
FirewallRules: [{49A3271C-BB1D-43DD-9654-075D79195F0E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sacred 2 Gold\system\sacred2.exe
FirewallRules: [{DCBC8CE9-D293-4FA1-879B-270196EED1A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{9A9181C1-7313-4E03-936A-64B3E573D028}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{D14185D7-9F38-4C57-965F-43D51E98A39D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{863A7EB5-4496-4987-BF95-C22A2FA2AC22}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{43CF3CA2-59D2-450E-B920-4FC4ABD57704}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\1954 Alcatraz\Alcatraz.exe
FirewallRules: [{2E4E2EBA-A40A-4895-80FD-F0DE745402A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\1954 Alcatraz\Alcatraz.exe
FirewallRules: [{CA846C69-619B-40C8-8594-E8FDF54622DF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{AC494E79-2D9F-423D-847E-3000CCD76907}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{8BFD8407-04E7-4FA9-9E1F-150B376B9783}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{F58ADA5A-4C45-4891-9DD3-8254D2E612CF}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{6ACFA7C6-CB3F-4F28-BC50-AAD2F0E06B3F}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{58515D64-FDE2-448A-9448-2FEA27E88E4C}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{876C7FEA-0DEE-4871-BFAB-053A02AED9AC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Wolf Among Us\TheWolfAmongUs.exe
FirewallRules: [{BB4BF462-7275-4801-8131-484F5D2EA2C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Wolf Among Us\TheWolfAmongUs.exe
FirewallRules: [{523A1B31-06BB-4D69-B1DE-10F60E4F3610}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A153552B-49D1-4361-A137-0D94D18D37B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D43680B8-0ACE-4C04-80C7-D8D967C754EA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{B196BF22-7291-48F4-AC03-1DE595A40997}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4FA950EC-A651-4B05-B178-761195FED113}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B94E9B0F-047D-4BF0-9928-0BE7465C6A86}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization IV\Civilization4.exe
FirewallRules: [{4C463636-3D0B-489D-8D47-B867BB940BCD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization IV\Civilization4.exe
FirewallRules: [TCP Query User{2785A175-2DF4-40EA-91A6-769AEBF450A8}C:\users\admin\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\admin\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe
FirewallRules: [UDP Query User{15F167CC-DEE4-46D4-B376-1BBC8B6631B2}C:\users\admin\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\admin\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe
FirewallRules: [{C648A936-27DA-4F97-9B13-FAF1A85070B9}] => (Allow) C:\Users\Admin\AppData\Local\Temp\7zSA08E.tmp\SymNRT.exe
FirewallRules: [{330A2776-D04B-4D5E-BA65-F84A7657D6E1}] => (Allow) C:\Users\Admin\AppData\Local\Temp\7zSA08E.tmp\SymNRT.exe
FirewallRules: [{1C6D9EA5-3BB6-4857-B833-2082CC9F4CDB}] => (Allow) C:\Users\Admin\AppData\Local\Temp\7zSC64F.tmp\SymNRT.exe
FirewallRules: [{AF593FDA-A8A7-4C9A-ABD1-92EC5903C4AF}] => (Allow) C:\Users\Admin\AppData\Local\Temp\7zSC64F.tmp\SymNRT.exe
FirewallRules: [{8975AD88-F6EA-4954-9D0A-276E0BE02EB6}] => (Allow) C:\Users\Admin\AppData\Local\Temp\7zSACAD.tmp\SymNRT.exe
FirewallRules: [{03D5B382-45AA-448A-B5EF-8C2C4A54030F}] => (Allow) C:\Users\Admin\AppData\Local\Temp\7zSACAD.tmp\SymNRT.exe

==================== Wiederherstellungspunkte =========================

22-02-2016 10:43:20 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/27/2016 11:57:27 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: HTTP-Status 403: Der Client verfügt nicht über genügend Zugriffsrechte auf das angeforderte Serverobjekt.

Error: (02/27/2016 11:44:54 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Admin-PC)
Description: Bei der Aktivierung der App „Microsoft.Getstarted_2.6.12.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca“ ist folgender Fehler aufgetreten: -2144927149. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/26/2016 09:55:46 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.SystemException: Helper process exited prematurely
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (02/26/2016 07:39:30 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: HTTP-Status 403: Der Client verfügt nicht über genügend Zugriffsrechte auf das angeforderte Serverobjekt.

Error: (02/26/2016 05:40:58 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: HTTP-Status 403: Der Client verfügt nicht über genügend Zugriffsrechte auf das angeforderte Serverobjekt.

Error: (02/26/2016 05:23:25 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: HTTP-Status 403: Der Client verfügt nicht über genügend Zugriffsrechte auf das angeforderte Serverobjekt.

Error: (02/25/2016 08:43:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: backgroundTaskHost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d8f0
Name des fehlerhaften Moduls: Cortana.BackgroundTask.dll, Version: 0.0.0.0, Zeitstempel: 0x5699d0c9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000046a65
ID des fehlerhaften Prozesses: 0x1ba8
Startzeit der fehlerhaften Anwendung: 0xbackgroundTaskHost.exe0
Pfad der fehlerhaften Anwendung: backgroundTaskHost.exe1
Pfad des fehlerhaften Moduls: backgroundTaskHost.exe2
Berichtskennung: backgroundTaskHost.exe3
Vollständiger Name des fehlerhaften Pakets: backgroundTaskHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: backgroundTaskHost.exe5

Error: (02/25/2016 08:41:10 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: HTTP-Status 403: Der Client verfügt nicht über genügend Zugriffsrechte auf das angeforderte Serverobjekt.

Error: (02/25/2016 11:44:23 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (02/25/2016 11:40:52 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: HTTP-Status 403: Der Client verfügt nicht über genügend Zugriffsrechte auf das angeforderte Serverobjekt.


Systemfehler:
=============
Error: (02/27/2016 11:51:17 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCAdminS-1-5-21-988284940-210793992-766847566-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (02/27/2016 11:51:17 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCAdminS-1-5-21-988284940-210793992-766847566-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (02/27/2016 11:51:14 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCAdminS-1-5-21-988284940-210793992-766847566-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (02/27/2016 11:48:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Defender-Dienst" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%577

Error: (02/27/2016 11:47:29 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\WINDOWS\system32\Rtlihvs.dll
Fehlercode: 21

Error: (02/27/2016 11:47:13 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (02/27/2016 11:46:24 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "WinHTTP-Web Proxy Auto-Discovery-Dienst" ist vom Dienst "DHCP-Client" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (02/27/2016 11:46:06 AM) (Source: DCOM) (EventID: 10005) (User: Admin-PC)
Description: 1084ShellHWDetectionNicht verfügbar{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (02/27/2016 11:45:49 AM) (Source: DCOM) (EventID: 10005) (User: Admin-PC)
Description: 1084WSearchNicht verfügbar{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (02/27/2016 11:45:49 AM) (Source: DCOM) (EventID: 10005) (User: Admin-PC)
Description: 1084WSearchNicht verfügbar{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 13%
Installierter physikalischer RAM: 16262.64 MB
Verfügbarer physikalischer RAM: 14072.23 MB
Summe virtueller Speicher: 32646.64 MB
Verfügbarer virtueller Speicher: 30255.83 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:1862.48 GB) (Free:1008.55 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 462E0839)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==================== Ende von Addition.txt ============================
         
Gruß Kanso

Alt 28.02.2016, 10:11   #7
Larusso
/// Selecta Jahrusso
 
Virenprogramm lässt sich nicht mehr installieren - Standard

Virenprogramm lässt sich nicht mehr installieren



Hy

Sorry, war gestern den ganzen Tag unterwegs.

Das die Leute vom Support manchmal nur auf ihre Tools beschränkt sind, ist leider trauriger Alltag.

Der Uninstaller hat zumindest die aktiven Komponenten entfernt, dennoch sind noch Ordner vorhanden, die eigentlich nicht mehr stören dürften.
Da du dafür bezahlt hast, gehe ich mal davon aus, dass du es wieder installieren willst oder ?
( Ich persönlich würde diese Lizenz aber nicht mehr verlängern )

Checken wir das System noch etwas durch, bevor wir uns an die Neuinstallation machen.



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Da du dafür ja bezahlt hast,
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 28.02.2016, 12:24   #8
Kanso
 
Virenprogramm lässt sich nicht mehr installieren - Standard

Virenprogramm lässt sich nicht mehr installieren



Hallo Daniel,

kein Problem. Ja ich möchte Norton nochmal installieren (Meine Lizenz läuft leider noch bis 2017). Was würdest du mir danach für ein Programm empfehlen? Nach diesem Vorfall werde ich in Zunkunft auf Norton verzichten. Konnte jetzt aber mittlerweile ein Windows Update ausführen, das vorher nicht funktioniert hat. Wenn ich das dir zu verdanken habe, dann vielen Dank

Der ESET Online Scanner lässt sich nicht ausführen. Bei der Initialisierung erscheint die Fehlermeldung "Unerwarteter Fehler 101". (Habe die richtigen Einstellungen verwendet).

Gruß Kanso

Alt 28.02.2016, 13:16   #9
Larusso
/// Selecta Jahrusso
 
Virenprogramm lässt sich nicht mehr installieren - Standard

Virenprogramm lässt sich nicht mehr installieren



Für die Zukunft ?
http://www.trojaner-board.de/166031-...-produkte.html

Hm, den Fehler kenn ich nur, wenn die Uhrzeit nicht stimmt.

Stimmt Datum und Jahr in der Taskleiste ?
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 28.02.2016, 13:18   #10
Kanso
 
Virenprogramm lässt sich nicht mehr installieren - Standard

Virenprogramm lässt sich nicht mehr installieren



Ja Datum und Uhrzeit stimmen soweit.

Gruß Kanso

Alt 28.02.2016, 13:49   #11
Larusso
/// Selecta Jahrusso
 
Virenprogramm lässt sich nicht mehr installieren - Standard

Virenprogramm lässt sich nicht mehr installieren



Gerade bei mir versucht und läuft.

Downloade dir mal bitte Windows All In One Repair von hier herunter
http://filepony.de/download-windows_repair_aio/

Entpacke das Archiv.
Starte den Rechner in den abgesicherten Modus !!!

Im erstellten Ordner starte die Repair_Windows.exe.
Ignoriere das verfügbare Update.

Führe Step 3 - 5 vollständig aus ( Ich empfehle dringends die Backup Funktionen zu nutzen )


Wenn erledigt, öffne den Repairs Tab und belasse alles wie es ist.
Rechts kannst du unter "Restart/Shutdown" den automatischen Neustart auswählen ( wenn du willst )

Klicke auf "Start Repairs".


Nach dem Neustart, versuche bitte ESET erneut.
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 28.02.2016, 16:00   #12
Kanso
 
Virenprogramm lässt sich nicht mehr installieren - Standard

Virenprogramm lässt sich nicht mehr installieren



Hallo,

hat leider nicht funktioniert, ich bekomme ständig die Fehlermeldung: "cmd.exe Anwendungsfehler" Die Anwendung konnte nicht gestartet werden (0xc0000142)
Also bei Step 3 hat sich garnix getan, hat ungefähr ne Stunde lang geladen aber nix ist passiert und bei step 4 kam eben diese Fehlermeldung.

Gruß Kanso

Alt 28.02.2016, 17:52   #13
Larusso
/// Selecta Jahrusso
 
Virenprogramm lässt sich nicht mehr installieren - Standard

Virenprogramm lässt sich nicht mehr installieren



Drücke bitte die Windows Taste und gib CMD ein.
Starte die Eingabeaufforderung mit Rechtsklick "Als Admin ausführen "
Gib ein : sfc /scannow

Dies prüft das System auf fehlerhafte Dateien.
Wenn dies beendet ist, versuche Windows Repair erneut.
__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Alt 28.02.2016, 18:05   #14
Kanso
 
Virenprogramm lässt sich nicht mehr installieren - Standard

Virenprogramm lässt sich nicht mehr installieren



Hallo,

kann ich leider nicht öffnen, es erscheint die Fehlermeldung "Die Anwendung konnte nicht korrekt gestartet werden (0xc0000142)".

Gruß Kanso

Alt 29.02.2016, 07:48   #15
Larusso
/// Selecta Jahrusso
 
Virenprogramm lässt sich nicht mehr installieren - Standard

Virenprogramm lässt sich nicht mehr installieren



Okay, dann gehen wir mal auf Problemsuche. Macht der Rechner sonst noch Probleme ?

Note
Mit Windows 10 kommst du so in die RC

1. Neustart des PC bei gedrückter SHIFT-Taste
2. "Problembehandlung" auswählen
3. Aufruf der "Erweiterten Optionen"
4. "Eingabeaufforderung" auswählen
5. Benutzerkonto auswählen
6. Falls gesetzt: "Kennwort-Eingabe"
7. "Eingabeaufforderung" wird geöffnet.

Scan mit Farbar's Recovery Scan Tool (Recovery Mode - Windows Vista, 7, 8)
Hinweise für Windows 8-Nutzer: Anleitung 1 (FRST-Variante) und Anleitung 2 (zweiter Teil)
  • Downloade dir bitte die passende Version des Tools (im Zweifel beide) und speichere diese auf einen USB Stick: FRST Download FRST 32-Bit | FRST 64-Bit
  • Schließe den USB Stick an das infizierte System an und boote das System in die System Reparatur Option.
  • Scanne jetzt nach der bebilderten Anleitung oder verwende die folgende Kurzanleitung:
Über den Boot Manager:
  • Starte den Rechner neu.
  • Während dem Hochfahren drücke mehrmals die F8 Taste
  • Wähle nun Computer reparieren.
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".
Mit Windows CD/DVD (auch bei Windows 8 möglich):
  • Lege die Windows CD in dein Laufwerk.
  • Starte den Rechner neu und starte von der CD.
  • Wähle die Spracheinstellungen und klicke "Weiter".
  • Klicke auf Computerreparaturoptionen !
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".
Wähle in den Reparaturoptionen: Eingabeaufforderung
  • Gib nun bitte notepad ein und drücke Enter.
  • Im öffnenden Textdokument: Datei > Speichern unter... und wähle Computer.
    Hier wird dir der Laufwerksbuchstabe deines USB Sticks angezeigt, merke ihn dir.
  • Schließe Notepad wieder
  • Gib nun bitte folgenden Befehl ein.
    e:\frst.exe bzw. e:\frst64.exe
    Hinweis: e steht für den Laufwerksbuchstaben deines USB Sticks, den du dir gemerkt hast. Gegebenfalls anpassen.
  • Akzeptiere den Disclaimer mit Ja und klicke Untersuchen
Das Tool erstellt eine FRST.txt auf deinem USB Stick. Poste den Inhalt bitte hier nach Möglichkeit in Code-Tags (Anleitung).

__________________
mfg, Daniel

ASAP & UNITE Member
Alliance of Security Analysis Professionals
Unified Network of Instructors and Trusted Eliminators

Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie

Geändert von Larusso (29.02.2016 um 07:55 Uhr)

Antwort

Themen zu Virenprogramm lässt sich nicht mehr installieren
computer, desktop, eingefangen, fehlermeldung, gefangen, guten, infiziert, installieren, konnte, melde, morgen, neu, neuinstallation, nicht mehr, norton, problem, probleme, programm, schonmal, security, support, versuche, virenprogramm, zugang, öffnen



Ähnliche Themen: Virenprogramm lässt sich nicht mehr installieren


  1. Avira Antivir lässt sich nicht mehr installieren/ Programme lassen sich nicht öffnen
    Antiviren-, Firewall- und andere Schutzprogramme - 23.03.2015 (10)
  2. Sandboxie funktionierte nicht mehr und lässt sich jetzt nicht neu installieren. (Windows 7)
    Log-Analyse und Auswertung - 15.10.2014 (5)
  3. Malewarebytes lässt sich nicht mehr installieren
    Antiviren-, Firewall- und andere Schutzprogramme - 24.09.2014 (3)
  4. Virenprogramm ist Deaktiviert und lässt sich nicht starten!
    Plagegeister aller Art und deren Bekämpfung - 06.01.2014 (1)
  5. AV Software lässt sich nicht mehr installieren und Firewall nicht mehr aktivieren
    Plagegeister aller Art und deren Bekämpfung - 06.09.2012 (7)
  6. MS Office Enterprise 2007 lässt sich nicht mehr installieren
    Alles rund um Windows - 27.02.2012 (9)
  7. Trojaner, der Virenprogramm vorgaukelt eingefangen + Firewall lässt sich nicht mehr einschalten
    Plagegeister aller Art und deren Bekämpfung - 12.01.2012 (2)
  8. Virenprogramm lässt sich nicht mehr aktivieren + Pc hängt sich auf
    Plagegeister aller Art und deren Bekämpfung - 19.03.2011 (10)
  9. Java lässt sich nicht mehr installieren,Fehlermeldungen bei schliessen aller Anwendungen
    Plagegeister aller Art und deren Bekämpfung - 16.02.2011 (11)
  10. msn lässt sich nicht mehr installieren
    Log-Analyse und Auswertung - 04.02.2010 (1)
  11. Netgear lässt sich nicht mehr installieren
    Netzwerk und Hardware - 02.11.2009 (1)
  12. Virus? Fast alle Daten sind gelöscht u. Xp lässt sich nicht mehr installieren
    Plagegeister aller Art und deren Bekämpfung - 17.10.2008 (0)
  13. NIS läuft nicht mehr und lässt sich nicht installieren / Spybot wird gelöscht
    Log-Analyse und Auswertung - 09.12.2007 (1)
  14. Virenprogramm weg und läßt sich nicht mehr installieren
    Antiviren-, Firewall- und andere Schutzprogramme - 18.09.2007 (3)
  15. Windows lässt sich nach Virus nicht mehr installieren
    Plagegeister aller Art und deren Bekämpfung - 31.08.2007 (1)
  16. XP lässt sich nicht mehr installieren
    Alles rund um Windows - 10.06.2007 (5)
  17. Antiv lässt sich nicht mehr installieren und erstellen
    Log-Analyse und Auswertung - 20.05.2007 (1)

Zum Thema Virenprogramm lässt sich nicht mehr installieren - Guten Abend, heute Morgen hat sich mein Computer ohne Vorwarnung von selbst ausgeschaltet. Danach lies sich mein Virenprogramm (benutze Norton Security) nicht mehr öffnen bzw. ich konnte mich nicht mehr - Virenprogramm lässt sich nicht mehr installieren...
Archiv
Du betrachtest: Virenprogramm lässt sich nicht mehr installieren auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.