Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 14.04.2016, 20:19   #1
MichaelHe
 
Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes - Standard

Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes



Hallo Zusammen,

hat mir heute mehrere Dateien angezeigt mit einem Trojaner.Agent Befall.
Ich habe die Dateien über Malwarebytes gelöscht aber der PC ist auffällig langsam und bei Malwarebytes fällt mir auf das sich der Schutz vor bösartigen Webseiten nicht mehr aktivieren lässt. Ich fürchte auch mein Malwarebytes ist befallen.
Ich habe anschließend den PC im abgesicherten Modus neu gestartet und Malwarebytes noch einmal laufen lassen ohne Funde. Auch einer anschließender normaler Neustart und Scan blieb ohne Funde.
Ein weiterer merkwürdiger Punkt ist das es in Malwarebyte Logfiles der letzten Tage und von heute Abend gibt aber ein Logfile mit den Funden gibt es nicht.

Ich befürchte das ich (oder meine Freundin - benutzt den PC mit) mir (uns) da etwas eingefangen haben.

Ich hoffe Ihr könnt helfen.


FRST:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:13-04-2016
durchgeführt von Miika (Administrator) auf PREDATOR (14-04-2016 20:42:11)
Gestartet von C:\Users\Miika\Desktop
Geladene Profile: Miika &  (Verfügbare Profile: Miika)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Arainia Solutions) C:\Program Files (x86)\Gizmo\gservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\SmarThru Office\BackUpSvr.exe
() C:\Program Files (x86)\Skiller Pro\Monitor.EXE
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
() C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\Monitor.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(BitLeader) C:\Program Files (x86)\lg_fwupdate\fwupdate.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_21_0_0_213_ActiveX.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10135584 2010-03-26] (Realtek Semiconductor)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [438784 2010-12-17] ()
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2396096 2016-03-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-20] (NEC Electronics Corporation)
HKLM-x32\...\Run: [EasyTuneVI] => C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe [20480 2007-07-26] ()
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-17] (InstallShield Software Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-03-18] (Apple Inc.)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-12-15] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-05-14] (cyberlink)
HKLM-x32\...\Run: [UpdatePPShortCut] => C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-17] (CyberLink Corp.)
HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\lgfw.exe [27760 2013-01-19] (Bitleader)
HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [222504 2010-06-02] (CyberLink Corp.)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Communicator] => C:\Program Files (x86)\Microsoft Lync\communicator.exe [12119872 2015-11-12] (Microsoft Corporation)
HKLM-x32\...\Run: [STO Backup Service] => C:\Program Files (x86)\SmarThru Office\BackUpSvr.exe [199760 2012-01-13] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [STO Launcher Service] => C:\Program Files (x86)\SmarThru Office\x64\LegacyLauncher.exe [405584 2012-01-13] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Skiller Pro] => C:\Program Files (x86)\Skiller Pro\Monitor.exe [475136 2014-02-26] ()
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [220704 2015-09-14] (Geek Software GmbH)
HKLM-x32\...\Run: [SL-6397 Gaming Mouse] => C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\Monitor.exe [3587584 2014-07-17] ()
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [807392 2016-03-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKU\S-1-5-21-3481390821-1322619270-1783807865-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKU\S-1-5-21-3481390821-1322619270-1783807865-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2010-04-22] (Hewlett-Packard Company)
HKU\S-1-5-21-3481390821-1322619270-1783807865-1000\...\Run: [Dropbox Update] => "C:\Users\Miika\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
HKU\S-1-5-21-3481390821-1322619270-1783807865-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
HKU\S-1-5-21-3481390821-1322619270-1783807865-1000\...\Run: [GizmoDriveDelegate] => C:\Program Files (x86)\Gizmo\gizmo.exe [223640 2012-02-08] (Arainia Solutions)
HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2010-04-22] (Hewlett-Packard Company)
HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dropbox Update] => "C:\Users\Miika\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GizmoDriveDelegate] => C:\Program Files (x86)\Gizmo\gizmo.exe [223640 2012-02-08] (Arainia Solutions)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [MemopalBackedUp] -> {8ED3CC2D-6BC2-43AD-8C43-F51FBB413AE6} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [MemopalError] -> {B9CA6E12-7975-4997-B5BD-CA12ECE0FEAD} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [MemopalPartiallyBackedUp] -> {95DDC869-FC98-4D47-BD34-2EDC9AA09C01} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [MemopalToBackup] -> {2CDD871E-60EB-40BD-9721-A1CB57042F75} =>  Keine Datei

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{9CCF975E-079C-4D5B-BAED-1ADB534940E3}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {3459E061-1FA6-45C3-A325-9366D78F0DF2} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000 -> {3459E061-1FA6-45C3-A325-9366D78F0DF2} URL = 
SearchScopes: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {3459E061-1FA6-45C3-A325-9366D78F0DF2} URL = 
SearchScopes: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll [2016-04-12] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-12] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Lync\OCHelper.dll [2010-11-03] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-04-12] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-12] (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab

FireFox:
========
FF ProfilePath: C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-07] ()
FF Plugin: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-12] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-12] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-07] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @canon.com/CCBPL -> C:\Program Files (x86)\Canon\APU\npCCBPLFirefox.dll [2010-08-20] (Canon Inc.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [2013-11-21] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-12] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-03-22] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-03-22] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-02-26] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3481390821-1322619270-1783807865-1000: @hola.org/vlc,version=1.8.649 -> C:\Users\Miika\AppData\Local\Hola\firefox\app\vlc [2015-07-19] ()
FF Plugin HKU\S-1-5-21-3481390821-1322619270-1783807865-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Miika\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-11-15] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3481390821-1322619270-1783807865-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll [2012-10-30] (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @hola.org/vlc,version=1.8.649 -> C:\Users\Miika\AppData\Local\Hola\firefox\app\vlc [2015-07-19] ()
FF Plugin HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Miika\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-11-15] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll [2012-10-30] (Amazon.com, Inc.)
FF user.js: detected! => C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\user.js [2013-12-07]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-12] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-02-26] (Adobe Systems Inc.)
FF Extension: Web Developer - C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2015-05-29]
FF Extension: Print Edit - C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\extensions\printedit@DW-dev.xpi [2016-03-14]
FF Extension: Avira Browser Safety - C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\Extensions\abs@avira.com [2016-04-12]
FF Extension: Firebug - C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\Extensions\firebug@software.joehewitt.com.xpi [2016-03-30]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\Extensions\ich@maltegoetz.de.xpi [2015-07-27]
FF Extension: Youtube and more - Easy Video Downloader - C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\Extensions\vdpure@link64.xpi [2016-01-22]
FF Extension: eBay for Firefox - C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\Extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}.xpi [2016-03-11]
FF Extension: Adblock Plus - C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff => nicht gefunden

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [955736 2016-03-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466504 2016-03-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466504 2016-03-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1424880 2016-03-11] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [246256 2010-05-14] (CyberLink)
R2 DES2 Service; C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [68136 2009-06-17] ()
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-24] (Digital Wave Ltd.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-03-30] (NVIDIA Corporation)
R2 Gizmo Central; C:\Program Files (x86)\Gizmo\gservice.exe [34728 2012-02-08] (Arainia Solutions)
S2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2012-12-04] (Hi-Rez Studios) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-19] ()
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-04-22] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S3 MSSQL$MSSMLBIZ; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [43044512 2015-04-03] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-03-30] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-03-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-03-30] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-04-02] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-08-20] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-07-02] () [Datei ist nicht signiert]
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.) [Datei ist nicht signiert]
S4 SQLAgent$MSSMLBIZ; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE [380064 2015-04-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31968 2012-10-08] (Wondershare)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-22] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [133168 2016-03-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [69888 2016-03-11] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 GizmoDrv; C:\Windows\System32\Drivers\GizmoDrv.sys [34704 2012-02-08] (Arainia Solutions LLC)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2016-04-14] ()
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [140672 2016-03-10] (Malwarebytes)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-04-14] (Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-03-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-03-21] (NVIDIA Corporation)
S3 MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-14 20:42 - 2016-04-14 20:42 - 00029919 _____ C:\Users\Miika\Desktop\FRST.txt
2016-04-14 20:42 - 2016-04-14 20:42 - 00000000 ____D C:\FRST
2016-04-14 20:41 - 2016-04-14 20:41 - 02375168 _____ (Farbar) C:\Users\Miika\Desktop\FRST64.exe
2016-04-14 19:49 - 2016-04-14 19:50 - 00095038 _____ C:\Windows\ntbtlog.txt
2016-04-14 19:19 - 2016-03-30 03:06 - 01373680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-04-14 19:19 - 2016-03-30 03:05 - 01767248 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-04-14 19:18 - 2016-04-14 19:19 - 01380712 _____ C:\Users\Miika\Downloads\SteamSetup.exe
2016-04-14 19:18 - 2016-04-14 19:18 - 00001201 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2016-04-14 19:16 - 2016-04-14 19:16 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-04-14 19:15 - 2016-04-14 19:17 - 34809392 _____ (Mozilla) C:\Users\Miika\Downloads\Thunderbird Setup 45.0.exe
2016-04-14 19:14 - 2016-04-14 19:14 - 00242344 _____ C:\Users\Miika\Downloads\Firefox Setup Stub 45.0.2.exe
2016-04-14 18:58 - 2016-04-14 20:32 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-12 20:42 - 2016-04-14 19:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-12 18:47 - 2016-04-12 18:46 - 00110144 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll
2016-04-12 18:47 - 2016-04-12 18:46 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2016-04-09 15:50 - 2016-04-09 15:50 - 00000000 ____D C:\Users\Miika\AppData\Local\Focus Home Interactive
2016-04-08 21:34 - 2016-04-14 19:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-04-08 19:44 - 2016-04-08 19:44 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-04-08 19:41 - 2016-04-08 19:41 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2016-03-29 21:23 - 2016-03-29 21:23 - 00060428 _____ C:\Users\Miika\Downloads\Perfekte-Kuechenausruestung.pdf
2016-03-29 19:05 - 2016-03-29 19:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan
2016-03-29 19:05 - 2016-03-22 04:10 - 00112184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-03-29 19:01 - 2016-03-22 06:12 - 42923576 _____ C:\Windows\system32\nvcompiler.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 37567424 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 31555008 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 25321408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 21355248 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 20897416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 17748712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 17342392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 17248408 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 12567608 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-03-29 19:01 - 2016-03-22 06:12 - 10550736 _____ C:\Windows\system32\nvptxJitCompiler.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 08659472 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 03235896 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 02809280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436472.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 01573432 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436472.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 00959544 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 00889400 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 00753208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 00695864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 00678520 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 00571912 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 00501896 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 00473592 ____N (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 00425016 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 00423080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 00391632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 00377792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 00175368 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 00153392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 00129208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 00037091 _____ C:\Windows\system32\nvinfo.pb
2016-03-29 19:01 - 2016-03-22 06:12 - 00000139 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-03-29 19:01 - 2016-03-22 06:12 - 00000139 _____ C:\Windows\system32\nv-vk64.json
2016-03-29 18:52 - 2016-03-29 18:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-03-29 18:50 - 2016-03-29 18:52 - 00000000 ____D C:\Program Files\iTunes
2016-03-29 18:50 - 2016-03-29 18:50 - 00000000 ____D C:\Program Files\iPod
2016-03-29 18:50 - 2016-03-29 18:50 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-03-29 18:49 - 2016-03-21 22:01 - 00109632 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-03-29 18:49 - 2016-03-21 22:01 - 00100416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-03-29 18:49 - 2016-03-21 22:01 - 00056384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-03-28 14:47 - 2016-03-28 14:47 - 00000080 _____ C:\Users\Miika\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2016-03-26 22:31 - 2016-03-26 22:33 - 135010334 _____ C:\Users\Miika\Downloads\117DerFinstereRivale.zip
2016-03-24 22:00 - 2016-03-24 22:00 - 00061901 _____ C:\Users\Miika\Downloads\Saisonkalender-Gemuese.pdf
2016-03-24 22:00 - 2016-03-24 22:00 - 00056316 _____ C:\Users\Miika\Downloads\Saisonkalender-Obst.pdf
2016-03-24 00:43 - 2016-03-24 00:43 - 00002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-03-24 00:43 - 2016-03-24 00:43 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-03-24 00:43 - 2016-03-24 00:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-03-24 00:42 - 2016-03-24 00:43 - 00000000 ____D C:\Program Files\CCleaner
2016-03-22 19:26 - 2016-03-22 19:26 - 00000000 ____D C:\Users\Miika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-03-22 12:20 - 2016-03-22 12:20 - 01963955 _____ C:\Users\Miika\Downloads\22bZhqg6.pdf
2016-03-19 22:31 - 2016-04-12 23:12 - 00000000 ____D C:\Users\Miika\Desktop\eBay
2016-03-18 21:28 - 2016-03-18 21:28 - 00000000 ____D C:\Users\Miika\Documents\DepthHunterDeepDive
2016-03-17 22:02 - 2016-03-17 22:02 - 00037417 _____ C:\Users\Miika\Downloads\Paleo-Lebensmittelliste.pdf
2016-03-17 22:01 - 2016-03-17 22:01 - 02257648 _____ C:\Users\Miika\Downloads\Paleo-Quick-Start-Guide-2.pdf
2016-03-17 22:01 - 2016-03-17 22:01 - 00728466 _____ C:\Users\Miika\Downloads\5-beliebte-Kochbuchrezepte.pdf
2016-03-17 22:01 - 2016-03-17 22:01 - 00433682 _____ C:\Users\Miika\Downloads\10-Gratis-Rezepte.pdf
2016-03-16 23:30 - 2016-03-16 23:30 - 00128792 _____ C:\Windows\SysWOW64\vulkan-1-1-0-5-1.dll
2016-03-16 23:29 - 2016-03-16 23:29 - 00127768 _____ C:\Windows\system32\vulkan-1-1-0-5-1.dll
2016-03-16 23:29 - 2016-03-16 23:29 - 00041752 _____ C:\Windows\SysWOW64\vulkaninfo-1-1-0-5-1.exe
2016-03-16 23:28 - 2016-03-16 23:28 - 00045848 _____ C:\Windows\system32\vulkaninfo-1-1-0-5-1.exe
2016-03-16 20:16 - 2016-03-16 20:16 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2016-03-16 20:16 - 2016-03-16 20:16 - 00000000 ____D C:\Program Files (x86)\Apple Software Update

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-14 20:40 - 2009-07-14 06:45 - 00028912 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-14 20:40 - 2009-07-14 06:45 - 00028912 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-14 20:36 - 2011-12-20 00:56 - 00000000 ____D C:\Program Files (x86)\Steam
2016-04-14 20:32 - 2011-12-20 01:04 - 00030528 _____ C:\Windows\GVTDrv64.sys
2016-04-14 20:31 - 2011-12-20 01:03 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2016-04-14 20:31 - 2011-12-20 00:13 - 00000272 _____ C:\Windows\lgfwup.ini
2016-04-14 20:31 - 2011-12-20 00:13 - 00000000 ____D C:\Program Files (x86)\lg_fwupdate
2016-04-14 20:29 - 2011-12-20 00:47 - 00000000 ____D C:\ProgramData\NVIDIA
2016-04-14 20:29 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-14 19:49 - 2012-04-26 18:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-14 19:31 - 2011-12-20 00:56 - 00000967 _____ C:\Users\Public\Desktop\Steam.lnk
2016-04-14 19:24 - 2011-12-20 00:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-04-14 19:20 - 2015-06-21 14:05 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3481390821-1322619270-1783807865-1000UA.job
2016-04-14 19:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-04-14 19:18 - 2011-12-19 23:38 - 00001213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2016-04-14 19:18 - 2011-12-19 23:38 - 00000000 ____D C:\Users\Miika\AppData\Local\Thunderbird
2016-04-14 19:16 - 2011-12-19 23:35 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-04-14 19:09 - 2016-01-19 22:26 - 00000000 ____D C:\Users\Miika\AppData\Local\CrashDumps
2016-04-14 18:58 - 2012-03-31 18:57 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-14 18:10 - 2011-12-19 23:43 - 00000000 ____D C:\Program Files (x86)\Origin
2016-04-14 17:36 - 2013-12-07 15:22 - 00004208 _____ C:\Windows\System32\Tasks\Software Updater
2016-04-14 01:45 - 2010-11-21 05:27 - 00453280 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-04-13 21:43 - 2014-08-24 18:39 - 00000000 ____D C:\Users\Miika\AppData\Local\Deployment
2016-04-13 21:19 - 2012-01-11 21:07 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{3191028B-CEC3-47B8-868D-AD0B3B99EE93}
2016-04-13 20:20 - 2015-06-21 14:05 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3481390821-1322619270-1783807865-1000Core.job
2016-04-13 17:56 - 2013-02-17 17:33 - 00001036 _____ C:\Users\Miika\Desktop\Amazon WANTED.txt
2016-04-12 18:48 - 2014-10-18 08:50 - 00000000 ____D C:\Program Files (x86)\Java
2016-04-12 18:48 - 2013-09-17 21:45 - 00000000 ____D C:\ProgramData\Oracle
2016-04-12 18:47 - 2014-10-18 08:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-04-12 18:46 - 2015-08-29 08:57 - 00000000 ____D C:\Users\Miika\.oracle_jre_usage
2016-04-12 18:45 - 2014-10-18 08:50 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-04-11 23:23 - 2011-12-19 23:43 - 00000000 ____D C:\ProgramData\Origin
2016-04-11 20:30 - 2012-09-02 19:20 - 00024293 _____ C:\Users\Miika\Desktop\Kosten.txt
2016-04-09 16:41 - 2012-07-17 21:33 - 00000000 ____D C:\Program Files (x86)\Google
2016-04-09 16:16 - 2011-12-31 22:27 - 00000000 ___RD C:\Users\Miika\Desktop\Musik
2016-04-08 19:45 - 2015-04-16 16:59 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-04-08 19:45 - 2014-07-09 21:37 - 00000000 ____D C:\Users\Miika\AppData\Local\Adobe
2016-04-08 19:44 - 2015-04-16 16:58 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-04-08 19:40 - 2011-12-19 23:42 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-04-08 19:37 - 2013-11-20 00:00 - 00000000 ____D C:\Program Files\Java
2016-04-07 21:58 - 2012-03-31 18:57 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-07 21:58 - 2012-03-31 18:57 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-04-07 21:58 - 2011-12-19 23:42 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-02 21:57 - 2011-12-31 22:30 - 00000000 ____D C:\Users\Miika\Documents\WB Games
2016-04-02 15:52 - 2011-12-20 00:47 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-03-30 03:06 - 2015-02-10 20:27 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-03-30 03:05 - 2015-11-21 20:56 - 00112216 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-03-30 03:05 - 2015-02-10 20:27 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-03-29 22:37 - 2016-02-14 18:47 - 00000000 ____D C:\Users\Miika\Desktop\MRT - Befunde & CD
2016-03-29 20:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-03-29 19:24 - 2011-04-12 09:43 - 00775748 _____ C:\Windows\system32\perfh007.dat
2016-03-29 19:24 - 2011-04-12 09:43 - 00179114 _____ C:\Windows\system32\perfc007.dat
2016-03-29 19:24 - 2009-07-14 07:13 - 01834774 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-29 19:06 - 2012-09-01 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-03-29 19:06 - 2012-02-10 20:58 - 00000000 ____D C:\Temp
2016-03-29 19:05 - 2016-03-11 00:41 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-03-29 19:03 - 2011-12-20 00:47 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-03-29 18:52 - 2013-10-05 23:06 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-03-29 18:50 - 2011-12-19 23:53 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-03-28 14:47 - 2012-01-01 15:22 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-03-28 14:46 - 2015-04-14 20:15 - 00000000 ____D C:\Program Files\Rockstar Games
2016-03-24 00:04 - 2014-05-31 19:54 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-03-24 00:04 - 2014-05-16 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-03-24 00:04 - 2014-05-16 18:53 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-03-22 19:26 - 2012-01-02 19:51 - 00000000 ____D C:\Users\Miika\AppData\Roaming\Dropbox
2016-03-22 06:12 - 2011-12-20 01:14 - 19004040 ____N (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-03-22 06:12 - 2011-05-21 07:01 - 03714472 ____N (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-03-22 04:25 - 2015-12-21 21:44 - 00532536 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-03-22 04:25 - 2015-12-21 21:44 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-03-22 04:25 - 2011-12-20 00:47 - 06369728 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-03-22 04:25 - 2011-12-20 00:47 - 02993088 ____N (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-03-22 04:25 - 2011-12-20 00:47 - 02561472 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-03-22 04:25 - 2011-12-20 00:47 - 01264064 ____N (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-03-22 04:25 - 2011-12-20 00:47 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-03-22 04:25 - 2011-12-20 00:47 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-03-21 23:02 - 2016-02-22 20:46 - 00000000 ____D C:\Users\Miika\Desktop\Temp Copy
2016-03-18 20:10 - 2012-02-21 21:06 - 06253721 _____ C:\Windows\system32\nvcoproc.bin
2016-03-16 23:30 - 2016-03-11 00:41 - 00128792 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-03-16 23:29 - 2016-03-11 00:41 - 00127768 _____ C:\Windows\system32\vulkan-1.dll
2016-03-16 23:29 - 2016-03-11 00:41 - 00041752 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-03-16 23:28 - 2016-03-11 00:41 - 00045848 _____ C:\Windows\system32\vulkaninfo.exe
2016-03-16 20:18 - 2011-12-29 00:56 - 00000000 ____D C:\Users\Miika\Documents\Rechnungen
2016-03-16 20:16 - 2011-12-19 23:53 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-06-29 21:43 - 2013-06-29 21:43 - 0017472 ____T (Un4seen Developments) C:\Users\Miika\AppData\Roaming\Microsoft\1eaadjc.dll
2013-06-29 21:43 - 2013-06-29 21:43 - 0018724 ____T () C:\Users\Miika\AppData\Roaming\Microsoft\bass.dll
2013-06-29 21:43 - 2013-06-29 21:43 - 1758720 ____T () C:\Users\Miika\AppData\Roaming\Microsoft\engine_vx.dll
2013-06-29 21:43 - 2013-06-29 21:43 - 0016448 ____T (Un4seen Developments) C:\Users\Miika\AppData\Roaming\Microsoft\kfgresk.dll
2013-06-29 21:43 - 2013-06-29 21:43 - 0014456 ____T () C:\Users\Miika\AppData\Roaming\Microsoft\mjcriu.dll
2013-06-29 21:43 - 2013-06-29 21:43 - 0012352 ____T (Un4seen Developments) C:\Users\Miika\AppData\Roaming\Microsoft\peaadje.dll
2013-06-29 21:43 - 2013-06-29 21:43 - 0029784 ____T ((: JOBnik! :) [Arthur Aminov, ISRAEL]) C:\Users\Miika\AppData\Roaming\Microsoft\qwadjb.dll
2013-06-29 21:43 - 2013-06-29 21:43 - 0017472 ____T (Un4seen Developments) C:\Users\Miika\AppData\Roaming\Microsoft\rsaadjd.dll
2013-06-29 21:43 - 2013-06-29 21:43 - 0105016 ____T (Un4seen Developments) C:\Users\Miika\AppData\Roaming\Microsoft\~DFK38f72.tmp
2014-09-06 10:47 - 2014-09-06 10:47 - 0001978 _____ () C:\Users\Miika\AppData\Local\recently-used.xbel
2015-12-06 14:45 - 2015-12-06 14:45 - 0000000 _____ () C:\Users\Miika\AppData\Local\{8DD41FC6-B412-4A1A-88DD-700352DE6EFD}
2012-02-08 19:47 - 2012-02-08 19:47 - 0000000 _____ () C:\ProgramData\cmn_upld.log
2012-01-03 20:10 - 2012-01-03 20:10 - 0000252 _____ () C:\ProgramData\FastPics.log
2012-11-11 18:13 - 2012-11-11 18:13 - 0000256 _____ () C:\ProgramData\lxeb.log
2012-01-03 20:12 - 2012-02-08 19:45 - 0002288 _____ () C:\ProgramData\lxebJSW.log
2012-01-03 20:08 - 2012-11-11 18:13 - 0056229 _____ () C:\ProgramData\lxebscan.log
2012-02-08 19:47 - 2012-02-08 19:47 - 0000000 _____ () C:\ProgramData\LxWbGwLog.log
2012-01-03 20:07 - 2012-01-03 20:07 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt

Einige Dateien in TEMP:
====================
C:\Users\Miika\AppData\Local\Temp\avgnt.exe
C:\Users\Miika\AppData\Local\Temp\jre-8u77-windows-au.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-08 20:40

==================== Ende von FRST.txt ============================
         

Alt 14.04.2016, 20:20   #2
MichaelHe
 
Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes - Standard

Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes



und hier Addition:

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:13-04-2016
durchgeführt von Miika (2016-04-14 20:42:42)
Gestartet von C:\Users\Miika\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-12-19 21:13:44)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3481390821-1322619270-1783807865-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3481390821-1322619270-1783807865-1005 - Limited - Enabled)
Gast (S-1-5-21-3481390821-1322619270-1783807865-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3481390821-1322619270-1783807865-1013 - Limited - Enabled)
Miika (S-1-5-21-3481390821-1322619270-1783807865-1000 - Administrator - Enabled) => C:\Users\Miika

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

@BIOS Ver.2.06 (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.06 - GIGABYTE)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Apple Application Support (32-Bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Assassin's Creed(R) III v1.05 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.05 - Ubisoft)
Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.15 - Audible, Inc.)
Aurora Blu-ray Media Player (HKLM-x32\...\Aurora Blu-ray Media Player) (Version: 2.13.4.1435 - Aurora Software Inc.)
AutoGreen B09.1014.2 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B09.1014.2 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.16.282 - Avira Operations GmbH & Co. KG)
Battlefield Play4Free (HKLM-x32\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version:  - EA Digital illusions)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BSR Screen Recorder 5 (HKLM-x32\...\BSRScreenRecorder5) (Version:  - )
Business Contact Manager for Microsoft Outlook 2010 (x32 Version: 4.0.11308.0 - Microsoft Corporation) Hidden
Business Contact Manager für Microsoft Outlook 2010 (HKLM-x32\...\Business Contact Manager) (Version: 4.0.11308.0 - Microsoft Corporation)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CANON iMAGE GATEWAY Album Plugin Utility (HKLM-x32\...\Album Plugin Utility) (Version: 1.1.1.9 - Canon Inc.)
Castle of Illusion (HKLM-x32\...\Steam App 227600) (Version:  - SEGA Studios Australia)
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.79.0.2015 - Georgy Berdyshev)
Cities XL Platinum (HKLM\...\Steam App 231140) (Version:  - Focus Home Interactive)
Common Desktop Agent (Version: 1.53.0 - OEM) Hidden
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Crysis WARHEAD(R) (HKLM-x32\...\Crysis WARHEAD(R)) (Version:  - Electronic Arts)
Crysis WARHEAD(R) (x32 Version: 1.0 - Crytek) Hidden
Crysis(R) (HKLM-x32\...\{000E79B7-E725-4F01-870A-C12942B7F8E4}) (Version: 1.00.0000 - Electronic Arts)
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.0.0.0 - Electronic Arts)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
CyberLink BD Advisor 2.0 (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version:  - )
CyberLink Blu-ray Disc Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3226 - CyberLink Corp.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1916 - CyberLink Corp.)
CyberLink LG Burning Tool (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.2.3714 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3402 - CyberLink Corp.)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2919.52 - CyberLink Corp.)
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.1.1520 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.2609 - CyberLink Corp.)
DECUS Gaming Mouse (HKLM-x32\...\{B62CC42A-D1D9-4E91-BEDE-8614DE2AD943}) (Version: 1.0 - SPEEDLINK)
DES 2.0 (HKLM-x32\...\{675F86A8-E093-4002-87D5-915CC2C45571}) (Version: 1.00.0000 - Gigabyte)
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: 1.0.1.46 - INTENIUM GmbH)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.0.0 - Electronic Arts)
Dropbox (HKU\S-1-5-21-3481390821-1322619270-1783807865-1000\...\Dropbox) (Version: 3.16.1 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 3.16.1 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
DuckTales Remastered (HKLM-x32\...\Steam App 237630) (Version:  - WayForward)
Easy Tune 6 B10.0420.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B10.0420.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
EtikettenAssistent 4.2 (HKLM-x32\...\{9AEF64B1-79A5-4E2F-8FBC-4CA89ECD3595}) (Version: 4.2.1 - HERMA)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
FIFA 13 (HKLM-x32\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.8.0.0 - Electronic Arts)
FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.4.64673.4 - Electronic Arts)
GDR 5520 für SQL Server 2008 (KB 2977321) (HKLM-x32\...\KB2977321) (Version: 10.3.5520.0 - Microsoft Corporation)
GDR 5538 für SQL Server 2008 (KB 3045305) (HKLM-x32\...\KB3045305) (Version: 10.3.5538.0 - Microsoft Corporation)
Gigabyte Raid Configurer (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0001 - GIGABYTE Technologies, Inc.)
Gizmo Central (HKLM-x32\...\Gizmo Central) (Version: v2.7.9 - Arainia Solutions, LLC)
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version:  - Rockstar North)
Grand Theft Auto: Episodes From Liberty City (HKLM-x32\...\{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}) (Version: 1.1.0.0 - Rockstar Games)
Grand Theft Auto: Episodes from Liberty City (x32 Version: 1.0.0003.135 - Rockstar Games Inc.) Hidden
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
How to Survive (HKLM-x32\...\Steam App 250400) (Version:  - EKO Software)
IdleMaster (HKU\S-1-5-21-3481390821-1322619270-1783807865-1000\...\1d85483b1c982d8c) (Version: 1.4.0.0 - IdleMaster)
IdleMaster (HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1d85483b1c982d8c) (Version: 1.4.0.0 - IdleMaster)
iDRS(tm) OCR Software by I.R.I.S (HKLM-x32\...\iDRS(tm) OCR Software by I.R.I.S) (Version: 1.00.13.00 - Samsung Electronics Co., Ltd.)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Java 8 Update 77 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Kaminfeuer Comprehensive Edition 1080 (HKLM-x32\...\ST5UNST #1) (Version:  - )
Kingdom Rush (HKLM-x32\...\Steam App 246420) (Version:  - Ironhide Game Studio)
KONZ-Steuer-2014 (HKLM-x32\...\InstallShield_{20F1078B-E3B6-4DA1-9570-003DE110890A}) (Version: 1.00.0000 - USM)
KONZ-Steuer-2014 (x32 Version: 1.00.0000 - USM) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LEGO MARVEL Super Heroes (HKLM-x32\...\Steam App 249130) (Version:  - Traveller's Tales)
LG Tool Kit (HKLM-x32\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - )
LightScribe System Software (HKLM-x32\...\{A8F1CA85-C713-4B1F-B3B4-B2B7A6824146}) (Version: 1.18.14.1 - LightScribe)
Logitech Vid HD (HKLM-x32\...\Logitech Vid) (Version: 7.2 (7240) - Logitech Inc..)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Mad Max (HKLM\...\Steam App 234140) (Version:  - Avalanche Studios)
MAGIX Foto & Grafik Designer 6 SE (HKLM-x32\...\MAGIX_{591B29D8-4A37-4202-9F74-3B43A45EC036}) (Version: 6.1.3.24817 - MAGIX AG)
MAGIX Foto & Grafik Designer 6 SE (Version: 6.1.3.24817 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Max Payne 3 (HKLM\...\Steam App 204100) (Version:  - Rockstar Studios)
Medal of Honor (TM) (HKLM-x32\...\{415030B8-3E8B-462A-8C03-41D95AA3AB3B}) (Version: 1.0.0.0 - Electronic Arts)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 Language Pack - deu (HKLM-x32\...\{742D41A9-B3BF-3A65-806E-F8372FB3E492}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Lync 2010 (HKLM\...\{58A013B1-1613-4978-881A-FCA43710C84A}) (Version: 4.0.7577.4486 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{12FE6AA6-65D2-40EE-B925-62193128A0E6}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM-x32\...\{59C245FC-343C-4FEC-B3CB-B6F12B561C20}) (Version: 10.3.5538.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mortal Kombat X (HKLM-x32\...\Steam App 307780) (Version:  - NetherRealm Studios)
Mozilla Firefox 45.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 de)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0 - Mozilla)
Mozilla Thunderbird 45.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.0 (x86 de)) (Version: 45.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-3481390821-1322619270-1783807865-1000\...\MyFreeCodec) (Version:  - )
MyFreeCodec (HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MyFreeCodec) (Version:  - )
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.18.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.18.0 - NEC Electronics Corporation) Hidden
Need for Speed: Hot Pursuit (HKLM-x32\...\Steam App 47870) (Version:  - Criterion Games)
NHL™ 09 (HKLM-x32\...\{3C27AAE0-37AF-11DD-AE16-0800200C9A66}) (Version: 2.0.1.0 - Electronic Arts)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 364.72 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.2.55 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.2.55 - NVIDIA Corporation)
NVIDIA Grafiktreiber 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.72 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
ON_OFF Charge B10.0422.2 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4554 - Electronic Arts, Inc.)
Pinball FX2 (HKLM-x32\...\Steam App 226980) (Version:  - Zen Studios)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.17.304.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6077 - Realtek Semiconductor Corp.)
Robin Hood (HKLM-x32\...\Steam App 46560) (Version:  - )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.02.06.10 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Assistant (HKLM-x32\...\Samsung Scan Assistant) (Version: 1.04.45.00 - Samsung Electronics Co., Ltd.)
Samsung SCX-3400 Series (HKLM-x32\...\Samsung SCX-3400 Series) (Version: 1.08 (07.05.2012) - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.33.0 - SAMSUNG Electronics Co., Ltd.)
Secure Download Manager (HKLM-x32\...\{B15B400A-19ED-4CC7-B3E4-9295D8470CBE}) (Version: 3.0.3 - e-academy Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 3 für SQL Server 2008 (KB2546951) (HKLM-x32\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.2.55 - NVIDIA Corporation) Hidden
Skiller Pro Driver (HKLM-x32\...\{54C8FBB3-B992-43CB-8F0A-E26228013F88}) (Version: 1.0 - )
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Smart 6 B10.0422.1 (HKLM-x32\...\{3B35725F-C623-4A1E-B5CC-99C0868679E3}) (Version: 1.00.0000 - GIGABYTE)
SmarThru Office (HKLM-x32\...\{9BC1E722-AE07-46A3-B7A6-556DBE18E22A}) (Version: 2.08.018 - Samsung Electronics Co., Ltd.)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
Sql Server Customer Experience Improvement Program (x32 Version: 10.3.5500.0 - Microsoft Corporation) Hidden
STAR WARS - Galactic Battlegrounds Saga (HKLM\...\{9f3d9623-1935-43fa-9756-e90f3134f675}.sdb) (Version:  - )
Star Wars Empire at War (HKLM-x32\...\{99AE7207-8612-4DBA-A8F8-BAE5C633390D}) (Version: 1.0 - LucasArts)
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.5.2252 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steuer 2013 (HKLM-x32\...\{05AEF487-8926-48A9-B5BA-9BED72BC6B1C}) (Version: 21.00.8480 - Buhl Data Service GmbH)
Steuer 2014 (HKLM-x32\...\{2EE860C7-4551-479F-AF01-328B8AA46051}) (Version: 22.00.8811 - Buhl Data Service GmbH)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tales of the Orient: The Rising Sun (HKLM\...\Steam App 339160) (Version:  - Green Sauce Games)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.10.1 - TeamSpeak Systems GmbH)
The Lord of the Rings: War in the North (HKLM-x32\...\Steam App 32800) (Version:  - Snowblind Studios)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
tiptoi® Manager 3.0.8 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.0.8 - Ravensburger AG)
Unity Web Player (HKU\S-1-5-21-3481390821-1322619270-1783807865-1000\...\UnityWebPlayer) (Version: 5.2.3f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version: 5.2.3f1 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.5.1 (HKLM\...\VulkanRT1.0.5.1) (Version: 1.0.5.1 - LunarG, Inc.)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - Firaxis Games)
Zumas Revenge (HKLM-x32\...\{0B153CAB-792B-4CA2-B2A5-AB0BBAF2FFA9}) (Version: 1.0.5.600 - PopCap Games)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Miika\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {012BD39A-6E2B-41BF-BB95-2367AEDA7654} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: {033DA743-F7D4-4AB3-9D9F-E1F251B8DC22} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Ui.exe [2013-12-18] () <==== ACHTUNG
Task: {156C7225-B8F9-426C-9B9E-EA4F690B8B4B} - System32\Tasks\Software Updater => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe [2013-12-18] () <==== ACHTUNG
Task: {193886C7-9433-441B-AC05-6DDF436A07B6} - System32\Tasks\{6529A1CA-E2B3-423C-93D9-1482CDABA88F} => C:\Users\Miika\Desktop\MONEY.EXE
Task: {1A69324D-D269-4A70-9B0F-C5E58D784E6D} - System32\Tasks\{9BB0A915-298A-473D-8193-6942178F025F} => pcalua.exe -a C:\Users\Miika\Desktop\brew-jcu1.exe -d C:\Users\Miika\Desktop
Task: {27216F7C-A917-4BC2-BD10-55FCA30F7694} - System32\Tasks\{4CF505DF-0A43-48D6-86A8-157A069EA763} => C:\Users\Miika\Desktop\MONEY.EXE
Task: {2CEDEE0E-5DF4-436F-9EAF-F506AC690A8F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {3F6BD132-DBB9-4662-9C5C-45AA37C7EBB7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {4668AE68-CED1-498B-A958-46566A5B7D2F} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe
Task: {527D9800-4475-4BFB-8261-13A74C7B0C58} - System32\Tasks\{E6DFFA7B-EE06-449A-A1D0-EB00CEE426AE} => C:\Users\Miika\Desktop\MONEY.EXE
Task: {565CB1A4-B495-448D-9050-1EC098BD676E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3481390821-1322619270-1783807865-1000UA => C:\Users\Miika\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: {59CEBFE5-35A1-42A1-9568-492E20FC8B00} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
Task: {5AA2681D-252E-498D-BFB2-4C0202F67AA6} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
Task: {5DFF8847-E474-4DFC-BAF7-59B8DFCA6AF5} - System32\Tasks\{19380ADC-E25E-4264-9AD6-41022E8DE2EF} => C:\Users\Miika\Downloads\refog_setup_kl_641.exe
Task: {66D712B3-43BB-4C74-B178-516D3FA7C76C} - System32\Tasks\Microsoft\Windows\SmartRecovery\SRCreate => Rundll32.exe CommCmd.dll,RunScript "%ProgramFiles%\GIGABYTE\Smart6\Recovery\SrCmdCLR.exe" -c 1
Task: {6E5BBD3D-0E9E-4D8E-A2CC-DE7F01FE780F} - System32\Tasks\{43E01F15-93A3-4167-B74B-1C899276A639} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {9164D27D-E2A0-4027-AB97-829A2F498D70} - System32\Tasks\{56439ECC-B252-4FD3-9F35-908BBCEB83DD} => C:\Users\Miika\Desktop\MONEY.EXE
Task: {997BD5BF-461C-4259-9FA4-2A732282A612} - System32\Tasks\{EB5A17F7-59B1-4914-80F9-8981CBF7FF0B} => C:\Program Files (x86)\Gizmo\gizmo.exe [2012-02-08] (Arainia Solutions)
Task: {9D5AB2D1-2783-4026-A47C-C99E041F4AB9} - System32\Tasks\{98029DC9-BD6C-4F8F-81FB-83DA05AD2F54} => C:\Users\Miika\Desktop\MONEY.EXE
Task: {B6629924-22FC-4310-A1A5-03DB6BEC23BE} - System32\Tasks\{CD3C1C49-60B6-4BD3-B947-E2F3476852B4} => pcalua.exe -a "C:\program files (x86)\steam\steamapps\common\left 4 dead 2\bin\addoninstaller.exe" -d "c:\program files (x86)\steam\steamapps\common\left 4 dead 2" -c /register
Task: {C170F9B3-462E-4FA7-A838-FE17810FC951} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3481390821-1322619270-1783807865-1000Core => C:\Users\Miika\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: {E07598B7-6428-4072-866F-53B1FD1547FC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)
Task: {F071BE9A-BD75-4073-8121-2BC92542F1FA} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe
Task: {F6A2B05E-CE2C-4FDE-B6ED-76EEF9EC126F} - System32\Tasks\Microsoft\Windows\SmartRecovery\SRFilter => Rundll32.exe CommCmd.dll,RunScript "%ProgramFiles%\GIGABYTE\Smart6\Recovery\SRFilter.exe" /GBSMART6 -kdl
Task: {FA8791D4-DA74-4793-93F0-672F8A4AB18B} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3481390821-1322619270-1783807865-1000

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3481390821-1322619270-1783807865-1000Core.job => C:\Users\Miika\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3481390821-1322619270-1783807865-1000UA.job => C:\Users\Miika\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-12-20 01:16 - 2016-03-22 04:25 - 00133056 ____N () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-04-09 06:27 - 2015-04-09 06:27 - 00022528 _____ () C:\Windows\System32\ssm1mlm.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 01329936 ____N () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-12-19 23:29 - 2009-06-17 17:13 - 00068136 _____ () C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
2010-12-17 19:13 - 2010-12-17 19:13 - 00438784 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2010-12-17 19:13 - 2010-12-17 19:13 - 00050688 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2011-12-19 23:22 - 2010-01-19 04:31 - 00072304 ____R () C:\Windows\SysWOW64\XSrvSetup.exe
2016-03-04 09:27 - 2016-03-30 03:21 - 00366528 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-03-29 18:50 - 2016-03-30 03:21 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-03-04 09:27 - 2016-03-30 03:22 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-04-14 19:18 - 2016-03-30 03:21 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 00264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2012-01-01 14:57 - 2013-08-20 21:19 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2011-12-20 00:09 - 2009-07-02 16:02 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2015-07-22 21:09 - 2014-02-26 14:45 - 00475136 _____ () C:\Program Files (x86)\Skiller Pro\Monitor.EXE
2015-11-24 19:22 - 2014-07-17 23:47 - 03587584 _____ () C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\Monitor.EXE
2016-03-29 18:50 - 2016-03-30 03:21 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-03-29 18:50 - 2016-03-30 03:21 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-03-29 18:50 - 2016-03-30 03:22 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-01-28 20:22 - 2016-03-30 03:22 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-03-29 18:50 - 2016-03-30 03:20 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-03-29 18:50 - 2016-03-30 03:20 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2011-12-19 23:29 - 2009-05-04 18:56 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\EnergySaver2\ycc.dll
2015-09-27 13:27 - 2015-12-29 13:17 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-09-27 13:27 - 2015-11-17 15:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2015-09-27 13:27 - 2015-11-17 15:34 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2015-09-27 13:27 - 2015-11-17 15:34 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-09-27 13:27 - 2015-11-17 15:34 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-09-27 13:27 - 2015-11-17 15:34 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2015-04-02 19:18 - 2016-03-30 03:28 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2009-12-15 14:46 - 2009-12-15 14:46 - 00619816 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-12-15 14:49 - 2009-12-15 14:49 - 00013096 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2011-08-12 13:18 - 2011-08-12 13:18 - 02145304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2011-08-12 13:18 - 2011-08-12 13:18 - 07956504 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2011-08-12 13:18 - 2011-08-12 13:18 - 00342552 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2011-08-12 13:18 - 2011-08-12 13:18 - 00029208 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2011-08-12 13:18 - 2011-08-12 13:18 - 00128536 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-09-13 00:39 - 2012-09-13 00:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2009-07-13 23:03 - 2009-07-14 03:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2015-07-22 21:09 - 2014-09-03 15:58 - 00057344 _____ () C:\Program Files (x86)\Skiller Pro\lan.dll
2015-07-22 21:09 - 2012-08-14 22:41 - 00061440 _____ () C:\Program Files (x86)\Skiller Pro\hiddriver.dll
2012-05-14 13:11 - 2015-09-14 15:56 - 00074272 _____ () C:\Program Files (x86)\PDF24\zlib.dll
2012-05-14 13:11 - 2015-09-14 15:56 - 00051744 _____ () C:\Program Files (x86)\PDF24\OperationUI.dll
2015-11-24 19:22 - 2013-09-30 14:39 - 00036864 _____ () C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\Lang.dll
2015-11-24 19:22 - 2013-01-29 17:15 - 00061440 _____ () C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\hiddriver.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\sony.com -> sony.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3481390821-1322619270-1783807865-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Miika\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Miika\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{71C15711-3E2C-4D64-8FC0-C669F2114AB3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{3EDA5DA2-C103-45EA-89F3-59688B8DB973}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{D3F2D4D5-312E-4294-8BFA-53F6DEB6BF3B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5DAF81E7-C965-4DEF-A2CA-E7E13B689860}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{35151CAA-487E-4959-AC29-6E5AF47BB185}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{34498169-7A2E-4586-88AC-45A45E876840}C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe] => (Allow) C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe
FirewallRules: [UDP Query User{7565F068-B54F-4F17-AB74-A19A52AD0FE8}C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe] => (Allow) C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe
FirewallRules: [{3BCF8F5D-D9AB-44D7-ADD5-0441733CBE94}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe
FirewallRules: [{A7BC2942-5BC4-4617-B195-92B1F8CA3851}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe
FirewallRules: [{5379F7E5-D516-4991-BA0C-42D07F83C157}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe
FirewallRules: [{980B1B7D-546A-4576-BC6A-F7DD39F57769}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe
FirewallRules: [{C2C5B3DB-0FC3-434F-A96F-3374E5F6A588}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\Crysis.exe
FirewallRules: [{E9359AA9-E8A3-4B88-8DB1-253DA03D51BD}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\Crysis.exe
FirewallRules: [{4128BF28-A818-4B53-A939-7B9AA3684185}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\CrysisDedicatedServer.exe
FirewallRules: [{40127C9B-3771-4D8A-8EBE-6CC068888D1A}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\CrysisDedicatedServer.exe
FirewallRules: [{1309A2B0-86BF-4F8C-BA7A-71B556305024}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{F5EE2D33-E215-4C85-9E6D-21A62E5E28D9}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{F647DF87-B459-4919-B98C-2CD909B15491}] => (Allow) C:\Program Files (x86)\Rockstar Games\EFLC\LaunchEFLC.exe
FirewallRules: [{104D8663-897F-4FB9-BD62-93834D972A8D}] => (Allow) C:\Program Files (x86)\Rockstar Games\EFLC\LaunchEFLC.exe
FirewallRules: [{5F075499-1AA6-469E-840D-8160741E7D50}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars Empire at War\GameData\sweaw.exe
FirewallRules: [{69077A99-C71A-484D-B9AC-65EBC7EEAE83}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars Empire at War\GameData\sweaw.exe
FirewallRules: [{5A0D982D-58D7-4A0F-BC6F-81ABB4FC2DD9}] => (Allow) C:\Users\Miika\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{9292DC9B-A919-4277-AF1E-DDF7D4F1B79E}] => (Allow) C:\Users\Miika\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{890F752C-4AF7-4C68-AFE8-074119746804}C:\users\miika\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\miika\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{E4AD8D8E-FE4D-4439-901B-A56CC78A85E3}C:\users\miika\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\miika\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{50F39446-3604-44E8-AB94-C42E4D8C2B4D}C:\program files (x86)\lucasarts\star wars empire at war\gamedata\fpupdate.exe] => (Allow) C:\program files (x86)\lucasarts\star wars empire at war\gamedata\fpupdate.exe
FirewallRules: [UDP Query User{E8538B61-8F99-411B-9BE5-DAD974A9EBF8}C:\program files (x86)\lucasarts\star wars empire at war\gamedata\fpupdate.exe] => (Allow) C:\program files (x86)\lucasarts\star wars empire at war\gamedata\fpupdate.exe
FirewallRules: [TCP Query User{B7B7A754-2E6A-4858-A757-22BBC81A3AC3}C:\program files (x86)\logitech\vid hd\vid.exe] => (Allow) C:\program files (x86)\logitech\vid hd\vid.exe
FirewallRules: [UDP Query User{433EB0D9-E1B6-40F4-80D1-1CC2E2443CCD}C:\program files (x86)\logitech\vid hd\vid.exe] => (Allow) C:\program files (x86)\logitech\vid hd\vid.exe
FirewallRules: [TCP Query User{9BCE74D4-E34C-49DB-8B8F-A400299C262D}C:\program files (x86)\rockstar games\eflc\eflc.exe] => (Allow) C:\program files (x86)\rockstar games\eflc\eflc.exe
FirewallRules: [UDP Query User{AC4A206C-2AA3-49EB-BB63-723118DBDCB2}C:\program files (x86)\rockstar games\eflc\eflc.exe] => (Allow) C:\program files (x86)\rockstar games\eflc\eflc.exe
FirewallRules: [{ED387E94-A504-40DB-99A9-67709B352F06}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{08674ADB-3C06-4BE3-97F6-E2ADBD8990A2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{04D563F0-CEE9-4E29-BE2B-60FEF10A5541}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{085D89E9-E240-48FA-8FED-BB976E333C14}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{EC45FF80-AEFD-4815-B0B5-E2FD99F68922}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [UDP Query User{B16A1E83-0C62-4108-985D-6F22A8A1EA0C}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [{14BC9BC5-70A9-4B90-94CB-FDD7950FECEC}] => (Allow) C:\Program Files (x86)\Microsoft Lync\communicator.exe
FirewallRules: [{C8F2EACB-1EF6-46E6-91EE-8E5C6C21A0D6}] => (Allow) C:\Program Files (x86)\Microsoft Lync\UcMapi.exe
FirewallRules: [{8B187259-77F4-478D-B678-785E76DD1F26}] => (Allow) C:\Program Files\Microsoft Lync\UcMapi64.exe
FirewallRules: [TCP Query User{44D82364-FFFC-400B-B7B5-733C4B2F7C7D}C:\program files (x86)\rockstar games\eflc\eflc.exe] => (Allow) C:\program files (x86)\rockstar games\eflc\eflc.exe
FirewallRules: [UDP Query User{0F882048-C4FE-4DF3-B812-36FB4084E951}C:\program files (x86)\rockstar games\eflc\eflc.exe] => (Allow) C:\program files (x86)\rockstar games\eflc\eflc.exe
FirewallRules: [{3DC9AE62-FB28-4E66-8DE7-1BAEC8F3DC38}] => (Allow) C:\Windows\twain_32\Samsung\SCX3400\SCNSearch\USDAgent.exe
FirewallRules: [{6F249070-D811-4F1B-81BF-46D8BBC430B5}] => (Allow) C:\Windows\twain_32\Samsung\SCX3400\SCNSearch\USDAgent.exe
FirewallRules: [{5E83496F-6C7D-40F8-934B-D3E16E03ABC2}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{E0B35E98-6C91-4694-B7CA-7B64031A2352}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{BC56FE8A-9814-49CB-A052-6DE162FDAB66}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{D3C7D826-F7F9-41A5-868D-AE6A78A54545}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{E0E18541-6D4E-4C4A-B47A-EDAB6F810687}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{BD654A1E-12B0-410E-9562-F017F2B0D1C2}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{850EF7FF-98E4-4035-B8CA-CAD9F12EB9B7}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{EC505964-89EE-46D0-BE0C-9270733DD2D7}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{C85E21C8-7B83-42D2-A7CB-517C5A42089A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{4C982A6C-40EF-4B8D-BA57-737247439443}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{FF854E6D-838B-4CFD-B428-96E6C03955C2}] => (Allow) C:\Program Files (x86)\Scan Assistant\USDAgent.exe
FirewallRules: [{3080ED08-68D2-4434-B463-31F0829D5C57}] => (Allow) C:\Program Files (x86)\Scan Assistant\USDAgent.exe
FirewallRules: [{0FB14CF0-5EC7-4A33-8805-F1C7ABBC83F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Robin Hood\Game.exe
FirewallRules: [{F9D18E7D-88D8-4DA9-AA86-E1A0761C1CB8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Robin Hood\Game.exe
FirewallRules: [{7B1AA95A-5CB4-4209-B870-6505F84EAF9D}] => (Allow) C:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{80A07D42-A5D2-4FB8-B88A-00083BA6A1C4}] => (Allow) C:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{FDF8FC48-AAD3-4FF9-B218-17DCA7084643}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe
FirewallRules: [{E2D2D41D-91C7-4CBE-A3DB-D536EDEC0CC2}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe
FirewallRules: [{33E96D82-A6DF-4CA6-BF32-E0D236A70AB1}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3MP.exe
FirewallRules: [{83B5444B-7B87-42A0-8192-944E83F8C686}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3MP.exe
FirewallRules: [{E88D0515-78B4-4A14-B448-67A4110D6384}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{24583F02-8FFB-4A0E-AF8D-11A49C99B702}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{39C67D94-C284-428A-A221-F14FB183F22E}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe
FirewallRules: [{57CEB121-9C48-46BA-B641-8BD9A13D621A}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe
FirewallRules: [{8AEF0984-E44E-4D96-9E8F-CF383B18F38E}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{00D7BE10-88D6-4FD2-A7CC-B3631D48C76F}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{9A83C9F6-3411-47BE-948F-C71825C91E1E}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{7610EB5C-A913-42E5-A748-550FE8487E66}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{AD1B67B2-18A1-4DA2-938A-696C6BBDBC53}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{09B256F3-00E6-4AA3-8D9F-26C7699F1B27}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe
FirewallRules: [TCP Query User{51A5DE7B-6249-461B-A393-D7EC64FC16DF}C:\program files (x86)\logitech\vid hd\vid.exe] => (Allow) C:\program files (x86)\logitech\vid hd\vid.exe
FirewallRules: [UDP Query User{C05B2564-43EA-4AF9-928B-9FF82411EEC7}C:\program files (x86)\logitech\vid hd\vid.exe] => (Allow) C:\program files (x86)\logitech\vid hd\vid.exe
FirewallRules: [{0537BE42-E69D-43C1-8E19-7221A081217E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Need for Speed Hot Pursuit\NFS11.exe
FirewallRules: [{160F75A8-8602-493B-A1AB-7CCE463468FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Need for Speed Hot Pursuit\NFS11.exe
FirewallRules: [{19AB8BB9-27D9-46DA-AB21-E26C1AA33254}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Need for Speed Hot Pursuit\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{F622ECDB-83DF-49C2-A661-FDFC4D489B7E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Need for Speed Hot Pursuit\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{CBBE6E22-604C-494F-B5EC-6453DB41E788}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{094DA271-2F01-49DD-9340-F77720F8A401}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D267C006-CEEC-45DB-9272-8AA204A35598}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{35125DD3-9838-4295-B824-A971E3142C63}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{89DFDDC3-3814-4BDA-9529-CF6A2BD2B48C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{0EE36F49-98B1-4BA9-8770-3C2D7A7624E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{38D8AB72-BF51-4959-834A-9D8D9971ADC3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War in the North\witn.exe
FirewallRules: [{5B4DCE54-9522-4124-9DAC-FF984441538F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War in the North\witn.exe
FirewallRules: [{CC93C886-82AF-4B42-B19B-9264D9FBAEF7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CE11A368-1E38-4499-B9D3-AAEEFC5246C2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{BB3CEA83-D707-4891-A460-DAF1F3DDA257}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{E6FD6227-4A26-4E3F-8AEA-898781A0643E}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{8B11E797-F5E0-4CDB-AF84-8E94F9AEB5E4}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{8A25334E-E0CE-4ED4-A713-F50E884F675C}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{7F5F96B5-161D-4BA4-8D71-8DE5699C04D4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{445C4F02-F3F7-48C0-AD57-3C35E337447A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{94490761-87D5-41A3-BC3F-F0789FC0B4E0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{44D2E310-3151-4974-9F09-31A009753BB1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{1AE3D3D1-F206-4B53-8BE4-79A391EB759F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{17F05295-6BDA-4386-9CC0-D34D15DCAD92}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{B19FBD39-CBEB-4DCC-81ED-1EF49851786A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\LEGO Marvel Super Heroes\LEGOMARVEL.exe
FirewallRules: [{EE7CFB01-3B91-4CCF-AAA4-0C28D5B1F074}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\LEGO Marvel Super Heroes\LEGOMARVEL.exe
FirewallRules: [{E090A95C-0F23-4810-8F52-232ACEDEB2A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{AB5C2852-46CC-43BC-B80C-2D4B3329EA00}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{C0BF7C06-8285-4107-B89D-D533134DE9CD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{A1CC9A63-194B-4F2E-A038-B0D1F9FFE9C5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{A488EDEC-EA00-4565-AE98-F57D232AF1A2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A7807346-10C7-4E1E-A5AC-D74DEEBAECA2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9160D2CE-813E-428C-BB47-356866C3C8A3}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{4C236CF9-5EBF-49FC-99EB-52BDC44BDAB9}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{8BA47B02-78DA-4B24-BE9D-C590187945CA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{C36F9056-19A1-4E35-82FF-2CB66292CF54}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{4DAF9B9B-6ED1-4C17-9770-D260805155AD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Pinball FX2\Pinball FX2.exe
FirewallRules: [{79A46A44-BA6A-43ED-8EAC-46B81A7C831F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Pinball FX2\Pinball FX2.exe
FirewallRules: [{6DDD82C5-D5A0-4ACB-B48C-91E2D19CF10F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2C79BAE5-0F4E-4B21-8711-2F229F095C6D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{C40908D8-0704-4913-8A18-FB38BF7E0986}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{1ADA4216-7045-4B9B-9F80-C4A13323DD96}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{E95D7EBB-F4CC-4228-8B4B-1E185862EFDF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kingdom Rush\Kingdom Rush.exe
FirewallRules: [{A4B67F11-63F7-4DD3-9C1B-98D2753C8C78}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kingdom Rush\Kingdom Rush.exe
FirewallRules: [{53CD6ECA-5F09-4A7F-9AA9-59CA9C374D3E}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{420B18FD-59BC-4288-B786-2A21FBF39ACC}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{E66CF74E-3CC5-4E86-A485-D4B624606890}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{5033324B-1B3B-44EB-89DA-B4A860E0C8B8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{29303C93-E08D-4C9F-BEDE-A19081CF8830}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{E58D77B1-3D23-488A-B17D-2FC442B0A125}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{1F50237C-EC2A-4843-8A3D-7DA2D9650926}] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{755070D3-2C10-4B68-BBFB-82DE52193E9D}] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{C9C29B48-B679-456A-932E-73ECDAF9AF19}C:\users\miika\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\miika\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{C327C246-4D4B-4B6D-B88B-21C54DDF5F7A}C:\users\miika\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\miika\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [{41F5A5D9-88C2-4ADB-A58A-06EB6F848DD7}] => (Allow) C:\Program Files (x86)\Origin Games\Zuma's Revenge\ZumasRevenge.exe
FirewallRules: [{8B9387F5-BD68-4E28-AAA1-B24C79F110B9}] => (Allow) C:\Program Files (x86)\Origin Games\Zuma's Revenge\ZumasRevenge.exe
FirewallRules: [{10E7F628-1402-479C-A961-E887C9B38A53}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0D63A136-AE5A-4D90-A695-129571DDD848}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{02C3D6A5-1016-4DDD-BCFE-5AD9A1315418}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{8AE84A07-8AF4-4993-BB40-0F876A0D090A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9A0238F0-6F7D-4CF4-8B39-BE3858E80BE2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{735119DF-A94D-4630-BF1C-AC95F234096F}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 13\Game\fifa13.exe
FirewallRules: [{B9C386D5-3FAE-4FA8-AB71-7FCC0AA34329}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 13\Game\fifa13.exe
FirewallRules: [TCP Query User{B92396A2-7B01-4A11-82D8-68E30AF3CEE7}C:\program files (x86)\origin games\fifa 13\game\fifa13.exe] => (Allow) C:\program files (x86)\origin games\fifa 13\game\fifa13.exe
FirewallRules: [UDP Query User{7ABFB644-1681-4B2B-B313-3F1BD628C9D8}C:\program files (x86)\origin games\fifa 13\game\fifa13.exe] => (Allow) C:\program files (x86)\origin games\fifa 13\game\fifa13.exe
FirewallRules: [{5EB5F1F8-12DF-4783-9AC9-C781DE1B613E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C45077C7-D96F-4DF7-BF20-6B23A1AC267A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{457572F7-2C4F-44A4-89AF-B106168895A1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{272E4608-DBF7-4A15-BA4E-F07A85A1BBDA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{2B418507-F8F3-4C11-B47A-9BB11F2002A0}C:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) C:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [UDP Query User{33A92FBE-29EC-4E6E-B193-B73FBAE128D2}C:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) C:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [{0772C858-0EE7-4568-8CEE-68846B1F0AEF}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{E48CA994-8F29-465B-AC8C-EE7C7C8662F2}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{11FDB9CC-E5C1-4340-B9A0-C96EF7C831F3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{E7DB8F9A-3FA6-41D3-9813-E61D857E9A59}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{CA78A739-2922-45AA-9095-1F663EA5E58B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D3C4A4C3-DEA2-4A73-A53D-7FC06F6A5656}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D4093C13-1DF3-4B1A-81C6-9FC1A1C70E9E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{EF511DC5-E231-42E1-9223-E31DD01B08C3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{9D9A23CE-361C-473D-B074-233508412A48}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\How to Survive\Detect.exe
FirewallRules: [{6C19E425-8499-4A5A-9CEF-7AF64F729994}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\How to Survive\Detect.exe
FirewallRules: [TCP Query User{9201E150-0CF9-4961-A6B3-2B5B925809CC}C:\program files (x86)\steam\steamapps\common\need for speed hot pursuit\nfs11.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\need for speed hot pursuit\nfs11.exe
FirewallRules: [UDP Query User{E0680893-334E-4FE8-ADDE-CB4A7CFB46AF}C:\program files (x86)\steam\steamapps\common\need for speed hot pursuit\nfs11.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\need for speed hot pursuit\nfs11.exe
FirewallRules: [{B8480CFC-B8FA-4DF3-8A73-577E470C433B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MK10\Binaries\Retail\MK10.exe
FirewallRules: [{4B15CDA3-339A-41F6-B8AA-53332ABD0B46}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MK10\Binaries\Retail\MK10.exe
FirewallRules: [{89184A8D-BEBE-436E-ABA8-595B7E7ECA4D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MK10\Binaries\Retail\MKXLauncher.exe
FirewallRules: [{CCEDABEA-E21E-487D-913A-583ACE18821C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MK10\Binaries\Retail\MKXLauncher.exe
FirewallRules: [{91AFD7F2-39D5-47B4-86E8-0C3C1EF4C800}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{ED6AB5A7-518A-4EED-A33C-AA239D5A33B4}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{7A7812F5-9CCA-4EF5-A262-6EDC78546F42}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DuckTales Remastered\executable\DuckTales.exe
FirewallRules: [{ADFACD46-C8F5-45F1-8F28-FE236FCF79CF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DuckTales Remastered\executable\DuckTales.exe
FirewallRules: [{07C8CB98-8ACE-4E9F-8400-5058734B9DAA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Castle of Illusion\COI.exe
FirewallRules: [{4D3C22B6-8EBC-44ED-A677-059AC60D76AC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Castle of Illusion\COI.exe
FirewallRules: [{9793939D-6DAF-40D2-86DB-C180BCB96528}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tales of the Orient - The Rising Sun\TalesOfTheOrient-TheRisingSun.exe
FirewallRules: [{69BB40B8-59D9-447B-A988-6B0509C4EAAE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tales of the Orient - The Rising Sun\TalesOfTheOrient-TheRisingSun.exe
FirewallRules: [{FECAA364-0CCA-4AB8-AF70-AC4124441203}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront\starwarsbattlefront.exe
FirewallRules: [{60245F9F-D853-4F8C-A1EF-51B5A7BF0E90}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront\starwarsbattlefront.exe
FirewallRules: [{152FD951-05EC-4C09-AE69-9D9303838A67}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{609B4338-8621-4DE1-BBD0-7E7C02CD8E9B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mad Max\MadMax.exe
FirewallRules: [{FB9BF942-6083-4C7B-BFCD-26399C84D789}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mad Max\MadMax.exe
FirewallRules: [{15E342C7-D9AF-4BD3-84BD-440895F4AA58}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities XL Platinum\CitiesXL_Platinum.exe
FirewallRules: [{1D9A44FE-A8F9-42CD-90E2-F32144F63C3B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities XL Platinum\CitiesXL_Platinum.exe
FirewallRules: [{BBA069A1-B2DB-4854-BF7A-2CBE52D1DCE9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Max Payne 3\Max Payne 3\MaxPayne3.exe
FirewallRules: [{6AFC638D-E140-4F23-8392-CF88063F2904}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Max Payne 3\Max Payne 3\MaxPayne3.exe

==================== Wiederherstellungspunkte =========================

11-04-2016 20:20:13 Automatic creation
12-04-2016 18:14:12 Automatic creation
13-04-2016 14:49:51 Automatic creation

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/14/2016 08:31:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/14/2016 07:51:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/14/2016 07:36:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7ae7f
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.19110, Zeitstempel: 0x568429dd
Ausnahmecode: 0x0000046b
Fehleroffset: 0x000000000000b16d
ID des fehlerhaften Prozesses: 0x179c
Startzeit der fehlerhaften Anwendung: 0xwmpnetwk.exe0
Pfad der fehlerhaften Anwendung: wmpnetwk.exe1
Pfad des fehlerhaften Moduls: wmpnetwk.exe2
Berichtskennung: wmpnetwk.exe3

Error: (04/14/2016 07:29:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wmplayer.exe, Version 12.0.7601.18840 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 644

Startzeit: 01d196729af82e58

Endzeit: 0

Anwendungspfad: C:\Program Files (x86)\Windows Media Player\wmplayer.exe

Berichts-ID: 640957a1-0266-11e6-ba82-1c6f6593bd3c

Error: (04/14/2016 07:08:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 2.3.173.0, Zeitstempel: 0x56e065b4
Name des fehlerhaften Moduls: mbamcore.dll, Version: 1.3.24.0, Zeitstempel: 0x55e7e719
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000bd27f
ID des fehlerhaften Prozesses: 0x45c
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (04/14/2016 05:35:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvStreamNetworkService.exe, Version: 7.1.2057.3066, Zeitstempel: 0x56f3737e
Name des fehlerhaften Moduls: MessageBus.dll, Version: 0.0.0.0, Zeitstempel: 0x56f36d49
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000010f73
ID des fehlerhaften Prozesses: 0x1530
Startzeit der fehlerhaften Anwendung: 0xNvStreamNetworkService.exe0
Pfad der fehlerhaften Anwendung: NvStreamNetworkService.exe1
Pfad des fehlerhaften Moduls: NvStreamNetworkService.exe2
Berichtskennung: NvStreamNetworkService.exe3

Error: (04/14/2016 05:34:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/13/2016 02:49:50 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {97846349-5ebc-4960-94ae-09041214e9e4}

Error: (04/13/2016 02:23:11 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (04/13/2016 02:23:11 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)


Systemfehler:
=============
Error: (04/14/2016 08:43:15 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/14/2016 08:42:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/14/2016 08:42:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/14/2016 08:41:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/14/2016 08:41:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/14/2016 08:40:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/14/2016 08:40:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/14/2016 08:39:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/14/2016 08:39:00 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/14/2016 08:38:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%126


CodeIntegrity:
===================================
  Date: 2016-04-14 17:47:58.882
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\ Malwarebytes Anti-Malware \mbampt.exe" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-04-14 17:47:58.816
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\ Malwarebytes Anti-Malware \mbampt.exe" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-04-14 17:47:58.723
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\ Malwarebytes Anti-Malware \mbampt.exe" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-04-14 17:47:58.660
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\ Malwarebytes Anti-Malware \mbampt.exe" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-12-21 20:10:57.679
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dxgi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-21 20:10:57.566
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dxgi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7 CPU 960 @ 3.20GHz
Prozentuale Nutzung des RAM: 20%
Installierter physikalischer RAM: 16382.43 MB
Verfügbarer physikalischer RAM: 13005.14 MB
Summe virtueller Speicher: 32763.07 MB
Verfügbarer virtueller Speicher: 29336.38 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:165.06 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: C93E8C22)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
__________________


Alt 17.04.2016, 23:42   #3
burningice
/// Malwareteam
 
Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes - Standard

Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes




Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen.

Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:
  • Bitte lies meine Posts komplett durch bevor du sie abarbeitest
  • Wenn ein Problem auftauchen sollte oder dir etwas unklar ist, unterbreche deine Arbeit und beschreibe es so genau wie möglich.
  • Bitte kein Crossposting
  • Installiere oder Deinstalliere keine Software ohne Aufforderung
  • Bitte verwende nur die Tools, welche hier im Thread erwähnt werden und führe sie nur gemäß Anweisung aus
  • Bitte antworte innerhalb von 24h um eine sinnvolle Bereinigung zu ermöglichen
  • Poste die Logs immer in CODE-Tags (#-Button), zur Not die Logs einfach aufteilen
  • Wichtig: Nur weil dein Problem mit einem Schritt plötzlich behoben ist, bedeutet das nicht, dass dein PC auch sauber ist. Mache solange weiter, bis ich dir sage, dass dein PC "clean" ist
  • Wenn ich dir nicht binnen 36h antworte, sende mir bitte eine persönliche Nachricht!
Los geht's

Mehrere Anti-Virus-Programme

Code:
ATTFilter
Microsoft Security Essentials
Avira
         
Mir ist aufgefallen, dass Du mehr als ein Anti-Virus-Programm mit Hintergrundwächter laufen hast. Das ist gefährlich, da sich die Programme in die Quere kommen können und dadurch Viren erst recht auf dem Rechner landen können. Ausserdem bremst es auch das System aus. Entscheide Dich für eine Variante und deinstalliere die andere über die Systemsteuerung => Software.

Zitat:
Speedy hat letztens eine einleuchtende Erklärung dazu geliefert: "Man stelle sich einen Torwart vor, der das Tor hüten soll (Anti-Virus-Programm), der Ball kommt angeflogen (Virus), der Torhüter konzentriert sich auf den Ball und fängt ihn. Jetzt stelle Dir zwei Torhüter im Tor vor ...., die knallen aneinander und der Ball kann ungehindert ins Tor wandern."
An deiner Stelle würde ich Avira deinstallieren.

Schritt: 2

Zitat:
hat mir heute mehrere Dateien angezeigt mit einem Trojaner.Agent Befall.
Poste mir bitte die Logfiles dazu.

Bist du dir darüber hinaus sicher, dass nicht vlt. die Premium Version von deinem Malwarebytes ausgelaufen ist? Was passiert, wenn du den Schutz aktivieren möchtest?
__________________
__________________

Alt 18.04.2016, 07:48   #4
MichaelHe
 
Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes - Standard

Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes



Guten Morgen Rafael,

Danke erstmal das Du mir helfen möchtest und für Deine Antwort.

zu Deinen Punkten:

1. Mehrere Antivirus Programme:

Danke für den Hinweis.
Ich war mir gar nicht bewußt das es sich bei Microsoft Security Essentials um ein vollwertiges Antivirus Tool handelt.
Daher hatte ich auch noch die Premium Version von Avira installiert.

2. Virenbefall

Wie bereits geschrieben gibt es darüber leider / merkwürdigerweise kein Logfile.
Ich fasse das Geschehen noch einmal kurz für Dich zusammen.

Ich kam von der Arbeit nach Hause und meine Freundin sagte mir, das als Sie am Rechner war Malwarebytes eine Meldung gemacht hatte.
Ich öffnete also Malwarebytes und fand dort viele Dateien in Quarantäne vor mit dem Hinweis auf den Trojaner.Agent.
Leider habe ich aus Gewohnheit die Quarantäne dann direkt gelöscht.
Malwarebytes schlug in der Vergangenheit öfters mal an wegen temporärer Internetdateien aber meist nur harmlose Warnings keine Viren, wobei ich dann immer direkt die Quarantäne gelöscht hatte.
Erst nach dem Löschen fiel mir auf was ich da wirklich gelöscht hatte... die exe-Dateien von Steam, Origin, Firefox, Thunderbird, etc. waren betroffen. Alle Dateien nun nicht mehr vorhanden.
In Panik habe ich dann Malwarebytes noch einmal laufen lassen aber es wurde kein Fehler mehr angezeigt. Firefox, Thunderbird und Steam habe ich dann erneut installiert aber dann vielen mir Ungereimheiten am Rechner auf wieso ich aufgehört hatte und hier Hilfe erstmal gesucht habe.
Der Rechner ist erschreckend langsamer... und Malwarebytes funktioniert nicht mehr 100%.
Ich habe die Lifetime-Premium Version d.h. diese ist nicht abgelaufen.
Malwarebytes zeigt wir einen Fehler an - der Schutz für bösartige Webseiten ist deaktiviert. Ich klicke auf beheben, es geht für eine Sekunde an und direkt wieder aus.
Gleiches Verhalten wenn ich nicht den Beheben-Button sondern direkt aktivieren will.
Keine Chance das Programm vollständig zu starten.
In dem Addition Log ist fast ganz unten auch ein Eintrag / Fehler zu Malwarebytes zu finden (CodeIntegrity).
Ich befürchte das bei den Quarantäne-Files auch ggf. was von Malwarebytes dabei war?

Es sind gefühlt alle Programme, die ich in letzter Zeit genutzt hatte, betroffen.

Auch Apple Push z.B. ist betroffen - es kommt direkt bei Systemstart nun die Fehlermeldung MSVCP100.dll fehlt.

Programme, die ich in letzter Zeit nicht genutzt hatte - z.B. Internet Explorer lassen sich noch öffnen.

Bei Malwarebytes gibt es von den Scans nach dem Quarantänevorfall Logs... und dann von einem Tag davor... von dem Vorfall gibt es allerdings kein Log.


Ich hoffe Du hast eine Idee zur Problemlösung.
Ich hätte gerne Gewissheit das mein PC clean ist, bevor ich mich an die Reparaturen des Schadens mache.

Da ich über den Trojaner.Agent gelesen habe, das er auch Tastatur-Logging macht, habe ich von einem separaten Rechner aus bereits alle Passwörter für z.B. Mailkonten, etc. geändert.

Des weiteren habe ich auch den Rechner zur Sicherheit vom Netz genommen.
Die Festplatte war gefühlt mit eingestecktem DSL Kabel im Dauerbetrieb ...

Alt 18.04.2016, 12:25   #5
burningice
/// Malwareteam
 
Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes - Standard

Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes



Zitat:
Trojaner.Agent gelesen habe, das er auch Tastatur-Logging macht
Das ist so eine Aussage, wie zu sagen, alle Hunde haben schwarzes Fell.

Trojan.Agent heißt einfach "irgend ein" Trojaner, das ist nichts spezifisches

Schritt: 1
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.


Schritt: 2
Folge mal bitte dieser Anleitung: http://anleitung.trojaner-board.de/z...inden-gehts_61

__________________
Mfg,
Rafael

~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~

Unterstütze uns mit einer Spende
......... Lob, Kritik oder Wünsche .........
.......... Folge uns auf Facebook ..........

Alt 18.04.2016, 18:53   #6
MichaelHe
 
Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes - Standard

Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes



Hallo Rafael,

war mir nicht bewusst.
Als Unwissender sollte ich also nicht alles glauben was man so liest...
Danke für die Aufklärung.

Hier die gewünschten Logs zu den Schritten:

Schritt 1:

Code:
ATTFilter
19:09:12.0539 0x0de8  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
19:09:17.0126 0x0de8  ============================================================
19:09:17.0126 0x0de8  Current date / time: 2016/04/18 19:09:17.0126
19:09:17.0126 0x0de8  SystemInfo:
19:09:17.0126 0x0de8  
19:09:17.0126 0x0de8  OS Version: 6.1.7601 ServicePack: 1.0
19:09:17.0126 0x0de8  Product type: Workstation
19:09:17.0126 0x0de8  ComputerName: PREDATOR
19:09:17.0126 0x0de8  UserName: Miika
19:09:17.0126 0x0de8  Windows directory: C:\Windows
19:09:17.0126 0x0de8  System windows directory: C:\Windows
19:09:17.0126 0x0de8  Running under WOW64
19:09:17.0126 0x0de8  Processor architecture: Intel x64
19:09:17.0126 0x0de8  Number of processors: 8
19:09:17.0126 0x0de8  Page size: 0x1000
19:09:17.0126 0x0de8  Boot type: Normal boot
19:09:17.0126 0x0de8  ============================================================
19:09:21.0182 0x0de8  KLMD registered as C:\Windows\system32\drivers\01432160.sys
19:09:22.0632 0x0de8  System UUID: {374DC7C3-3E0E-7A51-327B-0C0EE89BBC5C}
19:09:23.0584 0x0de8  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1F8B1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
19:09:23.0600 0x0de8  ============================================================
19:09:23.0600 0x0de8  \Device\Harddisk0\DR0:
19:09:23.0615 0x0de8  MBR partitions:
19:09:23.0615 0x0de8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:09:23.0615 0x0de8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
19:09:23.0615 0x0de8  ============================================================
19:09:23.0646 0x0de8  C: <-> \Device\Harddisk0\DR0\Partition2
19:09:23.0646 0x0de8  ============================================================
19:09:23.0646 0x0de8  Initialize success
19:09:23.0646 0x0de8  ============================================================
19:11:52.0149 0x0e38  ============================================================
19:11:52.0149 0x0e38  Scan started
19:11:52.0149 0x0e38  Mode: Manual; SigCheck; TDLFS; 
19:11:52.0149 0x0e38  ============================================================
19:11:52.0149 0x0e38  KSN ping started
19:11:54.0629 0x0e38  KSN ping finished: true
19:11:55.0799 0x0e38  ================ Scan system memory ========================
19:11:55.0799 0x0e38  System memory - ok
19:11:55.0799 0x0e38  ================ Scan services =============================
19:11:55.0940 0x0e38  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
19:11:56.0080 0x0e38  1394ohci - ok
19:11:56.0111 0x0e38  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:11:56.0127 0x0e38  ACPI - ok
19:11:56.0189 0x0e38  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:11:56.0267 0x0e38  AcpiPmi - ok
19:11:56.0345 0x0e38  [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:11:56.0376 0x0e38  AdobeARMservice - ok
19:11:56.0454 0x0e38  AdobeFlashPlayerUpdateSvc - ok
19:11:56.0501 0x0e38  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
19:11:56.0517 0x0e38  adp94xx - ok
19:11:56.0532 0x0e38  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
19:11:56.0548 0x0e38  adpahci - ok
19:11:56.0564 0x0e38  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
19:11:56.0579 0x0e38  adpu320 - ok
19:11:56.0610 0x0e38  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:11:56.0657 0x0e38  AeLookupSvc - ok
19:11:56.0704 0x0e38  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
19:11:56.0829 0x0e38  AFD - ok
19:11:56.0844 0x0e38  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
19:11:56.0860 0x0e38  agp440 - ok
19:11:56.0891 0x0e38  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
19:11:56.0938 0x0e38  ALG - ok
19:11:56.0969 0x0e38  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:11:57.0000 0x0e38  aliide - ok
19:11:57.0032 0x0e38  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
19:11:57.0063 0x0e38  amdide - ok
19:11:57.0078 0x0e38  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
19:11:57.0125 0x0e38  AmdK8 - ok
19:11:57.0125 0x0e38  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
19:11:57.0156 0x0e38  AmdPPM - ok
19:11:57.0188 0x0e38  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:11:57.0219 0x0e38  amdsata - ok
19:11:57.0219 0x0e38  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
19:11:57.0250 0x0e38  amdsbs - ok
19:11:57.0250 0x0e38  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:11:57.0266 0x0e38  amdxata - ok
19:11:57.0390 0x0e38  [ 37CD9EB03B36D8329F96BA921470DB54, 0CD3BFBA51F84D83E3B208D2BED7CE8E91B447B2037014663EC7CB8E5A925201 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
19:11:57.0453 0x0e38  AntiVirMailService - ok
19:11:57.0531 0x0e38  [ 98C06275DB53A1E70AB8CB94013B20D4, 5DE48C829A66B0F4C8119E75D985D63C1020FA318696BD19E44E0A07CD6F1ED0 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
19:11:57.0546 0x0e38  AntiVirSchedulerService - ok
19:11:57.0593 0x0e38  [ 98C06275DB53A1E70AB8CB94013B20D4, 5DE48C829A66B0F4C8119E75D985D63C1020FA318696BD19E44E0A07CD6F1ED0 ] AntiVirService  C:\Program Files (x86)\Avira\Antivirus\avguard.exe
19:11:57.0624 0x0e38  AntiVirService - ok
19:11:57.0687 0x0e38  [ 1F5CC3C23E10290A3FF9CAA74AA30D07, A4F1F3465A5E0A914EE5A4FEF4A6B639956BA04B7145EF68820BC2A15DEE4162 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
19:11:57.0718 0x0e38  AntiVirWebService - ok
19:11:57.0765 0x0e38  [ 4FC6E2C2FC50445450651F42E90CC0BD, BC04902B1A5A5C3354E1C4A5C69906ED7DF19F90286BE1AC4E4224E05ED36184 ] Apowersoft_AudioDevice C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys
19:11:57.0796 0x0e38  Apowersoft_AudioDevice - ok
19:11:57.0843 0x0e38  [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID           C:\Windows\system32\drivers\appid.sys
19:11:57.0936 0x0e38  AppID - ok
19:11:57.0952 0x0e38  [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:11:57.0999 0x0e38  AppIDSvc - ok
19:11:58.0014 0x0e38  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll
19:11:58.0077 0x0e38  Appinfo - ok
19:11:58.0170 0x0e38  [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:11:58.0202 0x0e38  Apple Mobile Device Service - ok
19:11:58.0233 0x0e38  [ A632D9EA15F37D2605A7FCAF3892EC96, 65645A5C7C986B468F806399C770893F53C1DDA8309BF4A04EFEEB0EFD8110C8 ] AppleCharger    C:\Windows\system32\DRIVERS\AppleCharger.sys
19:11:58.0264 0x0e38  AppleCharger - ok
19:11:58.0264 0x0e38  [ 95EF7247C50C7241FDAE39A9B3AFF4AE, 6E08FB095C04B2E217B139D6431336C0F24C128A2A83082A3085DC8C44AA247D ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
19:11:58.0311 0x0e38  AppleChargerSrv - ok
19:11:58.0311 0x0e38  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
19:11:58.0326 0x0e38  arc - ok
19:11:58.0342 0x0e38  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:11:58.0358 0x0e38  arcsas - ok
19:11:58.0436 0x0e38  [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:11:58.0498 0x0e38  aspnet_state - ok
19:11:58.0514 0x0e38  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:11:58.0623 0x0e38  AsyncMac - ok
19:11:58.0654 0x0e38  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
19:11:58.0670 0x0e38  atapi - ok
19:11:58.0748 0x0e38  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:11:58.0841 0x0e38  AudioEndpointBuilder - ok
19:11:58.0872 0x0e38  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:11:58.0888 0x0e38  AudioSrv - ok
19:11:58.0935 0x0e38  [ 742D578C28F6F58B8B576F91A1D8EB4E, 6C49EC198E67CE40728F0C19CB2BDCB59310BA59324F58E4D456DA2C8CC28BA6 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
19:11:58.0950 0x0e38  avgntflt - ok
19:11:58.0982 0x0e38  [ FBC2483AD62FBC8BD76A4254C50874BA, 04398AB0221535DD5D0A1AF6CA107F815CD607E668E2E7887D061FCED7373728 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
19:11:59.0013 0x0e38  avipbb - ok
19:11:59.0044 0x0e38  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
19:11:59.0060 0x0e38  avkmgr - ok
19:11:59.0106 0x0e38  [ 7FDC860B34BDFFDFCE98622F81F24FA9, 3EF774A7F2EB741633611400161B6D4F642F9357BF6E957E14E70D1645BE6466 ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
19:11:59.0122 0x0e38  avnetflt - ok
19:11:59.0153 0x0e38  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:11:59.0216 0x0e38  AxInstSV - ok
19:11:59.0247 0x0e38  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
19:11:59.0294 0x0e38  b06bdrv - ok
19:11:59.0325 0x0e38  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:11:59.0356 0x0e38  b57nd60a - ok
19:11:59.0434 0x0e38  [ 2E552B658273B90251E0441631DE2CA3, EE6D42A9D95E8D53B5DBF9A3F195C63505CCB9C59C63E4BF7014CDC528217723 ] BcmSqlStartupSvc C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
19:11:59.0465 0x0e38  BcmSqlStartupSvc - ok
19:11:59.0481 0x0e38  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:11:59.0512 0x0e38  BDESVC - ok
19:11:59.0528 0x0e38  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:11:59.0590 0x0e38  Beep - ok
19:11:59.0621 0x0e38  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
19:11:59.0684 0x0e38  BFE - ok
19:11:59.0762 0x0e38  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
19:11:59.0902 0x0e38  BITS - ok
19:11:59.0918 0x0e38  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:11:59.0949 0x0e38  blbdrive - ok
19:12:00.0027 0x0e38  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:12:00.0042 0x0e38  Bonjour Service - ok
19:12:00.0074 0x0e38  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:12:00.0120 0x0e38  bowser - ok
19:12:00.0136 0x0e38  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
19:12:00.0152 0x0e38  BrFiltLo - ok
19:12:00.0167 0x0e38  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
19:12:00.0198 0x0e38  BrFiltUp - ok
19:12:00.0230 0x0e38  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
19:12:00.0276 0x0e38  Browser - ok
19:12:00.0276 0x0e38  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:12:00.0308 0x0e38  Brserid - ok
19:12:00.0323 0x0e38  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:12:00.0339 0x0e38  BrSerWdm - ok
19:12:00.0370 0x0e38  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:12:00.0386 0x0e38  BrUsbMdm - ok
19:12:00.0401 0x0e38  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:12:00.0417 0x0e38  BrUsbSer - ok
19:12:00.0432 0x0e38  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
19:12:00.0448 0x0e38  BTHMODEM - ok
19:12:00.0464 0x0e38  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
19:12:00.0495 0x0e38  bthserv - ok
19:12:00.0526 0x0e38  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:12:00.0542 0x0e38  cdfs - ok
19:12:00.0573 0x0e38  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:12:00.0588 0x0e38  cdrom - ok
19:12:00.0588 0x0e38  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
19:12:00.0635 0x0e38  CertPropSvc - ok
19:12:00.0651 0x0e38  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
19:12:00.0666 0x0e38  circlass - ok
19:12:00.0713 0x0e38  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
19:12:00.0713 0x01b4  Object required for P2P: [ 37CD9EB03B36D8329F96BA921470DB54 ] AntiVirMailService
19:12:00.0729 0x0e38  CLFS - ok
19:12:00.0776 0x0e38  [ FE1C81A049E5C5D67C4AB7C31C899F6F, 27E1C2AEAF3F3CA4BD5010C81C05C87B7B473A89FC7F1F6CB3C6F64123F219FD ] CLKMSVC10_9EC60124 C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe
19:12:00.0838 0x0e38  CLKMSVC10_9EC60124 - ok
19:12:00.0885 0x0e38  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:12:00.0900 0x0e38  clr_optimization_v2.0.50727_32 - ok
19:12:00.0947 0x0e38  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:12:00.0978 0x0e38  clr_optimization_v2.0.50727_64 - ok
19:12:01.0056 0x0e38  [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:12:01.0119 0x0e38  clr_optimization_v4.0.30319_32 - ok
19:12:01.0150 0x0e38  [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:12:01.0181 0x0e38  clr_optimization_v4.0.30319_64 - ok
19:12:01.0197 0x0e38  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
19:12:01.0212 0x0e38  CmBatt - ok
19:12:01.0228 0x0e38  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:12:01.0244 0x0e38  cmdide - ok
19:12:01.0275 0x0e38  [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG             C:\Windows\system32\Drivers\cng.sys
19:12:01.0306 0x0e38  CNG - ok
19:12:01.0322 0x0e38  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
19:12:01.0322 0x0e38  Compbatt - ok
19:12:01.0337 0x0e38  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
19:12:01.0353 0x0e38  CompositeBus - ok
19:12:01.0353 0x0e38  COMSysApp - ok
19:12:01.0353 0x0e38  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
19:12:01.0368 0x0e38  crcdisk - ok
19:12:01.0400 0x0e38  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:12:01.0431 0x0e38  CryptSvc - ok
19:12:01.0462 0x0e38  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:12:01.0493 0x0e38  DcomLaunch - ok
19:12:01.0524 0x0e38  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
19:12:01.0571 0x0e38  defragsvc - ok
19:12:01.0602 0x0e38  [ FDC0C5ADDE1CDE6EDB0BEF78F0699AF3, A7340F79E5C4066D378A1E25230A9DED57626BD102E55D04A413FB60B912F772 ] DES2 Service    C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
19:12:01.0618 0x0e38  DES2 Service - ok
19:12:01.0634 0x0e38  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:12:01.0665 0x0e38  DfsC - ok
19:12:01.0727 0x0e38  [ E0FB647661B59632E3987D40D6F75281, D999CE7FDC788A217E128F059A05216BACD2FD26207362469C55D477C6E0A3EE ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
19:12:01.0758 0x0e38  dg_ssudbus - ok
19:12:01.0790 0x0e38  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:12:01.0852 0x0e38  Dhcp - ok
19:12:01.0946 0x0e38  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\Windows\system32\diagtrack.dll
19:12:02.0024 0x0e38  DiagTrack - ok
19:12:02.0117 0x0e38  [ 68BFCCC1EC25F0F942EA32AD9D67A131, CF19DA2816262D9D532249970581E55DF595A5FD0ABE44C5124A40F42A9B28B4 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
19:12:02.0148 0x0e38  DigitalWave.Update.Service - ok
19:12:02.0164 0x0e38  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
19:12:02.0195 0x0e38  discache - ok
19:12:02.0242 0x0e38  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
19:12:02.0242 0x0e38  Disk - ok
19:12:02.0273 0x0e38  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:12:02.0304 0x0e38  Dnscache - ok
19:12:02.0320 0x0e38  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:12:02.0367 0x0e38  dot3svc - ok
19:12:02.0398 0x0e38  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
19:12:02.0414 0x0e38  DPS - ok
19:12:02.0445 0x0e38  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:12:02.0507 0x0e38  drmkaud - ok
19:12:02.0570 0x0e38  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:12:02.0601 0x0e38  DXGKrnl - ok
19:12:02.0601 0x0e38  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
19:12:02.0648 0x0e38  EapHost - ok
19:12:02.0757 0x0e38  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
19:12:02.0897 0x0e38  ebdrv - ok
19:12:02.0928 0x0e38  [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] EFS             C:\Windows\System32\lsass.exe
19:12:02.0960 0x0e38  EFS - ok
19:12:03.0038 0x0e38  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:12:03.0100 0x0e38  ehRecvr - ok
19:12:03.0131 0x0e38  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
19:12:03.0162 0x0e38  ehSched - ok
19:12:03.0194 0x0e38  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
19:12:03.0209 0x0e38  elxstor - ok
19:12:03.0240 0x0e38  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:12:03.0256 0x0e38  ErrDev - ok
19:12:03.0287 0x0e38  [ 84486624268E078255BC7AA47F0960BC, EC2540698B974572F0AC4A93D57C63295BAF66BF50F7416B9DFF5DE790EBDBE7 ] etdrv           C:\Windows\etdrv.sys
19:12:03.0287 0x01b4  Object send P2P result: true
19:12:03.0303 0x0e38  etdrv - ok
19:12:03.0318 0x0e38  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
19:12:03.0350 0x0e38  EventSystem - ok
19:12:03.0365 0x0e38  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
19:12:03.0396 0x0e38  exfat - ok
19:12:03.0412 0x0e38  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:12:03.0443 0x0e38  fastfat - ok
19:12:03.0474 0x0e38  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
19:12:03.0537 0x0e38  Fax - ok
19:12:03.0537 0x0e38  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
19:12:03.0568 0x0e38  fdc - ok
19:12:03.0599 0x0e38  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
19:12:03.0615 0x0e38  fdPHost - ok
19:12:03.0630 0x0e38  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:12:03.0662 0x0e38  FDResPub - ok
19:12:03.0677 0x0e38  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:12:03.0693 0x0e38  FileInfo - ok
19:12:03.0693 0x0e38  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:12:03.0724 0x0e38  Filetrace - ok
19:12:03.0771 0x0e38  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
19:12:03.0802 0x0e38  flpydisk - ok
19:12:03.0833 0x0e38  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:12:03.0849 0x0e38  FltMgr - ok
19:12:03.0927 0x0e38  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
19:12:03.0974 0x0e38  FontCache - ok
19:12:04.0005 0x0e38  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:12:04.0020 0x0e38  FontCache3.0.0.0 - ok
19:12:04.0036 0x0e38  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:12:04.0052 0x0e38  FsDepends - ok
19:12:04.0083 0x0e38  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:12:04.0098 0x0e38  Fs_Rec - ok
19:12:04.0130 0x0e38  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:12:04.0145 0x0e38  fvevol - ok
19:12:04.0161 0x0e38  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
19:12:04.0176 0x0e38  gagp30kx - ok
19:12:04.0208 0x0e38  [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv            C:\Windows\gdrv.sys
19:12:04.0223 0x0e38  gdrv - ok
19:12:04.0254 0x0e38  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:12:04.0254 0x0e38  GEARAspiWDM - ok
19:12:04.0379 0x0e38  [ E6057C066C7FECB49D4A27CFC4558C8E, F9E9498D4E924E6169CFDAE7E893B6F26014E9C24B833AE23BBBF9D568CB4057 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
19:12:04.0410 0x0e38  GfExperienceService - ok
19:12:04.0442 0x0e38  [ B1C9B932F5A728800AB9C2C88C92594A, 74290A76EECB5B25C1F36DC9FD20EC80E9C60E569D42BA02F6568F75D0269EEA ] Gizmo Central   C:\Program Files (x86)\Gizmo\gservice.exe
19:12:04.0473 0x0e38  Gizmo Central - ok
19:12:04.0488 0x0e38  [ 4CF044DB46F79BFA47FBDFD35192D765, 8520DBAAB9BD148296B468D972BA51B3B2C829355E6109EE190CB7965873DF8D ] GizmoDrv        C:\Windows\system32\drivers\GizmoDrv.sys
19:12:04.0520 0x0e38  GizmoDrv - ok
19:12:04.0551 0x0e38  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
19:12:04.0598 0x0e38  gpsvc - ok
19:12:04.0629 0x0e38  [ 8126331FBD4ED29EB3B356F9C905064D, A58BCE904591DD762410E99960FD956FB579C2CE78FA7BF1406075D29537EF82 ] GVTDrv64        C:\Windows\GVTDrv64.sys
19:12:04.0660 0x0e38  GVTDrv64 - ok
19:12:04.0676 0x0e38  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:12:04.0691 0x0e38  hcw85cir - ok
19:12:04.0738 0x0e38  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:12:04.0769 0x0e38  HdAudAddService - ok
19:12:04.0800 0x0e38  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
19:12:04.0832 0x0e38  HDAudBus - ok
19:12:04.0847 0x0e38  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
19:12:04.0878 0x0e38  HidBatt - ok
19:12:04.0894 0x0e38  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
19:12:04.0910 0x0e38  HidBth - ok
19:12:04.0925 0x0e38  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
19:12:04.0956 0x0e38  HidIr - ok
19:12:04.0972 0x0e38  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
19:12:05.0019 0x0e38  hidserv - ok
19:12:05.0081 0x0e38  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:12:05.0112 0x0e38  HidUsb - ok
19:12:05.0175 0x0e38  [ 34E95DE386032FD7F14C228DD8E1CDBF, 148D46F79D223340D4FE9B3EF2B40BABF2204CA1E60348F3375D2BC5E08CE53B ] HiPatchService  C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
19:12:05.0206 0x0e38  HiPatchService - detected UnsignedFile.Multi.Generic ( 1 )
19:12:07.0811 0x0e38  HiPatchService ( UnsignedFile.Multi.Generic ) - warning
19:12:10.0292 0x0e38  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:12:10.0354 0x0e38  hkmsvc - ok
19:12:10.0385 0x0e38  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:12:10.0448 0x0e38  HomeGroupListener - ok
19:12:10.0463 0x0e38  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:12:10.0510 0x0e38  HomeGroupProvider - ok
19:12:10.0526 0x0e38  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:12:10.0541 0x0e38  HpSAMD - ok
19:12:10.0588 0x0e38  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:12:10.0619 0x0e38  HTTP - ok
19:12:10.0635 0x0e38  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:12:10.0635 0x0e38  hwpolicy - ok
19:12:10.0650 0x0e38  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
19:12:10.0666 0x0e38  i8042prt - ok
19:12:10.0682 0x0e38  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:12:10.0713 0x0e38  iaStorV - ok
19:12:10.0744 0x0e38  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:12:10.0760 0x0e38  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
19:12:13.0193 0x0e38  Detect skipped due to KSN trusted
19:12:13.0193 0x0e38  IDriverT - ok
19:12:13.0256 0x0e38  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:12:13.0287 0x0e38  idsvc - ok
19:12:13.0318 0x0e38  IEEtwCollectorService - ok
19:12:13.0334 0x0e38  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
19:12:13.0349 0x0e38  iirsp - ok
19:12:13.0412 0x0e38  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
19:12:13.0443 0x0e38  IKEEXT - ok
19:12:13.0552 0x0e38  [ 163F94EBF8F8A98616A6B804AF08D736, A0EDDB0FB39C1FED1ADFC59C694D8D3A2AF80B1C2B83849D949BC051D2B97F87 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:12:13.0599 0x0e38  IntcAzAudAddService - ok
19:12:13.0630 0x0e38  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
19:12:13.0646 0x0e38  intelide - ok
19:12:13.0661 0x0e38  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:12:13.0708 0x0e38  intelppm - ok
19:12:13.0739 0x0e38  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:12:13.0786 0x0e38  IPBusEnum - ok
19:12:13.0786 0x0e38  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:12:13.0817 0x0e38  IpFilterDriver - ok
19:12:13.0848 0x0e38  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:12:13.0880 0x0e38  iphlpsvc - ok
19:12:13.0895 0x0e38  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
19:12:13.0911 0x0e38  IPMIDRV - ok
19:12:13.0911 0x0e38  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:12:13.0942 0x0e38  IPNAT - ok
19:12:14.0020 0x0e38  [ F96B9EDC032E61EB87652896E92ED526, F9E3CD2FA2D963C56034A4F606869467FDC6647B916CF457249270E6C337A8A5 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:12:14.0067 0x0e38  iPod Service - ok
19:12:14.0067 0x0e38  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:12:14.0098 0x0e38  IRENUM - ok
19:12:14.0114 0x0e38  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:12:14.0129 0x0e38  isapnp - ok
19:12:14.0160 0x0e38  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:12:14.0176 0x0e38  iScsiPrt - ok
19:12:14.0254 0x0e38  [ F3A41EC4C6506E76E07A219B3A1DF8D2, B34FDAA453E6E089374B33533A89F76DEE1C2D14F9939AF3669B6F33FA41DD76 ] JMB36X          C:\Windows\SysWOW64\XSrvSetup.exe
19:12:14.0285 0x0e38  JMB36X - ok
19:12:14.0301 0x0e38  [ 1C368C1A2733DCC5B8E15420AA2B0F6D, C43A3534E33CEAEB8359D493FDB4663CB7C1E9286862B2CEE2788E9EA060DF1D ] JRAID           C:\Windows\system32\DRIVERS\jraid.sys
19:12:14.0332 0x0e38  JRAID - ok
19:12:14.0348 0x0e38  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:12:14.0363 0x0e38  kbdclass - ok
19:12:14.0379 0x0e38  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:12:14.0410 0x0e38  kbdhid - ok
19:12:14.0426 0x0e38  [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] KeyIso          C:\Windows\system32\lsass.exe
19:12:14.0441 0x0e38  KeyIso - ok
19:12:14.0472 0x0e38  [ 0F776895884B8DC430A307D57FD867BB, F9E8C8A04D757CEAD86938BEEFFAD9750589037E16FB1A2B0A90E4484E1A6B65 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:12:14.0472 0x0e38  KSecDD - ok
19:12:14.0488 0x0e38  [ 28E75F316CCCD79337E4957C53017D4B, 3BABDA50B4CE72F7F9A0FD7A33DDB19463A01F188D46354E0B411FC0389C01BE ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:12:14.0504 0x0e38  KSecPkg - ok
19:12:14.0519 0x0e38  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:12:14.0535 0x0e38  ksthunk - ok
19:12:14.0566 0x0e38  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:12:14.0613 0x0e38  KtmRm - ok
19:12:14.0628 0x0e38  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:12:14.0675 0x0e38  LanmanServer - ok
19:12:14.0691 0x0e38  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:12:14.0722 0x0e38  LanmanWorkstation - ok
19:12:14.0738 0x0e38  [ 17203D81A68D9162DB9022A1FC601778, 7D4D4018D6BC95604003F15B792EAB061EF7CA9BC8443E32B99185D89095EA28 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
19:12:14.0738 0x0e38  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
19:12:17.0265 0x0e38  Detect skipped due to KSN trusted
19:12:17.0265 0x0e38  LightScribeService - ok
19:12:17.0358 0x0e38  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:12:17.0405 0x0e38  lltdio - ok
19:12:17.0436 0x0e38  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:12:17.0483 0x0e38  lltdsvc - ok
19:12:17.0483 0x0e38  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:12:17.0499 0x0e38  lmhosts - ok
19:12:17.0530 0x0e38  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
19:12:17.0546 0x0e38  LSI_FC - ok
19:12:17.0561 0x0e38  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
19:12:17.0577 0x0e38  LSI_SAS - ok
19:12:17.0577 0x0e38  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
19:12:17.0592 0x0e38  LSI_SAS2 - ok
19:12:17.0608 0x0e38  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
19:12:17.0624 0x0e38  LSI_SCSI - ok
19:12:17.0624 0x0e38  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
19:12:17.0655 0x0e38  luafv - ok
19:12:17.0748 0x0e38  [ A401CFF74982D8DF851F20307C806073, 1D7BA90C9E77FAAE59F60AB5310EC41D9C5B98F1F9A89A3CDB9169E6DEF565DA ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
19:12:17.0780 0x0e38  LVRS64 - ok
19:12:17.0920 0x0e38  [ 13384CB5F5813E65F31078D6ABFAAF38, A6E7374C15CAECC273197BF62F8F926BA30E9509270A8470756F4710E1DEA126 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
19:12:18.0123 0x0e38  LVUVC64 - ok
19:12:18.0185 0x0e38  [ 1239597BAB7EED2BB16D035AF87E65D9, 67A4F1C8BA77502404629C3411BA76729435012CFA6D7794C46F31BBC118064E ] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys
19:12:18.0216 0x0e38  mbamchameleon - ok
19:12:18.0248 0x0e38  [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
19:12:18.0279 0x0e38  MBAMProtector - ok
19:12:18.0357 0x0e38  [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
19:12:18.0388 0x0e38  MBAMScheduler - ok
19:12:18.0450 0x0e38  [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
19:12:18.0482 0x0e38  MBAMService - ok
19:12:18.0497 0x0e38  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
19:12:18.0513 0x0e38  MBAMSwissArmy - ok
19:12:18.0528 0x0e38  MBAMWebAccessControl - ok
19:12:18.0544 0x0e38  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:12:18.0544 0x0e38  Mcx2Svc - ok
19:12:18.0560 0x0e38  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
19:12:18.0575 0x0e38  megasas - ok
19:12:18.0606 0x0e38  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
19:12:18.0622 0x0e38  MegaSR - ok
19:12:18.0669 0x0e38  Microsoft SharePoint Workspace Audit Service - ok
19:12:18.0700 0x0e38  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
19:12:18.0762 0x0e38  MMCSS - ok
19:12:18.0778 0x0e38  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
19:12:18.0794 0x0e38  Modem - ok
19:12:18.0825 0x0e38  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:12:18.0856 0x0e38  monitor - ok
19:12:18.0887 0x0e38  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:12:18.0903 0x0e38  mouclass - ok
19:12:18.0918 0x0e38  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:12:18.0950 0x0e38  mouhid - ok
19:12:18.0996 0x0e38  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:12:19.0012 0x0e38  mountmgr - ok
19:12:19.0043 0x0e38  [ 63282F5EB7E5BFB58FD1EC93C6ADB457, 25096C4AE319E854153C75DCEC0A67A63F6B05FDD0B49D4D373724B3BF55D665 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:12:19.0090 0x0e38  MozillaMaintenance - ok
19:12:19.0137 0x0e38  [ 73150F67D20270FF95A021A22E64F28A, A8878DEFBE437FB453F8E9243FB5C787D07AC7415A4475388D479C10417C524F ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
19:12:19.0184 0x0e38  MpFilter - ok
19:12:19.0199 0x0e38  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:12:19.0215 0x0e38  mpio - ok
19:12:19.0230 0x0e38  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:12:19.0262 0x0e38  mpsdrv - ok
19:12:19.0293 0x0e38  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:12:19.0340 0x0e38  MpsSvc - ok
19:12:19.0355 0x0e38  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:12:19.0402 0x0e38  MRxDAV - ok
19:12:19.0418 0x0e38  [ 32B85C4923D895B2FB35821A799BA38D, 7A7E5D08F745DB9B498B4BE946325FF7DAA7FA27589D9423FCA4558D20780026 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:12:19.0480 0x0e38  mrxsmb - ok
19:12:19.0511 0x0e38  [ A572BEF41F3C55D7DAF24D2340C91FEC, 1E51EEFEABCDCB664CD39437C2275B160860FB433EAA8DC905D5BC742FD03529 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:12:19.0542 0x0e38  mrxsmb10 - ok
19:12:19.0574 0x0e38  [ C49F1C4CA74FC52AFB2E892D8E50EA39, 9E7A2453627A82AFF4CE3F285AFF105C3F92F423C07E5C43E76BEC523841B8F7 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:12:19.0605 0x0e38  mrxsmb20 - ok
19:12:19.0636 0x0e38  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:12:19.0652 0x0e38  msahci - ok
19:12:19.0652 0x0e38  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:12:19.0683 0x0e38  msdsm - ok
19:12:19.0683 0x0e38  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
19:12:19.0714 0x0e38  MSDTC - ok
19:12:19.0730 0x0e38  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:12:19.0761 0x0e38  Msfs - ok
19:12:19.0761 0x0e38  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:12:19.0792 0x0e38  mshidkmdf - ok
19:12:19.0792 0x0e38  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:12:19.0808 0x0e38  msisadrv - ok
19:12:19.0839 0x0e38  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:12:19.0870 0x0e38  MSiSCSI - ok
19:12:19.0870 0x0e38  msiserver - ok
19:12:19.0901 0x0e38  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:12:19.0917 0x0e38  MSKSSRV - ok
19:12:20.0010 0x0e38  [ CE996C1821021ADF8E28E80A54E846A8, 99042E895B6C2EA80F3BA65563A12C8EBA882E3AD6A21DD8E799B0112C75DDD2 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
19:12:20.0026 0x0e38  MsMpSvc - ok
19:12:20.0026 0x0e38  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:12:20.0057 0x0e38  MSPCLOCK - ok
19:12:20.0073 0x0e38  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:12:20.0088 0x0e38  MSPQM - ok
19:12:20.0104 0x0e38  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:12:20.0120 0x0e38  MsRPC - ok
19:12:20.0135 0x0e38  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
19:12:20.0135 0x0e38  mssmbios - ok
19:12:20.0213 0x0e38  MSSQL$MSSMLBIZ - ok
19:12:20.0307 0x0e38  [ F1761C8FB2B25A32C6D63E36BB88C3AE, C88F5EF7B547DAA2394888362916FA18F07241E0BF2B938297428A1C04FFD806 ] MSSQLServerADHelper100 C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
19:12:20.0338 0x0e38  MSSQLServerADHelper100 - ok
19:12:20.0338 0x0e38  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:12:20.0385 0x0e38  MSTEE - ok
19:12:20.0385 0x0e38  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
19:12:20.0400 0x0e38  MTConfig - ok
19:12:20.0416 0x0e38  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
19:12:20.0416 0x0e38  Mup - ok
19:12:20.0432 0x0e38  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
19:12:20.0494 0x0e38  napagent - ok
19:12:20.0541 0x0e38  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:12:20.0572 0x0e38  NativeWifiP - ok
19:12:20.0650 0x0e38  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:12:20.0697 0x0e38  NDIS - ok
19:12:20.0728 0x0e38  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:12:20.0775 0x0e38  NdisCap - ok
19:12:20.0775 0x0e38  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:12:20.0837 0x0e38  NdisTapi - ok
19:12:20.0853 0x0e38  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:12:20.0900 0x0e38  Ndisuio - ok
19:12:20.0915 0x0e38  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:12:20.0962 0x0e38  NdisWan - ok
19:12:20.0993 0x0e38  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:12:21.0024 0x0e38  NDProxy - ok
19:12:21.0024 0x0e38  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:12:21.0056 0x0e38  NetBIOS - ok
19:12:21.0071 0x0e38  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:12:21.0102 0x0e38  NetBT - ok
19:12:21.0102 0x0e38  [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] Netlogon        C:\Windows\system32\lsass.exe
19:12:21.0118 0x0e38  Netlogon - ok
19:12:21.0149 0x0e38  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
19:12:21.0165 0x0e38  Netman - ok
19:12:21.0274 0x0e38  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:12:21.0321 0x0e38  NetMsmqActivator - ok
19:12:21.0321 0x0e38  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:12:21.0336 0x0e38  NetPipeActivator - ok
19:12:21.0368 0x0e38  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
19:12:21.0399 0x0e38  netprofm - ok
19:12:21.0414 0x0e38  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:12:21.0414 0x0e38  NetTcpActivator - ok
19:12:21.0430 0x0e38  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:12:21.0430 0x0e38  NetTcpPortSharing - ok
19:12:21.0446 0x0e38  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
19:12:21.0461 0x0e38  nfrd960 - ok
19:12:21.0492 0x0e38  [ 4774AD83C650001B337B92E5E5DA337B, 138ECC7F556D8A12AE58B78B68F6515BE4C00F9F062596B48B6CA6C010F13035 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:12:21.0524 0x0e38  NisDrv - ok
19:12:21.0586 0x0e38  [ 96B7D15161A778B359E707796CCEA646, 9E4A25D9848FAECC517474EAD548E7975CBE3F41AAA964E5245E78F2A723925E ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
19:12:21.0617 0x0e38  NisSrv - ok
19:12:21.0648 0x0e38  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:12:21.0680 0x0e38  NlaSvc - ok
19:12:21.0680 0x0e38  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:12:21.0726 0x0e38  Npfs - ok
19:12:21.0742 0x0e38  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
19:12:21.0789 0x0e38  nsi - ok
19:12:21.0789 0x0e38  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:12:21.0820 0x0e38  nsiproxy - ok
19:12:21.0914 0x0e38  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:12:22.0007 0x0e38  Ntfs - ok
19:12:22.0023 0x0e38  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
19:12:22.0038 0x0e38  Null - ok
19:12:22.0070 0x0e38  [ 785298579B5F9B4032152DFBB992FDB6, 873346A9B2C71C4F3F8B9C6B6AF34AD3675D029DAEA93876350ACBCEE19145D5 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
19:12:22.0085 0x0e38  nusb3hub - ok
19:12:22.0101 0x0e38  [ DF2750481B4964814467C974F2B0EEF1, 573FE5B5867C207355F0D6BBAE744EC5D2539F02DDC25E1470AE2D1E00954C3C ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
19:12:22.0116 0x0e38  nusb3xhc - ok
19:12:22.0148 0x0e38  [ D812362E8AF615B521AD4DF19A93BD5A, B1F04122DFE9FCC3FC56BE327D86912D624C89F2EFB9684BE66FC22115D0E19F ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
19:12:22.0163 0x0e38  NVHDA - ok
19:12:22.0491 0x0e38  [ 616D9A6F59FA604612E4B25AAF36BFCA, 6634F3091A07E2BE0E38622C604BE7589020D9FA47A0A15A3161CA0BBAECB33D ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:12:22.0725 0x0e38  nvlddmkm - ok
19:12:22.0834 0x0e38  [ AF9BDCDDDDDDF7D99F821E1F96AA5C6A, 1FCF538F7B08BABD8AB8545C1868CA791F3641E69CB28D98209A17D03D836892 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
19:12:22.0881 0x0e38  NvNetworkService - ok
19:12:22.0896 0x0e38  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:12:22.0912 0x0e38  nvraid - ok
19:12:22.0928 0x0e38  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:12:22.0943 0x0e38  nvstor - ok
19:12:23.0021 0x0e38  [ CE7D19D5865937045DBF7FB87675BCCC, 6B05319F7501C5481763D950652187DE1AFEA84A68A496D3D7D8F0D2D47532D2 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
19:12:23.0037 0x0e38  NvStreamKms - ok
19:12:23.0193 0x0e38  [ C2E5FC52454CD0FB19426632A491C34D, 29462AE92824718C061C215BF4DC584D4BA7F0E18DD44E0F9162F93014E5B537 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
19:12:23.0255 0x0e38  NvStreamNetworkSvc - ok
19:12:23.0364 0x0e38  [ D1837C396165D1B5A0811A3B39071F97, 9AB66A86F8B94874162C6E4EF1843AA34F8979324B391289B2F494B7BDAED3E2 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
19:12:23.0411 0x0e38  NvStreamSvc - ok
19:12:23.0458 0x0e38  [ 4DFABFC1A31FDE2BDB0AB577CD313D70, 1A517D4FED4B0B8BA1365EF6839BB006EF5E7C4CCC630470B8E239753FC5394F ] nvsvc           C:\Windows\system32\nvvsvc.exe
19:12:23.0505 0x0e38  nvsvc - ok
19:12:23.0552 0x0e38  [ 0BAF8B3DF77EFF04CC0BEA5F2C3657F9, 8E7A542E20416835F31B8648B5724446A78609C0ACC26FCC20E885CF83BE9CB2 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
19:12:23.0583 0x0e38  nvvad_WaveExtensible - ok
19:12:23.0598 0x0e38  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:12:23.0630 0x0e38  nv_agp - ok
19:12:23.0645 0x0e38  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:12:23.0692 0x0e38  ohci1394 - ok
19:12:23.0817 0x0e38  [ EABD6FC38504B46913E2B1B739DAD185, A6225F8A939E6DA467777F85FAB02A218FB4B7ECDF68C34FE156E85BEA6E04BB ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
19:12:23.0926 0x0e38  Origin Client Service - ok
19:12:23.0988 0x0e38  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:12:24.0020 0x0e38  ose - ok
19:12:24.0191 0x0e38  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:12:24.0378 0x0e38  osppsvc - ok
19:12:24.0410 0x0e38  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:12:24.0425 0x0e38  p2pimsvc - ok
19:12:24.0441 0x0e38  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
19:12:24.0472 0x0e38  p2psvc - ok
19:12:24.0488 0x0e38  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
19:12:24.0519 0x0e38  Parport - ok
19:12:24.0566 0x0e38  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:12:24.0566 0x0e38  partmgr - ok
19:12:24.0597 0x0e38  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:12:24.0659 0x0e38  PcaSvc - ok
19:12:24.0675 0x0e38  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
19:12:24.0706 0x0e38  pci - ok
19:12:24.0753 0x0e38  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
19:12:24.0768 0x0e38  pciide - ok
19:12:24.0784 0x0e38  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
19:12:24.0800 0x0e38  pcmcia - ok
19:12:24.0815 0x0e38  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:12:24.0831 0x0e38  pcw - ok
19:12:24.0878 0x0e38  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:12:24.0909 0x0e38  PEAUTH - ok
19:12:24.0956 0x0e38  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:12:24.0971 0x0e38  PerfHost - ok
19:12:25.0018 0x0e38  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
19:12:25.0080 0x0e38  pla - ok
19:12:25.0127 0x0e38  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:12:25.0158 0x0e38  PlugPlay - ok
19:12:25.0158 0x0e38  PnkBstrA - ok
19:12:25.0190 0x0e38  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:12:25.0221 0x0e38  PNRPAutoReg - ok
19:12:25.0236 0x0e38  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:12:25.0268 0x0e38  PNRPsvc - ok
19:12:25.0299 0x0e38  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:12:25.0346 0x0e38  PolicyAgent - ok
19:12:25.0392 0x0e38  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
19:12:25.0424 0x0e38  Power - ok
19:12:25.0439 0x0e38  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:12:25.0470 0x0e38  PptpMiniport - ok
19:12:25.0486 0x0e38  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
19:12:25.0517 0x0e38  Processor - ok
19:12:25.0580 0x0e38  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
19:12:25.0611 0x0e38  ProfSvc - ok
19:12:25.0626 0x0e38  [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] ProtectedStorage C:\Windows\system32\lsass.exe
19:12:25.0642 0x0e38  ProtectedStorage - ok
19:12:25.0658 0x0e38  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:12:25.0689 0x0e38  Psched - ok
19:12:25.0751 0x0e38  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
19:12:25.0814 0x0e38  ql2300 - ok
19:12:25.0829 0x0e38  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
19:12:25.0845 0x0e38  ql40xx - ok
19:12:25.0892 0x0e38  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
19:12:25.0923 0x0e38  QWAVE - ok
19:12:25.0923 0x0e38  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:12:25.0938 0x0e38  QWAVEdrv - ok
19:12:25.0954 0x0e38  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:12:25.0985 0x0e38  RasAcd - ok
19:12:26.0001 0x0e38  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:12:26.0016 0x0e38  RasAgileVpn - ok
19:12:26.0032 0x0e38  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
19:12:26.0079 0x0e38  RasAuto - ok
19:12:26.0079 0x0e38  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:12:26.0110 0x0e38  Rasl2tp - ok
19:12:26.0126 0x0e38  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
19:12:26.0157 0x0e38  RasMan - ok
19:12:26.0204 0x0e38  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:12:26.0250 0x0e38  RasPppoe - ok
19:12:26.0266 0x0e38  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:12:26.0297 0x0e38  RasSstp - ok
19:12:26.0313 0x0e38  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:12:26.0344 0x0e38  rdbss - ok
19:12:26.0344 0x0e38  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
19:12:26.0375 0x0e38  rdpbus - ok
19:12:26.0391 0x0e38  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:12:26.0406 0x0e38  RDPCDD - ok
19:12:26.0422 0x0e38  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:12:26.0453 0x0e38  RDPENCDD - ok
19:12:26.0453 0x0e38  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:12:26.0484 0x0e38  RDPREFMP - ok
19:12:26.0562 0x0e38  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:12:26.0594 0x0e38  RdpVideoMiniport - ok
19:12:26.0640 0x0e38  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:12:26.0672 0x0e38  RDPWD - ok
19:12:26.0687 0x0e38  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:12:26.0703 0x0e38  rdyboost - ok
19:12:26.0718 0x0e38  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:12:26.0750 0x0e38  RemoteAccess - ok
19:12:26.0765 0x0e38  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:12:26.0796 0x0e38  RemoteRegistry - ok
19:12:26.0828 0x0e38  [ F12A68ED55053940CADD59CA5E3468DD, 75331E6DA4E30717085E7D8131989241EBC492DC3EE455546F91DA9DFFFD2BFC ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
19:12:26.0843 0x0e38  RichVideo - detected UnsignedFile.Multi.Generic ( 1 )
19:12:29.0277 0x0e38  Detect skipped due to KSN trusted
19:12:29.0277 0x0e38  RichVideo - ok
19:12:29.0292 0x0e38  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:12:29.0339 0x0e38  RpcEptMapper - ok
19:12:29.0355 0x0e38  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
19:12:29.0370 0x0e38  RpcLocator - ok
19:12:29.0402 0x0e38  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
19:12:29.0433 0x0e38  RpcSs - ok
19:12:29.0448 0x0e38  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:12:29.0464 0x0e38  rspndr - ok
19:12:29.0495 0x0e38  [ 7EA8D2EB9BBFD2AB8A3117A1E96D3B3A, 9F6CFBE7E64A63E0AFEF546C4B8D889657B2055CE80279EA1B63EB5650E730F8 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
19:12:29.0526 0x0e38  RTL8167 - ok
19:12:29.0542 0x0e38  [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] SamSs           C:\Windows\system32\lsass.exe
19:12:29.0558 0x0e38  SamSs - ok
19:12:29.0573 0x0e38  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:12:29.0589 0x0e38  sbp2port - ok
19:12:29.0604 0x0e38  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:12:29.0636 0x0e38  SCardSvr - ok
19:12:29.0636 0x0e38  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:12:29.0667 0x0e38  scfilter - ok
19:12:29.0760 0x0e38  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
19:12:29.0807 0x0e38  Schedule - ok
19:12:29.0823 0x0e38  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:12:29.0854 0x0e38  SCPolicySvc - ok
19:12:29.0870 0x0e38  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:12:29.0885 0x0e38  SDRSVC - ok
19:12:29.0901 0x0e38  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:12:29.0932 0x0e38  secdrv - ok
19:12:29.0948 0x0e38  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
19:12:29.0979 0x0e38  seclogon - ok
19:12:29.0994 0x0e38  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
19:12:30.0026 0x0e38  SENS - ok
19:12:30.0041 0x0e38  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:12:30.0057 0x0e38  SensrSvc - ok
19:12:30.0072 0x0e38  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
19:12:30.0088 0x0e38  Serenum - ok
19:12:30.0088 0x0e38  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
19:12:30.0104 0x0e38  Serial - ok
19:12:30.0104 0x0e38  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
19:12:30.0119 0x0e38  sermouse - ok
19:12:30.0135 0x0e38  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
19:12:30.0182 0x0e38  SessionEnv - ok
19:12:30.0197 0x0e38  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:12:30.0228 0x0e38  sffdisk - ok
19:12:30.0244 0x0e38  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:12:30.0260 0x0e38  sffp_mmc - ok
19:12:30.0275 0x0e38  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:12:30.0291 0x0e38  sffp_sd - ok
19:12:30.0291 0x0e38  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
19:12:30.0322 0x0e38  sfloppy - ok
19:12:30.0353 0x0e38  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:12:30.0384 0x0e38  SharedAccess - ok
19:12:30.0416 0x0e38  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:12:30.0447 0x0e38  ShellHWDetection - ok
19:12:30.0478 0x0e38  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
19:12:30.0494 0x0e38  SiSRaid2 - ok
19:12:30.0509 0x0e38  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:12:30.0525 0x0e38  SiSRaid4 - ok
19:12:30.0572 0x0e38  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
19:12:30.0618 0x0e38  SkypeUpdate - ok
19:12:30.0696 0x0e38  [ 101556F6216E97F1258D87C38203695F, 49506CC2BB4630EB016CE806B3FFEDA183D17D16FFD04FC5A7850E5660C0C1E2 ] Smart TimeLock  C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
19:12:30.0728 0x0e38  Smart TimeLock - detected UnsignedFile.Multi.Generic ( 1 )
19:12:33.0099 0x0e38  Detect skipped due to KSN trusted
19:12:33.0099 0x0e38  Smart TimeLock - ok
19:12:33.0130 0x0e38  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:12:33.0161 0x0e38  Smb - ok
19:12:33.0177 0x0e38  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:12:33.0208 0x0e38  SNMPTRAP - ok
19:12:33.0224 0x0e38  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:12:33.0224 0x0e38  spldr - ok
19:12:33.0286 0x0e38  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
19:12:33.0317 0x0e38  Spooler - ok
19:12:33.0411 0x0e38  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
19:12:33.0504 0x0e38  sppsvc - ok
19:12:33.0520 0x0e38  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:12:33.0551 0x0e38  sppuinotify - ok
19:12:33.0676 0x0e38  [ 8211A6F40B5EA8BF21C41F34C2895A6C, F394A78F80B0D7DA043AF39E99B2C16EA0CBF4AD4BFD61CFBA5ED08FB25E11C4 ] SQLAgent$MSSMLBIZ C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE
19:12:33.0723 0x0e38  SQLAgent$MSSMLBIZ - ok
19:12:33.0816 0x0e38  [ 10D936DCED9EACD1A1B3FCDDA6D7A4EB, EE66162AEAF6A583A04BB5AF1220318C9ADD3A62987CDCEE0505C6FF37AB30FF ] SQLBrowser      C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
19:12:33.0848 0x0e38  SQLBrowser - ok
19:12:33.0941 0x0e38  [ F92E5F93BE572B512DA3C016B675EDE0, 3BBE8B952A329E4BCD6F0C8D6225F809B99217A196301B6FE543B26C3689A37B ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
19:12:33.0972 0x0e38  SQLWriter - ok
19:12:34.0004 0x0e38  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:12:34.0019 0x0e38  srv - ok
19:12:34.0050 0x0e38  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:12:34.0082 0x0e38  srv2 - ok
19:12:34.0097 0x0e38  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:12:34.0128 0x0e38  srvnet - ok
19:12:34.0160 0x0e38  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:12:34.0206 0x0e38  SSDPSRV - ok
19:12:34.0269 0x0e38  [ 0211AB46B73A2623B86C1CFCB30579AB, 7CC9BA2DF7B9EA6BB17EE342898EDD7F54703B93B6DED6A819E83A7EE9F938B4 ] SSPORT          C:\Windows\system32\Drivers\SSPORT.sys
19:12:34.0284 0x0e38  SSPORT - ok
19:12:34.0300 0x0e38  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:12:34.0347 0x0e38  SstpSvc - ok
19:12:34.0394 0x0e38  [ 6A87E01028D7594BD58EB47DABD8CEAE, 2D0B1E9CD01FB90B92F4D8C0AF878BBDD3D9F978E11C06D3C6E06B39F352B58B ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
19:12:34.0425 0x0e38  ssudmdm - ok
19:12:34.0487 0x0e38  [ D27C8C88CEB69075465B41DA6ECF3374, B1A70A30787080474E901E4743996EEE4FCD09BEDBBA89CE57ACAE05A67907AB ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
19:12:34.0534 0x0e38  Steam Client Service - ok
19:12:34.0612 0x0e38  [ F5EA06095E2AF5E45AD454677FBF6BEC, 1C30F64A57115396C89E46AE9282540A4E773F6A09E342A82702F96959BD8DC0 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:12:34.0643 0x0e38  Stereo Service - ok
19:12:34.0659 0x0e38  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
19:12:34.0674 0x0e38  stexstor - ok
19:12:34.0752 0x0e38  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
19:12:34.0784 0x0e38  stisvc - ok
19:12:34.0799 0x0e38  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
19:12:34.0815 0x0e38  swenum - ok
19:12:34.0830 0x0e38  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
19:12:34.0862 0x0e38  swprv - ok
19:12:34.0924 0x0e38  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
19:12:34.0986 0x0e38  SysMain - ok
19:12:35.0002 0x0e38  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:12:35.0033 0x0e38  TabletInputService - ok
19:12:35.0049 0x0e38  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:12:35.0080 0x0e38  TapiSrv - ok
19:12:35.0080 0x0e38  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
19:12:35.0111 0x0e38  TBS - ok
19:12:35.0189 0x0e38  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:12:35.0252 0x0e38  Tcpip - ok
19:12:35.0298 0x0e38  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:12:35.0345 0x0e38  TCPIP6 - ok
19:12:35.0376 0x0e38  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:12:35.0423 0x0e38  tcpipreg - ok
19:12:35.0439 0x0e38  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:12:35.0486 0x0e38  TDPIPE - ok
19:12:35.0501 0x0e38  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:12:35.0532 0x0e38  TDTCP - ok
19:12:35.0579 0x0e38  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:12:35.0610 0x0e38  tdx - ok
19:12:35.0626 0x0e38  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
19:12:35.0642 0x0e38  TermDD - ok
19:12:35.0704 0x0e38  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
19:12:35.0782 0x0e38  TermService - ok
19:12:35.0782 0x0e38  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
19:12:35.0798 0x0e38  Themes - ok
19:12:35.0829 0x0e38  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
19:12:35.0844 0x0e38  THREADORDER - ok
19:12:35.0860 0x0e38  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
19:12:35.0891 0x0e38  TrkWks - ok
19:12:35.0922 0x0e38  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:12:35.0954 0x0e38  TrustedInstaller - ok
19:12:35.0969 0x0e38  [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:12:35.0985 0x0e38  tssecsrv - ok
19:12:36.0032 0x0e38  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:12:36.0063 0x0e38  TsUsbFlt - ok
19:12:36.0078 0x0e38  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
19:12:36.0141 0x0e38  TsUsbGD - ok
19:12:36.0156 0x0e38  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:12:36.0203 0x0e38  tunnel - ok
19:12:36.0234 0x0e38  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
19:12:36.0234 0x0e38  uagp35 - ok
19:12:36.0266 0x0e38  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:12:36.0297 0x0e38  udfs - ok
19:12:36.0328 0x0e38  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:12:36.0344 0x0e38  UI0Detect - ok
19:12:36.0344 0x0e38  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:12:36.0359 0x0e38  uliagpkx - ok
19:12:36.0390 0x0e38  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
19:12:36.0406 0x0e38  umbus - ok
19:12:36.0437 0x0e38  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
19:12:36.0484 0x0e38  UmPass - ok
19:12:36.0500 0x0e38  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
19:12:36.0546 0x0e38  upnphost - ok
19:12:36.0578 0x0e38  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
19:12:36.0671 0x0e38  USBAAPL64 - ok
19:12:36.0734 0x0e38  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
19:12:36.0796 0x0e38  usbaudio - ok
19:12:36.0827 0x0e38  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:12:36.0843 0x0e38  usbccgp - ok
19:12:36.0890 0x0e38  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:12:36.0921 0x0e38  usbcir - ok
19:12:36.0952 0x0e38  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
19:12:36.0968 0x0e38  usbehci - ok
19:12:36.0999 0x0e38  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:12:37.0030 0x0e38  usbhub - ok
19:12:37.0061 0x0e38  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
19:12:37.0092 0x0e38  usbohci - ok
19:12:37.0092 0x0e38  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
19:12:37.0124 0x0e38  usbprint - ok
19:12:37.0139 0x0e38  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
19:12:37.0170 0x0e38  usbscan - ok
19:12:37.0202 0x0e38  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:12:37.0233 0x0e38  USBSTOR - ok
19:12:37.0264 0x0e38  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
19:12:37.0280 0x0e38  usbuhci - ok
19:12:37.0311 0x0e38  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
19:12:37.0326 0x0e38  usbvideo - ok
19:12:37.0342 0x0e38  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
19:12:37.0358 0x0e38  UxSms - ok
19:12:37.0373 0x0e38  [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] VaultSvc        C:\Windows\system32\lsass.exe
19:12:37.0373 0x0e38  VaultSvc - ok
19:12:37.0389 0x0e38  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:12:37.0404 0x0e38  vdrvroot - ok
19:12:37.0420 0x0e38  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
19:12:37.0451 0x0e38  vds - ok
19:12:37.0467 0x0e38  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:12:37.0467 0x0e38  vga - ok
19:12:37.0482 0x0e38  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:12:37.0529 0x0e38  VgaSave - ok
19:12:37.0545 0x0e38  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
19:12:37.0560 0x0e38  vhdmp - ok
19:12:37.0592 0x0e38  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:12:37.0607 0x0e38  viaide - ok
19:12:37.0607 0x0e38  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:12:37.0623 0x0e38  volmgr - ok
19:12:37.0638 0x0e38  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:12:37.0654 0x0e38  volmgrx - ok
19:12:37.0670 0x0e38  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:12:37.0685 0x0e38  volsnap - ok
19:12:37.0716 0x0e38  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
19:12:37.0748 0x0e38  vsmraid - ok
19:12:37.0794 0x0e38  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
19:12:37.0857 0x0e38  VSS - ok
19:12:37.0857 0x0e38  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
19:12:37.0872 0x0e38  vwifibus - ok
19:12:37.0904 0x0e38  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
19:12:37.0950 0x0e38  W32Time - ok
19:12:37.0966 0x0e38  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
19:12:37.0982 0x0e38  WacomPen - ok
19:12:37.0997 0x0e38  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:12:38.0028 0x0e38  WANARP - ok
19:12:38.0028 0x0e38  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:12:38.0060 0x0e38  Wanarpv6 - ok
19:12:38.0106 0x0e38  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
19:12:38.0153 0x0e38  wbengine - ok
19:12:38.0169 0x0e38  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:12:38.0216 0x0e38  WbioSrvc - ok
19:12:38.0231 0x0e38  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:12:38.0247 0x0e38  wcncsvc - ok
19:12:38.0262 0x0e38  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:12:38.0309 0x0e38  WcsPlugInService - ok
19:12:38.0325 0x0e38  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
19:12:38.0340 0x0e38  Wd - ok
19:12:38.0418 0x0e38  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:12:38.0450 0x0e38  Wdf01000 - ok
19:12:38.0496 0x0e38  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:12:38.0528 0x0e38  WdiServiceHost - ok
19:12:38.0528 0x0e38  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:12:38.0559 0x0e38  WdiSystemHost - ok
19:12:38.0590 0x0e38  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
19:12:38.0621 0x0e38  WebClient - ok
19:12:38.0637 0x0e38  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:12:38.0684 0x0e38  Wecsvc - ok
19:12:38.0699 0x0e38  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:12:38.0746 0x0e38  wercplsupport - ok
19:12:38.0777 0x0e38  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:12:38.0824 0x0e38  WerSvc - ok
19:12:38.0840 0x0e38  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:12:38.0871 0x0e38  WfpLwf - ok
19:12:38.0886 0x0e38  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:12:38.0886 0x0e38  WIMMount - ok
19:12:38.0918 0x0e38  WinDefend - ok
19:12:38.0918 0x0e38  WinHttpAutoProxySvc - ok
19:12:38.0964 0x0e38  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:12:38.0996 0x0e38  Winmgmt - ok
19:12:39.0089 0x0e38  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
19:12:39.0198 0x0e38  WinRM - ok
19:12:39.0245 0x0e38  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
19:12:39.0276 0x0e38  WinUsb - ok
19:12:39.0339 0x0e38  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:12:39.0417 0x0e38  Wlansvc - ok
19:12:39.0510 0x0e38  [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:12:39.0573 0x0e38  wlidsvc - ok
19:12:39.0573 0x0e38  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
19:12:39.0588 0x0e38  WmiAcpi - ok
19:12:39.0604 0x0e38  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:12:39.0620 0x0e38  wmiApSrv - ok
19:12:39.0635 0x0e38  WMPNetworkSvc - ok
19:12:39.0635 0x0e38  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:12:39.0666 0x0e38  WPCSvc - ok
19:12:39.0682 0x0e38  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:12:39.0698 0x0e38  WPDBusEnum - ok
19:12:39.0713 0x0e38  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:12:39.0744 0x0e38  ws2ifsl - ok
19:12:39.0744 0x0e38  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
19:12:39.0760 0x0e38  wscsvc - ok
19:12:39.0776 0x0e38  WSearch - ok
19:12:39.0869 0x0e38  [ 6075791ED85E47A2A2916B1F34582944, 25B5FAD161711875B38BDD014A26FA527C8EE4854D485989D19A72D5EBBA4054 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:12:39.0932 0x0e38  wuauserv - ok
19:12:39.0978 0x0e38  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:12:40.0025 0x0e38  WudfPf - ok
19:12:40.0041 0x0e38  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:12:40.0072 0x0e38  WUDFRd - ok
19:12:40.0103 0x0e38  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:12:40.0119 0x0e38  wudfsvc - ok
19:12:40.0166 0x0e38  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:12:40.0181 0x0e38  WwanSvc - ok
19:12:40.0228 0x0e38  [ 4A5CE13408945E525503B5F73D29B9C5, D58BB31AF17752508EA67931BF170CE46877DC204FC5DA7EED5A078AEB0CA0FD ] xnacc           C:\Windows\system32\DRIVERS\xnacc.sys
19:12:40.0275 0x0e38  xnacc - ok
19:12:40.0322 0x0e38  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
19:12:40.0400 0x0e38  xusb21 - ok
19:12:40.0415 0x0e38  ================ Scan global ===============================
19:12:40.0446 0x0e38  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
19:12:40.0478 0x0e38  [ CE14A4BBF890A7D4C898CF886D145EC9, AD4BE7CBB0C624EC00E8496AF33AC5AB8C5689C75C66C4C99F2FB7149E912D18 ] C:\Windows\system32\winsrv.dll
19:12:40.0509 0x0e38  [ CE14A4BBF890A7D4C898CF886D145EC9, AD4BE7CBB0C624EC00E8496AF33AC5AB8C5689C75C66C4C99F2FB7149E912D18 ] C:\Windows\system32\winsrv.dll
19:12:40.0524 0x0e38  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:12:40.0571 0x0e38  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
19:12:40.0587 0x0e38  [ Global ] - ok
19:12:40.0587 0x0e38  ================ Scan MBR ==================================
19:12:40.0602 0x0e38  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:12:40.0821 0x0e38  \Device\Harddisk0\DR0 - ok
19:12:40.0821 0x0e38  ================ Scan VBR ==================================
19:12:40.0821 0x0e38  [ ED289590EC074E8B784C32751393E713 ] \Device\Harddisk0\DR0\Partition1
19:12:40.0836 0x0e38  \Device\Harddisk0\DR0\Partition1 - ok
19:12:40.0836 0x0e38  [ 2DE52B91E071663597F09E2DD8B37D4A ] \Device\Harddisk0\DR0\Partition2
19:12:40.0883 0x0e38  \Device\Harddisk0\DR0\Partition2 - ok
19:12:40.0883 0x0e38  ================ Scan generic autorun ======================
19:12:41.0148 0x0e38  [ F307D8899CF550145304126B5E9619DF, 4758E2DC545AC62660F089868D611E65315D5CB13AE9A952A14FBA6A0F8A486F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
19:12:41.0304 0x0e38  RtHDVCpl - ok
19:12:41.0351 0x0e38  [ 4B5F92605D77D07041D8C05955A4B0B3, BA8E2AB779CC4FCA64DB54452E4D8543AA91305BA448E41D04132E5B760FD0E4 ] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
19:12:41.0382 0x0e38  CDAServer - detected UnsignedFile.Multi.Generic ( 1 )
19:12:43.0769 0x0e38  Detect skipped due to KSN trusted
19:12:43.0769 0x0e38  CDAServer - ok
19:12:43.0863 0x0e38  [ 35BA4E6632BA690EA6421C1E03537D0E, 99D6B4DB12ABE3A7F44AB1B2D626978E85231185AE280D9516986027BC8385CB ] c:\Program Files\Microsoft Security Client\msseces.exe
19:12:43.0910 0x0e38  MSC - ok
19:12:44.0019 0x0e38  [ EEE565252F4585B2DD840C8CE871C6C0, AF1FBA9CBBA218F1C511282242A647AC3462D1D83FA9209F1FEBFBD39E68FC2F ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
19:12:44.0066 0x0e38  NvBackend - ok
19:12:44.0097 0x0e38  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
19:12:44.0112 0x0e38  ShadowPlay - ok
19:12:44.0175 0x0e38  [ CC9823AA6E3F6229CD6DA193551314A5, 76BCD2BCA391C2114BF9D28FA290D9B39D16379C410070E0E3A6376FDEE51CE1 ] C:\Program Files\iTunes\iTunesHelper.exe
19:12:44.0206 0x0e38  iTunesHelper - ok
19:12:44.0237 0x0e38  [ 17D9440D55500418C8FDB8EF1390C5AD, C4C57AE427FB89EFDFC1D111C300BB588E475BE90DD57084C03399557641F948 ] C:\Windows\RaidTool\xInsIDE.exe
19:12:44.0253 0x0e38  JMB36X IDE Setup - ok
19:12:44.0268 0x0e38  [ 087A06DB98D0E84C0DE90EE308707E63, 96E8CDC492115A93B1B244196947E45D3C30CF64F538EAB634E0B02BEFBF1607 ] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
19:12:44.0284 0x0e38  NUSB3MON - detected UnsignedFile.Multi.Generic ( 1 )
19:12:46.0640 0x0e78  Object required for P2P: [ 63282F5EB7E5BFB58FD1EC93C6ADB457 ] MozillaMaintenance
19:12:46.0655 0x0e38  Detect skipped due to KSN trusted
19:12:46.0655 0x0e38  NUSB3MON - ok
19:12:46.0671 0x0e38  [ 9E279D1BC39F5C6C530F0A0DB1D2DC98, A8CBB368E306DD72671B63A25C595E0F360768CBBB5C42C01899343BB7B79023 ] C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe
19:12:46.0702 0x0e38  EasyTuneVI - detected UnsignedFile.Multi.Generic ( 1 )
19:12:49.0120 0x0e38  Detect skipped due to KSN trusted
19:12:49.0120 0x0e38  EasyTuneVI - ok
19:12:49.0151 0x0e38  [ D2AEADFD998706B4216315B2BD3FA79E, D45634355B7733F9B6754A6FB80B7EC20C0D584A08E2F710DF612B393D96A8F9 ] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
19:12:49.0167 0x0e38  ISUSScheduler - detected UnsignedFile.Multi.Generic ( 1 )
19:12:49.0167 0x0e78  Object send P2P result: true
19:12:49.0167 0x0e78  Object required for P2P: [ 4DFABFC1A31FDE2BDB0AB577CD313D70 ] nvsvc
19:12:51.0678 0x0e38  Detect skipped due to KSN trusted
19:12:51.0678 0x0e38  ISUSScheduler - ok
19:12:51.0694 0x0e78  Object send P2P result: true
19:12:51.0694 0x0e78  Object required for P2P: [ EABD6FC38504B46913E2B1B739DAD185 ] Origin Client Service
19:12:51.0725 0x0e38  [ E971C2901BC0E9934D01D84AD127FAAF, 2DC4B1D898430CD152B16D0909C9DEF252579F91E093632E78D47F77CBFDC843 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
19:12:51.0756 0x0e38  APSDaemon - ok
19:12:51.0788 0x0e38  [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
19:12:51.0819 0x0e38  UpdateLBPShortCut - ok
19:12:51.0866 0x0e38  [ CD1E74BC24CB1D1544406741F46F4D61, 658529854926471AE413D8A365C8E6500AEBDC33A562607DAB185F1571A5524B ] C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe
19:12:51.0897 0x0e38  MDS_Menu - ok
19:12:51.0928 0x0e38  [ 572024F59132BC3A2AC5E60A6C48D31E, 8BC1BA9BAB555DDF246100A511E9B54FB790F0F871868DCB54B0F83AA9E7306B ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
19:12:51.0959 0x0e38  CLMLServer - ok
19:12:51.0975 0x0e38  [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
19:12:52.0006 0x0e38  UpdateP2GoShortCut - ok
19:12:52.0037 0x0e38  [ F5FBA8724DE219E96D9ABAF4772D31A3, C36CF6E40F831E01BA029B571EFCB46C5EA5A11750D13FE979DDFAE8B916AFFB ] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
19:12:52.0053 0x0e38  RemoteControl9 - ok
19:12:52.0068 0x0e38  [ E1C08EB06B71738B938EAA39B5433514, 3393E5CC446EE264864DE4DD751519515A860575A7FB84BF556B05325EE92D89 ] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
19:12:52.0084 0x0e38  BDRegion - ok
19:12:52.0115 0x0e38  [ 9ACFD9D5E12D849B28C78FED6D620EB3, 203D1EECFB44BA7D3936AAA2280B1D88207BA7655AB735C17BF9F3AAF3D8A803 ] C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe
19:12:52.0146 0x0e38  UpdatePPShortCut - ok
19:12:52.0178 0x0e38  [ 5C5D40DDDE89190B2B3A19EDAC1CCF55, F758814890FF749E33BD9839B0F3FEFA797E5FA1EB96BC39FAA308B4BEC4CD78 ] C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
19:12:52.0209 0x0e38  UCam_Menu - ok
19:12:52.0256 0x0e38  [ 9D56299FA5C9B3D9E67FF3ACB301139F, 202A0542BEA33C5F78A406EF9479EB7BD42FCBEAC9F49F38F6ECC48554117811 ] C:\Program Files (x86)\lg_fwupdate\lgfw.exe
19:12:52.0271 0x0e38  LGODDFU - ok
19:12:52.0302 0x0e38  [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe
19:12:52.0349 0x0e38  UpdatePSTShortCut - ok
19:12:52.0365 0x0e38  [ EBC0E8C0A4DDA2C32A7D5863462A321A, 2F410138DB66D0219254339F1F098E401CEDAA032596F1F67BC54F394256FC68 ] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
19:12:52.0380 0x0e38  amd_dc_opt - detected UnsignedFile.Multi.Generic ( 1 )
19:12:54.0221 0x0e78  Object send P2P result: true
19:12:54.0798 0x0e38  Detect skipped due to KSN trusted
19:12:54.0798 0x0e38  amd_dc_opt - ok
19:12:54.0876 0x0e38  [ 8FFDB89A0FB7C8ABC3A8825E38047341, B9107FAA3A885CD9A08C20F78D31C3642FA76812E417F41C4F2ADF7D90CA8C72 ] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
19:12:54.0908 0x0e38  LWS - ok
19:12:54.0970 0x0e38  [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
19:12:55.0001 0x0e38  BCSSync - ok
19:12:55.0329 0x0e38  [ D488FB11A9A9056FD536E6FCE92C7F12, DB5B04909639FDB48885B4A1F02125D40DD79FEA109F3915C4AFE5941B51CC35 ] C:\Program Files (x86)\Microsoft Lync\communicator.exe
19:12:55.0563 0x0e38  Communicator - ok
19:12:55.0641 0x0e38  [ 659B1B0F2EB9C34FDCCE2FF970D92789, D38D6A38363D675EFF4B93F7AF4EA84C518A48A3F96992FF5D67077718B332D6 ] C:\Program Files (x86)\SmarThru Office\BackUpSvr.exe
19:12:55.0672 0x0e38  STO Backup Service - ok
19:12:55.0750 0x0e38  [ 01E599BDB3FA17E9798213A655338C6E, 7E0DB69A6D3E40A797E508D07FB4BC6E76239447E7EE838C332D9639C6E8EAD2 ] C:\Program Files (x86)\SmarThru Office\x64\LegacyLauncher.exe
19:12:55.0781 0x0e38  STO Launcher Service - ok
19:12:55.0859 0x0e38  [ 28EB4C759947F12633FCB4BB2AD2AD74, 1454A75E72DE7F7BE4B1281C66D2D0E869D1EB56204EEA9ABE857454461C8447 ] C:\Program Files (x86)\Skiller Pro\Monitor.exe
19:12:55.0906 0x0e38  Skiller Pro - detected UnsignedFile.Multi.Generic ( 1 )
19:12:58.0433 0x0e38  Skiller Pro ( UnsignedFile.Multi.Generic ) - warning
19:13:00.0898 0x0e38  [ F9E8AA93B4C2B1BD0EFF4F8C50D273C4, 5D9CDCECBA53EF99915399AE1210935161FCA43451733CFAEF52723E460B7155 ] C:\Program Files (x86)\PDF24\pdf24.exe
19:13:00.0929 0x0e38  PDFPrint - ok
19:13:00.0992 0x0db0  Object required for P2P: [ D488FB11A9A9056FD536E6FCE92C7F12 ] C:\Program Files (x86)\Microsoft Lync\communicator.exe
19:13:01.0085 0x0e38  [ AA4DB6C85236FFA95A40F5120FA3D46A, 81ECCCB83C71FF4283B093C501FCDB3E487D4F3548BBCB7788FE4944B70D19DF ] C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\Monitor.exe
19:13:01.0179 0x0e38  SL-6397 Gaming Mouse - detected UnsignedFile.Multi.Generic ( 1 )
19:13:03.0566 0x0db0  Object send P2P result: true
19:13:03.0597 0x0e38  SL-6397 Gaming Mouse ( UnsignedFile.Multi.Generic ) - warning
19:13:03.0597 0x0e38  Force sending object to P2P due to detect: C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\Monitor.exe
19:13:06.0124 0x0e38  Object send P2P result: true
19:13:08.0636 0x0e38  [ 1CE11C53E562D5F7EAFCF47E0E696516, 4E8264DB3CA9B2344905BC2CAE6A9E73190A3CCF3D154B3CBDAF4F73F8FCD64B ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
19:13:08.0682 0x0e38  avgnt - ok
19:13:08.0745 0x0e38  [ C9B67BCB8E384064A8C2263740B0C437, F2609406A84F3A8E256DD250F84A774EF43F92C9F8B373E297A99ACF95B3CCE4 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
19:13:08.0792 0x0e38  SunJavaUpdateSched - ok
19:13:08.0854 0x0e38  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:13:08.0916 0x0e38  Sidebar - ok
19:13:08.0932 0x0e38  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:13:08.0963 0x0e38  mctadmin - ok
19:13:08.0994 0x0e38  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:13:09.0026 0x0e38  Sidebar - ok
19:13:09.0026 0x0e38  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:13:09.0041 0x0e38  mctadmin - ok
19:13:09.0057 0x0e38  [ A379B75A6FFE4DFD3184F35F0141CE91, C777B01B4361456D4D829E96723C85CCDC2E3647C4CF25894AC83100552E36AB ] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
19:13:09.0072 0x0e38  ISUSPM Startup - detected UnsignedFile.Multi.Generic ( 1 )
19:13:11.0600 0x0e38  Detect skipped due to KSN trusted
19:13:11.0600 0x0e38  ISUSPM Startup - ok
19:13:11.0678 0x0e38  [ 131376E3926395D76525566632F2B1E5, 7D37FA6BF1FA85E22257573E45657D539DED7750C5E84E6B3E6A8405C0ADC6D4 ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
19:13:11.0756 0x0e38  LightScribe Control Panel - detected UnsignedFile.Multi.Generic ( 1 )
19:13:14.0158 0x0e38  Detect skipped due to KSN trusted
19:13:14.0158 0x0e38  LightScribe Control Panel - ok
19:13:14.0220 0x0e38  Dropbox Update - ok
19:13:14.0361 0x0e38  [ 2CD5F1053AB2BC2ED35EF1B253B9E44A, 28A0A3785797D9DDD0A0D0D07B291E24E68B3523F55DE223C60EF59F5FD3361C ] C:\Program Files (x86)\Steam\steam.exe
19:13:14.0439 0x0e38  Steam - ok
19:13:14.0470 0x0e38  [ 11E00E1BC0ABE850F0932B7FACB0F7F7, 7FA6279DE30A7DAFA9180ED62F2D5395D7E9D071419BA9AB51F3C7D46AB8623A ] C:\Program Files (x86)\Gizmo\gizmo.exe
19:13:14.0501 0x0e38  GizmoDriveDelegate - ok
19:13:14.0501 0x0e38  Waiting for KSN requests completion. In queue: 8
19:13:15.0515 0x0e38  Waiting for KSN requests completion. In queue: 2
19:13:16.0529 0x0e38  Waiting for KSN requests completion. In queue: 2
19:13:17.0574 0x0e38  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.16.273 ), 0x41000 ( enabled : updated )
19:13:17.0574 0x0e38  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.8.204.0 ), 0x61000 ( enabled : updated )
19:13:17.0590 0x0e38  Win FW state via NFP2: enabled ( trusted )
19:13:20.0008 0x0e38  ============================================================
19:13:20.0008 0x0e38  Scan finished
19:13:20.0008 0x0e38  ============================================================
19:13:20.0008 0x168c  Detected object count: 3
19:13:20.0008 0x168c  Actual detected object count: 3
19:14:39.0860 0x168c  HiPatchService ( UnsignedFile.Multi.Generic ) - skipped by user
19:14:39.0860 0x168c  HiPatchService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:14:39.0860 0x168c  Skiller Pro ( UnsignedFile.Multi.Generic ) - skipped by user
19:14:39.0860 0x168c  Skiller Pro ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:14:39.0860 0x168c  SL-6397 Gaming Mouse ( UnsignedFile.Multi.Generic ) - skipped by user
19:14:39.0860 0x168c  SL-6397 Gaming Mouse ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Alt 18.04.2016, 18:53   #7
MichaelHe
 
Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes - Standard

Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes



und hier Schritt 2:

Code:
ATTFilter
----------------------------------------------------------------------------
CrystalDiskInfo 6.8.1 (C) 2008-2016 hiyohiyo
                                Crystal Dew World : hxxp://crystalmark.info/
----------------------------------------------------------------------------

    OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x64)
  Date : 2016/04/18 19:48:51

-- Controller Map ----------------------------------------------------------
 + Standard-Zweikanal-PCI-IDE-Controller [ATA]
   - ATA Channel 0 (0)
   - ATA Channel 1 (1)
 + Intel(R) ICH10 Family 4 port Serial ATA Storage Controller 1 - 3A20 [ATA]
   - ATA Channel 0 (0)
   - ATA Channel 1 (1)
 + Intel(R) ICH10 Family 2 port Serial ATA Storage Controller 2 - 3A26 [ATA]
   - ATA Channel 0 (0)
   + ATA Channel 1 (1)
     - HL-DT-ST BD-RE  BH10LS30 ATA Device
     - WDC WD1002FAEX-00Z3A0 ATA Device
 - GIGABYTE GBB36X Controller [SCSI]
 - GIGABYTE GBB36X Controller [SCSI]

-- Disk List ---------------------------------------------------------------
 (1) WDC WD1002FAEX-00Z3A0 : 1000,2 GB [0/5/0, pd1] - wd

----------------------------------------------------------------------------
 (1) WDC WD1002FAEX-00Z3A0
----------------------------------------------------------------------------
           Model : WDC WD1002FAEX-00Z3A0
        Firmware : 05.01D05
   Serial Number : WD-WCATR9532685
       Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
     Buffer Size : Unbekannt
     Queue Depth : 32
    # of Sectors : 1953525168
   Rotation Rate : Unbekannt
       Interface : Serial ATA
   Major Version : ATA8-ACS
   Minor Version : ----
   Transfer Mode : SATA/300 | SATA/600
  Power On Hours : 11721 Std.
  Power On Count : 1995 mal
     Temperature : 35 C (95 F)
   Health Status : Gut
        Features : S.M.A.R.T., 48bit LBA, NCQ
       APM Level : ----
       AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Lesefehlerrate ↓
03 183 176 _21 000000000EE8 Mittl. Anlaufzeit ↓
04 _98 _98 __0 0000000007DB Start/Stopp-Zyklen d. Spindel
05 200 200 140 000000000000 Anz. wiederzugewiesener Sektoren ↓
07 200 200 __0 000000000000 Anz. Suchfehler
09 _84 _84 __0 000000002DC9 Betriebsstunden
0A 100 100 __0 000000000000 Anz. misslungener Spindelanläufe ↓
0B 100 100 __0 000000000000 Anz. notwendiger Rekalibrierungen ↓
0C _99 _99 __0 0000000007CB Anz. Geräte-Einschaltvorgänge
C0 200 200 __0 000000000024 Ausschaltungsabbrüche ↓
C1 200 200 __0 0000000007B6 Laden/Entladen-Zyklen ↓
C2 112 101 __0 000000000023 Temperatur ↓
C4 200 200 __0 000000000000 Wiederzuweisungsereignisse ↓
C5 200 200 __0 000000000000 Aktuell schwebende Sektoren ↓
C6 200 200 __0 000000000000 Nicht korrigierbare Sektoren ↓
C7 200 200 __0 000000000000 UltraDMA-CRC-Fehler ↓
C8 200 200 __0 000000000000 Schreibfehlerrate ↓

-- IDENTIFY_DEVICE ---------------------------------------------------------
        0    1    2    3    4    5    6    7    8    9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5743 4154 5239 3533 3236 3835
020: 0000 0000 0032 3035 2E30 3144 3035 5744 4320 5744
030: 3130 3032 4641 4558 2D30 305A 3341 3020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 170E 0004 0044 0040
080: 01FE 0000 746B 7D61 4123 7469 BC41 4123 207F 0058
090: 0058 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 0000 0000 5001 4EE2
110: B117 D6DD 0000 0000 0000 0000 0000 0000 0000 4018
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 16E2 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 3037 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 CAA5

-- SMART_READ_DATA ---------------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 B7 B0 E8 0E 00 00 00 00 00 04 32 00 62 62 DB
020: 07 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2E 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 54 54 C9 2D 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 63 63 CB 07 00 00 00 00 00 C0 32
070: 00 C8 C8 24 00 00 00 00 00 00 C1 32 00 C8 C8 B6
080: 07 00 00 00 00 00 C2 22 00 70 65 23 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 C8 C8 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 84 00 F8 43 01 7B
170: 03 00 01 00 02 C9 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 04 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 36

-- SMART_READ_THRESHOLD ----------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 00 C8 C8 C8 C8 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 C8 C8 C8 C8 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 5D
         

Alt 19.04.2016, 00:45   #8
burningice
/// Malwareteam
 
Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes - Standard

Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes



Schritt 0
Bitte deinstalliere Malwarebytes komplett mit diesem Tool: https://downloads.malwarebytes.org/file/mbam_clean

Beachte, dass eventuelle Lizenzinformationen die in der Installation vorhanden sind, gelöscht werden. Notiere sie dir evtl vorher wenn nötig.

Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.



Schritt 3
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Bitte poste in deiner nächsten Antwort also:
  • Logfile von AdwCleaner
  • Logfile von Malwarebytes
  • Frst.txt
  • Addition.txt
__________________
Mfg,
Rafael

~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~

Unterstütze uns mit einer Spende
......... Lob, Kritik oder Wünsche .........
.......... Folge uns auf Facebook ..........

Alt 19.04.2016, 07:43   #9
MichaelHe
 
Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes - Standard

Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes



Guten Morgen Rafael,

Schritt 0: ausgeführt

Schritt 1: Logfile von AdwCleaner

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v5.112 - Bericht erstellt am 19/04/2016 um 07:54:41
# Aktualisiert am 17/04/2016 von Xplode
# Datenbank : 2016-04-17.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (X64)
# Benutzername : Miika - PREDATOR
# Gestartet von : C:\Users\Miika\Desktop\AdwCleaner_5.112.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner gelöscht : C:\Program Files (x86)\myfree codec
[-] Ordner gelöscht : C:\Program Files (x86)\SoftwareUpdater
[-] Ordner gelöscht : C:\ProgramData\Babylon
[-] Ordner gelöscht : C:\ProgramData\ytd video downloader
[#] Ordner gelöscht : C:\ProgramData\Application Data\Babylon
[#] Ordner gelöscht : C:\ProgramData\Application Data\ytd video downloader
[-] Ordner gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
[-] Ordner gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
[-] Ordner gelöscht : C:\Users\Miika\AppData\Local\Hola
[-] Ordner gelöscht : C:\Users\Miika\AppData\Local\Software_Updater
[-] Ordner gelöscht : C:\Users\Miika\AppData\Local\SoftwareUpdater
[-] Ordner gelöscht : C:\Users\Miika\AppData\Roaming\dvdvideosoftiehelpers

***** [ Dateien ] *****

[-] Datei gelöscht : C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\foxydeal.sqlite
[-] Datei gelöscht : C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\invalidprefs.js

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****

[-] Geplante Aufgabe gelöscht : Software Updater
[-] Geplante Aufgabe gelöscht : Software Updater Ui

***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht : HKCU\Software\5a288dbe03be843
[-] Wert gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel gelöscht : HKCU\Software\APN PIP
[-] Schlüssel gelöscht : HKCU\Software\Hola
[-] Schlüssel gelöscht : HKCU\Software\OCS
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Babylon
[-] Schlüssel gelöscht : HKLM\SOFTWARE\PIP
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3481390821-1322619270-1783807865-1000\Software\SweetIM
[-] Wert gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [TCP Query User{C9C29B48-B679-456A-932E-73ECDAF9AF19}C:\users\miika\appdata\local\hola\firefox\app\hola_plugin.exe]
[-] Wert gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [UDP Query User{C327C246-4D4B-4B6D-B88B-21C54DDF5F7A}C:\users\miika\appdata\local\hola\firefox\app\hola_plugin.exe]
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3459E061-1FA6-45C3-A325-9366D78F0DF2}

***** [ Internetbrowser ] *****

[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\prefs.js] gelöscht : user_pref("extensions.delta.admin", false);
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\prefs.js] gelöscht : user_pref("extensions.delta.aflt", "babsst");
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\prefs.js] gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\prefs.js] gelöscht : user_pref("extensions.delta.autoRvrt", "false");
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\prefs.js] gelöscht : user_pref("extensions.delta.dfltLng", "en");
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\prefs.js] gelöscht : user_pref("extensions.delta.excTlbr", false);
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\prefs.js] gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\prefs.js] gelöscht : user_pref("extensions.delta.id", "14f2d7420000000000001c6f6593bd3c");
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\prefs.js] gelöscht : user_pref("extensions.delta.instlDay", "15810");
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\prefs.js] gelöscht : user_pref("extensions.delta.instlRef", "sst");
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\prefs.js] gelöscht : user_pref("extensions.delta.newTab", false);
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\prefs.js] gelöscht : user_pref("extensions.delta.prdct", "delta");
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\prefs.js] gelöscht : user_pref("extensions.delta.prtnrId", "delta");
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\prefs.js] gelöscht : user_pref("extensions.delta.rvrt", "false");
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\prefs.js] gelöscht : user_pref("extensions.delta.smplGrp", "none");
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\prefs.js] gelöscht : user_pref("extensions.delta.tlbrId", "base");
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\prefs.js] gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\prefs.js] gelöscht : user_pref("extensions.delta.vrsn", "1.8.16.16");
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\prefs.js] gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.16.1618:31:24");
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\prefs.js] gelöscht : user_pref("extensions.delta.vrsni", "1.8.16.16");
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\user.js] gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\user.js] gelöscht : user_pref("extensions.delta.id", "14f2d7420000000000001c6f6593bd3c");
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\user.js] gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\user.js] gelöscht : user_pref("extensions.delta.instlDay", "15810");
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\user.js] gelöscht : user_pref("extensions.delta.vrsn", "1.8.16.16");
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\user.js] gelöscht : user_pref("extensions.delta.vrsni", "1.8.16.16");
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\user.js] gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.16.1618:31:24");
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\user.js] gelöscht : user_pref("extensions.delta.prtnrId", "delta");
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\user.js] gelöscht : user_pref("extensions.delta.prdct", "delta");
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\user.js] gelöscht : user_pref("extensions.delta.aflt", "babsst");
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\user.js] gelöscht : user_pref("extensions.delta.smplGrp", "none");
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\user.js] gelöscht : user_pref("extensions.delta.tlbrId", "base");
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\user.js] gelöscht : user_pref("extensions.delta.instlRef", "sst");
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\user.js] gelöscht : user_pref("extensions.delta.dfltLng", "en");
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\user.js] gelöscht : user_pref("extensions.delta.excTlbr", false);
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\user.js] gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\user.js] gelöscht : user_pref("extensions.delta.admin", false);
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\user.js] gelöscht : user_pref("extensions.delta.autoRvrt", "false");
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\user.js] gelöscht : user_pref("extensions.delta.rvrt", "false");
[-] [C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\user.js] gelöscht : user_pref("extensions.delta.newTab", false);

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [9738 Bytes] - [19/04/2016 07:54:41]
C:\AdwCleaner\AdwCleaner[S1].txt - [9873 Bytes] - [19/04/2016 07:52:40]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [9884 Bytes] ##########
         

Schritt 2: Logfile von Malwarebytes:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 19.04.2016
Suchlaufzeit: 08:11
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.04.19.02
Rootkit-Datenbank: v2016.04.17.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Miika

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 416645
Abgelaufene Zeit: 22 Min., 7 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Schritt 3: FRST.txt


FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:13-04-2016
durchgeführt von Miika (Administrator) auf PREDATOR (19-04-2016 08:38:56)
Gestartet von C:\Users\Miika\Desktop
Geladene Profile: Miika &  (Verfügbare Profile: Miika)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
() C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Arainia Solutions) C:\Program Files (x86)\Gizmo\gservice.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\SmarThru Office\BackUpSvr.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
() C:\Program Files (x86)\Skiller Pro\Monitor.EXE
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
() C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\Monitor.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Gigabyte Technology CO., LTD.) C:\Program Files (x86)\GIGABYTE\smart6\timelock\AlarmClock.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_21_0_0_213_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avcenter.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10135584 2010-03-26] (Realtek Semiconductor)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [438784 2010-12-17] ()
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2396096 2016-03-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-20] (NEC Electronics Corporation)
HKLM-x32\...\Run: [EasyTuneVI] => C:\Program Files (x86)\GIGABYTE\ET6\ETcall.exe [20480 2007-07-26] ()
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-17] (InstallShield Software Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-03-18] (Apple Inc.)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-12-15] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-05-14] (cyberlink)
HKLM-x32\...\Run: [UpdatePPShortCut] => C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-17] (CyberLink Corp.)
HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\lgfw.exe [27760 2013-01-19] (Bitleader)
HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [222504 2010-06-02] (CyberLink Corp.)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Communicator] => C:\Program Files (x86)\Microsoft Lync\communicator.exe [12119872 2015-11-12] (Microsoft Corporation)
HKLM-x32\...\Run: [STO Backup Service] => C:\Program Files (x86)\SmarThru Office\BackUpSvr.exe [199760 2012-01-13] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [STO Launcher Service] => C:\Program Files (x86)\SmarThru Office\x64\LegacyLauncher.exe [405584 2012-01-13] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Skiller Pro] => C:\Program Files (x86)\Skiller Pro\Monitor.exe [475136 2014-02-26] ()
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [220704 2015-09-14] (Geek Software GmbH)
HKLM-x32\...\Run: [SL-6397 Gaming Mouse] => C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\Monitor.exe [3587584 2014-07-17] ()
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [807392 2016-03-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKU\S-1-5-21-3481390821-1322619270-1783807865-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKU\S-1-5-21-3481390821-1322619270-1783807865-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2010-04-22] (Hewlett-Packard Company)
HKU\S-1-5-21-3481390821-1322619270-1783807865-1000\...\Run: [Dropbox Update] => "C:\Users\Miika\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
HKU\S-1-5-21-3481390821-1322619270-1783807865-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
HKU\S-1-5-21-3481390821-1322619270-1783807865-1000\...\Run: [GizmoDriveDelegate] => C:\Program Files (x86)\Gizmo\gizmo.exe [223640 2012-02-08] (Arainia Solutions)
HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2010-04-22] (Hewlett-Packard Company)
HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dropbox Update] => "C:\Users\Miika\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GizmoDriveDelegate] => C:\Program Files (x86)\Gizmo\gizmo.exe [223640 2012-02-08] (Arainia Solutions)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [MemopalBackedUp] -> {8ED3CC2D-6BC2-43AD-8C43-F51FBB413AE6} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [MemopalError] -> {B9CA6E12-7975-4997-B5BD-CA12ECE0FEAD} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [MemopalPartiallyBackedUp] -> {95DDC869-FC98-4D47-BD34-2EDC9AA09C01} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [MemopalToBackup] -> {2CDD871E-60EB-40BD-9721-A1CB57042F75} =>  Keine Datei

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{9CCF975E-079C-4D5B-BAED-1ADB534940E3}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {3459E061-1FA6-45C3-A325-9366D78F0DF2} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll [2016-04-12] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-12] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Lync\OCHelper.dll [2010-11-03] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-04-12] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-12] (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab

FireFox:
========
FF ProfilePath: C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-07] ()
FF Plugin: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-12] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-12] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-07] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @canon.com/CCBPL -> C:\Program Files (x86)\Canon\APU\npCCBPLFirefox.dll [2010-08-20] (Canon Inc.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [2013-11-21] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-12] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-03-22] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-03-22] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-02-26] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3481390821-1322619270-1783807865-1000: @hola.org/vlc,version=1.8.649 -> C:\Users\Miika\AppData\Local\Hola\firefox\app\vlc [Keine Datei]
FF Plugin HKU\S-1-5-21-3481390821-1322619270-1783807865-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Miika\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-11-15] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3481390821-1322619270-1783807865-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll [2012-10-30] (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @hola.org/vlc,version=1.8.649 -> C:\Users\Miika\AppData\Local\Hola\firefox\app\vlc [Keine Datei]
FF Plugin HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Miika\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-11-15] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll [2012-10-30] (Amazon.com, Inc.)
FF user.js: detected! => C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\user.js [2016-04-19]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-12] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-02-26] (Adobe Systems Inc.)
FF Extension: Web Developer - C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2015-05-29]
FF Extension: Print Edit - C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\extensions\printedit@DW-dev.xpi [2016-03-14]
FF Extension: Avira Browser Safety - C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\Extensions\abs@avira.com [2016-04-12]
FF Extension: Firebug - C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\Extensions\firebug@software.joehewitt.com.xpi [2016-03-30]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\Extensions\ich@maltegoetz.de.xpi [2015-07-27]
FF Extension: Youtube and more - Easy Video Downloader - C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\Extensions\vdpure@link64.xpi [2016-01-22]
FF Extension: eBay for Firefox - C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\Extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}.xpi [2016-04-18]
FF Extension: Adblock Plus - C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\cvjcs2dr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [955736 2016-03-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466504 2016-03-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466504 2016-03-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1424880 2016-03-11] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [246256 2010-05-14] (CyberLink)
R2 DES2 Service; C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [68136 2009-06-17] ()
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-24] (Digital Wave Ltd.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-03-30] (NVIDIA Corporation)
R2 Gizmo Central; C:\Program Files (x86)\Gizmo\gservice.exe [34728 2012-02-08] (Arainia Solutions)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2012-12-04] (Hi-Rez Studios) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-19] ()
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-04-22] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S3 MSSQL$MSSMLBIZ; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\sqlservr.exe [43044512 2015-04-03] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-03-30] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-03-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-03-30] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-04-02] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-08-20] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-07-02] () [Datei ist nicht signiert]
R2 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.) [Datei ist nicht signiert]
S4 SQLAgent$MSSMLBIZ; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.MSSMLBIZ\MSSQL\Binn\SQLAGENT.EXE [380064 2015-04-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31968 2012-10-08] (Wondershare)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-22] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [133168 2016-03-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [69888 2016-03-11] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 GizmoDrv; C:\Windows\System32\Drivers\GizmoDrv.sys [34704 2012-02-08] (Arainia Solutions LLC)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2016-04-14] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-04-19] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-03-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-03-21] (NVIDIA Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-19 08:36 - 2016-04-19 08:36 - 00001209 _____ C:\Users\Miika\Desktop\mbam.txt
2016-04-19 08:06 - 2016-04-19 08:06 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-19 08:03 - 2016-04-19 08:03 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-04-19 08:03 - 2016-04-19 08:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-04-19 08:03 - 2016-04-19 08:03 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-04-19 08:03 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-04-19 08:03 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-04-19 08:03 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-04-19 07:49 - 2016-04-19 07:54 - 00000000 ____D C:\AdwCleaner
2016-04-19 07:49 - 2016-04-19 07:49 - 00000000 _____ C:\Users\Miika\Desktop\Neues Textdokument (4).txt
2016-04-19 07:41 - 2016-04-19 07:41 - 22851472 _____ (Malwarebytes ) C:\Users\Miika\Desktop\mbam-setup-2.2.1.1043.exe
2016-04-19 07:40 - 2016-04-19 07:40 - 03683904 _____ C:\Users\Miika\Desktop\AdwCleaner_5.112.exe
2016-04-19 07:40 - 2016-04-19 07:40 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Miika\Desktop\mbam-clean-2.1.1.1001.exe
2016-04-18 19:49 - 2016-04-18 19:49 - 00000000 _____ C:\Users\Miika\Desktop\Neues Textdokument (3).txt
2016-04-18 19:25 - 2016-04-18 19:25 - 22851472 _____ (Malwarebytes ) C:\Users\Miika\Downloads\mbam-setup-2.2.1.1043.exe
2016-04-18 19:17 - 2016-04-18 19:50 - 00000293 _____ C:\Users\Miika\Desktop\DiskInfoX64.ini
2016-04-18 19:17 - 2016-04-18 19:17 - 00000000 ____D C:\Users\Miika\Desktop\Smart
2016-04-18 19:16 - 2016-04-18 19:16 - 00000000 ____D C:\Users\Miika\Desktop\License
2016-04-18 19:16 - 2016-04-18 19:16 - 00000000 ____D C:\Users\Miika\Desktop\CdiResource
2016-04-18 19:15 - 2016-04-18 19:16 - 00116209 _____ C:\Users\Miika\Desktop\Neues Textdokument.txt
2016-04-18 19:09 - 2016-04-18 19:16 - 00232508 _____ C:\TDSSKiller.3.1.0.9_18.04.2016_19.09.12_log.txt
2016-04-18 19:07 - 2016-04-18 19:07 - 04666855 _____ C:\Users\Miika\Desktop\CrystalDiskInfo6_8_1.zip
2016-04-18 19:06 - 2016-04-18 19:06 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Miika\Desktop\tdsskiller.exe
2016-04-14 20:42 - 2016-04-19 08:38 - 00029706 _____ C:\Users\Miika\Desktop\FRST.txt
2016-04-14 20:42 - 2016-04-19 08:38 - 00000000 ____D C:\FRST
2016-04-14 20:42 - 2016-04-14 20:43 - 00079267 _____ C:\Users\Miika\Desktop\Addition.txt
2016-04-14 20:41 - 2016-04-14 20:41 - 02375168 _____ (Farbar) C:\Users\Miika\Desktop\FRST64.exe
2016-04-14 19:49 - 2016-04-14 19:50 - 00095038 _____ C:\Windows\ntbtlog.txt
2016-04-14 19:19 - 2016-03-30 03:06 - 01373680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-04-14 19:19 - 2016-03-30 03:05 - 01767248 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-04-14 19:18 - 2016-04-14 19:19 - 01380712 _____ C:\Users\Miika\Downloads\SteamSetup.exe
2016-04-14 19:18 - 2016-04-14 19:18 - 00001201 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2016-04-14 19:16 - 2016-04-14 19:16 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-04-14 19:15 - 2016-04-14 19:17 - 34809392 _____ (Mozilla) C:\Users\Miika\Downloads\Thunderbird Setup 45.0.exe
2016-04-14 19:14 - 2016-04-14 19:14 - 00242344 _____ C:\Users\Miika\Downloads\Firefox Setup Stub 45.0.2.exe
2016-04-12 22:02 - 2016-04-18 19:16 - 03709360 _____ (Crystal Dew World) C:\Users\Miika\Desktop\DiskInfoX64.exe
2016-04-12 22:02 - 2016-04-18 19:16 - 02753968 _____ (Crystal Dew World) C:\Users\Miika\Desktop\DiskInfo.exe
2016-04-12 20:42 - 2016-04-14 19:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-12 18:47 - 2016-04-12 18:46 - 00110144 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll
2016-04-12 18:47 - 2016-04-12 18:46 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2016-04-09 15:50 - 2016-04-09 15:50 - 00000000 ____D C:\Users\Miika\AppData\Local\Focus Home Interactive
2016-04-08 21:34 - 2016-04-14 19:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-04-08 19:44 - 2016-04-08 19:44 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-04-08 19:41 - 2016-04-08 19:41 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2016-03-29 21:23 - 2016-03-29 21:23 - 00060428 _____ C:\Users\Miika\Downloads\Perfekte-Kuechenausruestung.pdf
2016-03-29 19:05 - 2016-03-29 19:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan
2016-03-29 19:05 - 2016-03-22 04:10 - 00112184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-03-29 19:01 - 2016-03-22 06:12 - 42923576 _____ C:\Windows\system32\nvcompiler.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 37567424 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 31555008 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 25321408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 21355248 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 20897416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 17748712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 17342392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 17248408 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 12567608 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-03-29 19:01 - 2016-03-22 06:12 - 10550736 _____ C:\Windows\system32\nvptxJitCompiler.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 08659472 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 03235896 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 02809280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436472.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 01573432 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436472.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 00959544 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 00889400 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 00753208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 00695864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 00678520 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 00571912 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 00501896 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 00473592 ____N (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 00425016 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 00423080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 00391632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 00377792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 00175368 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 00153392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 00129208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-03-29 19:01 - 2016-03-22 06:12 - 00037091 _____ C:\Windows\system32\nvinfo.pb
2016-03-29 19:01 - 2016-03-22 06:12 - 00000139 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-03-29 19:01 - 2016-03-22 06:12 - 00000139 _____ C:\Windows\system32\nv-vk64.json
2016-03-29 18:52 - 2016-03-29 18:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-03-29 18:50 - 2016-03-29 18:52 - 00000000 ____D C:\Program Files\iTunes
2016-03-29 18:50 - 2016-03-29 18:50 - 00000000 ____D C:\Program Files\iPod
2016-03-29 18:50 - 2016-03-29 18:50 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-03-29 18:49 - 2016-03-21 22:01 - 00109632 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-03-29 18:49 - 2016-03-21 22:01 - 00100416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-03-29 18:49 - 2016-03-21 22:01 - 00056384 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-03-28 14:47 - 2016-03-28 14:47 - 00000080 _____ C:\Users\Miika\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2016-03-26 22:31 - 2016-03-26 22:33 - 135010334 _____ C:\Users\Miika\Downloads\117DerFinstereRivale.zip
2016-03-24 22:00 - 2016-03-24 22:00 - 00061901 _____ C:\Users\Miika\Downloads\Saisonkalender-Gemuese.pdf
2016-03-24 22:00 - 2016-03-24 22:00 - 00056316 _____ C:\Users\Miika\Downloads\Saisonkalender-Obst.pdf
2016-03-24 00:43 - 2016-03-24 00:43 - 00002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-03-24 00:43 - 2016-03-24 00:43 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-03-24 00:43 - 2016-03-24 00:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-03-24 00:42 - 2016-03-24 00:43 - 00000000 ____D C:\Program Files\CCleaner
2016-03-22 19:26 - 2016-03-22 19:26 - 00000000 ____D C:\Users\Miika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-03-22 12:20 - 2016-03-22 12:20 - 01963955 _____ C:\Users\Miika\Downloads\22bZhqg6.pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-19 08:20 - 2015-06-21 14:05 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3481390821-1322619270-1783807865-1000UA.job
2016-04-19 08:07 - 2009-07-14 06:45 - 00028912 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-19 08:07 - 2009-07-14 06:45 - 00028912 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-19 08:03 - 2012-12-22 12:10 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-04-19 08:00 - 2011-12-20 00:56 - 00000000 ____D C:\Program Files (x86)\Steam
2016-04-19 07:58 - 2012-03-31 18:57 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-19 07:57 - 2011-12-20 01:03 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2016-04-19 07:56 - 2011-12-20 00:47 - 00000000 ____D C:\ProgramData\NVIDIA
2016-04-19 07:56 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-18 20:20 - 2015-06-21 14:05 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3481390821-1322619270-1783807865-1000Core.job
2016-04-18 19:07 - 2012-01-11 21:07 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{3191028B-CEC3-47B8-868D-AD0B3B99EE93}
2016-04-14 20:32 - 2011-12-20 01:04 - 00030528 _____ C:\Windows\GVTDrv64.sys
2016-04-14 20:31 - 2011-12-20 00:13 - 00000272 _____ C:\Windows\lgfwup.ini
2016-04-14 20:31 - 2011-12-20 00:13 - 00000000 ____D C:\Program Files (x86)\lg_fwupdate
2016-04-14 19:49 - 2012-04-26 18:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-14 19:31 - 2011-12-20 00:56 - 00000967 _____ C:\Users\Public\Desktop\Steam.lnk
2016-04-14 19:24 - 2011-12-20 00:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-04-14 19:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-04-14 19:18 - 2011-12-19 23:38 - 00001213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2016-04-14 19:18 - 2011-12-19 23:38 - 00000000 ____D C:\Users\Miika\AppData\Local\Thunderbird
2016-04-14 19:16 - 2011-12-19 23:35 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-04-14 19:09 - 2016-01-19 22:26 - 00000000 ____D C:\Users\Miika\AppData\Local\CrashDumps
2016-04-14 18:10 - 2011-12-19 23:43 - 00000000 ____D C:\Program Files (x86)\Origin
2016-04-14 01:45 - 2010-11-21 05:27 - 00453280 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-04-13 21:43 - 2014-08-24 18:39 - 00000000 ____D C:\Users\Miika\AppData\Local\Deployment
2016-04-13 17:56 - 2013-02-17 17:33 - 00001036 _____ C:\Users\Miika\Desktop\Amazon WANTED.txt
2016-04-12 23:12 - 2016-03-19 22:31 - 00000000 ____D C:\Users\Miika\Desktop\eBay
2016-04-12 18:48 - 2014-10-18 08:50 - 00000000 ____D C:\Program Files (x86)\Java
2016-04-12 18:48 - 2013-09-17 21:45 - 00000000 ____D C:\ProgramData\Oracle
2016-04-12 18:47 - 2014-10-18 08:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-04-12 18:46 - 2015-08-29 08:57 - 00000000 ____D C:\Users\Miika\.oracle_jre_usage
2016-04-12 18:45 - 2014-10-18 08:50 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-04-11 23:23 - 2011-12-19 23:43 - 00000000 ____D C:\ProgramData\Origin
2016-04-11 20:30 - 2012-09-02 19:20 - 00024293 _____ C:\Users\Miika\Desktop\Kosten.txt
2016-04-09 16:41 - 2012-07-17 21:33 - 00000000 ____D C:\Program Files (x86)\Google
2016-04-09 16:16 - 2011-12-31 22:27 - 00000000 ___RD C:\Users\Miika\Desktop\Musik
2016-04-08 19:45 - 2015-04-16 16:59 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-04-08 19:45 - 2014-07-09 21:37 - 00000000 ____D C:\Users\Miika\AppData\Local\Adobe
2016-04-08 19:44 - 2015-04-16 16:58 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-04-08 19:40 - 2011-12-19 23:42 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-04-08 19:37 - 2013-11-20 00:00 - 00000000 ____D C:\Program Files\Java
2016-04-07 21:58 - 2012-03-31 18:57 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-07 21:58 - 2012-03-31 18:57 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-04-07 21:58 - 2011-12-19 23:42 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-02 21:57 - 2011-12-31 22:30 - 00000000 ____D C:\Users\Miika\Documents\WB Games
2016-04-02 15:52 - 2011-12-20 00:47 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-03-30 03:06 - 2015-02-10 20:27 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-03-30 03:05 - 2015-11-21 20:56 - 00112216 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-03-30 03:05 - 2015-02-10 20:27 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-03-29 22:37 - 2016-02-14 18:47 - 00000000 ____D C:\Users\Miika\Desktop\MRT - Befunde & CD
2016-03-29 20:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-03-29 19:24 - 2011-04-12 09:43 - 00775748 _____ C:\Windows\system32\perfh007.dat
2016-03-29 19:24 - 2011-04-12 09:43 - 00179114 _____ C:\Windows\system32\perfc007.dat
2016-03-29 19:24 - 2009-07-14 07:13 - 01834774 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-29 19:06 - 2012-09-01 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-03-29 19:06 - 2012-02-10 20:58 - 00000000 ____D C:\Temp
2016-03-29 19:05 - 2016-03-11 00:41 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-03-29 19:03 - 2011-12-20 00:47 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-03-29 18:52 - 2013-10-05 23:06 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-03-29 18:50 - 2011-12-19 23:53 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-03-28 14:47 - 2012-01-01 15:22 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-03-28 14:46 - 2015-04-14 20:15 - 00000000 ____D C:\Program Files\Rockstar Games
2016-03-22 19:26 - 2012-01-02 19:51 - 00000000 ____D C:\Users\Miika\AppData\Roaming\Dropbox
2016-03-22 06:12 - 2011-12-20 01:14 - 19004040 ____N (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-03-22 06:12 - 2011-05-21 07:01 - 03714472 ____N (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-03-22 04:25 - 2015-12-21 21:44 - 00532536 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-03-22 04:25 - 2015-12-21 21:44 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-03-22 04:25 - 2011-12-20 00:47 - 06369728 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-03-22 04:25 - 2011-12-20 00:47 - 02993088 ____N (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-03-22 04:25 - 2011-12-20 00:47 - 02561472 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-03-22 04:25 - 2011-12-20 00:47 - 01264064 ____N (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-03-22 04:25 - 2011-12-20 00:47 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-03-22 04:25 - 2011-12-20 00:47 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-03-21 23:02 - 2016-02-22 20:46 - 00000000 ____D C:\Users\Miika\Desktop\Temp Copy

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-06-29 21:43 - 2013-06-29 21:43 - 0017472 ____T (Un4seen Developments) C:\Users\Miika\AppData\Roaming\Microsoft\1eaadjc.dll
2013-06-29 21:43 - 2013-06-29 21:43 - 0018724 ____T () C:\Users\Miika\AppData\Roaming\Microsoft\bass.dll
2013-06-29 21:43 - 2013-06-29 21:43 - 1758720 ____T () C:\Users\Miika\AppData\Roaming\Microsoft\engine_vx.dll
2013-06-29 21:43 - 2013-06-29 21:43 - 0016448 ____T (Un4seen Developments) C:\Users\Miika\AppData\Roaming\Microsoft\kfgresk.dll
2013-06-29 21:43 - 2013-06-29 21:43 - 0014456 ____T () C:\Users\Miika\AppData\Roaming\Microsoft\mjcriu.dll
2013-06-29 21:43 - 2013-06-29 21:43 - 0012352 ____T (Un4seen Developments) C:\Users\Miika\AppData\Roaming\Microsoft\peaadje.dll
2013-06-29 21:43 - 2013-06-29 21:43 - 0029784 ____T ((: JOBnik! :) [Arthur Aminov, ISRAEL]) C:\Users\Miika\AppData\Roaming\Microsoft\qwadjb.dll
2013-06-29 21:43 - 2013-06-29 21:43 - 0017472 ____T (Un4seen Developments) C:\Users\Miika\AppData\Roaming\Microsoft\rsaadjd.dll
2013-06-29 21:43 - 2013-06-29 21:43 - 0105016 ____T (Un4seen Developments) C:\Users\Miika\AppData\Roaming\Microsoft\~DFK38f72.tmp
2014-09-06 10:47 - 2014-09-06 10:47 - 0001978 _____ () C:\Users\Miika\AppData\Local\recently-used.xbel
2015-12-06 14:45 - 2015-12-06 14:45 - 0000000 _____ () C:\Users\Miika\AppData\Local\{8DD41FC6-B412-4A1A-88DD-700352DE6EFD}
2012-02-08 19:47 - 2012-02-08 19:47 - 0000000 _____ () C:\ProgramData\cmn_upld.log
2012-01-03 20:10 - 2012-01-03 20:10 - 0000252 _____ () C:\ProgramData\FastPics.log
2012-11-11 18:13 - 2012-11-11 18:13 - 0000256 _____ () C:\ProgramData\lxeb.log
2012-01-03 20:12 - 2012-02-08 19:45 - 0002288 _____ () C:\ProgramData\lxebJSW.log
2012-01-03 20:08 - 2012-11-11 18:13 - 0056229 _____ () C:\ProgramData\lxebscan.log
2012-02-08 19:47 - 2012-02-08 19:47 - 0000000 _____ () C:\ProgramData\LxWbGwLog.log
2012-01-03 20:07 - 2012-01-03 20:07 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt

Einige Dateien in TEMP:
====================
C:\Users\Miika\AppData\Local\Temp\avgnt.exe
C:\Users\Miika\AppData\Local\Temp\jre-8u77-windows-au.exe
C:\Users\Miika\AppData\Local\Temp\libeay32.dll
C:\Users\Miika\AppData\Local\Temp\msvcr120.dll
C:\Users\Miika\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-19 07:00

==================== Ende von FRST.txt ============================
         

Alt 19.04.2016, 07:45   #10
MichaelHe
 
Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes - Standard

Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes



Addition.txt:

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:13-04-2016
durchgeführt von Miika (2016-04-19 08:39:15)
Gestartet von C:\Users\Miika\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-12-19 21:13:44)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3481390821-1322619270-1783807865-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3481390821-1322619270-1783807865-1005 - Limited - Enabled)
Gast (S-1-5-21-3481390821-1322619270-1783807865-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3481390821-1322619270-1783807865-1013 - Limited - Enabled)
Miika (S-1-5-21-3481390821-1322619270-1783807865-1000 - Administrator - Enabled) => C:\Users\Miika

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

@BIOS Ver.2.06 (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.06 - GIGABYTE)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Apple Application Support (32-Bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Assassin's Creed(R) III v1.05 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.05 - Ubisoft)
Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.15 - Audible, Inc.)
Aurora Blu-ray Media Player (HKLM-x32\...\Aurora Blu-ray Media Player) (Version: 2.13.4.1435 - Aurora Software Inc.)
AutoGreen B09.1014.2 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B09.1014.2 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.16.282 - Avira Operations GmbH & Co. KG)
Battlefield Play4Free (HKLM-x32\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version:  - EA Digital illusions)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BSR Screen Recorder 5 (HKLM-x32\...\BSRScreenRecorder5) (Version:  - )
Business Contact Manager for Microsoft Outlook 2010 (x32 Version: 4.0.11308.0 - Microsoft Corporation) Hidden
Business Contact Manager für Microsoft Outlook 2010 (HKLM-x32\...\Business Contact Manager) (Version: 4.0.11308.0 - Microsoft Corporation)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CANON iMAGE GATEWAY Album Plugin Utility (HKLM-x32\...\Album Plugin Utility) (Version: 1.1.1.9 - Canon Inc.)
Castle of Illusion (HKLM-x32\...\Steam App 227600) (Version:  - SEGA Studios Australia)
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.79.0.2015 - Georgy Berdyshev)
Cities XL Platinum (HKLM\...\Steam App 231140) (Version:  - Focus Home Interactive)
Common Desktop Agent (Version: 1.53.0 - OEM) Hidden
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Crysis WARHEAD(R) (HKLM-x32\...\Crysis WARHEAD(R)) (Version:  - Electronic Arts)
Crysis WARHEAD(R) (x32 Version: 1.0 - Crytek) Hidden
Crysis(R) (HKLM-x32\...\{000E79B7-E725-4F01-870A-C12942B7F8E4}) (Version: 1.00.0000 - Electronic Arts)
Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.0.0.0 - Electronic Arts)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
CyberLink BD Advisor 2.0 (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version:  - )
CyberLink Blu-ray Disc Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3226 - CyberLink Corp.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1916 - CyberLink Corp.)
CyberLink LG Burning Tool (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.2.3714 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3402 - CyberLink Corp.)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2919.52 - CyberLink Corp.)
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.1.1520 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.2609 - CyberLink Corp.)
DECUS Gaming Mouse (HKLM-x32\...\{B62CC42A-D1D9-4E91-BEDE-8614DE2AD943}) (Version: 1.0 - SPEEDLINK)
DES 2.0 (HKLM-x32\...\{675F86A8-E093-4002-87D5-915CC2C45571}) (Version: 1.00.0000 - Gigabyte)
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: 1.0.1.46 - INTENIUM GmbH)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.0.0 - Electronic Arts)
Dropbox (HKU\S-1-5-21-3481390821-1322619270-1783807865-1000\...\Dropbox) (Version: 3.16.1 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 3.16.1 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
DuckTales Remastered (HKLM-x32\...\Steam App 237630) (Version:  - WayForward)
Easy Tune 6 B10.0420.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B10.0420.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
EtikettenAssistent 4.2 (HKLM-x32\...\{9AEF64B1-79A5-4E2F-8FBC-4CA89ECD3595}) (Version: 4.2.1 - HERMA)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
FIFA 13 (HKLM-x32\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.8.0.0 - Electronic Arts)
FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.4.64673.4 - Electronic Arts)
GDR 5520 für SQL Server 2008 (KB 2977321) (HKLM-x32\...\KB2977321) (Version: 10.3.5520.0 - Microsoft Corporation)
GDR 5538 für SQL Server 2008 (KB 3045305) (HKLM-x32\...\KB3045305) (Version: 10.3.5538.0 - Microsoft Corporation)
Gigabyte Raid Configurer (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0001 - GIGABYTE Technologies, Inc.)
Gizmo Central (HKLM-x32\...\Gizmo Central) (Version: v2.7.9 - Arainia Solutions, LLC)
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version:  - Rockstar North)
Grand Theft Auto: Episodes From Liberty City (HKLM-x32\...\{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}) (Version: 1.1.0.0 - Rockstar Games)
Grand Theft Auto: Episodes from Liberty City (x32 Version: 1.0.0003.135 - Rockstar Games Inc.) Hidden
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
How to Survive (HKLM-x32\...\Steam App 250400) (Version:  - EKO Software)
IdleMaster (HKU\S-1-5-21-3481390821-1322619270-1783807865-1000\...\1d85483b1c982d8c) (Version: 1.4.0.0 - IdleMaster)
IdleMaster (HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1d85483b1c982d8c) (Version: 1.4.0.0 - IdleMaster)
iDRS(tm) OCR Software by I.R.I.S (HKLM-x32\...\iDRS(tm) OCR Software by I.R.I.S) (Version: 1.00.13.00 - Samsung Electronics Co., Ltd.)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Java 8 Update 77 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Kaminfeuer Comprehensive Edition 1080 (HKLM-x32\...\ST5UNST #1) (Version:  - )
Kingdom Rush (HKLM-x32\...\Steam App 246420) (Version:  - Ironhide Game Studio)
KONZ-Steuer-2014 (HKLM-x32\...\InstallShield_{20F1078B-E3B6-4DA1-9570-003DE110890A}) (Version: 1.00.0000 - USM)
KONZ-Steuer-2014 (x32 Version: 1.00.0000 - USM) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LEGO MARVEL Super Heroes (HKLM-x32\...\Steam App 249130) (Version:  - Traveller's Tales)
LG Tool Kit (HKLM-x32\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - )
LightScribe System Software (HKLM-x32\...\{A8F1CA85-C713-4B1F-B3B4-B2B7A6824146}) (Version: 1.18.14.1 - LightScribe)
Logitech Vid HD (HKLM-x32\...\Logitech Vid) (Version: 7.2 (7240) - Logitech Inc..)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Mad Max (HKLM\...\Steam App 234140) (Version:  - Avalanche Studios)
MAGIX Foto & Grafik Designer 6 SE (HKLM-x32\...\MAGIX_{591B29D8-4A37-4202-9F74-3B43A45EC036}) (Version: 6.1.3.24817 - MAGIX AG)
MAGIX Foto & Grafik Designer 6 SE (Version: 6.1.3.24817 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Max Payne 3 (HKLM\...\Steam App 204100) (Version:  - Rockstar Studios)
Medal of Honor (TM) (HKLM-x32\...\{415030B8-3E8B-462A-8C03-41D95AA3AB3B}) (Version: 1.0.0.0 - Electronic Arts)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 Language Pack - deu (HKLM-x32\...\{742D41A9-B3BF-3A65-806E-F8372FB3E492}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Lync 2010 (HKLM\...\{58A013B1-1613-4978-881A-FCA43710C84A}) (Version: 4.0.7577.4486 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{12FE6AA6-65D2-40EE-B925-62193128A0E6}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM-x32\...\{59C245FC-343C-4FEC-B3CB-B6F12B561C20}) (Version: 10.3.5538.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mortal Kombat X (HKLM-x32\...\Steam App 307780) (Version:  - NetherRealm Studios)
Mozilla Firefox 45.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 de)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0 - Mozilla)
Mozilla Thunderbird 45.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.0 (x86 de)) (Version: 45.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.18.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.18.0 - NEC Electronics Corporation) Hidden
Need for Speed: Hot Pursuit (HKLM-x32\...\Steam App 47870) (Version:  - Criterion Games)
NHL™ 09 (HKLM-x32\...\{3C27AAE0-37AF-11DD-AE16-0800200C9A66}) (Version: 2.0.1.0 - Electronic Arts)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 364.72 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.2.55 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.2.55 - NVIDIA Corporation)
NVIDIA Grafiktreiber 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.72 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
ON_OFF Charge B10.0422.2 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4554 - Electronic Arts, Inc.)
Pinball FX2 (HKLM-x32\...\Steam App 226980) (Version:  - Zen Studios)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.17.304.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6077 - Realtek Semiconductor Corp.)
Robin Hood (HKLM-x32\...\Steam App 46560) (Version:  - )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.02.06.10 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Assistant (HKLM-x32\...\Samsung Scan Assistant) (Version: 1.04.45.00 - Samsung Electronics Co., Ltd.)
Samsung SCX-3400 Series (HKLM-x32\...\Samsung SCX-3400 Series) (Version: 1.08 (07.05.2012) - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.33.0 - SAMSUNG Electronics Co., Ltd.)
Secure Download Manager (HKLM-x32\...\{B15B400A-19ED-4CC7-B3E4-9295D8470CBE}) (Version: 3.0.3 - e-academy Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 3 für SQL Server 2008 (KB2546951) (HKLM-x32\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.2.55 - NVIDIA Corporation) Hidden
Skiller Pro Driver (HKLM-x32\...\{54C8FBB3-B992-43CB-8F0A-E26228013F88}) (Version: 1.0 - )
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Smart 6 B10.0422.1 (HKLM-x32\...\{3B35725F-C623-4A1E-B5CC-99C0868679E3}) (Version: 1.00.0000 - GIGABYTE)
SmarThru Office (HKLM-x32\...\{9BC1E722-AE07-46A3-B7A6-556DBE18E22A}) (Version: 2.08.018 - Samsung Electronics Co., Ltd.)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
Sql Server Customer Experience Improvement Program (x32 Version: 10.3.5500.0 - Microsoft Corporation) Hidden
STAR WARS - Galactic Battlegrounds Saga (HKLM\...\{9f3d9623-1935-43fa-9756-e90f3134f675}.sdb) (Version:  - )
Star Wars Empire at War (HKLM-x32\...\{99AE7207-8612-4DBA-A8F8-BAE5C633390D}) (Version: 1.0 - LucasArts)
STAR WARS™ Battlefront™ (HKLM-x32\...\{E402D891-4E45-4ce9-B41F-DD35864EF170}) (Version: 1.0.5.2252 - Electronic Arts)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steuer 2013 (HKLM-x32\...\{05AEF487-8926-48A9-B5BA-9BED72BC6B1C}) (Version: 21.00.8480 - Buhl Data Service GmbH)
Steuer 2014 (HKLM-x32\...\{2EE860C7-4551-479F-AF01-328B8AA46051}) (Version: 22.00.8811 - Buhl Data Service GmbH)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tales of the Orient: The Rising Sun (HKLM\...\Steam App 339160) (Version:  - Green Sauce Games)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.10.1 - TeamSpeak Systems GmbH)
The Lord of the Rings: War in the North (HKLM-x32\...\Steam App 32800) (Version:  - Snowblind Studios)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
tiptoi® Manager 3.0.8 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.0.8 - Ravensburger AG)
Unity Web Player (HKU\S-1-5-21-3481390821-1322619270-1783807865-1000\...\UnityWebPlayer) (Version: 5.2.3f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version: 5.2.3f1 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.5.1 (HKLM\...\VulkanRT1.0.5.1) (Version: 1.0.5.1 - LunarG, Inc.)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - Firaxis Games)
Zumas Revenge (HKLM-x32\...\{0B153CAB-792B-4CA2-B2A5-AB0BBAF2FFA9}) (Version: 1.0.5.600 - PopCap Games)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Miika\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Miika\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {012BD39A-6E2B-41BF-BB95-2367AEDA7654} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: {193886C7-9433-441B-AC05-6DDF436A07B6} - System32\Tasks\{6529A1CA-E2B3-423C-93D9-1482CDABA88F} => C:\Users\Miika\Desktop\MONEY.EXE
Task: {1A69324D-D269-4A70-9B0F-C5E58D784E6D} - System32\Tasks\{9BB0A915-298A-473D-8193-6942178F025F} => pcalua.exe -a C:\Users\Miika\Desktop\brew-jcu1.exe -d C:\Users\Miika\Desktop
Task: {27216F7C-A917-4BC2-BD10-55FCA30F7694} - System32\Tasks\{4CF505DF-0A43-48D6-86A8-157A069EA763} => C:\Users\Miika\Desktop\MONEY.EXE
Task: {2CEDEE0E-5DF4-436F-9EAF-F506AC690A8F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {3F6BD132-DBB9-4662-9C5C-45AA37C7EBB7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {4668AE68-CED1-498B-A958-46566A5B7D2F} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe
Task: {527D9800-4475-4BFB-8261-13A74C7B0C58} - System32\Tasks\{E6DFFA7B-EE06-449A-A1D0-EB00CEE426AE} => C:\Users\Miika\Desktop\MONEY.EXE
Task: {565CB1A4-B495-448D-9050-1EC098BD676E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3481390821-1322619270-1783807865-1000UA => C:\Users\Miika\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: {59CEBFE5-35A1-42A1-9568-492E20FC8B00} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
Task: {5AA2681D-252E-498D-BFB2-4C0202F67AA6} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
Task: {5DFF8847-E474-4DFC-BAF7-59B8DFCA6AF5} - System32\Tasks\{19380ADC-E25E-4264-9AD6-41022E8DE2EF} => C:\Users\Miika\Downloads\refog_setup_kl_641.exe
Task: {66D712B3-43BB-4C74-B178-516D3FA7C76C} - System32\Tasks\Microsoft\Windows\SmartRecovery\SRCreate => Rundll32.exe CommCmd.dll,RunScript "%ProgramFiles%\GIGABYTE\Smart6\Recovery\SrCmdCLR.exe" -c 1
Task: {6E5BBD3D-0E9E-4D8E-A2CC-DE7F01FE780F} - System32\Tasks\{43E01F15-93A3-4167-B74B-1C899276A639} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {9164D27D-E2A0-4027-AB97-829A2F498D70} - System32\Tasks\{56439ECC-B252-4FD3-9F35-908BBCEB83DD} => C:\Users\Miika\Desktop\MONEY.EXE
Task: {997BD5BF-461C-4259-9FA4-2A732282A612} - System32\Tasks\{EB5A17F7-59B1-4914-80F9-8981CBF7FF0B} => C:\Program Files (x86)\Gizmo\gizmo.exe [2012-02-08] (Arainia Solutions)
Task: {9D5AB2D1-2783-4026-A47C-C99E041F4AB9} - System32\Tasks\{98029DC9-BD6C-4F8F-81FB-83DA05AD2F54} => C:\Users\Miika\Desktop\MONEY.EXE
Task: {B6629924-22FC-4310-A1A5-03DB6BEC23BE} - System32\Tasks\{CD3C1C49-60B6-4BD3-B947-E2F3476852B4} => pcalua.exe -a "C:\program files (x86)\steam\steamapps\common\left 4 dead 2\bin\addoninstaller.exe" -d "c:\program files (x86)\steam\steamapps\common\left 4 dead 2" -c /register
Task: {C170F9B3-462E-4FA7-A838-FE17810FC951} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3481390821-1322619270-1783807865-1000Core => C:\Users\Miika\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: {E07598B7-6428-4072-866F-53B1FD1547FC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)
Task: {F071BE9A-BD75-4073-8121-2BC92542F1FA} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe
Task: {F6A2B05E-CE2C-4FDE-B6ED-76EEF9EC126F} - System32\Tasks\Microsoft\Windows\SmartRecovery\SRFilter => Rundll32.exe CommCmd.dll,RunScript "%ProgramFiles%\GIGABYTE\Smart6\Recovery\SRFilter.exe" /GBSMART6 -kdl
Task: {FA8791D4-DA74-4793-93F0-672F8A4AB18B} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3481390821-1322619270-1783807865-1000

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3481390821-1322619270-1783807865-1000Core.job => C:\Users\Miika\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3481390821-1322619270-1783807865-1000UA.job => C:\Users\Miika\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-12-20 01:16 - 2016-03-22 04:25 - 00133056 ____N () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-04-09 06:27 - 2015-04-09 06:27 - 00022528 _____ () C:\Windows\System32\ssm1mlm.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 01329936 ____N () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-12-17 19:13 - 2010-12-17 19:13 - 00438784 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2010-12-17 19:13 - 2010-12-17 19:13 - 00050688 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2011-12-19 23:29 - 2009-06-17 17:13 - 00068136 _____ () C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
2012-09-13 00:38 - 2012-09-13 00:38 - 00264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2015-07-22 21:09 - 2014-02-26 14:45 - 00475136 _____ () C:\Program Files (x86)\Skiller Pro\Monitor.EXE
2015-11-24 19:22 - 2014-07-17 23:47 - 03587584 _____ () C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\Monitor.EXE
2011-12-19 23:22 - 2010-01-19 04:31 - 00072304 ____R () C:\Windows\SysWOW64\XSrvSetup.exe
2016-03-04 09:27 - 2016-03-30 03:21 - 00366528 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-03-29 18:50 - 2016-03-30 03:21 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-03-04 09:27 - 2016-03-30 03:22 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-04-14 19:18 - 2016-03-30 03:21 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2012-01-01 14:57 - 2013-08-20 21:19 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2011-12-20 00:09 - 2009-07-02 16:02 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2016-03-29 18:50 - 2016-03-30 03:21 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-03-29 18:50 - 2016-03-30 03:21 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-03-29 18:50 - 2016-03-30 03:22 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-01-28 20:22 - 2016-03-30 03:22 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-03-29 18:50 - 2016-03-30 03:20 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-03-29 18:50 - 2016-03-30 03:20 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2015-04-02 19:18 - 2016-03-30 03:28 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2009-12-15 14:46 - 2009-12-15 14:46 - 00619816 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-12-15 14:49 - 2009-12-15 14:49 - 00013096 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2011-12-19 23:29 - 2009-05-04 18:56 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\EnergySaver2\ycc.dll
2015-09-27 13:27 - 2015-12-29 13:17 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-09-27 13:27 - 2015-11-17 15:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2015-09-27 13:27 - 2015-11-17 15:34 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2015-09-27 13:27 - 2015-11-17 15:34 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-09-27 13:27 - 2015-11-17 15:34 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-09-27 13:27 - 2015-11-17 15:34 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2011-08-12 13:18 - 2011-08-12 13:18 - 02145304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2011-08-12 13:18 - 2011-08-12 13:18 - 07956504 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2011-08-12 13:18 - 2011-08-12 13:18 - 00342552 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2011-08-12 13:18 - 2011-08-12 13:18 - 00029208 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2011-08-12 13:18 - 2011-08-12 13:18 - 00128536 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-09-13 00:39 - 2012-09-13 00:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2015-07-22 21:09 - 2014-09-03 15:58 - 00057344 _____ () C:\Program Files (x86)\Skiller Pro\lan.dll
2015-07-22 21:09 - 2012-08-14 22:41 - 00061440 _____ () C:\Program Files (x86)\Skiller Pro\hiddriver.dll
2012-05-14 13:11 - 2015-09-14 15:56 - 00074272 _____ () C:\Program Files (x86)\PDF24\zlib.dll
2012-05-14 13:11 - 2015-09-14 15:56 - 00051744 _____ () C:\Program Files (x86)\PDF24\OperationUI.dll
2015-11-24 19:22 - 2013-09-30 14:39 - 00036864 _____ () C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\Lang.dll
2015-11-24 19:22 - 2013-01-29 17:15 - 00061440 _____ () C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\hiddriver.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\sony.com -> sony.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3481390821-1322619270-1783807865-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Miika\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3481390821-1322619270-1783807865-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Miika\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{71C15711-3E2C-4D64-8FC0-C669F2114AB3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{3EDA5DA2-C103-45EA-89F3-59688B8DB973}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{D3F2D4D5-312E-4294-8BFA-53F6DEB6BF3B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5DAF81E7-C965-4DEF-A2CA-E7E13B689860}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{35151CAA-487E-4959-AC29-6E5AF47BB185}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{34498169-7A2E-4586-88AC-45A45E876840}C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe] => (Allow) C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe
FirewallRules: [UDP Query User{7565F068-B54F-4F17-AB74-A19A52AD0FE8}C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe] => (Allow) C:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe
FirewallRules: [{3BCF8F5D-D9AB-44D7-ADD5-0441733CBE94}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe
FirewallRules: [{A7BC2942-5BC4-4617-B195-92B1F8CA3851}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe
FirewallRules: [{5379F7E5-D516-4991-BA0C-42D07F83C157}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe
FirewallRules: [{980B1B7D-546A-4576-BC6A-F7DD39F57769}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe
FirewallRules: [{C2C5B3DB-0FC3-434F-A96F-3374E5F6A588}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\Crysis.exe
FirewallRules: [{E9359AA9-E8A3-4B88-8DB1-253DA03D51BD}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\Crysis.exe
FirewallRules: [{4128BF28-A818-4B53-A939-7B9AA3684185}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\CrysisDedicatedServer.exe
FirewallRules: [{40127C9B-3771-4D8A-8EBE-6CC068888D1A}] => (Allow) C:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\CrysisDedicatedServer.exe
FirewallRules: [{1309A2B0-86BF-4F8C-BA7A-71B556305024}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{F5EE2D33-E215-4C85-9E6D-21A62E5E28D9}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{F647DF87-B459-4919-B98C-2CD909B15491}] => (Allow) C:\Program Files (x86)\Rockstar Games\EFLC\LaunchEFLC.exe
FirewallRules: [{104D8663-897F-4FB9-BD62-93834D972A8D}] => (Allow) C:\Program Files (x86)\Rockstar Games\EFLC\LaunchEFLC.exe
FirewallRules: [{5F075499-1AA6-469E-840D-8160741E7D50}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars Empire at War\GameData\sweaw.exe
FirewallRules: [{69077A99-C71A-484D-B9AC-65EBC7EEAE83}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars Empire at War\GameData\sweaw.exe
FirewallRules: [{5A0D982D-58D7-4A0F-BC6F-81ABB4FC2DD9}] => (Allow) C:\Users\Miika\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{9292DC9B-A919-4277-AF1E-DDF7D4F1B79E}] => (Allow) C:\Users\Miika\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{890F752C-4AF7-4C68-AFE8-074119746804}C:\users\miika\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\miika\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{E4AD8D8E-FE4D-4439-901B-A56CC78A85E3}C:\users\miika\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\miika\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{50F39446-3604-44E8-AB94-C42E4D8C2B4D}C:\program files (x86)\lucasarts\star wars empire at war\gamedata\fpupdate.exe] => (Allow) C:\program files (x86)\lucasarts\star wars empire at war\gamedata\fpupdate.exe
FirewallRules: [UDP Query User{E8538B61-8F99-411B-9BE5-DAD974A9EBF8}C:\program files (x86)\lucasarts\star wars empire at war\gamedata\fpupdate.exe] => (Allow) C:\program files (x86)\lucasarts\star wars empire at war\gamedata\fpupdate.exe
FirewallRules: [TCP Query User{B7B7A754-2E6A-4858-A757-22BBC81A3AC3}C:\program files (x86)\logitech\vid hd\vid.exe] => (Allow) C:\program files (x86)\logitech\vid hd\vid.exe
FirewallRules: [UDP Query User{433EB0D9-E1B6-40F4-80D1-1CC2E2443CCD}C:\program files (x86)\logitech\vid hd\vid.exe] => (Allow) C:\program files (x86)\logitech\vid hd\vid.exe
FirewallRules: [TCP Query User{9BCE74D4-E34C-49DB-8B8F-A400299C262D}C:\program files (x86)\rockstar games\eflc\eflc.exe] => (Allow) C:\program files (x86)\rockstar games\eflc\eflc.exe
FirewallRules: [UDP Query User{AC4A206C-2AA3-49EB-BB63-723118DBDCB2}C:\program files (x86)\rockstar games\eflc\eflc.exe] => (Allow) C:\program files (x86)\rockstar games\eflc\eflc.exe
FirewallRules: [{ED387E94-A504-40DB-99A9-67709B352F06}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{08674ADB-3C06-4BE3-97F6-E2ADBD8990A2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{04D563F0-CEE9-4E29-BE2B-60FEF10A5541}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{085D89E9-E240-48FA-8FED-BB976E333C14}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{EC45FF80-AEFD-4815-B0B5-E2FD99F68922}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [UDP Query User{B16A1E83-0C62-4108-985D-6F22A8A1EA0C}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [{14BC9BC5-70A9-4B90-94CB-FDD7950FECEC}] => (Allow) C:\Program Files (x86)\Microsoft Lync\communicator.exe
FirewallRules: [{C8F2EACB-1EF6-46E6-91EE-8E5C6C21A0D6}] => (Allow) C:\Program Files (x86)\Microsoft Lync\UcMapi.exe
FirewallRules: [{8B187259-77F4-478D-B678-785E76DD1F26}] => (Allow) C:\Program Files\Microsoft Lync\UcMapi64.exe
FirewallRules: [TCP Query User{44D82364-FFFC-400B-B7B5-733C4B2F7C7D}C:\program files (x86)\rockstar games\eflc\eflc.exe] => (Allow) C:\program files (x86)\rockstar games\eflc\eflc.exe
FirewallRules: [UDP Query User{0F882048-C4FE-4DF3-B812-36FB4084E951}C:\program files (x86)\rockstar games\eflc\eflc.exe] => (Allow) C:\program files (x86)\rockstar games\eflc\eflc.exe
FirewallRules: [{3DC9AE62-FB28-4E66-8DE7-1BAEC8F3DC38}] => (Allow) C:\Windows\twain_32\Samsung\SCX3400\SCNSearch\USDAgent.exe
FirewallRules: [{6F249070-D811-4F1B-81BF-46D8BBC430B5}] => (Allow) C:\Windows\twain_32\Samsung\SCX3400\SCNSearch\USDAgent.exe
FirewallRules: [{5E83496F-6C7D-40F8-934B-D3E16E03ABC2}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{E0B35E98-6C91-4694-B7CA-7B64031A2352}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{BC56FE8A-9814-49CB-A052-6DE162FDAB66}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{D3C7D826-F7F9-41A5-868D-AE6A78A54545}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{E0E18541-6D4E-4C4A-B47A-EDAB6F810687}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{BD654A1E-12B0-410E-9562-F017F2B0D1C2}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{850EF7FF-98E4-4035-B8CA-CAD9F12EB9B7}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{EC505964-89EE-46D0-BE0C-9270733DD2D7}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{C85E21C8-7B83-42D2-A7CB-517C5A42089A}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{4C982A6C-40EF-4B8D-BA57-737247439443}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{FF854E6D-838B-4CFD-B428-96E6C03955C2}] => (Allow) C:\Program Files (x86)\Scan Assistant\USDAgent.exe
FirewallRules: [{3080ED08-68D2-4434-B463-31F0829D5C57}] => (Allow) C:\Program Files (x86)\Scan Assistant\USDAgent.exe
FirewallRules: [{0FB14CF0-5EC7-4A33-8805-F1C7ABBC83F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Robin Hood\Game.exe
FirewallRules: [{F9D18E7D-88D8-4DA9-AA86-E1A0761C1CB8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Robin Hood\Game.exe
FirewallRules: [{7B1AA95A-5CB4-4209-B870-6505F84EAF9D}] => (Allow) C:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{80A07D42-A5D2-4FB8-B88A-00083BA6A1C4}] => (Allow) C:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe
FirewallRules: [{FDF8FC48-AAD3-4FF9-B218-17DCA7084643}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe
FirewallRules: [{E2D2D41D-91C7-4CBE-A3DB-D536EDEC0CC2}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe
FirewallRules: [{33E96D82-A6DF-4CA6-BF32-E0D236A70AB1}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3MP.exe
FirewallRules: [{83B5444B-7B87-42A0-8192-944E83F8C686}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3MP.exe
FirewallRules: [{E88D0515-78B4-4A14-B448-67A4110D6384}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{24583F02-8FFB-4A0E-AF8D-11A49C99B702}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{39C67D94-C284-428A-A221-F14FB183F22E}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe
FirewallRules: [{57CEB121-9C48-46BA-B641-8BD9A13D621A}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe
FirewallRules: [{8AEF0984-E44E-4D96-9E8F-CF383B18F38E}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{00D7BE10-88D6-4FD2-A7CC-B3631D48C76F}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{9A83C9F6-3411-47BE-948F-C71825C91E1E}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{7610EB5C-A913-42E5-A748-550FE8487E66}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{AD1B67B2-18A1-4DA2-938A-696C6BBDBC53}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{09B256F3-00E6-4AA3-8D9F-26C7699F1B27}] => (Allow) C:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe
FirewallRules: [TCP Query User{51A5DE7B-6249-461B-A393-D7EC64FC16DF}C:\program files (x86)\logitech\vid hd\vid.exe] => (Allow) C:\program files (x86)\logitech\vid hd\vid.exe
FirewallRules: [UDP Query User{C05B2564-43EA-4AF9-928B-9FF82411EEC7}C:\program files (x86)\logitech\vid hd\vid.exe] => (Allow) C:\program files (x86)\logitech\vid hd\vid.exe
FirewallRules: [{0537BE42-E69D-43C1-8E19-7221A081217E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Need for Speed Hot Pursuit\NFS11.exe
FirewallRules: [{160F75A8-8602-493B-A1AB-7CCE463468FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Need for Speed Hot Pursuit\NFS11.exe
FirewallRules: [{19AB8BB9-27D9-46DA-AB21-E26C1AA33254}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Need for Speed Hot Pursuit\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{F622ECDB-83DF-49C2-A661-FDFC4D489B7E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Need for Speed Hot Pursuit\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{CBBE6E22-604C-494F-B5EC-6453DB41E788}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{094DA271-2F01-49DD-9340-F77720F8A401}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D267C006-CEEC-45DB-9272-8AA204A35598}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{35125DD3-9838-4295-B824-A971E3142C63}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{89DFDDC3-3814-4BDA-9529-CF6A2BD2B48C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{0EE36F49-98B1-4BA9-8770-3C2D7A7624E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{38D8AB72-BF51-4959-834A-9D8D9971ADC3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War in the North\witn.exe
FirewallRules: [{5B4DCE54-9522-4124-9DAC-FF984441538F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War in the North\witn.exe
FirewallRules: [{CC93C886-82AF-4B42-B19B-9264D9FBAEF7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CE11A368-1E38-4499-B9D3-AAEEFC5246C2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{BB3CEA83-D707-4891-A460-DAF1F3DDA257}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{E6FD6227-4A26-4E3F-8AEA-898781A0643E}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{8B11E797-F5E0-4CDB-AF84-8E94F9AEB5E4}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{8A25334E-E0CE-4ED4-A713-F50E884F675C}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{7F5F96B5-161D-4BA4-8D71-8DE5699C04D4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{445C4F02-F3F7-48C0-AD57-3C35E337447A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{94490761-87D5-41A3-BC3F-F0789FC0B4E0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{44D2E310-3151-4974-9F09-31A009753BB1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{1AE3D3D1-F206-4B53-8BE4-79A391EB759F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{17F05295-6BDA-4386-9CC0-D34D15DCAD92}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{B19FBD39-CBEB-4DCC-81ED-1EF49851786A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\LEGO Marvel Super Heroes\LEGOMARVEL.exe
FirewallRules: [{EE7CFB01-3B91-4CCF-AAA4-0C28D5B1F074}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\LEGO Marvel Super Heroes\LEGOMARVEL.exe
FirewallRules: [{E090A95C-0F23-4810-8F52-232ACEDEB2A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{AB5C2852-46CC-43BC-B80C-2D4B3329EA00}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{C0BF7C06-8285-4107-B89D-D533134DE9CD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{A1CC9A63-194B-4F2E-A038-B0D1F9FFE9C5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{A488EDEC-EA00-4565-AE98-F57D232AF1A2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A7807346-10C7-4E1E-A5AC-D74DEEBAECA2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9160D2CE-813E-428C-BB47-356866C3C8A3}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{4C236CF9-5EBF-49FC-99EB-52BDC44BDAB9}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{8BA47B02-78DA-4B24-BE9D-C590187945CA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{C36F9056-19A1-4E35-82FF-2CB66292CF54}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{4DAF9B9B-6ED1-4C17-9770-D260805155AD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Pinball FX2\Pinball FX2.exe
FirewallRules: [{79A46A44-BA6A-43ED-8EAC-46B81A7C831F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Pinball FX2\Pinball FX2.exe
FirewallRules: [{6DDD82C5-D5A0-4ACB-B48C-91E2D19CF10F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2C79BAE5-0F4E-4B21-8711-2F229F095C6D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{C40908D8-0704-4913-8A18-FB38BF7E0986}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{1ADA4216-7045-4B9B-9F80-C4A13323DD96}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{E95D7EBB-F4CC-4228-8B4B-1E185862EFDF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kingdom Rush\Kingdom Rush.exe
FirewallRules: [{A4B67F11-63F7-4DD3-9C1B-98D2753C8C78}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kingdom Rush\Kingdom Rush.exe
FirewallRules: [{53CD6ECA-5F09-4A7F-9AA9-59CA9C374D3E}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{420B18FD-59BC-4288-B786-2A21FBF39ACC}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{E66CF74E-3CC5-4E86-A485-D4B624606890}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{5033324B-1B3B-44EB-89DA-B4A860E0C8B8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{29303C93-E08D-4C9F-BEDE-A19081CF8830}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{E58D77B1-3D23-488A-B17D-2FC442B0A125}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{1F50237C-EC2A-4843-8A3D-7DA2D9650926}] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{755070D3-2C10-4B68-BBFB-82DE52193E9D}] => (Block) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{41F5A5D9-88C2-4ADB-A58A-06EB6F848DD7}] => (Allow) C:\Program Files (x86)\Origin Games\Zuma's Revenge\ZumasRevenge.exe
FirewallRules: [{8B9387F5-BD68-4E28-AAA1-B24C79F110B9}] => (Allow) C:\Program Files (x86)\Origin Games\Zuma's Revenge\ZumasRevenge.exe
FirewallRules: [{10E7F628-1402-479C-A961-E887C9B38A53}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0D63A136-AE5A-4D90-A695-129571DDD848}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{02C3D6A5-1016-4DDD-BCFE-5AD9A1315418}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{8AE84A07-8AF4-4993-BB40-0F876A0D090A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9A0238F0-6F7D-4CF4-8B39-BE3858E80BE2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{735119DF-A94D-4630-BF1C-AC95F234096F}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 13\Game\fifa13.exe
FirewallRules: [{B9C386D5-3FAE-4FA8-AB71-7FCC0AA34329}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 13\Game\fifa13.exe
FirewallRules: [TCP Query User{B92396A2-7B01-4A11-82D8-68E30AF3CEE7}C:\program files (x86)\origin games\fifa 13\game\fifa13.exe] => (Allow) C:\program files (x86)\origin games\fifa 13\game\fifa13.exe
FirewallRules: [UDP Query User{7ABFB644-1681-4B2B-B313-3F1BD628C9D8}C:\program files (x86)\origin games\fifa 13\game\fifa13.exe] => (Allow) C:\program files (x86)\origin games\fifa 13\game\fifa13.exe
FirewallRules: [{5EB5F1F8-12DF-4783-9AC9-C781DE1B613E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C45077C7-D96F-4DF7-BF20-6B23A1AC267A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{457572F7-2C4F-44A4-89AF-B106168895A1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{272E4608-DBF7-4A15-BA4E-F07A85A1BBDA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{2B418507-F8F3-4C11-B47A-9BB11F2002A0}C:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) C:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [UDP Query User{33A92FBE-29EC-4E6E-B193-B73FBAE128D2}C:\program files (x86)\origin games\fifa 16\fifa16.exe] => (Allow) C:\program files (x86)\origin games\fifa 16\fifa16.exe
FirewallRules: [{0772C858-0EE7-4568-8CEE-68846B1F0AEF}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{E48CA994-8F29-465B-AC8C-EE7C7C8662F2}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{11FDB9CC-E5C1-4340-B9A0-C96EF7C831F3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{E7DB8F9A-3FA6-41D3-9813-E61D857E9A59}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{CA78A739-2922-45AA-9095-1F663EA5E58B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D3C4A4C3-DEA2-4A73-A53D-7FC06F6A5656}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D4093C13-1DF3-4B1A-81C6-9FC1A1C70E9E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{EF511DC5-E231-42E1-9223-E31DD01B08C3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{9D9A23CE-361C-473D-B074-233508412A48}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\How to Survive\Detect.exe
FirewallRules: [{6C19E425-8499-4A5A-9CEF-7AF64F729994}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\How to Survive\Detect.exe
FirewallRules: [TCP Query User{9201E150-0CF9-4961-A6B3-2B5B925809CC}C:\program files (x86)\steam\steamapps\common\need for speed hot pursuit\nfs11.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\need for speed hot pursuit\nfs11.exe
FirewallRules: [UDP Query User{E0680893-334E-4FE8-ADDE-CB4A7CFB46AF}C:\program files (x86)\steam\steamapps\common\need for speed hot pursuit\nfs11.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\need for speed hot pursuit\nfs11.exe
FirewallRules: [{B8480CFC-B8FA-4DF3-8A73-577E470C433B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MK10\Binaries\Retail\MK10.exe
FirewallRules: [{4B15CDA3-339A-41F6-B8AA-53332ABD0B46}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MK10\Binaries\Retail\MK10.exe
FirewallRules: [{89184A8D-BEBE-436E-ABA8-595B7E7ECA4D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MK10\Binaries\Retail\MKXLauncher.exe
FirewallRules: [{CCEDABEA-E21E-487D-913A-583ACE18821C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MK10\Binaries\Retail\MKXLauncher.exe
FirewallRules: [{91AFD7F2-39D5-47B4-86E8-0C3C1EF4C800}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{ED6AB5A7-518A-4EED-A33C-AA239D5A33B4}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{7A7812F5-9CCA-4EF5-A262-6EDC78546F42}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DuckTales Remastered\executable\DuckTales.exe
FirewallRules: [{ADFACD46-C8F5-45F1-8F28-FE236FCF79CF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DuckTales Remastered\executable\DuckTales.exe
FirewallRules: [{07C8CB98-8ACE-4E9F-8400-5058734B9DAA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Castle of Illusion\COI.exe
FirewallRules: [{4D3C22B6-8EBC-44ED-A677-059AC60D76AC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Castle of Illusion\COI.exe
FirewallRules: [{9793939D-6DAF-40D2-86DB-C180BCB96528}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tales of the Orient - The Rising Sun\TalesOfTheOrient-TheRisingSun.exe
FirewallRules: [{69BB40B8-59D9-447B-A988-6B0509C4EAAE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tales of the Orient - The Rising Sun\TalesOfTheOrient-TheRisingSun.exe
FirewallRules: [{FECAA364-0CCA-4AB8-AF70-AC4124441203}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront\starwarsbattlefront.exe
FirewallRules: [{60245F9F-D853-4F8C-A1EF-51B5A7BF0E90}] => (Allow) C:\Program Files (x86)\Origin Games\STAR WARS Battlefront\starwarsbattlefront.exe
FirewallRules: [{152FD951-05EC-4C09-AE69-9D9303838A67}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{609B4338-8621-4DE1-BBD0-7E7C02CD8E9B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mad Max\MadMax.exe
FirewallRules: [{FB9BF942-6083-4C7B-BFCD-26399C84D789}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mad Max\MadMax.exe
FirewallRules: [{15E342C7-D9AF-4BD3-84BD-440895F4AA58}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities XL Platinum\CitiesXL_Platinum.exe
FirewallRules: [{1D9A44FE-A8F9-42CD-90E2-F32144F63C3B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cities XL Platinum\CitiesXL_Platinum.exe
FirewallRules: [{BBA069A1-B2DB-4854-BF7A-2CBE52D1DCE9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Max Payne 3\Max Payne 3\MaxPayne3.exe
FirewallRules: [{6AFC638D-E140-4F23-8392-CF88063F2904}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Max Payne 3\Max Payne 3\MaxPayne3.exe

==================== Wiederherstellungspunkte =========================

11-04-2016 20:20:13 Automatic creation
12-04-2016 18:14:12 Automatic creation
13-04-2016 14:49:51 Automatic creation

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/19/2016 07:59:02 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2016 07:45:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2016 06:42:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/18/2016 07:00:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/18/2016 07:01:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/14/2016 08:31:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/14/2016 07:51:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/14/2016 07:36:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7ae7f
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.19110, Zeitstempel: 0x568429dd
Ausnahmecode: 0x0000046b
Fehleroffset: 0x000000000000b16d
ID des fehlerhaften Prozesses: 0x179c
Startzeit der fehlerhaften Anwendung: 0xwmpnetwk.exe0
Pfad der fehlerhaften Anwendung: wmpnetwk.exe1
Pfad des fehlerhaften Moduls: wmpnetwk.exe2
Berichtskennung: wmpnetwk.exe3

Error: (04/14/2016 07:29:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wmplayer.exe, Version 12.0.7601.18840 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 644

Startzeit: 01d196729af82e58

Endzeit: 0

Anwendungspfad: C:\Program Files (x86)\Windows Media Player\wmplayer.exe

Berichts-ID: 640957a1-0266-11e6-ba82-1c6f6593bd3c

Error: (04/14/2016 07:08:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 2.3.173.0, Zeitstempel: 0x56e065b4
Name des fehlerhaften Moduls: mbamcore.dll, Version: 1.3.24.0, Zeitstempel: 0x55e7e719
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000bd27f
ID des fehlerhaften Prozesses: 0x45c
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3


Systemfehler:
=============
Error: (04/19/2016 08:39:26 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/19/2016 08:38:56 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/19/2016 08:38:25 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/19/2016 08:37:55 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/19/2016 08:37:25 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/19/2016 08:36:55 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/19/2016 08:36:25 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/19/2016 08:35:55 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/19/2016 08:35:25 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/19/2016 08:34:55 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%126


CodeIntegrity:
===================================
  Date: 2016-04-14 17:47:58.882
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\ Malwarebytes Anti-Malware \mbampt.exe" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-04-14 17:47:58.816
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\ Malwarebytes Anti-Malware \mbampt.exe" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-04-14 17:47:58.723
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\ Malwarebytes Anti-Malware \mbampt.exe" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-04-14 17:47:58.660
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\ Malwarebytes Anti-Malware \mbampt.exe" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-12-21 20:10:57.679
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dxgi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-12-21 20:10:57.566
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dxgi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7 CPU 960 @ 3.20GHz
Prozentuale Nutzung des RAM: 23%
Installierter physikalischer RAM: 16382.43 MB
Verfügbarer physikalischer RAM: 12586.05 MB
Summe virtueller Speicher: 32763.07 MB
Verfügbarer virtueller Speicher: 28877.72 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:162.6 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: C93E8C22)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 19.04.2016, 17:56   #11
burningice
/// Malwareteam
 
Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes - Standard

Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes



Mehrere Anti-Virus-Programme

Code:
ATTFilter
Microsoft Security Essentials
Avira
         
Mir ist aufgefallen, dass Du mehr als ein Anti-Virus-Programm mit Hintergrundwächter laufen hast. Das ist gefährlich, da sich die Programme in die Quere kommen können und dadurch Viren erst recht auf dem Rechner landen können. Ausserdem bremst es auch das System aus. Entscheide Dich für eine Variante und deinstalliere die andere über die Systemsteuerung => Software.

Zitat:
Speedy hat letztens eine einleuchtende Erklärung dazu geliefert: "Man stelle sich einen Torwart vor, der das Tor hüten soll (Anti-Virus-Programm), der Ball kommt angeflogen (Virus), der Torhüter konzentriert sich auf den Ball und fängt ihn. Jetzt stelle Dir zwei Torhüter im Tor vor ...., die knallen aneinander und der Ball kann ungehindert ins Tor wandern."

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Hinweis: Dieser Scan kann schon einmal mehrere Stunden dauern...

Hast du noch irgendwelche Probleme mit deinem Rechner?
__________________
Mfg,
Rafael

~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~

Unterstütze uns mit einer Spende
......... Lob, Kritik oder Wünsche .........
.......... Folge uns auf Facebook ..........

Alt 20.04.2016, 05:18   #12
MichaelHe
 
Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes - Standard

Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes



Guten Morgen Rafael,

erstmal Sorry wegen dem doppelten Virenscanner.
(das hattest Du ja bereits in Deinem ersten Post geschrieben)
Ich habe nun Microsoft Security Essentials entfernt / deinstalliert.

Hier das Log von ESET:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=4c2d2341b83e3a479a03535feabb7e3e
# end=init
# utc_time=2016-04-19 05:16:44
# local_time=2016-04-19 07:16:44 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 29140
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=4c2d2341b83e3a479a03535feabb7e3e
# end=updated
# utc_time=2016-04-19 05:21:20
# local_time=2016-04-19 07:21:20 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=4c2d2341b83e3a479a03535feabb7e3e
# engine=29140
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-04-19 09:37:44
# local_time=2016-04-19 11:37:44 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Antivirus'
# compatibility_mode=1815 16777213 100 100 61059 11952799 0 0
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 29590331 84082258 0 0
# scanned=478320
# found=1
# cleaned=0
# scan_time=15383
sh=923B6BA24F6D522AF86AE6656A37DB681F682E9C ft=0 fh=0000000000000000 vn="Variante von Win32/Packed.Obsidium.AG Trojaner" ac=I fn="C:\Users\Miika\Downloads\Desktop.7z"
         


Probleme mit dem PC habe ich weiterhin:

- PC extremst langsam
- 80-90% aller Programme auf dem PC nicht mehr nutzbar da durch das Löschen aus der Quarantäne Dateien davon gelöscht wurden

Positiv: nach der erneuten Installation geht Malwarebytes nun wieder komplett.
Ich vermute das ich alle Programme noch einmal neu installieren muss.
(warte damit aber natürlich bis Du das Kommando dazu gibst bzw. wir hier durch sind)

Frage:

Kann es sein das es "nur" ein Fehlalarm von Malwarebytes war?
Ich vermute dies, da wir bei unseren bisherigen Suchläufen ja nichts wirkliches gefunden haben, was auf eine Infizierung hindeutet.
Also das ich mir durch das Löschen aus der Quarantäne "nur" alles "zerschossen" habe?

Alt 20.04.2016, 13:06   #13
burningice
/// Malwareteam
 
Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes - Standard

Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes



Zitat:
- 80-90% aller Programme auf dem PC nicht mehr nutzbar da durch das Löschen aus der Quarantäne Dateien davon gelöscht wurden
geht das bisschen genauer? Was funktioniert nicht und was soll zu unrecht entfernt worden sein?
__________________
Mfg,
Rafael

~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~

Unterstütze uns mit einer Spende
......... Lob, Kritik oder Wünsche .........
.......... Folge uns auf Facebook ..........

Alt 20.04.2016, 13:58   #14
MichaelHe
 
Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes - Standard

Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes



Hallo Rafael,

aber gerne doch:

Wie bereits in den vorherigen Posts von mir geschrieben begann das Problem mit einer Warnung von Malwarebytes das div. Dateien mit dem Trojaner.Agent befallen wären.
Malwarebytes hatte die Dateien in die Quarantäne verschoben.
Ich hatte leider die Quarantäne über Malwarebytes dann geleert.
Ergebnis war, das Firefox, Thunderbird, Steam, Origin, Adobe Reader, Apple Push, Windows Mediaplayer, etc. nicht mehr funktionieren. Und auch Malwarebytes war ja betroffen das dort eine Funktionalität nicht mehr ging (Überwachung bösartiger Webseiten).

Firefox und Thunderbird hatte ich vor Eröffnung des Posts hier selbst wiederhergestellt / neu installiert. Aber dann siegte die Unsicherheit und ich eröffnete den Post.

Malwarebytes hatten wir ja gemeinsam hierüber neu installiert und es funktioniert ja nun auch wieder komplett.

Wenn man nun z.B. auf das Desktop Symbol von Origin klickt kommt Datei nicht gefunden.

In Bezug auf Apple Push kommt die Fehlermeldung beim Booten z.B.:

"APSDaemon.exe - Systemfehler

Das Programm kann nicht gestartet werden, da MSVCP100.dll auf dem Computer fehlt. Installieren Sie das Programm erneut um das Problem zu beheben."


Da wir bislang bei den Nachforschungen / Scans keine Infizierungen des Systems feststellen konnten, hatte ich mich halt gefragt ob es vielleicht ein Fehlalarm war und die Dateien zu Unrecht gelöscht wurden.

Ich habe keine weiteren Neuinstallationen bislang versucht, da ich hier ja nur die von Dir genannten Aktionen durchführen soll.

Alt 20.04.2016, 14:56   #15
burningice
/// Malwareteam
 
Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes - Standard

Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes



Überprüfung der Systemintegrität
  • Klick auf Windows/Start
  • Gib im Suchfeld folgendes ein: cmd
  • Wähle die Eingabeaufforderung und starte sie als Administrator
  • Führe folgendes aus in dem du den Befehl eingibst und im Anschluss "Enter" drückst:
    Code:
    ATTFilter
    sfc /scannow
             


Bitte gehe in folgenden Ordner: C:\Windows\Logs
  • Gehe in den Ordner CBS und kopiere die cbs.log auf den Desktop
Erstelle daraus eine .zip Datei und füge sie bitte hier als Anhang an.
__________________
Mfg,
Rafael

~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~

Unterstütze uns mit einer Spende
......... Lob, Kritik oder Wünsche .........
.......... Folge uns auf Facebook ..........

Antwort

Themen zu Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes
adobe, antivirus, avira, bonjour, defender, dnsapi.dll, ebay, flash player, home, langsam, lws.exe, mozilla, problem, prozesse, realtek, registry, rundll, scan, schutz, security, server, services.exe, software, svchost.exe, system, usb, windows



Ähnliche Themen: Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes


  1. Malwarebytes Fund: Trojan.Agent C:\Windows\SysWOW64\SVKP.sys
    Log-Analyse und Auswertung - 22.08.2015 (15)
  2. Windows 7: Malwarebytes Anti-Malware findet Trojan.Agent.RC und setzt SkyDriveSetup.exe in Quarantäne
    Log-Analyse und Auswertung - 12.06.2015 (17)
  3. Trojan.Agent - netlogger.exe - MalwareBytes findet nach Routinescan einen Trojaner
    Plagegeister aller Art und deren Bekämpfung - 09.09.2014 (11)
  4. Windows 8: Werbevirus-Befall trotz Antivirenprogramm,Malwarebytes nicht installierbar
    Plagegeister aller Art und deren Bekämpfung - 04.08.2014 (16)
  5. Windows 7: Malwarebytes findet Trojan.Agent, jedoch lässt sich dieser nicht löschen!
    Log-Analyse und Auswertung - 17.05.2014 (12)
  6. Windows 7 (64bit) - hyperaktive timeserver.exe - Malwarebytes kann Befall nicht dauerhaft entfernen
    Log-Analyse und Auswertung - 15.08.2013 (5)
  7. Mit Malwarebytes Backdoor/Agent ; Trojaner/Agent gefunden. Was Tun?
    Log-Analyse und Auswertung - 05.03.2013 (18)
  8. möglicher trojaner-befall? malwarebytes blockiert potentiell gefährliche zugänge
    Plagegeister aller Art und deren Bekämpfung - 19.11.2012 (27)
  9. Trojaner Befall C:\uninstall.exe (Trojan.Agent) und weitere
    Plagegeister aller Art und deren Bekämpfung - 04.08.2012 (1)
  10. Windows Recovery entfernt- Problem mit Google Suche - Malwarebytes Logfiles
    Log-Analyse und Auswertung - 16.04.2011 (9)
  11. Befall TR/Crypt.ZPACK.Gen sowie Agent.AO.205 und Agent.AO.223
    Log-Analyse und Auswertung - 26.12.2010 (6)
  12. Windows Recovery auf C:\ nach Befall von JAVA Agent.M.1 (laut Antivir). Reicht das?
    Plagegeister aller Art und deren Bekämpfung - 03.09.2010 (6)
  13. Trojaner Befall! z.B Backdoor.win32.Agent.ich
    Log-Analyse und Auswertung - 10.01.2010 (18)
  14. Trojaner-Befall Windows/system32/nvsvc32.exe - Problem gelöst?
    Plagegeister aller Art und deren Bekämpfung - 12.11.2009 (14)
  15. Virus-oder Trojaner-Befall (Win32-Problem)
    Log-Analyse und Auswertung - 01.12.2008 (0)
  16. Trojaner (evtl w32.agent) befall auf Vista
    Log-Analyse und Auswertung - 20.02.2008 (5)
  17. Nach Trojaner-Befall Problem mit externer HDD
    Plagegeister aller Art und deren Bekämpfung - 25.07.2006 (6)

Zum Thema Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes - Hallo Zusammen, hat mir heute mehrere Dateien angezeigt mit einem Trojaner.Agent Befall. Ich habe die Dateien über Malwarebytes gelöscht aber der PC ist auffällig langsam und bei Malwarebytes fällt mir - Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes...
Archiv
Du betrachtest: Windows 7 - Befall mit Trojaner.Agent - Problem Malwarebytes auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.