Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 8: Für mich unbekannter Trojaner von Avira gefunden

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 10.05.2016, 16:04   #1
Chronos5896
 
Windows 8: Für mich unbekannter Trojaner von Avira gefunden - Standard

Windows 8: Für mich unbekannter Trojaner von Avira gefunden



Hallo zusammen! Heute habe ich einen Virenscan mit Avira gestartet und es wurde folgender Trojaner gefunden: TR/Crypt.EPACK.Gen8 (Cloud)
Ich weiß jetzt nicht was ich unternehmen muss, da ich erstens ziemlich "neu" im Thema Viren bin und als ich den Virus in der Quarantäne entfernt habe, war der Virus im Nachhinein wieder gefunden worden!
Den Log von Avira habe ich Momentan nicht.
Ich bedanke mich bei jedem der mir bei diesem Problem helfen kann! Des weiteren entschuldige ich mich für jegliche Fehler meinerseits!

MFG Chronos

Hier nun die FRST

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:09-05-2016
durchgeführt von André (Administrator) auf ANDRÉ-PC (10-05-2016 16:33:48)
Gestartet von C:\Users\André\Downloads
Geladene Profile: André &  (Verfügbare Profile: André)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Bitsum LLC) C:\Program Files\ParkControl\ParkControl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Activision Publishing Inc.) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\javaw.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\SystemPropertiesProtection.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei 

wird nicht verschoben.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2013-11-20] (Hewlett-Packard )
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-11-20] (IDT, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2396096 2016-03-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [807392 2016-03-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-03-18] 

(Apple Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-03-30] 

(Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [FireStormStartUpAutoRun] => C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe [24278016 2015-03-11] (PC Partner 

Co.Ltd)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] 

(Advanced Micro Devices, Inc.)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve 

Corporation)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A 

J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Spotify Web Helper] => C:\Users\André\AppData\Roaming\Spotify

\SpotifyWebHelper.exe [1525360 2016-04-26] (Spotify Ltd)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Spotify] => C:\Users\André\AppData\Roaming\Spotify\Spotify.exe [6890608 2016-

04-26] (Spotify Ltd)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [51662464 2016-04-08] 

(Skype Technologies S.A.)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8813784 

2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [scsi3-3] => C:\ProgramData\scsi3-36\scsi3-21.exe [818048 2016-05-10] ()
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\RunOnce: [faraday-84] => C:\Users\André\AppData\Roaming\faraday-1\faraday-73.exe 

[777216 2016-05-10] ()
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\MountPoints2: {4314a68d-f93b-11e3-bef5-b4b52fc7b10a} - "G:\setup.exe" 
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\MountPoints2: {8fad102a-54d2-11e2-be6d-806e6f6e6963} - "E:\ZToolBar.exe" 
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [132608 2014-11-

21] (Microsoft Corporation)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files 

(x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [HP Deskjet 3050A J611 series (NET)] 

=> C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users

\André\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-04-26] (Spotify Ltd)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify] => C:\Users\André\AppData

\Roaming\Spotify\Spotify.exe [6890608 2016-04-26] (Spotify Ltd)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files 

(x86)\Skype\Phone\Skype.exe [51662464 2016-04-08] (Skype Technologies S.A.)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program 

Files\CCleaner\CCleaner64.exe [8813784 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [scsi3-3] => C:\ProgramData\scsi3-

36\scsi3-21.exe [818048 2016-05-10] ()
HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [faraday-84] => C:\Users\André

\AppData\Roaming\faraday-1\faraday-73.exe [777216 2016-05-10] ()
HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {4314a68d-f93b-11e3-bef5-

b4b52fc7b10a} - "G:\setup.exe" 
HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {8fad102a-54d2-11e2-be6d-

806e6f6e6963} - "E:\ZToolBar.exe" 
HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:

\WINDOWS\system32\Ribbons.scr [132608 2014-11-21] (Microsoft Corporation)
Startup: C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scsi2-6.lnk [2016-05-10]
ShortcutTarget: scsi2-6.lnk -> C:\Users\André\AppData\Roaming\scsi2-13\scsi2-7.exe (SkinSharp Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um 

einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{9A94A0F4-2D9B-45C3-9E0A-94ED23BCC2BF}: [DhcpNameServer] 192.168.0.1 192.168.0.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F

%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM -> {E9CF137E-FB25-49C6-A0D0-A0DE744D2C27} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-

21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-447048058-3512354665-2473454594-1001 -> DefaultScope {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 

hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout
SearchScopes: HKU\S-1-5-21-447048058-3512354665-2473454594-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 

hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout
SearchScopes: HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {D944BB61-2E34-

4DBF-A683-47E505C587DC} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout
SearchScopes: HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {D944BB61-2E34-4DBF-A683-

47E505C587DC} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework

\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25] (HP)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin

\IEDownloadMenuAndBtns64.dll [2014-11-07] (DVDVideoSoft Ltd.)
BHO-x32: Kein Name -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll 

[2016-02-19] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll 

[2016-02-19] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework

\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095} 
DPF: HKLM-x32 {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.203.0.cab
DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} hxxps://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.96.0.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] 

(Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-16] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA 

Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft 

Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-16] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA 

Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine 

Components\IPT\npIntelWebAPIIPT.dll [2012-07-18] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT

\npIntelWebAPIUpdater.dll [2012-07-18] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-19] 

(Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-19] (Oracle 

Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( 

Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] 

(Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] 

(Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-03-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-03-08] 

(NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-447048058-3512354665-2473454594-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\André\AppData\LocalLow

\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 

-> C:\Users\André\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Extension: WEB.DE MailCheck - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\extensions

\mailcheck@web.de [2016-03-18]
FF Extension: FoxyProxy Standard - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\Extensions

\foxyproxy@eric.h.jung [2016-02-18]
FF Extension: ProxTube - Unblock YouTube - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-

1438960782100\Extensions\ich@maltegoetz.de.xpi [2016-01-25]
FF Extension: Game Debate PC System Requirement Tool - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-

1438960782100\Extensions\jid1-E6k1NoroBGfTwA@jetpack.xpi [2016-04-28]
FF Extension: Adblock Plus - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\Extensions\{d10d0bf8-

f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\André\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj

\amazon-icon-2.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht 

separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [955736 2016-03-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466504 2016-03-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466504 2016-03-15] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1424880 2016-03-15] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] 

(Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [272304 2016-03-30] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1860616 2016-04-04] ()
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-03-23] (Digital Wave 

Ltd.)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [243984 2016-03-22] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-03-30] 

(NVIDIA Corporation)
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] 

(Hewlett-Packard)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe 

[26680 2016-02-18] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision 

Corporation) [Datei ist nicht signiert]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07

-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel 

Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-03-30] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-03-30] (NVIDIA 

Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-03-30] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-26] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2015-03-26] ()
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-11-20] (IDT, Inc.) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht 

separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2014-03-01] (Advanced Micro Devices, Inc.)
S3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [13209088 2014-07-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [626688 2014-07-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S3 athrusb; C:\Windows\system32\DRIVERS\athrxusb.sys [1075712 2008-07-29] (Atheros Communications, Inc.)
S3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Advanced Micro Devices) [Datei ist nicht signiert]
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-03-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [137952 2016-03-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-15] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [68936 2016-03-15] (Avira Operations GmbH & Co. KG)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-05-10] (Malwarebytes)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-03-30] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [47672 2016-03-08] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-03-21] (NVIDIA Corporation)
S3 USBTINSP; C:\Windows\System32\drivers\tinspusb.sys [142848 2010-03-29] (Texas Instruments)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [71680 2014-04-30] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 ZDCNDIS6a64; C:\windows\system32\ZDCNDIS6a64.sys [41280 2009-06-26] (Printing Communications Assoc., Inc. (PCAUSA))
S3 ZDCNDIS6a64; C:\windows\SysWOW64\ZDCNDIS6a64.sys [41280 2009-06-26] (Printing Communications Assoc., Inc. (PCAUSA))

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht 

separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-10 16:33 - 2016-05-10 16:34 - 00026324 _____ C:\Users\André\Downloads\FRST.txt
2016-05-10 16:32 - 2016-05-10 16:33 - 00000000 ____D C:\FRST
2016-05-10 16:31 - 2016-05-10 16:31 - 02381312 _____ (Farbar) C:\Users\André\Downloads\FRST64.exe
2016-05-10 16:14 - 2016-05-10 16:14 - 00000094 ____H C:\Users\André\Downloads\.~lock.Hurricanes.pptx#
2016-05-10 16:12 - 2016-05-10 16:12 - 00000094 ____H C:\Users\André\Downloads\.~lock.Chemie.pptx#
2016-05-10 15:59 - 2016-05-10 15:59 - 00000000 ____D C:\Users\André\AppData\Roaming\scsi2-13
2016-05-10 15:56 - 2016-05-10 15:56 - 00000000 ____D C:\ProgramData\componet-66
2016-05-10 15:07 - 2016-05-10 15:07 - 03640384 _____ C:\Users\André\Downloads\adwcleaner_5.116.exe
2016-05-10 14:38 - 2016-05-10 14:39 - 129662736 _____ (Microsoft Corporation) C:\Users\André\Downloads\msert.exe
2016-05-10 14:28 - 2016-05-10 14:28 - 00001116 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-05-10 14:28 - 2016-05-10 14:28 - 00000000 ____D C:\Users\André\AppData\Roaming\faraday-1
2016-05-10 14:20 - 2016-05-10 14:20 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-10 14:20 - 2016-05-10 14:20 - 00002069 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-05-10 14:18 - 2016-05-10 14:18 - 00000000 ____D C:\ProgramData\scsi3-36
2016-05-10 14:17 - 2016-05-10 14:17 - 90330808 _____ (Adobe Systems Incorporated) C:\Users\André\Downloads\AcroRdrDC1501620039_de_DE.exe
2016-05-10 14:16 - 2016-05-10 15:02 - 00000000 ____D C:\ProgramData\uum
2016-05-09 21:41 - 2016-05-09 21:41 - 04489175 _____ C:\Users\André\Downloads\Hurricanes .pptx
2016-05-09 15:51 - 2016-05-09 15:51 - 00212133 _____ C:\Users\André\Desktop\WhatsApp-Image-20160509
2016-05-09 15:50 - 2016-05-09 15:51 - 00212133 _____ C:\Users\André\Downloads\WhatsApp-Image-20160509
2016-05-08 14:07 - 2016-05-08 14:07 - 00000222 _____ C:\Users\André\Desktop\Cosmic DJ.url
2016-05-08 14:07 - 2016-05-08 14:07 - 00000000 ____D C:\Users\André\AppData\LocalLow\GL33k
2016-05-08 12:08 - 2016-05-10 15:34 - 00003050 _____ C:\WINDOWS\System32\Tasks\ParkControl
2016-05-07 23:22 - 2016-05-07 23:22 - 00466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2016-05-07 23:22 - 2016-05-07 23:22 - 00444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2016-05-07 23:22 - 2016-05-07 23:22 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2016-05-07 23:22 - 2016-05-07 23:22 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2016-05-07 23:22 - 2016-05-07 23:22 - 00000000 ____D C:\Program Files (x86)\OpenAL
2016-05-06 18:17 - 2016-05-06 18:17 - 00000222 _____ C:\Users\André\Desktop\Hotline Miami 2 Wrong Number.url
2016-05-06 18:17 - 2016-05-06 18:17 - 00000137 _____ C:\Users\André\Desktop\Hotline Miami.url
2016-05-05 02:23 - 2016-05-05 02:23 - 00000000 ____D C:\Users\André\Documents\Overwatch
2016-05-05 01:08 - 2016-05-05 01:08 - 00001114 _____ C:\Users\Public\Desktop\Overwatch.lnk
2016-05-05 01:08 - 2016-05-05 01:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
2016-05-05 01:00 - 2016-05-10 14:14 - 00000000 ____D C:\Program Files (x86)\Overwatch
2016-05-02 20:13 - 2016-05-02 20:15 - 85367756 _____ C:\Users\André\Downloads\Why Do We Fall - Motivational Video.mp4
2016-05-02 19:19 - 2016-04-30 21:42 - 04483870 _____ C:\Users\André\Desktop\Hurricanes.pptx
2016-05-02 19:14 - 2016-05-02 19:15 - 00477426 _____ C:\Users\André\Downloads\Chemie.pptx
2016-05-02 18:46 - 2016-05-02 18:46 - 00169110 _____ C:\Users\André\Downloads\WhatsApp-Image-20160502
2016-05-02 18:10 - 2016-05-02 18:10 - 00194857 _____ C:\Users\André\Downloads\WhatsApp-Image-20160430
2016-04-30 14:56 - 2016-04-30 14:56 - 00001644 _____ C:\Users\André\Desktop\Neues Textdokument.txt
2016-04-30 12:56 - 2016-04-30 12:56 - 04448793 _____ C:\Users\André\Downloads\Hurricanes.pptx
2016-04-26 20:11 - 2016-04-26 20:11 - 00121060 _____ C:\Users\André\Downloads\Cgco6leh.jpeg
2016-04-25 16:48 - 2016-04-25 16:48 - 00146693 _____ C:\Users\André\Downloads\GlSILUQj.jpeg
2016-04-24 20:55 - 2016-04-24 20:57 - 00000000 ____D C:\Users\André\AppData\Roaming\MediaPurge
2016-04-24 20:55 - 2016-04-24 20:55 - 00001945 _____ C:\Users\André\Desktop\Mediapurge.lnk
2016-04-24 20:55 - 2016-04-24 20:55 - 00000000 ____D C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mediapurge
2016-04-24 20:55 - 2016-04-24 20:55 - 00000000 ____D C:\Program Files (x86)\Mediapurge
2016-04-24 20:54 - 2016-04-24 20:54 - 01475080 _____ C:\Users\André\Downloads\MediaPurge - CHIP-Installer.exe
2016-04-24 20:44 - 2016-04-24 20:44 - 00001259 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2016-04-22 22:15 - 2016-04-22 22:15 - 74885612 _____ C:\Users\André\Downloads\3DM-MGS5-v1.005-Crack_only.rar
2016-04-21 10:01 - 2016-04-23 14:37 - 00000000 ____D C:\driver_memscan
2016-04-16 14:22 - 2016-04-16 14:22 - 00000222 _____ C:\Users\André\Desktop\Call of Duty Black Ops II - Zombies.url
2016-04-16 14:18 - 2016-04-16 14:18 - 00000222 _____ C:\Users\André\Desktop\Call of Duty Black Ops II - Multiplayer.url
2016-04-16 13:56 - 2016-04-16 13:56 - 00000222 _____ C:\Users\André\Desktop\Call of Duty Black Ops II.url
2016-04-14 16:11 - 2016-04-14 16:11 - 00000836 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-04-14 16:11 - 2016-04-14 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-04-14 16:07 - 2016-04-14 16:07 - 05683392 _____ (Piriform Ltd) C:\Users\André\Downloads\ccsetup516_slim.exe
2016-04-13 18:45 - 2016-04-13 18:49 - 00000518 _____ C:\Users\André\Documents\Neues Textdokument.txt
2016-04-13 13:58 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-13 13:58 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-04-13 13:58 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-04-13 13:58 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-13 13:58 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-04-13 13:58 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-04-13 13:58 - 2016-03-31 01:43 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-04-13 13:58 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-04-13 13:58 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-13 13:58 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-13 13:58 - 2016-03-31 01:23 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-04-13 13:58 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-13 13:58 - 2016-02-02 20:16 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-04-13 13:57 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-04-13 13:57 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-04-13 13:57 - 2016-03-31 01:56 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-04-13 13:57 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-04-13 13:57 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-04-13 13:57 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-04-13 13:57 - 2016-03-31 01:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-04-13 13:57 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-04-13 13:57 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-04-13 13:57 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-04-13 13:57 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-04-13 13:57 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-04-13 13:57 - 2016-03-31 01:30 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-04-13 13:57 - 2016-03-31 01:27 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-04-13 13:57 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-04-13 13:57 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-04-13 13:57 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-04-13 13:57 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-13 13:57 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-04-13 13:57 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-13 13:57 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-13 13:57 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-04-13 13:56 - 2016-04-04 08:35 - 00046768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-04-13 13:56 - 2016-04-02 15:26 - 01386496 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-04-13 13:56 - 2016-04-02 15:26 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-04-13 13:56 - 2016-03-28 15:21 - 00698368 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-04-13 13:56 - 2016-03-28 15:21 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-04-13 13:56 - 2016-03-28 15:21 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-04-13 13:56 - 2016-03-28 15:21 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-04-13 13:56 - 2016-03-28 15:21 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-04-13 13:56 - 2016-03-16 01:00 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-13 13:56 - 2016-03-15 16:14 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-13 13:56 - 2016-03-11 16:48 - 00833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-13 13:56 - 2016-03-10 20:22 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-04-13 13:56 - 2016-03-10 20:21 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-04-13 13:56 - 2016-03-10 20:20 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-04-13 13:56 - 2016-03-10 19:44 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-04-13 13:56 - 2016-03-10 19:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-04-13 13:56 - 2016-03-10 19:03 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-13 13:56 - 2016-03-10 18:48 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-13 13:56 - 2016-03-03 18:47 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-13 13:56 - 2016-03-03 18:33 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-13 13:56 - 2016-03-03 03:39 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-04-13 13:56 - 2016-03-03 03:39 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-04-13 13:56 - 2016-02-09 03:31 - 22365472 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-04-13 13:56 - 2016-02-09 03:31 - 19794896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-04-13 13:56 - 2016-02-09 03:31 - 02757616 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-04-13 13:56 - 2016-02-09 03:31 - 02412576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-04-13 13:56 - 2016-02-09 03:31 - 00273264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-13 13:56 - 2016-02-08 22:55 - 02712576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-04-13 13:56 - 2016-02-08 22:15 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-04-13 13:56 - 2016-02-08 22:02 - 01197056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-04-13 13:56 - 2016-02-08 21:48 - 12879360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-13 13:56 - 2016-02-08 21:43 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-04-13 13:56 - 2016-02-08 21:40 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-04-13 13:56 - 2016-02-08 21:39 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-04-13 13:56 - 2016-02-08 21:37 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2016-04-13 13:56 - 2016-02-08 21:35 - 00954880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-04-13 13:56 - 2016-02-08 21:34 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-04-13 13:56 - 2016-02-08 21:33 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-04-13 13:56 - 2016-02-08 20:50 - 03120640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-04-13 13:56 - 2016-02-08 19:55 - 02592256 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-04-13 13:56 - 2016-02-08 19:33 - 01278464 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-04-13 13:56 - 2016-02-08 19:12 - 14466560 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-13 13:56 - 2016-02-08 19:02 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-04-13 13:56 - 2016-02-08 19:00 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-04-13 13:56 - 2016-02-08 18:58 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-04-13 13:56 - 2016-02-08 18:55 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2016-04-13 13:56 - 2016-02-08 18:53 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2016-04-13 13:56 - 2016-02-08 18:53 - 01348096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-13 13:56 - 2016-02-08 18:50 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-04-13 13:56 - 2016-02-08 18:50 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-04-13 13:56 - 2016-02-08 18:48 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-04-13 13:56 - 2016-02-08 18:47 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2016-04-13 13:56 - 2016-02-08 18:44 - 00955392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-13 13:56 - 2016-02-05 16:46 - 01455104 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2016-04-13 13:56 - 2016-02-03 17:14 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2016-04-13 13:56 - 2016-02-03 17:11 - 01673728 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2016-04-13 13:56 - 2016-02-02 19:51 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2016-04-13 13:56 - 2016-02-02 19:19 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2016-04-13 13:56 - 2016-02-02 19:15 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2016-04-13 13:56 - 2016-02-02 19:01 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2016-04-13 13:56 - 2016-02-02 18:51 - 02609152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-04-13 13:56 - 2016-02-02 18:48 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2016-04-13 13:56 - 2016-02-02 18:46 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2016-04-13 13:56 - 2016-02-02 18:41 - 02170880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-04-13 13:56 - 2016-02-02 18:39 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2016-04-13 13:56 - 2016-01-27 17:18 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2016-04-13 13:56 - 2016-01-26 21:15 - 00072024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2016-04-13 13:56 - 2016-01-21 21:35 - 00952928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-04-13 13:56 - 2016-01-21 20:42 - 00786152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-04-13 13:56 - 2016-01-21 00:40 - 00099672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys
2016-04-13 13:56 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-04-13 13:56 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-04-13 13:55 - 2016-03-29 16:05 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-04-13 13:55 - 2016-03-10 21:19 - 07452512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-13 13:55 - 2016-03-10 21:17 - 01663192 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-13 13:55 - 2016-03-10 21:17 - 01523216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-13 13:55 - 2016-03-10 21:17 - 01490128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-13 13:55 - 2016-03-10 21:17 - 01358960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-13 13:55 - 2016-03-10 21:17 - 01133752 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-04-13 13:55 - 2016-03-10 19:48 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-04-13 13:55 - 2016-03-10 19:43 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-13 13:55 - 2016-03-10 18:55 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-13 13:55 - 2016-03-10 18:42 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-13 13:55 - 2016-03-03 18:13 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-13 13:55 - 2016-02-07 01:05 - 00551256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-04-13 13:55 - 2016-02-07 00:41 - 00316760 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2016-04-13 13:55 - 2016-02-05 21:07 - 00378712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-04-13 13:55 - 2016-02-05 17:11 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-13 13:55 - 2016-02-05 17:11 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-13 13:55 - 2016-02-05 17:07 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-13 13:55 - 2016-02-05 17:02 - 01083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-13 13:55 - 2016-02-04 20:07 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpsapi.dll
2016-04-13 13:55 - 2016-02-04 19:35 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpsapi.dll
2016-04-13 13:55 - 2016-02-04 18:23 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2016-04-13 13:55 - 2016-02-04 18:22 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2016-04-13 13:55 - 2016-02-02 19:18 - 01574912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2016-04-13 13:55 - 2016-01-31 19:17 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe
2016-04-13 13:55 - 2016-01-22 07:22 - 02487296 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-04-13 13:55 - 2016-01-22 07:11 - 01482240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-10 16:24 - 2013-01-03 16:09 - 00000000 ____D C:\Users\André\AppData\Roaming\Skype
2016-05-10 16:12 - 2015-02-22 21:08 - 00753152 ___SH C:\Users\André\Downloads\Thumbs.db
2016-05-10 16:12 - 2013-01-03 15:41 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-05-10 15:50 - 2013-02-18 14:36 - 00007667 _____ C:\Users\André\AppData\Local\resmon.resmoncfg
2016-05-10 15:43 - 2013-11-11 21:04 - 00000000 ____D C:\AdwCleaner
2016-05-10 15:36 - 2014-09-24 19:06 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-05-10 15:35 - 2013-02-02 18:30 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-10 15:34 - 2016-03-18 22:35 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-10 15:34 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-10 15:33 - 2014-09-24 19:06 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-05-10 15:33 - 2014-01-06 18:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-10 15:06 - 2013-01-02 14:08 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-447048058-

3512354665-2473454594-1001
2016-05-10 14:28 - 2014-09-24 19:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-05-10 14:21 - 2014-12-29 11:31 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-05-10 14:20 - 2013-01-05 14:01 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-05-10 14:20 - 2013-01-03 15:39 - 00000000 ____D C:\ProgramData\Adobe
2016-05-10 14:15 - 2015-02-06 20:43 - 00003930 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E60977FA-3A81-4898-8919-

E45EAAFEA251}
2016-05-10 14:13 - 2015-07-29 16:33 - 00000000 ____D C:\Users\André\AppData\Local\Battle.net
2016-05-10 14:13 - 2015-07-29 16:33 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-05-09 21:53 - 2014-11-21 05:35 - 01980998 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-09 21:53 - 2014-11-21 04:45 - 00841326 _____ C:\WINDOWS\system32\perfh007.dat
2016-05-09 21:53 - 2014-11-21 04:45 - 00191558 _____ C:\WINDOWS\system32\perfc007.dat
2016-05-09 21:53 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-05-09 21:44 - 2013-06-19 16:13 - 00000000 ____D C:\Users\André\AppData\Roaming\TS3Client
2016-05-09 20:47 - 2014-01-13 17:25 - 00000000 ____D C:\Users\André\AppData\Local\DayZ
2016-05-08 20:22 - 2015-10-01 18:48 - 00000000 ____D C:\Users\André\AppData\Roaming\Spotify
2016-05-08 20:17 - 2015-10-09 13:23 - 00000000 ____D C:\Users\André\AppData\Local\Spotify
2016-05-08 19:54 - 2015-04-02 12:38 - 00000000 ____D C:\Users\André\Downloads\Wallpaper
2016-05-08 12:15 - 2015-01-30 20:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-07 23:23 - 2013-07-06 14:35 - 00000000 ____D C:\Users\André\Documents\My Games
2016-05-06 14:25 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-06 14:23 - 2015-08-30 19:09 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2016-05-06 14:23 - 2015-08-30 19:09 - 00000000 ___SD C:\WINDOWS\system32\GWX
2016-05-06 14:23 - 2015-02-03 19:00 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-05-05 00:43 - 2016-03-26 00:19 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2016-05-04 21:02 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-04 21:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-03 21:16 - 2013-08-22 15:25 - 01048576 ___SH C:\WINDOWS\system32\config\BBI
2016-05-02 21:00 - 2015-02-01 12:26 - 00601600 ___SH C:\Users\André\Desktop\Thumbs.db
2016-05-02 20:31 - 2013-01-12 14:43 - 00000000 ____D C:\Users\André\AppData\Local\ElevatedDiagnostics
2016-04-29 21:41 - 2016-02-18 20:30 - 00000000 ____D C:\Users\André\Documents\CCleaner Reg Backups!
2016-04-29 21:40 - 2016-03-19 15:32 - 00000000 ____D C:\Users\André\AppData\Local\CrashDumps
2016-04-29 07:31 - 2015-03-24 14:29 - 00000000 ____D C:\Users\André\Downloads\LUPO
2016-04-29 06:35 - 2013-01-11 20:49 - 00000000 ____D C:\Users\André\AppData\Roaming\DVDVideoSoft
2016-04-27 20:40 - 2014-08-16 14:13 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-27 20:20 - 2013-09-06 14:40 - 00000000 ____D C:\Users\André\AppData\Roaming\OBS
2016-04-26 15:17 - 2016-02-17 15:39 - 00000000 ____D C:\Users\André\AppData\Local\TeamSpeak 3 Client
2016-04-26 13:01 - 2016-01-01 15:33 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-26 13:01 - 2013-01-03 16:09 - 00000000 ____D C:\ProgramData\Skype
2016-04-24 20:44 - 2016-03-25 15:57 - 00001416 _____ C:\Users\Public\Desktop\Free YouTube To MP3 Converter.lnk
2016-04-24 20:44 - 2013-08-18 13:28 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-04-24 20:44 - 2013-01-11 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-04-20 12:35 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2016-04-19 14:45 - 2013-05-04 10:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-04-16 21:16 - 2013-01-03 15:41 - 00003766 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-04-14 16:20 - 2013-01-02 14:01 - 00000000 ____D C:\Users\André\AppData\Local\Packages
2016-04-14 16:18 - 2012-11-22 11:37 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-04-14 16:17 - 2013-01-18 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
2016-04-14 16:17 - 2013-01-18 20:38 - 00000000 ____D C:\Program Files (x86)\THQ
2016-04-14 16:15 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-04-14 16:15 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-04-14 16:12 - 2015-03-27 22:10 - 00000000 ____D C:\WINDOWS\Minidump
2016-04-14 14:43 - 2013-08-22 16:44 - 00405368 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-13 20:59 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-04-13 19:20 - 2013-08-15 12:24 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-13 19:17 - 2013-01-03 18:22 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-13 13:50 - 2016-01-13 13:43 - 00177488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-04-13 13:47 - 2016-03-09 15:30 - 01501488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-04-13 13:47 - 2016-03-09 15:30 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-04-13 13:46 - 2016-03-09 15:30 - 01737080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-09-14 19:20 - 2014-09-14 19:20 - 0000297 _____ () C:\Users\André\AppData\Roaming\BreakingPoint_Login.ini
2014-09-14 19:23 - 2014-09-14 19:23 - 0001370 _____ () C:\Users\André\AppData\Roaming\BreakingPoint_Options.ini
2014-02-15 10:22 - 2014-02-15 10:22 - 0000011 _____ () C:\Users\André\AppData\Roaming\Network Meter_Usage.ini
2013-08-21 13:54 - 2013-12-21 14:58 - 0000134 _____ () C:\Users\André\AppData\Roaming\Network Monitor II_Traffic.ini
2013-08-21 13:04 - 2013-08-21 13:04 - 0000725 _____ () C:\Users\André\AppData\Roaming\Ping Monitor_Settings.ini
2014-12-21 15:16 - 2014-12-21 15:16 - 0000000 _____ () C:\Users\André\AppData\Roaming\Stardockfences_debug_snapshot.dat
2014-06-19 18:50 - 2014-06-19 18:50 - 0000024 _____ () C:\Users\André\AppData\Roaming\temp.ini
2013-02-16 16:01 - 2013-02-19 18:05 - 0004608 _____ () C:\Users\André\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-03-13 21:16 - 2016-03-13 21:16 - 0007890 _____ () C:\Users\André\AppData\Local\recently-used.xbel
2013-02-18 14:36 - 2016-05-10 15:50 - 0007667 _____ () C:\Users\André\AppData\Local\resmon.resmoncfg
2013-11-25 18:04 - 2013-11-25 18:04 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-01-02 14:02 - 2013-01-02 14:02 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\André\Arcanum4.dat
C:\Users\André\Arcanum5.dat
C:\Users\André\Arcanum6.dat


Einige Dateien in TEMP:
====================
C:\Users\André\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-05-06 14:22

==================== Ende von FRST.txt ============================
         

Geändert von Chronos5896 (10.05.2016 um 16:12 Uhr) Grund: Weitere Information

Alt 10.05.2016, 16:52   #2
M-K-D-B
/// TB-Ausbilder
 
Windows 8: Für mich unbekannter Trojaner von Avira gefunden - Standard

Windows 8: Für mich unbekannter Trojaner von Avira gefunden






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!



Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!




"TR/Crypt.EPACK.Gen8" ist nichtssagend... bitte die Logdatei von Avira nachreichen.


Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:



Schritt 1
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.




Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________

__________________

Alt 10.05.2016, 17:20   #3
Chronos5896
 
Windows 8: Für mich unbekannter Trojaner von Avira gefunden - Standard

Windows 8: Für mich unbekannter Trojaner von Avira gefunden



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:09-05-2016
durchgeführt von André (Administrator) auf ANDRÉ-PC (10-05-2016 17:57:12)
Gestartet von C:\Users\André\Downloads
Geladene Profile: André &  (Verfügbare Profile: André)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Bitsum LLC) C:\Program Files\ParkControl\ParkControl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Bethesda Softworks) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
(The Creative Assembly Ltd) C:\Program Files (x86)\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Farbar) C:\Users\André\Downloads\FRST64(1).exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2013-11-20] (Hewlett-Packard )
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-11-20] (IDT, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2396096 2016-03-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [807392 2016-03-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-03-18] (Apple Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-03-30] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [FireStormStartUpAutoRun] => C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe [24278016 2015-03-11] (PC Partner Co.Ltd)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Spotify Web Helper] => C:\Users\André\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-04-26] (Spotify Ltd)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Spotify] => C:\Users\André\AppData\Roaming\Spotify\Spotify.exe [6890608 2016-04-26] (Spotify Ltd)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [51662464 2016-04-08] (Skype Technologies S.A.)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8813784 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\RunOnce: [faraday-84] => C:\Users\André\AppData\Roaming\faraday-1\faraday-73.exe [777216 2016-05-10] ()
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\MountPoints2: {4314a68d-f93b-11e3-bef5-b4b52fc7b10a} - "G:\setup.exe" 
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\MountPoints2: {8fad102a-54d2-11e2-be6d-806e6f6e6963} - "E:\ZToolBar.exe" 
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [132608 2014-11-21] (Microsoft Corporation)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\André\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-04-26] (Spotify Ltd)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify] => C:\Users\André\AppData\Roaming\Spotify\Spotify.exe [6890608 2016-04-26] (Spotify Ltd)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [51662464 2016-04-08] (Skype Technologies S.A.)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8813784 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [faraday-84] => C:\Users\André\AppData\Roaming\faraday-1\faraday-73.exe [777216 2016-05-10] ()
HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {4314a68d-f93b-11e3-bef5-b4b52fc7b10a} - "G:\setup.exe" 
HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {8fad102a-54d2-11e2-be6d-806e6f6e6963} - "E:\ZToolBar.exe" 
HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [132608 2014-11-21] (Microsoft Corporation)
Startup: C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scsi2-6.lnk [2016-05-10]
ShortcutTarget: scsi2-6.lnk -> C:\Users\André\AppData\Roaming\scsi2-13\scsi2-7.exe (SkinSharp Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{9A94A0F4-2D9B-45C3-9E0A-94ED23BCC2BF}: [DhcpNameServer] 192.168.0.1 192.168.0.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM -> {E9CF137E-FB25-49C6-A0D0-A0DE744D2C27} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-447048058-3512354665-2473454594-1001 -> DefaultScope {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout
SearchScopes: HKU\S-1-5-21-447048058-3512354665-2473454594-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout
SearchScopes: HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout
SearchScopes: HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25] (HP)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-11-07] (DVDVideoSoft Ltd.)
BHO-x32: Kein Name -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-19] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-19] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095} 
DPF: HKLM-x32 {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.203.0.cab
DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} hxxps://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.96.0.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-16] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-16] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-07-18] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-07-18] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-19] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-03-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-03-08] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-447048058-3512354665-2473454594-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\André\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\André\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Extension: WEB.DE MailCheck - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\extensions\mailcheck@web.de [2016-03-18]
FF Extension: FoxyProxy Standard - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\Extensions\foxyproxy@eric.h.jung [2016-02-18]
FF Extension: ProxTube - Unblock YouTube - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\Extensions\ich@maltegoetz.de.xpi [2016-01-25]
FF Extension: Game Debate PC System Requirement Tool - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\Extensions\jid1-E6k1NoroBGfTwA@jetpack.xpi [2016-04-28]
FF Extension: Adblock Plus - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\André\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [955736 2016-03-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466504 2016-03-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466504 2016-03-15] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1424880 2016-03-15] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [272304 2016-03-30] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1860616 2016-04-04] ()
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-03-23] (Digital Wave Ltd.)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [243984 2016-03-22] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-03-30] (NVIDIA Corporation)
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-18] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-03-30] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-03-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-03-30] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-26] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2015-03-26] ()
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-11-20] (IDT, Inc.) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2014-03-01] (Advanced Micro Devices, Inc.)
S3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [13209088 2014-07-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [626688 2014-07-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S3 athrusb; C:\Windows\system32\DRIVERS\athrxusb.sys [1075712 2008-07-29] (Atheros Communications, Inc.)
S3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Advanced Micro Devices) [Datei ist nicht signiert]
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-03-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [137952 2016-03-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-15] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [68936 2016-03-15] (Avira Operations GmbH & Co. KG)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-03-30] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [47672 2016-03-08] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-03-21] (NVIDIA Corporation)
S3 USBTINSP; C:\Windows\System32\drivers\tinspusb.sys [142848 2010-03-29] (Texas Instruments)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [71680 2014-04-30] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 ZDCNDIS6a64; C:\windows\system32\ZDCNDIS6a64.sys [41280 2009-06-26] (Printing Communications Assoc., Inc. (PCAUSA))
S3 ZDCNDIS6a64; C:\windows\SysWOW64\ZDCNDIS6a64.sys [41280 2009-06-26] (Printing Communications Assoc., Inc. (PCAUSA))

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-10 17:59 - 2016-05-10 17:59 - 00000230 _____ C:\TDSSKiller.3.1.0.9_10.05.2016_17.59.03_log.txt
2016-05-10 17:58 - 2016-05-10 17:58 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\André\Desktop\tdsskiller.exe
2016-05-10 17:56 - 2016-05-10 17:56 - 02381312 _____ (Farbar) C:\Users\André\Downloads\FRST64(1).exe
2016-05-10 17:42 - 2016-05-10 17:42 - 00000000 ____D C:\ProgramData\AVAST Software
2016-05-10 17:34 - 2016-05-10 17:34 - 05066104 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_online.exe
2016-05-10 17:34 - 2016-05-10 17:34 - 05066104 _____ (AVAST Software) C:\Users\André\Downloads\avast_free_antivirus_setup_online.exe
2016-05-10 16:50 - 2016-05-10 16:54 - 00083169 _____ C:\Users\André\Desktop\Addition.txt
2016-05-10 16:49 - 2016-05-10 16:49 - 00057004 _____ C:\Users\André\Desktop\FRST.txt
2016-05-10 16:38 - 2016-05-10 16:45 - 00083172 _____ C:\Users\André\Downloads\Addition.txt
2016-05-10 16:33 - 2016-05-10 17:59 - 00025993 _____ C:\Users\André\Downloads\FRST.txt
2016-05-10 16:32 - 2016-05-10 17:57 - 00000000 ____D C:\FRST
2016-05-10 16:31 - 2016-05-10 16:31 - 02381312 _____ (Farbar) C:\Users\André\Downloads\FRST64.exe
2016-05-10 16:14 - 2016-05-10 16:14 - 00000094 ____H C:\Users\André\Downloads\.~lock.Hurricanes.pptx#
2016-05-10 16:12 - 2016-05-10 16:12 - 00000094 ____H C:\Users\André\Downloads\.~lock.Chemie.pptx#
2016-05-10 15:59 - 2016-05-10 15:59 - 00000000 ____D C:\Users\André\AppData\Roaming\scsi2-13
2016-05-10 15:56 - 2016-05-10 15:56 - 00000000 ____D C:\ProgramData\componet-66
2016-05-10 15:07 - 2016-05-10 15:07 - 03640384 _____ C:\Users\André\Downloads\adwcleaner_5.116.exe
2016-05-10 14:38 - 2016-05-10 14:39 - 129662736 _____ (Microsoft Corporation) C:\Users\André\Downloads\msert.exe
2016-05-10 14:28 - 2016-05-10 14:28 - 00001116 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-05-10 14:28 - 2016-05-10 14:28 - 00000000 ____D C:\Users\André\AppData\Roaming\faraday-1
2016-05-10 14:20 - 2016-05-10 14:20 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-10 14:20 - 2016-05-10 14:20 - 00002069 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-05-10 14:17 - 2016-05-10 14:17 - 90330808 _____ (Adobe Systems Incorporated) C:\Users\André\Downloads\AcroRdrDC1501620039_de_DE.exe
2016-05-10 14:16 - 2016-05-10 15:02 - 00000000 ____D C:\ProgramData\uum
2016-05-09 21:41 - 2016-05-09 21:41 - 04489175 _____ C:\Users\André\Downloads\Hurricanes .pptx
2016-05-09 15:51 - 2016-05-09 15:51 - 00212133 _____ C:\Users\André\Desktop\WhatsApp-Image-20160509
2016-05-09 15:50 - 2016-05-09 15:51 - 00212133 _____ C:\Users\André\Downloads\WhatsApp-Image-20160509
2016-05-08 14:07 - 2016-05-08 14:07 - 00000222 _____ C:\Users\André\Desktop\Cosmic DJ.url
2016-05-08 14:07 - 2016-05-08 14:07 - 00000000 ____D C:\Users\André\AppData\LocalLow\GL33k
2016-05-08 12:08 - 2016-05-10 17:23 - 00003050 _____ C:\WINDOWS\System32\Tasks\ParkControl
2016-05-07 23:22 - 2016-05-07 23:22 - 00466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2016-05-07 23:22 - 2016-05-07 23:22 - 00444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2016-05-07 23:22 - 2016-05-07 23:22 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2016-05-07 23:22 - 2016-05-07 23:22 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2016-05-07 23:22 - 2016-05-07 23:22 - 00000000 ____D C:\Program Files (x86)\OpenAL
2016-05-06 18:17 - 2016-05-06 18:17 - 00000222 _____ C:\Users\André\Desktop\Hotline Miami 2 Wrong Number.url
2016-05-06 18:17 - 2016-05-06 18:17 - 00000137 _____ C:\Users\André\Desktop\Hotline Miami.url
2016-05-05 02:23 - 2016-05-05 02:23 - 00000000 ____D C:\Users\André\Documents\Overwatch
2016-05-05 01:08 - 2016-05-05 01:08 - 00001114 _____ C:\Users\Public\Desktop\Overwatch.lnk
2016-05-05 01:08 - 2016-05-05 01:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
2016-05-05 01:00 - 2016-05-10 14:14 - 00000000 ____D C:\Program Files (x86)\Overwatch
2016-05-02 20:13 - 2016-05-02 20:15 - 85367756 _____ C:\Users\André\Downloads\Why Do We Fall - Motivational Video.mp4
2016-05-02 19:19 - 2016-04-30 21:42 - 04483870 _____ C:\Users\André\Desktop\Hurricanes.pptx
2016-05-02 19:14 - 2016-05-02 19:15 - 00477426 _____ C:\Users\André\Downloads\Chemie.pptx
2016-05-02 18:46 - 2016-05-02 18:46 - 00169110 _____ C:\Users\André\Downloads\WhatsApp-Image-20160502
2016-05-02 18:10 - 2016-05-02 18:10 - 00194857 _____ C:\Users\André\Downloads\WhatsApp-Image-20160430
2016-04-30 14:56 - 2016-04-30 14:56 - 00001644 _____ C:\Users\André\Desktop\Neues Textdokument.txt
2016-04-30 12:56 - 2016-04-30 12:56 - 04448793 _____ C:\Users\André\Downloads\Hurricanes.pptx
2016-04-26 20:11 - 2016-04-26 20:11 - 00121060 _____ C:\Users\André\Downloads\Cgco6leh.jpeg
2016-04-25 16:48 - 2016-04-25 16:48 - 00146693 _____ C:\Users\André\Downloads\GlSILUQj.jpeg
2016-04-24 20:55 - 2016-04-24 20:57 - 00000000 ____D C:\Users\André\AppData\Roaming\MediaPurge
2016-04-24 20:55 - 2016-04-24 20:55 - 00001945 _____ C:\Users\André\Desktop\Mediapurge.lnk
2016-04-24 20:55 - 2016-04-24 20:55 - 00000000 ____D C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mediapurge
2016-04-24 20:55 - 2016-04-24 20:55 - 00000000 ____D C:\Program Files (x86)\Mediapurge
2016-04-24 20:54 - 2016-04-24 20:54 - 01475080 _____ C:\Users\André\Downloads\MediaPurge - CHIP-Installer.exe
2016-04-24 20:44 - 2016-04-24 20:44 - 00001259 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2016-04-22 22:15 - 2016-04-22 22:15 - 74885612 _____ C:\Users\André\Downloads\3DM-MGS5-v1.005-Crack_only.rar
2016-04-21 10:01 - 2016-04-23 14:37 - 00000000 ____D C:\driver_memscan
2016-04-16 14:22 - 2016-04-16 14:22 - 00000222 _____ C:\Users\André\Desktop\Call of Duty Black Ops II - Zombies.url
2016-04-16 14:18 - 2016-04-16 14:18 - 00000222 _____ C:\Users\André\Desktop\Call of Duty Black Ops II - Multiplayer.url
2016-04-16 13:56 - 2016-04-16 13:56 - 00000222 _____ C:\Users\André\Desktop\Call of Duty Black Ops II.url
2016-04-14 16:11 - 2016-04-14 16:11 - 00000836 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-04-14 16:11 - 2016-04-14 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-04-14 16:07 - 2016-04-14 16:07 - 05683392 _____ (Piriform Ltd) C:\Users\André\Downloads\ccsetup516_slim.exe
2016-04-13 18:45 - 2016-04-13 18:49 - 00000518 _____ C:\Users\André\Documents\Neues Textdokument.txt
2016-04-13 13:58 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-13 13:58 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-04-13 13:58 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-04-13 13:58 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-13 13:58 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-04-13 13:58 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-04-13 13:58 - 2016-03-31 01:43 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-04-13 13:58 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-04-13 13:58 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-13 13:58 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-13 13:58 - 2016-03-31 01:23 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-04-13 13:58 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-13 13:58 - 2016-02-02 20:16 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-04-13 13:57 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-04-13 13:57 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-04-13 13:57 - 2016-03-31 01:56 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-04-13 13:57 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-04-13 13:57 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-04-13 13:57 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-04-13 13:57 - 2016-03-31 01:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-04-13 13:57 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-04-13 13:57 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-04-13 13:57 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-04-13 13:57 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-04-13 13:57 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-04-13 13:57 - 2016-03-31 01:30 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-04-13 13:57 - 2016-03-31 01:27 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-04-13 13:57 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-04-13 13:57 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-04-13 13:57 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-04-13 13:57 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-13 13:57 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-04-13 13:57 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-13 13:57 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-13 13:57 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-04-13 13:56 - 2016-04-04 08:35 - 00046768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-04-13 13:56 - 2016-04-02 15:26 - 01386496 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-04-13 13:56 - 2016-04-02 15:26 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-04-13 13:56 - 2016-03-28 15:21 - 00698368 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-04-13 13:56 - 2016-03-28 15:21 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-04-13 13:56 - 2016-03-28 15:21 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-04-13 13:56 - 2016-03-28 15:21 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-04-13 13:56 - 2016-03-28 15:21 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-04-13 13:56 - 2016-03-16 01:00 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-13 13:56 - 2016-03-15 16:14 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-13 13:56 - 2016-03-11 16:48 - 00833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-13 13:56 - 2016-03-10 20:22 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-04-13 13:56 - 2016-03-10 20:21 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-04-13 13:56 - 2016-03-10 20:20 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-04-13 13:56 - 2016-03-10 19:44 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-04-13 13:56 - 2016-03-10 19:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-04-13 13:56 - 2016-03-10 19:03 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-13 13:56 - 2016-03-10 18:48 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-13 13:56 - 2016-03-03 18:47 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-13 13:56 - 2016-03-03 18:33 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-13 13:56 - 2016-03-03 03:39 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-04-13 13:56 - 2016-03-03 03:39 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-04-13 13:56 - 2016-02-09 03:31 - 22365472 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-04-13 13:56 - 2016-02-09 03:31 - 19794896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-04-13 13:56 - 2016-02-09 03:31 - 02757616 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-04-13 13:56 - 2016-02-09 03:31 - 02412576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-04-13 13:56 - 2016-02-09 03:31 - 00273264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-13 13:56 - 2016-02-08 22:55 - 02712576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-04-13 13:56 - 2016-02-08 22:15 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-04-13 13:56 - 2016-02-08 22:02 - 01197056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-04-13 13:56 - 2016-02-08 21:48 - 12879360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-13 13:56 - 2016-02-08 21:43 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-04-13 13:56 - 2016-02-08 21:40 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-04-13 13:56 - 2016-02-08 21:39 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-04-13 13:56 - 2016-02-08 21:37 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2016-04-13 13:56 - 2016-02-08 21:35 - 00954880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-04-13 13:56 - 2016-02-08 21:34 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-04-13 13:56 - 2016-02-08 21:33 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-04-13 13:56 - 2016-02-08 20:50 - 03120640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-04-13 13:56 - 2016-02-08 19:55 - 02592256 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-04-13 13:56 - 2016-02-08 19:33 - 01278464 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-04-13 13:56 - 2016-02-08 19:12 - 14466560 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-13 13:56 - 2016-02-08 19:02 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-04-13 13:56 - 2016-02-08 19:00 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-04-13 13:56 - 2016-02-08 18:58 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-04-13 13:56 - 2016-02-08 18:55 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2016-04-13 13:56 - 2016-02-08 18:53 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2016-04-13 13:56 - 2016-02-08 18:53 - 01348096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-13 13:56 - 2016-02-08 18:50 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-04-13 13:56 - 2016-02-08 18:50 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-04-13 13:56 - 2016-02-08 18:48 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-04-13 13:56 - 2016-02-08 18:47 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2016-04-13 13:56 - 2016-02-08 18:44 - 00955392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-13 13:56 - 2016-02-05 16:46 - 01455104 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2016-04-13 13:56 - 2016-02-03 17:14 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2016-04-13 13:56 - 2016-02-03 17:11 - 01673728 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2016-04-13 13:56 - 2016-02-02 19:51 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2016-04-13 13:56 - 2016-02-02 19:19 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2016-04-13 13:56 - 2016-02-02 19:15 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2016-04-13 13:56 - 2016-02-02 19:01 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2016-04-13 13:56 - 2016-02-02 18:51 - 02609152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-04-13 13:56 - 2016-02-02 18:48 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2016-04-13 13:56 - 2016-02-02 18:46 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2016-04-13 13:56 - 2016-02-02 18:41 - 02170880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-04-13 13:56 - 2016-02-02 18:39 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2016-04-13 13:56 - 2016-01-27 17:18 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2016-04-13 13:56 - 2016-01-26 21:15 - 00072024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2016-04-13 13:56 - 2016-01-21 21:35 - 00952928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-04-13 13:56 - 2016-01-21 20:42 - 00786152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-04-13 13:56 - 2016-01-21 00:40 - 00099672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys
2016-04-13 13:56 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-04-13 13:56 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-04-13 13:55 - 2016-03-29 16:05 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-04-13 13:55 - 2016-03-10 21:19 - 07452512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-13 13:55 - 2016-03-10 21:17 - 01663192 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-13 13:55 - 2016-03-10 21:17 - 01523216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-13 13:55 - 2016-03-10 21:17 - 01490128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-13 13:55 - 2016-03-10 21:17 - 01358960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-13 13:55 - 2016-03-10 21:17 - 01133752 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-04-13 13:55 - 2016-03-10 19:48 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-04-13 13:55 - 2016-03-10 19:43 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-13 13:55 - 2016-03-10 18:55 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-13 13:55 - 2016-03-10 18:42 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-13 13:55 - 2016-03-03 18:13 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-13 13:55 - 2016-02-07 01:05 - 00551256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-04-13 13:55 - 2016-02-07 00:41 - 00316760 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2016-04-13 13:55 - 2016-02-05 21:07 - 00378712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-04-13 13:55 - 2016-02-05 17:11 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-13 13:55 - 2016-02-05 17:11 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-13 13:55 - 2016-02-05 17:07 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-13 13:55 - 2016-02-05 17:02 - 01083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-13 13:55 - 2016-02-04 20:07 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpsapi.dll
2016-04-13 13:55 - 2016-02-04 19:35 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpsapi.dll
2016-04-13 13:55 - 2016-02-04 18:23 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2016-04-13 13:55 - 2016-02-04 18:22 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2016-04-13 13:55 - 2016-02-02 19:18 - 01574912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2016-04-13 13:55 - 2016-01-31 19:17 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe
2016-04-13 13:55 - 2016-01-22 07:22 - 02487296 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-04-13 13:55 - 2016-01-22 07:11 - 01482240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-10 17:36 - 2014-09-24 19:06 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-05-10 17:24 - 2013-02-02 18:30 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-10 17:23 - 2016-03-18 22:35 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-10 17:23 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-10 17:23 - 2013-08-22 15:25 - 01048576 ___SH C:\WINDOWS\system32\config\BBI
2016-05-10 17:17 - 2013-01-03 16:09 - 00000000 ____D C:\Users\André\AppData\Roaming\Skype
2016-05-10 17:12 - 2013-01-03 15:41 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-05-10 16:50 - 2015-02-01 12:26 - 00601600 ___SH C:\Users\André\Desktop\Thumbs.db
2016-05-10 16:37 - 2015-03-13 21:29 - 00000000 ____D C:\Users\André\Downloads\Archives
2016-05-10 16:37 - 2015-02-22 21:08 - 00753152 ___SH C:\Users\André\Downloads\Thumbs.db
2016-05-10 15:50 - 2013-02-18 14:36 - 00007667 _____ C:\Users\André\AppData\Local\resmon.resmoncfg
2016-05-10 15:43 - 2013-11-11 21:04 - 00000000 ____D C:\AdwCleaner
2016-05-10 15:33 - 2014-09-24 19:06 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-05-10 15:33 - 2014-01-06 18:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-10 15:06 - 2013-01-02 14:08 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-447048058-3512354665-2473454594-1001
2016-05-10 14:28 - 2014-09-24 19:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-05-10 14:21 - 2014-12-29 11:31 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-05-10 14:20 - 2013-01-05 14:01 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-05-10 14:20 - 2013-01-03 15:39 - 00000000 ____D C:\ProgramData\Adobe
2016-05-10 14:15 - 2015-02-06 20:43 - 00003930 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E60977FA-3A81-4898-8919-E45EAAFEA251}
2016-05-10 14:13 - 2015-07-29 16:33 - 00000000 ____D C:\Users\André\AppData\Local\Battle.net
2016-05-10 14:13 - 2015-07-29 16:33 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-05-09 21:53 - 2014-11-21 05:35 - 01980998 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-09 21:53 - 2014-11-21 04:45 - 00841326 _____ C:\WINDOWS\system32\perfh007.dat
2016-05-09 21:53 - 2014-11-21 04:45 - 00191558 _____ C:\WINDOWS\system32\perfc007.dat
2016-05-09 21:53 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-05-09 21:44 - 2013-06-19 16:13 - 00000000 ____D C:\Users\André\AppData\Roaming\TS3Client
2016-05-09 20:47 - 2014-01-13 17:25 - 00000000 ____D C:\Users\André\AppData\Local\DayZ
2016-05-08 20:22 - 2015-10-01 18:48 - 00000000 ____D C:\Users\André\AppData\Roaming\Spotify
2016-05-08 20:17 - 2015-10-09 13:23 - 00000000 ____D C:\Users\André\AppData\Local\Spotify
2016-05-08 19:54 - 2015-04-02 12:38 - 00000000 ____D C:\Users\André\Downloads\Wallpaper
2016-05-08 12:15 - 2015-01-30 20:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-07 23:23 - 2013-07-06 14:35 - 00000000 ____D C:\Users\André\Documents\My Games
2016-05-06 14:25 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-06 14:23 - 2015-08-30 19:09 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2016-05-06 14:23 - 2015-08-30 19:09 - 00000000 ___SD C:\WINDOWS\system32\GWX
2016-05-06 14:23 - 2015-02-03 19:00 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-05-05 00:43 - 2016-03-26 00:19 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2016-05-04 21:02 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-04 21:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-02 20:31 - 2013-01-12 14:43 - 00000000 ____D C:\Users\André\AppData\Local\ElevatedDiagnostics
2016-04-29 21:41 - 2016-02-18 20:30 - 00000000 ____D C:\Users\André\Documents\CCleaner Reg Backups!
2016-04-29 21:40 - 2016-03-19 15:32 - 00000000 ____D C:\Users\André\AppData\Local\CrashDumps
2016-04-29 07:31 - 2015-03-24 14:29 - 00000000 ____D C:\Users\André\Downloads\LUPO
2016-04-29 06:35 - 2013-01-11 20:49 - 00000000 ____D C:\Users\André\AppData\Roaming\DVDVideoSoft
2016-04-27 20:40 - 2014-08-16 14:13 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-27 20:20 - 2013-09-06 14:40 - 00000000 ____D C:\Users\André\AppData\Roaming\OBS
2016-04-26 15:17 - 2016-02-17 15:39 - 00000000 ____D C:\Users\André\AppData\Local\TeamSpeak 3 Client
2016-04-26 13:01 - 2016-01-01 15:33 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-26 13:01 - 2013-01-03 16:09 - 00000000 ____D C:\ProgramData\Skype
2016-04-24 20:44 - 2016-03-25 15:57 - 00001416 _____ C:\Users\Public\Desktop\Free YouTube To MP3 Converter.lnk
2016-04-24 20:44 - 2013-08-18 13:28 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-04-24 20:44 - 2013-01-11 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-04-20 12:35 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2016-04-19 14:45 - 2013-05-04 10:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-04-16 21:16 - 2013-01-03 15:41 - 00003766 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-04-14 16:20 - 2013-01-02 14:01 - 00000000 ____D C:\Users\André\AppData\Local\Packages
2016-04-14 16:18 - 2012-11-22 11:37 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-04-14 16:17 - 2013-01-18 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
2016-04-14 16:17 - 2013-01-18 20:38 - 00000000 ____D C:\Program Files (x86)\THQ
2016-04-14 16:15 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-04-14 16:15 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-04-14 16:12 - 2015-03-27 22:10 - 00000000 ____D C:\WINDOWS\Minidump
2016-04-14 14:43 - 2013-08-22 16:44 - 00405368 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-13 20:59 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-04-13 19:20 - 2013-08-15 12:24 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-13 19:17 - 2013-01-03 18:22 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-13 13:50 - 2016-01-13 13:43 - 00177488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-04-13 13:47 - 2016-03-09 15:30 - 01501488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-04-13 13:47 - 2016-03-09 15:30 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-04-13 13:46 - 2016-03-09 15:30 - 01737080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-09-14 19:20 - 2014-09-14 19:20 - 0000297 _____ () C:\Users\André\AppData\Roaming\BreakingPoint_Login.ini
2014-09-14 19:23 - 2014-09-14 19:23 - 0001370 _____ () C:\Users\André\AppData\Roaming\BreakingPoint_Options.ini
2014-02-15 10:22 - 2014-02-15 10:22 - 0000011 _____ () C:\Users\André\AppData\Roaming\Network Meter_Usage.ini
2013-08-21 13:54 - 2013-12-21 14:58 - 0000134 _____ () C:\Users\André\AppData\Roaming\Network Monitor II_Traffic.ini
2013-08-21 13:04 - 2013-08-21 13:04 - 0000725 _____ () C:\Users\André\AppData\Roaming\Ping Monitor_Settings.ini
2014-12-21 15:16 - 2014-12-21 15:16 - 0000000 _____ () C:\Users\André\AppData\Roaming\Stardockfences_debug_snapshot.dat
2014-06-19 18:50 - 2014-06-19 18:50 - 0000024 _____ () C:\Users\André\AppData\Roaming\temp.ini
2013-02-16 16:01 - 2013-02-19 18:05 - 0004608 _____ () C:\Users\André\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-03-13 21:16 - 2016-03-13 21:16 - 0007890 _____ () C:\Users\André\AppData\Local\recently-used.xbel
2013-02-18 14:36 - 2016-05-10 15:50 - 0007667 _____ () C:\Users\André\AppData\Local\resmon.resmoncfg
2013-11-25 18:04 - 2013-11-25 18:04 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-01-02 14:02 - 2013-01-02 14:02 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\André\Arcanum4.dat
C:\Users\André\Arcanum5.dat
C:\Users\André\Arcanum6.dat


Einige Dateien in TEMP:
====================
C:\Users\André\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-05-06 14:22

==================== Ende von FRST.txt ============================
         
__________________

Geändert von Chronos5896 (10.05.2016 um 17:22 Uhr) Grund: Fehler Meinerseits

Alt 10.05.2016, 17:21   #4
Chronos5896
 
Windows 8: Für mich unbekannter Trojaner von Avira gefunden - Standard

Windows 8: Für mich unbekannter Trojaner von Avira gefunden



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:09-05-2016
durchgeführt von André (2016-05-10 18:01:14)
Gestartet von C:\Users\André\Downloads
Windows 8.1 (X64) (2015-01-31 20:32:58)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-447048058-3512354665-2473454594-500 - Administrator - Enabled)
André (S-1-5-21-447048058-3512354665-2473454594-1001 - Administrator - Enabled) => C:\Users\André
Gast (S-1-5-21-447048058-3512354665-2473454594-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-447048058-3512354665-2473454594-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20039 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version:  - Ensemble Studios)
Apple Application Support (32-Bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Arma 3 (HKLM\...\Steam App 107410) (Version:  - Bohemia Interactive)
Assassin's Creed IV Black Flag (HKLM-x32\...\Steam App 242050) (Version:  - Ubisoft Montreal)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.16.282 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{3b87484e-d70b-4b4f-ad59-2ae89571e2cf}) (Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{74d1ef14-dd39-4749-b051-e183a1e27f5e}) (Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{ccdc9cfe-8ba7-4c6c-ac5f-b2d6cfa49efc}) (Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 2(TM) (HKLM-x32\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version:  - )
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty: Black Ops II - Multiplayer (HKLM\...\Steam App 202990) (Version:  - Treyarch)
Call of Duty: Black Ops II - Zombies (HKLM\...\Steam App 212910) (Version:  - )
Call of Duty: Black Ops II (HKLM\...\Steam App 202970) (Version:  - Treyarch)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
Cosmic DJ (HKLM\...\Steam App 297110) (Version:  - Gl33k)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4319 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM\...\Steam App 221100) (Version:  - Bohemia Interactive)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
DVDVideoSoftTB DE Toolbar (HKLM-x32\...\DVDVideoSoftTB_DE Toolbar) (Version: 6.9.0.16 - DVDVideoSoftTB DE)
Empire Earth II (HKLM-x32\...\{DF315348-721C-40B8-BAE2-58C6C7D935A2}) (Version: 1.02 - Sierra)
Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version:  - Bethesda Game Studios)
Fistful of Frags (HKLM-x32\...\Steam App 265630) (Version:  - Fistful of Frags Team)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)
GD Hardware Scan (HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\GD Hardware Scan) (Version: 00.00.00.01 - Social Web Tech LTD)
GD Hardware Scan (HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\GD Hardware Scan) (Version: 00.00.00.01 - Social Web Tech LTD)
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version:  - Rockstar North)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hotline Miami (HKLM\...\Steam App 219150) (Version:  - Dennaton Games)
Hotline Miami 2: Wrong Number (HKLM\...\Steam App 274170) (Version:  - Dennaton Games)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1206 - Hewlett-Packard)
HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (HKLM\...\{61ADDE9C-3AE6-46FC-9127-DFFF637AED03}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Hilfe (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.2.8.25 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{B1AD4FFB-DD17-43EC-8C30-B9E71EAD9132}) (Version: 12.2.8.17 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LibreOffice 4.0.0.3 (HKLM-x32\...\{8EA569F1-97AF-4C3E-A0CB-4846C2D35A81}) (Version: 4.0.0.3 - The Document Foundation)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mediapurge (HKLM-x32\...\Mediapurge) (Version: 5.74 - Peter Lorenz)
METAL GEAR SOLID V: GROUND ZEROES (HKLM-x32\...\Steam App 311340) (Version:  - Kojima Productions)
METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM-x32\...\Steam App 287700) (Version:  - Konami Digital Entertainment)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 46.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 de)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.2 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 364.51 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.2.55 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.2.55 - NVIDIA Corporation)
NVIDIA Grafiktreiber 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.51 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 364.51 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Oblivion (HKLM-x32\...\{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}) (Version: 1.2.0416 - Bethesda Softworks)
Oddworld: New 'n' Tasty (HKLM-x32\...\Steam App 314660) (Version:  - Just Add Water (Developments), Ltd.)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
ParkControl (HKLM-x32\...\ParkControl) (Version: 1.0.1.1 - Bitsum)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Prezi (HKLM-x32\...\{63B8F931-2BF3-4D5D-9C28-E2EF88D83DFD}) (Version: 5.2.8 - Ihr Firmenname)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games)
Rust (HKLM\...\Steam App 252490) (Version:  - Facepunch Studios)
Savant - Ascent (HKLM-x32\...\Steam App 259530) (Version:  - DPad Studios)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.2.55 - NVIDIA Corporation) Hidden
Shovel Knight (HKLM-x32\...\Steam App 250760) (Version:  - Yacht Club Games)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
Source SDK Base 2006 (HKLM-x32\...\Steam App 215) (Version:  - Valve)
Spelunky (HKLM-x32\...\Steam App 239350) (Version:  - )
Splinter Cell Pandora Tomorrow (HKLM-x32\...\{084A9731-D05B-4ADA-B4A0-0ADD25FD7152}) (Version: 1.00.000 - )
Spore (HKLM-x32\...\Steam App 17390) (Version:  - Maxis™)
Spore: Creepy & Cute Parts Pack (HKLM-x32\...\Steam App 17440) (Version:  - Maxis™)
Spore: Galactic Adventures (HKLM-x32\...\Steam App 24720) (Version:  - EA - Maxis)
Spotify (HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Spotify) (Version: 1.0.28.87.g8f9312a4 - Spotify AB)
Spotify (HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 1.0.28.87.g8f9312a4 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: 1.20.0000 - Firefly Studios)
Stronghold 2 (HKLM-x32\...\{16D2C649-CBA8-44EE-B730-12584667D487}) (Version: 1.40.1000 - Firefly Studios)
Stronghold Legends (HKLM-x32\...\{66A405D2-BA14-4594-BF36-B3B544F0754E}) (Version: 1.20.0000 - Firefly Studios)
Studie zur Verbesserung von HP Deskjet 3050A J611 series Produkten (HKLM\...\{EF27865C-E636-47C4-8B35-CE8A88045681}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Culling (HKLM\...\Steam App 437220) (Version:  - Xaviant)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
TI xHCI Filter Driver 1.0.0.4 (HKLM-x32\...\TI xHCI Filter Driver) (Version: 1.0.0.4 - Texas Instruments Inc.)
TI-Nspire™ Computer Link (HKLM-x32\...\{6C5AC088-3136-4043-8985-8B0772A9580E}) (Version: 3.9.0.455 - Texas Instruments Inc.)
Titan Quest (HKLM-x32\...\{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}) (Version: 1.00.0000 - Iron Lore)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Steam App 359550) (Version:  - Ubisoft Montreal)
Tom Clancy's Splinter Cell (HKLM-x32\...\{A174402A-2EE6-4B86-A930-7BC85A9933BD}) (Version: 1.00.000 - )
Tom Clancy's Splinter Cell Chaos Theory (HKLM-x32\...\{888DD888-82BE-4D85-BCB2-2E042CD3E844}) (Version: 1.05.157 - Ubisoft)
Tom Clancy's Splinter Cell Double Agent (HKLM-x32\...\{CAD1691A-FA24-4B95-9009-3257B8440ECC}) (Version: 1.00.0000 - Ubisoft)
Torchlight (HKLM-x32\...\{4F64A46D-67F7-4497-AEA2-313D4305A5F6}) (Version: 1.0.0 - JoWooD)
Total War: SHOGUN 2 (HKLM-x32\...\Steam App 34330) (Version:  - The Creative Assembly)
UE4 Prerequisites (x64) (HKLM-x32\...\{b46d36bc-2438-471e-abe8-1fbbd51754ee}) (Version: 1.0.10.0 - Epic Games, Inc.)
UE4 Prerequisites (x64) (Version: 1.0.10.0 - Epic Games, Inc.) Hidden
Unity Web Player (HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 13.0 - Ubisoft)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Warface Launcher (Beta) (HKLM-x32\...\{28D1723C-31C4-4A83-9799-DFFB3739026D}) (Version: 1.0.0 - Crytek GmbH)
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 3.0.2.1739 - 1&1 Mail & Media GmbH)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Phone app for desktop (HKLM-x32\...\{19773614-FC22-4ACC-AAA3-E6BDA81ACF92}) (Version: 1.1.2726.0 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Xfire (remove only) (HKLM-x32\...\Xfire) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-447048058-3512354665-2473454594-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\André\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {07B1D83F-8BE6-4268-AC95-5B99EDED3305} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {1134DC2D-A6A0-4857-8DFB-4E0F493CAD27} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-01-29] (Oracle Corporation)
Task: {209E117D-060D-4095-8226-DA5E1595625F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-13] (Microsoft Corporation)
Task: {3580C528-E0CC-4735-86E3-63A0B8BCC508} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)
Task: {47FBDEF3-2941-4F4E-B108-6C180438BAE8} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {49C98BDB-BD1D-44D9-96D6-A9FD5A0AA4AA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-04-06] (Hewlett-Packard)
Task: {4F62D898-94B2-44CA-967B-B256E3AA2E0F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-03-07] (Hewlett-Packard)
Task: {515A7EF6-E89A-4707-835F-F8036BCBB02A} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => C:\Windows\system32\GWX\GWXDetector.exe [2016-04-26] (Microsoft Corporation)
Task: {6F39FF7F-B3BA-4B3A-A5AB-3A23DF5DAB64} - System32\Tasks\ScanToPCActivationApp.exe_{1848EEB4-045A-492D-97B5-A1ABDF8FFF51} => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {90E192D0-C384-4A23-B468-0E310141A87C} - System32\Tasks\ParkControl => C:\Program Files\ParkControl\ParkControl.exe [2015-12-19] (Bitsum LLC)
Task: {92B2AB27-9A52-4CB1-8134-B402BA47CF27} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {9D530CB6-040B-44AE-9475-D09A3FB7A7AC} - System32\Tasks\AdobeFlashPlayerUpdate => C:\windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {9DC3DA29-DD1B-43FF-AE81-EAAF2E7E2D03} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-16] (Adobe Systems Incorporated)
Task: {A5222A0D-D798-4B9B-AB9E-7AE2C8386DCC} - System32\Tasks\{4E94E5CB-7B80-4D4F-9653-5B045DBB0562} => pcalua.exe -a "C:\Users\André\Desktop\Slender\Slender - The Eight Pages.exe" -d C:\Users\André\Desktop\Slender
Task: {CE8DAAA5-D76A-4FA8-9C91-D49F86D10B9A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {D019B7C6-F960-47C3-90A7-9C8E4C03031F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {D36339C6-3F6E-4807-AD00-0BB992F63485} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {D506C41B-B7C3-473F-B43A-792AF9162E0D} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {D66487DC-8EB8-41B7-8AB1-DB26B7F97C86} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {FDD4D2D1-CB44-4FBA-B4E2-759CB8AA2E0C} - System32\Tasks\Game_Booster_Startup => C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\HP Deskjet 3050A J611 series.exe_{ADEB0F8D-477A-423E-88C7-3805843D3C4B}.job => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HP Deskjet 3050A J611 series.exeĖ-install -prfn HP Deskjet 3050A J611 series (Netzwerk) -ePCUrl hxxps:/h30495.www3.hp.com
Task: C:\WINDOWS\Tasks\HPCustPartic.exe_{490607ED-986D-40BF-BE2C-16BB55AA064D}.job => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\ScanToPCActivationApp.exe_{E224E030-DCCD-4312-8F4E-8929E6A12B66}.job => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
Task: C:\WINDOWS\Tasks\Toolbox.exe_{69C0F34C-8CBD-4512-B13B-F24BE0CC5553}.job => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\Toolbox.exe
Task: C:\WINDOWS\Tasks\XboxStatTask.job => C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-03-18 22:35 - 2016-03-08 08:27 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-03-18 22:37 - 2016-03-30 03:21 - 00366528 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-03-18 22:36 - 2016-03-30 03:21 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-04-01 13:38 - 2016-03-30 03:21 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-03-18 22:37 - 2016-03-30 03:22 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2013-01-03 19:54 - 2015-03-26 21:23 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2016-04-01 13:38 - 2016-03-30 03:21 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-04-01 13:38 - 2016-03-30 03:21 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-04-01 13:38 - 2016-03-30 03:22 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-03-18 22:37 - 2016-03-30 03:22 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-04-01 13:38 - 2016-03-30 03:20 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-04-01 13:38 - 2016-03-30 03:20 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-03-11 22:49 - 2016-03-11 22:49 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-11-23 10:58 - 2016-03-23 14:06 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2014-11-23 10:58 - 2016-03-23 14:06 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2014-11-23 10:58 - 2016-03-23 14:06 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2014-11-23 10:58 - 2016-03-23 14:06 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2014-11-23 10:58 - 2016-03-23 14:06 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2014-11-23 10:58 - 2016-03-23 14:06 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-03-18 22:36 - 2016-03-30 03:28 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-03-12 18:10 - 2016-04-29 22:10 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-23 16:20 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-05-23 14:15 - 2016-04-30 02:10 - 02549840 _____ () C:\Program Files (x86)\Steam\video.dll
2015-01-23 16:20 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-23 16:20 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-08-29 14:47 - 2016-02-09 01:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 14:47 - 2016-02-09 01:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 14:47 - 2016-02-09 01:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 14:47 - 2016-02-09 01:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 14:47 - 2016-02-09 01:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2013-02-02 18:37 - 2016-04-30 02:10 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 15:02 - 2016-02-18 00:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2013-02-02 18:37 - 2016-04-28 03:00 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-11-22 11:38 - 2012-07-18 10:50 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-01-23 16:20 - 2015-09-25 01:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-447048058-3512354665-2473454594-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\André\Downloads\Wallpaper\wallhaven-156813.jpg
HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\André\Downloads\Wallpaper\wallhaven-156813.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: WeGameClientService => 2
HKLM\...\StartupApproved\StartupFolder: => "Speedport W 101 WLAN Manager.lnk"
HKLM\...\StartupApproved\StartupFolder: => "LOLRecorder.lnk"
HKLM\...\StartupApproved\StartupFolder: => "simplicheck.lnk"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "BingDesktop"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "BF2Hub Client"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\StartupFolder: => "Xfire.lnk"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\StartupFolder: => "OpenOffice.org 3.4.1.lnk"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\StartupFolder: => "Steam.lnk"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "SUPERAntiSpyware"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "GUDelayStartup"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "Xfire.lnk"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "OpenOffice.org 3.4.1.lnk"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "Steam.lnk"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "SUPERAntiSpyware"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "GUDelayStartup"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{2F81C9A0-7BBE-4D71-8051-29AB84EE6F7C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9DE8F934-ADAD-4318-880A-BA8C00675792}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{525FF56F-BD8E-4FF1-AC06-78A70ED5832D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SavantAscent\Savant_Ascent.exe
FirewallRules: [{40D1C4D5-5783-45CE-B50D-2EEC03C7C17A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SavantAscent\Savant_Ascent.exe
FirewallRules: [UDP Query User{C90CE360-557C-4657-B704-20F529B34C8E}C:\songan's ttt server - kopie\srcds.exe] => (Allow) C:\songan's ttt server - kopie\srcds.exe
FirewallRules: [TCP Query User{D4F0CF27-9B16-40CA-B125-178FA527F955}C:\songan's ttt server - kopie\srcds.exe] => (Allow) C:\songan's ttt server - kopie\srcds.exe
FirewallRules: [{A3195EE6-31BB-4692-B88C-0E8C843A9BF7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{06EA1C1B-FFA2-492D-8A33-9B57E002C990}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{E1EB2855-1798-4EDE-8B3B-82F5861378C5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{FE4BB57F-B9C3-4B90-9532-3E31FAD1EC69}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{557AFC36-E381-4CA4-AEE1-AC9E8DABCAF7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{31EE1A19-89CE-40CC-9182-EF6F2780E78D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{FC0B2104-7D49-442C-97B7-677F51721FFA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{03DEC87D-CCA7-47CD-9190-805E58AD02C6}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{0B154B0F-E8BF-4E10-9AFB-602ACE45A389}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{EA882129-9F6E-47F3-B8A1-B714FAC38BB0}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{BDB3192D-E7E9-413A-9396-70B3873A65C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{9C5C6319-4BD7-4958-AF85-0390C636FE26}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{0344D2C1-5B07-4B6F-9100-DC8397B20E52}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shovel Knight\ShovelKnight.exe
FirewallRules: [{6060FB65-6E8E-42FF-B1B8-775DECDC7404}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shovel Knight\ShovelKnight.exe
FirewallRules: [{14ABDB4B-012F-4764-A146-87C57D507349}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{3ECB7973-9619-405E-A6BE-1388AE65C0B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{E3578200-F99C-4118-8086-3D55D018DEBE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{77A50C45-2191-4923-814A-6E2BA8B0A02E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{D35C7CB8-288E-4C90-B301-D96FD6B4F1C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporebinEP1\SporeApp.exe
FirewallRules: [{654C398B-5DF4-4B24-B2E4-377168A393CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporebinEP1\SporeApp.exe
FirewallRules: [{355A24CE-660C-4E0D-B3CF-5F9A3A64C921}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\runme.exe
FirewallRules: [{22118AC4-2C6C-4A21-98E3-22CFE6EF30C1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\runme.exe
FirewallRules: [{F1B9229F-40C8-4BF7-8D09-07764066B3BF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe
FirewallRules: [{2673C359-B53B-40E4-9129-0E366B225601}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe
FirewallRules: [{19FCCC1D-B026-4BE5-9F5E-A60048284120}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{2F8C6559-20EB-4C1C-A37B-B5B2985E543D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{31DF9A60-1465-4A7A-B93D-7EFBCDCFFCF2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{3887276F-6885-4E22-9F4B-3ABC201D6449}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D4C2095B-7F89-4922-B8C4-B8827F84A2DB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D0268C2D-602B-4546-BA83-BB6BABE79EDF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2CA630FB-839D-40DB-9F36-228B7F224361}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{AF7CEDE2-2D7E-4353-8884-1C2491D82A4C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [UDP Query User{AB62C390-516F-4D0D-9FA3-691F9B6D52D2}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [TCP Query User{61338F15-C415-4289-88E5-E4D1456EF082}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [{AE67764D-BD85-405D-909A-B40D6A2D364B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{A05353E0-15C5-4636-91E5-3EC3DB7A9298}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{74FD4306-F4CE-4F02-AA0A-66FABFAF2526}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{D8D25627-2D6B-416C-A1B7-F15DB81C4CC1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [UDP Query User{60F2F817-AD57-4421-9452-9459338C4CB0}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [TCP Query User{04AD78F5-1C42-4AC3-8B08-0F992D282CA5}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [UDP Query User{6484B4C8-1523-4FEA-896C-6D9D95068AA8}C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe] => (Allow) C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe
FirewallRules: [TCP Query User{510AED7B-4C10-43DD-9E41-C64994BFEC9E}C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe] => (Allow) C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe
FirewallRules: [{10B45A3C-510B-49D0-B8E9-18C5B443BB7F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{DC6B5AFF-687B-42F4-B773-5B4C844B8A0A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{937343C7-994B-47F9-A316-66587B212F11}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{1A3EF871-27E4-4CBC-B74B-B2383F0DFFF9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{E54F4129-E34D-4242-B28A-3934E7456BA7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{DA5F7BAC-034D-4514-AB1E-3A8F49EC98FC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{4CCB3275-446A-4A5E-984B-E661A5906CE1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{3B2F061E-9DEE-4A60-BB66-553D949A1CE8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{16766F7A-84A3-47D2-BB13-C739A79A6BC4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{F4AD3048-6EC2-4C89-9AE4-3079E222A515}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{4C19DB87-1819-4DEC-A423-C5D30DED153C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{B76F0C57-6BE2-41BA-8FDC-D600A548733A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [UDP Query User{C7B0AA1C-B270-46B5-A6DD-E789B6CF0316}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [TCP Query User{434FF7C0-9231-4B8F-98BD-4272CB9EA40F}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{4368F7BC-2A7C-4AF9-AB66-A7C6C67449E8}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [TCP Query User{CA39CCB2-445B-4394-977C-B740672B0350}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{D5C94B11-2437-48C8-A43B-1EBADF3BE765}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{A878638D-E967-4491-BF24-9D823CEE97A8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{B04BA630-71E3-48BB-A53D-43E9B3AD9A5F}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{4E37412E-E309-4DA4-84C7-61826D930253}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{BE7C4B8C-D22C-4D39-8769-D7D17B52C432}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe
FirewallRules: [{81FA855D-D76B-4447-984C-FD3599D90623}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{67C1EB95-DE28-4F2B-9058-7B3A2C72D823}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [UDP Query User{816344A6-B7AA-436A-BAF9-ED24DFB232A6}C:\gog games\arcanum\arcanum.exe] => (Block) C:\gog games\arcanum\arcanum.exe
FirewallRules: [TCP Query User{FCADCA24-8865-4D9D-A358-492C0B930FD7}C:\gog games\arcanum\arcanum.exe] => (Block) C:\gog games\arcanum\arcanum.exe
FirewallRules: [{CC9108CA-CAB2-488E-8173-A09E6DBEFB19}] => (Allow) C:\Program Files (x86)\7DaysToDie-Alpha\7DaysToDie.exe
FirewallRules: [{6E596561-2567-4AA7-8292-2F13D08053FD}] => (Allow) C:\Program Files (x86)\7DaysToDie-Alpha\7DaysToDie.exe
FirewallRules: [{E211D57C-F8D2-4000-8717-F6EB9BFED9C1}] => (Allow) C:\Program Files (x86)\7DaysToDie-Alpha\7DaysToDie.exe
FirewallRules: [{89D923D0-52AD-45D3-AB79-2B2FCFA7EEC9}] => (Allow) C:\Program Files (x86)\7DaysToDie-Alpha\7DaysToDie.exe
FirewallRules: [UDP Query User{20BC6940-EC8A-4D84-ADA8-0CAC1583C908}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{5B108050-331D-4078-91F7-333C2FD058F0}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{F7029719-F975-4165-B9DE-4B50E21FBD96}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spelunky\Spelunky.exe
FirewallRules: [{552360C1-3E4D-4478-B81A-743E57C60ADE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spelunky\Spelunky.exe
FirewallRules: [UDP Query User{1AF00546-D969-4B95-BCE1-20AD60109548}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [TCP Query User{2DED59E3-BCD4-4AD1-A751-69C0D993C9C0}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [{E167F28F-3CDB-4E9C-BC93-54BA1A2C3C01}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{866386DB-549E-451B-8B08-324399D57293}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{84D5A424-B0E1-48B8-99F7-56DB8A7D831D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{B320A94D-2C0A-40BC-A57E-B8FF09548745}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{3D8FCAA0-AF8A-4080-B76E-91B00EEF2A12}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{4A5D0F96-864C-488C-A3DE-31A996CDA638}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [UDP Query User{7A239781-B79A-4B27-92BB-D85A772CDE98}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{7061FBA7-108A-4A04-A3F1-0C3A4259C982}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{11A23F99-555C-444F-857D-496287B9A48F}G:\photoshop elements 7.0\adobephotoshopelementsmediaserver.exe] => (Allow) G:\photoshop elements 7.0\adobephotoshopelementsmediaserver.exe
FirewallRules: [TCP Query User{BA0ECDB6-A448-4439-A0A6-374398724581}G:\photoshop elements 7.0\adobephotoshopelementsmediaserver.exe] => (Allow) G:\photoshop elements 7.0\adobephotoshopelementsmediaserver.exe
FirewallRules: [UDP Query User{2AD03E61-6CB6-4DB2-A353-217D91DEBB80}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{0A63AFDA-95CA-4F6C-8E66-D7A04EF5F6CA}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{854A33A6-B57B-49A4-BC0B-B447864978E7}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [TCP Query User{3D45854F-3635-4D6A-ADF4-0EBEE2575081}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [UDP Query User{979C4E21-D9C4-49F4-BCE0-EF5DA3644EDE}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{2C72D711-F6FE-41A5-8E01-8BD6424A81C9}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{F7667282-18D2-4EEC-845E-3B3BCA6702EA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{DC7BF070-51A4-41A4-B1FB-F05B12A05E32}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{B9B504D2-0BED-44C8-87A1-B03F9A25CB3D}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{88C338FE-13BA-49E4-B938-296AEF29807B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4EEC4502-D631-42C4-8990-017FBDE70B5A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CFC7DE7C-9FD1-46FC-86B0-78C26A9B7775}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold\Stronghold.exe
FirewallRules: [{47442B8F-1B8A-4BF4-98E7-5A4025AA9F33}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold\Stronghold.exe
FirewallRules: [{8E386419-8F65-43C5-A842-65EC79A74C5E}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold 2\Stronghold2.exe
FirewallRules: [{0FEB2ABB-96A2-4F9B-B5DF-352080B000A0}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold 2\Stronghold2.exe
FirewallRules: [UDP Query User{A73EB24B-5760-406C-92F6-01680BFD0E17}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{ABC0EAEB-F6E3-42D6-A4AF-E4698720895E}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{615E09E1-58DF-4F2B-9001-EC72C28F1ED4}C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\system\splintercell3.exe] => (Allow) C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\system\splintercell3.exe
FirewallRules: [TCP Query User{199F5DA8-537B-4802-A081-BCC0BDCA4D49}C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\system\splintercell3.exe] => (Allow) C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\system\splintercell3.exe
FirewallRules: [{84A117B9-6229-4B07-AA4C-592C006DAF17}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Legends\StrongholdLegends.exe
FirewallRules: [{F547011A-F4A2-4823-9514-BFBC0F04DF47}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Legends\StrongholdLegends.exe
FirewallRules: [UDP Query User{1F14F8E7-EF0B-4C0D-A2DC-7D79E56FCD90}C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe] => (Allow) C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe
FirewallRules: [TCP Query User{843B521A-F575-49BB-A5E6-A8BAF3F39FDB}C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe] => (Allow) C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe
FirewallRules: [{0B44211B-1D40-4E7E-B060-6CA1F81528A3}] => (Allow) LPort=1900
FirewallRules: [{CE1660CA-ECA5-44DE-A94C-25D5ADC5A300}] => (Allow) LPort=2869
FirewallRules: [{E1FD84FD-A7D8-4832-9B25-FBFC9302E2EA}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{2060FED0-2274-4EAA-BF88-879831BB9D71}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{35E64E04-DDCC-40A5-B7DF-DC924212030D}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [TCP Query User{7A28D840-1BC8-4A6B-8A79-EFF25E28477E}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{EDD83D34-D790-4F04-AF0B-12A09F8A5F6B}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{6C8D7433-1032-4924-92EE-E231B2C60069}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{080B0641-9913-418C-83AF-B418D6421F3E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{4A0EF7F6-2123-422C-9B03-E67434EC229A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Oddworld New n Tasty\NNT.exe
FirewallRules: [{863BA61A-4FEF-4D22-B6F7-2A6A445CD55D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Oddworld New n Tasty\NNT.exe
FirewallRules: [TCP Query User{EE59E25E-E681-4F6D-AF72-AD2A1F391D43}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{F7147E30-BE04-4702-BB59-3CF913696D06}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{7366368D-2C3F-4C0C-94C9-79291994E5EF}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{8A83C40E-4BAC-4B5E-A74D-221CCD63CF3D}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{B0603A95-9371-4DDE-873B-3E9B50060C5E}] => (Allow) C:\Program Files (x86)\EA Games\Battlefield 2\BF2.exe
FirewallRules: [{0D170153-EA06-42AA-9A18-94CF56EC2C1D}] => (Allow) C:\Program Files (x86)\EA Games\Battlefield 2\BF2.exe
FirewallRules: [TCP Query User{5F2D22DE-18CE-4B5B-A2A4-AE30C787FF0F}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe
FirewallRules: [UDP Query User{042AC962-6FD7-4955-A24A-518DF58804BB}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe
FirewallRules: [{82DD64BA-BE73-4A59-BC83-D0CBCAD11B33}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{44407D7A-EA04-4913-90A4-F6270C3E8934}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D5E03025-EB0F-4A7C-BB33-A3F9DD115AE6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D9D485A7-E593-4F69-8763-71B6B32FA889}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{18EBDBB0-6F97-4DBD-9FE2-E95D002547EA}C:\program files (x86)\ea games\battlefield 2\bf2.exe] => (Allow) C:\program files (x86)\ea games\battlefield 2\bf2.exe
FirewallRules: [UDP Query User{73446A00-A12F-4119-8470-7F8545100C5C}C:\program files (x86)\ea games\battlefield 2\bf2.exe] => (Allow) C:\program files (x86)\ea games\battlefield 2\bf2.exe
FirewallRules: [{148BD9DE-CE7B-495B-808D-4493B12374BC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [{74E5C093-E8B3-43AF-B873-FF22E5D9C20D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [{83BA189A-2359-4DF2-9B85-4243C11527B5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B3852A97-3C8C-4718-9B64-A8BDCA0A2E5C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{75D3D7EE-8634-44FC-9B6D-398DBD05BDDC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fistful of Frags\sdk\hl2.exe
FirewallRules: [{55B707B7-0D91-4B83-BD64-3B43BC35E5C3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fistful of Frags\sdk\hl2.exe
FirewallRules: [TCP Query User{3FA714E6-27A8-4C83-A83D-3F14708C7522}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe
FirewallRules: [UDP Query User{4B650623-F185-4E8F-B32C-923681610894}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe
FirewallRules: [{3FB0EED4-4D83-4864-8256-1112E438528A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 3 goty\FalloutLauncher.exe
FirewallRules: [{5EBD8610-3469-4A9A-B763-93442B6B1E9B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 3 goty\FalloutLauncher.exe
FirewallRules: [{10F8A69D-4A78-43DE-A010-A8D58C912584}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [{CCC81A88-F96B-482F-A763-63A8BC4FBABD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [{04A68A81-678E-4E08-A891-118BF8A82A13}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{5601EF96-3EE6-4AC2-8E5C-9B3C70F1E055}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{F900103E-5B80-4ECD-88B4-7F921E7982DA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{03192198-3130-4974-96A8-59765F30ABE5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{07E757A0-BEA6-4D39-BA47-1322E5A4F972}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{AA00C280-76B2-4D38-A4EA-F40C474FE62D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [TCP Query User{80A3FF00-1CE5-40FA-BD74-CDF7B1FEE7A5}C:\program files (x86)\ti education\ti-nspire computer link\ti-nspire computer link.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire computer link\ti-nspire computer link.exe
FirewallRules: [UDP Query User{A24F1D35-3B16-4FC8-AE35-EFD7D74302B5}C:\program files (x86)\ti education\ti-nspire computer link\ti-nspire computer link.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire computer link\ti-nspire computer link.exe
FirewallRules: [TCP Query User{04AEA058-464E-45DC-9F12-93012201A387}C:\program files (x86)\ti education\ti-nspire computer link\jre\bin\java.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire computer link\jre\bin\java.exe
FirewallRules: [UDP Query User{BE617A23-6191-4E1B-A1CE-EF5C38152015}C:\program files (x86)\ti education\ti-nspire computer link\jre\bin\java.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire computer link\jre\bin\java.exe
FirewallRules: [TCP Query User{B5EF835B-497F-41DE-BC00-7BF39F3DBAB2}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{87D57B25-B389-4873-99F1-F1F4B56DB10E}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [TCP Query User{009D5093-8B1A-47ED-B2D1-75DCD3A253AF}C:\users\andré\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\andré\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{8B7F0374-A4DB-4F25-96A9-11C334A778A5}C:\users\andré\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\andré\appdata\roaming\spotify\spotify.exe
FirewallRules: [{68241CF8-3F67-4606-9CD6-9B44629D1FA3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{371DDF5E-863C-4B04-AA36-9BCA8957ABAF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B3852398-F898-4F6F-A736-001671E9D853}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2F46FAC5-39DA-48CB-87B7-2DB63DF9CC9B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{57EA8011-8988-497E-84D0-F9502DB2A1CA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{11C55929-3DB5-4FFF-8D23-A6A63911510C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5A8CFE7B-899A-4490-BA84-3F58FA2E8F38}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{0464378F-CD97-4216-A966-760782823490}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{35496E53-0B61-408F-8762-039BB5C1035C}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{2E6E8688-E1C8-47E6-B2D9-7E594F859EA7}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{9522C61C-0FA5-42CF-99A6-8796BC8ABBB3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{E25BCE61-2553-4378-B9C8-32AA3DE4414B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{FABC240F-274B-47AC-858F-438E14DB95F9}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [TCP Query User{6A11780A-C673-4C25-B63A-2AC4A906E120}C:\songan's ttt server - kopie\srcds.exe] => (Allow) C:\songan's ttt server - kopie\srcds.exe
FirewallRules: [UDP Query User{FEBEFACE-4396-49C6-91E1-33AFCF378EB8}C:\songan's ttt server - kopie\srcds.exe] => (Allow) C:\songan's ttt server - kopie\srcds.exe
FirewallRules: [{8E73AB31-C8AD-4F78-AEBF-565629D44666}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{2330A750-582C-4E3D-8E02-56F0FA5E1800}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{7A629A0A-1D85-462A-8131-C0F1A0FED8BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{569AB28B-79DA-4152-98C7-8FC358FC16A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{56C07A57-BFA5-470E-8B65-52E04CA6E40E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{BDCC194D-ABA9-4892-B891-FCC35B720DD7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{55449DDA-7F51-4C61-8861-B3C700B4A81F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B2D89EFE-0FB9-4756-9144-21CFA0AA27BA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{44F22EFC-FB2D-4E4D-B1A1-3A9C31E2D3A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{4B96DCC9-61BA-4747-8A57-9B0DEC5D083A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1274CD60-E8E4-469D-9A12-04443BFCBAF8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F0065602-B604-471B-AF08-8447902B5DA3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{262C47AA-404B-48BA-8D26-F495E5069386}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{410F82CB-A332-4660-91D6-53EC5F42E57D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheCulling\TheCulling_Launcher.exe
FirewallRules: [{AFFB53C2-13B6-4304-A294-3BB329BD7A32}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheCulling\TheCulling_Launcher.exe
FirewallRules: [TCP Query User{5CC79050-2FF6-4A33-8DA8-E4C465A2A3DE}C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe
FirewallRules: [UDP Query User{4765706F-B3BB-43A0-B242-0A13CE229922}C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe
FirewallRules: [{637479C3-5E89-4FAC-8365-DDD65B257ED8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{EC6C7D2A-4B98-43D4-A98D-A5F23E492F17}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{874A6590-5815-43EC-B566-7CBEB1912029}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{F6A32B85-6372-45E2-92B3-0AFC0691F1B7}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{99098603-601D-4775-9C3F-BEC0C8D673D8}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{5B9E721E-7C91-4AFB-8D54-F23B323D8D38}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{3AF93217-33B9-474C-8F86-6DA2552DA48D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{B0ACEF2B-4DBF-4D2D-81F2-89919DADDAE2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{2DADFF23-7A32-40C7-97D3-74EBF26FC353}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{D904EB1D-3CF6-4D18-ABAD-152EC199EABB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{61D4255A-0725-4A20-86E9-A34E748B4F71}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{9211B61F-6AB9-436E-AE60-FB5D52BFC6F2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{34F5F4C6-599F-4D22-A403-1FEFEB04F774}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{E43876E3-8A49-45C9-A1BE-FD30D5F51304}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{7D629C6C-2852-4C13-AE7C-C6E7D0F14E6E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{4E5CBD26-E8EA-4812-9703-902E1871A0D9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rust\Rust.exe
FirewallRules: [{7040C603-3913-4BA6-BD1E-E937BD819C14}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rust\Rust.exe
FirewallRules: [TCP Query User{4C1C0507-D001-4114-820D-F8D2A26F0901}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{559A0FF3-0735-4B3A-A8DC-D372E4F2896F}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{4B42444C-39EC-4DE6-93C4-F37658C012D4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hotline Miami 2\HotlineMiami2.exe
FirewallRules: [{0EEDE53D-E7BD-4BFE-8190-8761E301FC43}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hotline Miami 2\HotlineMiami2.exe
FirewallRules: [{22E36B34-93CD-4B4F-A5FB-5AFFD7F9217C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{B9204EB4-20CE-4AA5-8A1A-9324E6806329}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{58307D7D-485E-456D-8D40-11B231A2D5F2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cosmic DJ\CosmicDJ.exe
FirewallRules: [{305A4E45-3FEB-4293-B381-B5077FD9A4ED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cosmic DJ\CosmicDJ.exe
FirewallRules: [{8447CB76-1E1A-4652-8F66-88A1224E76FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{82D905D9-6316-4F94-8EF1-DE72C857E929}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{D11456BE-FE83-4E74-9375-143333BE80F0}] => (Allow) LPort=53000
FirewallRules: [{695517FD-A4F0-4CBB-A4C0-555AF58C193F}] => (Allow) LPort=52000

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/10/2016 05:25:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: avscan.exe, Version: 15.0.16.276, Zeitstempel: 0x56c489d7
Name des fehlerhaften Moduls: AVSCPLR.DLL, Version: 15.0.16.280, Zeitstempel: 0x56c6e004
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000649b
ID des fehlerhaften Prozesses: 0x790
Startzeit der fehlerhaften Anwendung: 0xavscan.exe0
Pfad der fehlerhaften Anwendung: avscan.exe1
Pfad des fehlerhaften Moduls: avscan.exe2
Berichtskennung: avscan.exe3
Vollständiger Name des fehlerhaften Pakets: avscan.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: avscan.exe5

Error: (05/10/2016 04:15:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm soffice.bin, Version 4.0.0.103 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 134

Startzeit: 01d1aac5e6629c16

Endzeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\LibreOffice 4.0\program\soffice.bin

Berichts-ID: 905d7871-16b9-11e6-bf73-b4b52fc7b10a

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/10/2016 03:54:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17415 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1c18

Startzeit: 01d1aac2ba88ef09

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe

Berichts-ID: adf18511-16b6-11e6-bf73-b4b52fc7b10a

Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (05/10/2016 03:32:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HPConnectedRemoteService.exe, Version: 1.0.1206.0, Zeitstempel: 0x503e3c5d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18264, Zeitstempel: 0x56e1bd71
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000000000008a5c
ID des fehlerhaften Prozesses: 0x218c
Startzeit der fehlerhaften Anwendung: 0xHPConnectedRemoteService.exe0
Pfad der fehlerhaften Anwendung: HPConnectedRemoteService.exe1
Pfad des fehlerhaften Moduls: HPConnectedRemoteService.exe2
Berichtskennung: HPConnectedRemoteService.exe3
Vollständiger Name des fehlerhaften Pakets: HPConnectedRemoteService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: HPConnectedRemoteService.exe5

Error: (05/10/2016 03:32:03 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: HPConnectedRemoteService.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Management.ManagementException
   bei System.Management.ManagementException.ThrowWithExtendedInfo(System.Management.ManagementStatus)
   bei System.Management.SinkForEventQuery.Cancel()
   bei System.Management.ManagementEventWatcher.Stop()
   bei HP.Seeker.ProcessMonitor.StopProcessWatchers()
   bei HP.Seeker.ProcessKeeperService.StopProcesMonitors()
   bei HP.Seeker.HPSeekerSwitchboard.StartUserService()
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   bei System.Threading.ThreadHelper.ThreadStart()

Error: (05/07/2016 12:48:42 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database

Error: (05/05/2016 07:39:07 PM) (Source: MsiInstaller) (EventID: 1002) (User: André-PC)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList".

Error: (05/05/2016 07:38:29 PM) (Source: MsiInstaller) (EventID: 1002) (User: André-PC)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\3992CCA085027EB4A929D9DCAAB94321\SourceList".

Error: (05/04/2016 06:39:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17415 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1e8c

Startzeit: 01d1a622d9d99477

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe

Berichts-ID: ce032141-1216-11e6-bf71-b4b52fc7b10a

Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (05/01/2016 08:33:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Steam.exe, Version 3.37.92.83 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 3b04

Startzeit: 01d1a3d7e264020b

Endzeit: 5

Anwendungspfad: C:\Program Files (x86)\Steam\Steam.exe

Berichts-ID: 2d26d980-0fcb-11e6-bf6f-b4b52fc7b10a

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (05/10/2016 05:26:49 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (05/10/2016 05:26:41 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (05/10/2016 05:22:37 PM) (Source: DCOM) (EventID: 10010) (User: André-PC)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}

Error: (05/10/2016 05:22:33 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (05/10/2016 03:37:37 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (05/10/2016 03:37:20 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (05/10/2016 03:31:17 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (05/10/2016 03:25:30 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Modules Installer" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (05/10/2016 03:24:52 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (05/10/2016 03:24:00 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056


CodeIntegrity:
===================================
  Date: 2013-08-19 13:11:11.339
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 47%
Installierter physikalischer RAM: 8147.35 MB
Verfügbarer physikalischer RAM: 4298.78 MB
Summe virtueller Speicher: 12499.35 MB
Verfügbarer virtueller Speicher: 7635.67 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:918.61 GB) (Free:93.94 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Recovery Image) (Fixed) (Total:10.98 GB) (Free:1.33 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (NVCDV243) (CDROM) (Total:1.18 GB) (Free:0 GB) CDFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 9FE15288)

Partition: GPT.

==================== Ende von Addition.txt ============================
         

Alt 10.05.2016, 17:29   #5
Chronos5896
 
Windows 8: Für mich unbekannter Trojaner von Avira gefunden - Standard

Windows 8: Für mich unbekannter Trojaner von Avira gefunden



Und als letztes!
Code:
ATTFilter
18:22:23.0948 0x1958  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
18:22:23.0948 0x1958  UEFI system
18:22:46.0407 0x1958  ============================================================
18:22:46.0407 0x1958  Current date / time: 2016/05/10 18:22:46.0407
18:22:46.0407 0x1958  SystemInfo:
18:22:46.0407 0x1958  
18:22:46.0407 0x1958  OS Version: 6.3.9600 ServicePack: 0.0
18:22:46.0407 0x1958  Product type: Workstation
18:22:46.0407 0x1958  ComputerName: ANDRÉ-PC
18:22:46.0407 0x1958  UserName: André
18:22:46.0407 0x1958  Windows directory: C:\WINDOWS
18:22:46.0407 0x1958  System windows directory: C:\WINDOWS
18:22:46.0407 0x1958  Running under WOW64
18:22:46.0407 0x1958  Processor architecture: Intel x64
18:22:46.0407 0x1958  Number of processors: 8
18:22:46.0407 0x1958  Page size: 0x1000
18:22:46.0407 0x1958  Boot type: Normal boot
18:22:46.0407 0x1958  ============================================================
18:22:49.0601 0x1958  KLMD registered as C:\WINDOWS\system32\drivers\17088877.sys
18:22:50.0435 0x1958  System UUID: {0A3C6F5D-85BC-54B7-180F-56313003A5C1}
18:22:50.0880 0x1958  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:22:50.0895 0x1958  ============================================================
18:22:50.0895 0x1958  \Device\Harddisk0\DR0:
18:22:50.0896 0x1958  GPT partitions:
18:22:50.0896 0x1958  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {116A4521-4F0C-47A0-BAB7-03035BD7E94E}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1FF800
18:22:50.0896 0x1958  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {8FBE38ED-5EB6-4102-8512-FA11F86E44C3}, Name: EFI system partition, StartLBA 0x200000, BlocksNum 0xB4000
18:22:50.0896 0x1958  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {AF7B1549-4E36-459D-92EC-6749E38D1B4A}, Name: Microsoft reserved partition, StartLBA 0x2B4000, BlocksNum 0x40000
18:22:50.0896 0x1958  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {39BEA69E-C96C-4808-8D6C-17847E3EC2B7}, Name: Basic data partition, StartLBA 0x2F4000, BlocksNum 0x72D39000
18:22:50.0896 0x1958  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {ADD17A59-4D4F-4806-95FB-B3087D5473B3}, Name: , StartLBA 0x7302D000, BlocksNum 0xE1800
18:22:50.0896 0x1958  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {04759BE8-5639-41D4-BA22-3F49D34791E1}, Name: Basic data partition, StartLBA 0x7310E800, BlocksNum 0x15F8000
18:22:50.0896 0x1958  MBR partitions:
18:22:50.0896 0x1958  ============================================================
18:22:50.0932 0x1958  C: <-> \Device\Harddisk0\DR0\Partition4
18:22:50.0969 0x1958  D: <-> \Device\Harddisk0\DR0\Partition6
18:22:50.0969 0x1958  ============================================================
18:22:50.0969 0x1958  Initialize success
18:22:50.0969 0x1958  ============================================================
18:23:15.0699 0x06c0  ============================================================
18:23:15.0699 0x06c0  Scan started
18:23:15.0699 0x06c0  Mode: Manual; SigCheck; TDLFS; 
18:23:15.0699 0x06c0  ============================================================
18:23:15.0699 0x06c0  KSN ping started
18:23:18.0132 0x06c0  KSN ping finished: true
18:23:28.0669 0x06c0  ================ Scan system memory ========================
18:23:28.0669 0x06c0  System memory - ok
18:23:28.0670 0x06c0  ================ Scan services =============================
18:23:30.0670 0x06c0  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
18:23:31.0671 0x06c0  1394ohci - ok
18:23:31.0710 0x06c0  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
18:23:31.0718 0x06c0  3ware - ok
18:23:32.0005 0x06c0  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
18:23:32.0023 0x06c0  ACPI - ok
18:23:32.0036 0x06c0  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
18:23:32.0043 0x06c0  acpiex - ok
18:23:32.0049 0x06c0  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
18:23:32.0070 0x06c0  acpipagr - ok
18:23:32.0304 0x06c0  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
18:23:32.0419 0x06c0  AcpiPmi - ok
18:23:32.0457 0x06c0  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
18:23:32.0483 0x06c0  acpitime - ok
18:23:33.0329 0x06c0  [ 36114214BF8D7C464D1E92E4EB6B2DD3, 8E7CB266D4ABCDF332A3D4D341753811D51B72985E36F24A7E757DCA11A65A2A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:23:33.0357 0x06c0  AdobeARMservice - ok
18:23:34.0093 0x06c0  [ 28FFB14117CCEDD7D2F124596AA9B785, 8FC482C6444C904B5536979B3354597FD714634EC7372B464118C42AA9DCB58A ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:23:34.0100 0x06c0  AdobeFlashPlayerUpdateSvc - ok
18:23:34.0226 0x06c0  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
18:23:34.0299 0x06c0  ADP80XX - ok
18:23:34.0358 0x06c0  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
18:23:34.0377 0x06c0  AeLookupSvc - ok
18:23:34.0472 0x06c0  [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD             C:\WINDOWS\system32\drivers\afd.sys
18:23:34.0551 0x06c0  AFD - ok
18:23:34.0568 0x06c0  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
18:23:34.0575 0x06c0  agp440 - ok
18:23:34.0608 0x06c0  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
18:23:34.0655 0x06c0  ahcache - ok
18:23:34.0699 0x06c0  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\WINDOWS\System32\alg.exe
18:23:34.0777 0x06c0  ALG - ok
18:23:34.0835 0x06c0  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
18:23:34.0909 0x06c0  AmdK8 - ok
18:23:34.0961 0x06c0  [ F2FF8C1B41B3784EDBD5C6D5397F403C, 104873700D2BDF4812DC48200B4609F46A63E7A50594A0599100EF1438863708 ] amdkmafd        C:\WINDOWS\system32\drivers\amdkmafd.sys
18:23:34.0972 0x06c0  amdkmafd - ok
18:23:35.0300 0x06c0  [ 71F8D8B977ACC5973FA042BF906E709F, 8106C5F5C8E40344CCCDB912845786DF287BDF068D7A6EF9D26B00FA1754C1BC ] amdkmdag        C:\WINDOWS\system32\DRIVERS\atikmdag.sys
18:23:35.0696 0x06c0  amdkmdag - detected UnsignedFile.Multi.Generic ( 1 )
18:23:38.0171 0x06c0  Detect skipped due to KSN trusted
18:23:38.0173 0x06c0  amdkmdag - ok
18:23:38.0202 0x06c0  [ 4AA027F91A8093B1CDF453B5394F6715, E6D15E959637C102A34F73F66BFDC38436575A2FEFFC3976ACF399A472F126A5 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
18:23:38.0220 0x06c0  amdkmdap - detected UnsignedFile.Multi.Generic ( 1 )
18:23:40.0539 0x06c0  Detect skipped due to KSN trusted
18:23:40.0539 0x06c0  amdkmdap - ok
18:23:40.0621 0x06c0  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
18:23:40.0660 0x06c0  AmdPPM - ok
18:23:40.0885 0x06c0  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
18:23:40.0892 0x06c0  amdsata - ok
18:23:41.0283 0x06c0  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
18:23:41.0294 0x06c0  amdsbs - ok
18:23:41.0316 0x06c0  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
18:23:41.0322 0x06c0  amdxata - ok
18:23:42.0562 0x06c0  [ 157DA3885AA4F03C80C10DAEB0949CAA, 69EA1C9F904FBDFE904A3BC52CB0E188AF18A93EA87A119E5E6234C6F5D4742E ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
18:23:42.0580 0x06c0  AntiVirMailService - ok
18:23:42.0669 0x06c0  [ BD65021AB0EC790AECC503C394E61BA4, 51AD9C6F1192A3604902AE4F3B4B791DF1D58EA0B39B12AE4FA38F59E02F6D68 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
18:23:42.0710 0x06c0  AntiVirSchedulerService - ok
18:23:42.0760 0x06c0  [ BD65021AB0EC790AECC503C394E61BA4, 51AD9C6F1192A3604902AE4F3B4B791DF1D58EA0B39B12AE4FA38F59E02F6D68 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
18:23:42.0776 0x06c0  AntiVirService - ok
18:23:42.0900 0x06c0  [ CF586007CB1F9189CDF07D0D5A02C448, 7BA6E27A835A0851C12A7A115C24665631CC77D857DAF32D24BF2D2AF676FE30 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
18:23:43.0395 0x06c0  AntiVirWebService - ok
18:23:43.0694 0x06c0  [ 9DCB42905F1EBF9CEC57EE5DF0BDA965, 4C888AAD0DDE01565FD7FBB6B70A500158CF2E4CECF9ADD4AFD302A993587269 ] AppHostSvc      C:\WINDOWS\system32\inetsrv\apphostsvc.dll
18:23:43.0922 0x06c0  AppHostSvc - ok
18:23:44.0009 0x06c0  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\WINDOWS\system32\drivers\appid.sys
18:23:44.0239 0x06c0  AppID - ok
18:23:44.0621 0x06c0  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
18:23:44.0663 0x06c0  AppIDSvc - ok
18:23:44.0773 0x06c0  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
18:23:45.0397 0x06c0  Appinfo - ok
18:23:45.0820 0x06c0  [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:23:45.0826 0x06c0  Apple Mobile Device Service - ok
18:23:45.0912 0x06c0  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
18:23:45.0971 0x06c0  AppReadiness - ok
18:23:46.0233 0x06c0  [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
18:23:46.0430 0x06c0  AppXSvc - ok
18:23:46.0465 0x06c0  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
18:23:46.0472 0x06c0  arcsas - ok
18:23:46.0715 0x06c0  [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:23:46.0738 0x06c0  aspnet_state - ok
18:23:46.0757 0x06c0  [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:23:46.0798 0x06c0  AsyncMac - ok
18:23:46.0815 0x06c0  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
18:23:46.0821 0x06c0  atapi - ok
18:23:46.0929 0x06c0  [ 788914C42AD8318F1DD7A565EAFFB049, AFB0E070AB9713156F31A68A956152CBC8294AC1814A2BCA07558AC1127B345E ] athrusb         C:\WINDOWS\system32\DRIVERS\athrxusb.sys
18:23:46.0984 0x06c0  athrusb - ok
18:23:47.0001 0x06c0  [ AF6DD5993D46AF2492C19E1FF6D9A04C, 720F27791FF5D486AD07A447A4BC44D137AA245B91CE1D624E40B1DA78B6CACF ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWB6.sys
18:23:47.0018 0x06c0  AtiHDAudioService - detected UnsignedFile.Multi.Generic ( 1 )
18:23:49.0333 0x06c0  Detect skipped due to KSN trusted
18:23:49.0333 0x06c0  AtiHDAudioService - ok
18:23:49.0559 0x06c0  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
18:23:49.0748 0x06c0  AudioEndpointBuilder - ok
18:23:49.0870 0x06c0  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
18:23:49.0891 0x06c0  Audiosrv - ok
18:23:50.0589 0x06c0  [ 5CF5E80616F74B769AABCF76FEA791D1, CA56643D41DB4E139FE85098DCD67187AAC126CE2414276364A97334E15F9F53 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
18:23:50.0595 0x06c0  avgntflt - ok
18:23:50.0641 0x06c0  [ 8EF22CC03EFA1CB6810003C6A3B287D3, 352FE3194713D86BBD900A74AF033D5FE96A71389CC63DFC4821B43A55837206 ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
18:23:50.0653 0x06c0  avipbb - ok
18:23:51.0217 0x06c0  [ 8B86696A7030DDBD85B64621BD5B9C44, 9C22C8C5AC39A7138A669A6C4CA9753A6D2F21CFDFB8A1F1A34CB0AFC9DA9F0D ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
18:23:51.0225 0x06c0  Avira.ServiceHost - ok
18:23:51.0250 0x06c0  [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
18:23:51.0259 0x06c0  avkmgr - ok
18:23:51.0297 0x06c0  [ 899D89FDF015BBAF628076987D74C295, 7534A10F652FBE559431B9B1C6BC13874E8BC7438D7AFD7553F96811FD3E59BD ] avnetflt        C:\WINDOWS\system32\DRIVERS\avnetflt.sys
18:23:51.0307 0x06c0  avnetflt - ok
18:23:51.0360 0x06c0  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
18:23:51.0381 0x06c0  AxInstSV - ok
18:23:51.0523 0x06c0  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
18:23:51.0538 0x06c0  b06bdrv - ok
18:23:51.0558 0x06c0  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
18:23:51.0605 0x06c0  BasicDisplay - ok
18:23:51.0615 0x06c0  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
18:23:51.0703 0x06c0  BasicRender - ok
18:23:51.0728 0x06c0  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
18:23:51.0732 0x06c0  bcmfn2 - ok
18:23:51.0802 0x06c0  [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
18:23:51.0853 0x06c0  BDESVC - ok
18:23:51.0900 0x06c0  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
18:23:51.0949 0x06c0  Beep - ok
18:23:52.0008 0x068c  Object required for P2P: [ CEA5F4F27CFC08E3A44D576811B35F50 ] amdxata
18:23:52.0169 0x06c0  [ CE4DEB0464915A50371D1FCDD22BE6D0, 8CFDC981605DE5ED22DC07E892108445BDAE84FCACFAF2EB5E4417E0757B623D ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
18:23:52.0198 0x06c0  BEService - ok
18:23:52.0263 0x06c0  [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE             C:\WINDOWS\System32\bfe.dll
18:23:52.0636 0x06c0  BFE - ok
18:23:53.0138 0x06c0  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\WINDOWS\System32\qmgr.dll
18:23:53.0297 0x06c0  BITS - ok
18:23:53.0988 0x06c0  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:23:53.0998 0x06c0  Bonjour Service - ok
18:23:54.0110 0x06c0  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
18:23:54.0131 0x06c0  bowser - ok
18:23:54.0237 0x06c0  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
18:23:54.0421 0x068c  Object send P2P result: true
18:23:54.0421 0x068c  Object required for P2P: [ 157DA3885AA4F03C80C10DAEB0949CAA ] AntiVirMailService
18:23:54.0921 0x06c0  BrokerInfrastructure - ok
18:23:55.0009 0x06c0  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\WINDOWS\System32\browser.dll
18:23:55.0216 0x06c0  Browser - ok
18:23:55.0284 0x06c0  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
18:23:55.0306 0x06c0  BthAvrcpTg - ok
18:23:55.0377 0x06c0  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
18:23:55.0666 0x06c0  BthHFEnum - ok
18:23:55.0716 0x06c0  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
18:23:55.0724 0x06c0  bthhfhid - ok
18:23:55.0855 0x06c0  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
18:23:55.0908 0x06c0  BthHFSrv - ok
18:23:55.0931 0x06c0  [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
18:23:55.0993 0x06c0  BTHMODEM - ok
18:23:56.0009 0x06c0  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\WINDOWS\system32\bthserv.dll
18:23:56.0044 0x06c0  bthserv - ok
18:23:56.0059 0x06c0  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
18:23:56.0088 0x06c0  cdfs - ok
18:23:56.0104 0x06c0  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
18:23:56.0122 0x06c0  cdrom - ok
18:23:56.0140 0x06c0  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
18:23:56.0178 0x06c0  CertPropSvc - ok
18:23:56.0206 0x06c0  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
18:23:56.0213 0x06c0  circlass - ok
18:23:56.0249 0x06c0  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
18:23:56.0261 0x06c0  CLFS - ok
18:23:56.0303 0x06c0  [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive  C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
18:23:56.0309 0x06c0  CLVirtualDrive - ok
18:23:56.0349 0x06c0  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
18:23:56.0392 0x06c0  CmBatt - ok
18:23:56.0441 0x06c0  [ DD795DADD9366C13001E980B334C2ED4, 88B1A8B3D1A33CEDD42E0AB274E71A382C2FDA1176FE11021AFF686CB008A5D2 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
18:23:56.0458 0x06c0  CNG - ok
18:23:56.0471 0x06c0  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
18:23:56.0478 0x06c0  CompositeBus - ok
18:23:56.0480 0x06c0  COMSysApp - ok
18:23:56.0487 0x06c0  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
18:23:56.0505 0x06c0  condrv - ok
18:23:56.0545 0x06c0  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
18:23:56.0566 0x06c0  CryptSvc - ok
18:23:56.0598 0x06c0  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
18:23:56.0605 0x06c0  dam - ok
18:23:56.0689 0x06c0  [ E4220FD9C7F1579D9C5F9DFB00427841, 77740122A01A08F18CC82A4BB3F00EC59F29EE10779092F872572C264F6728D0 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
18:23:56.0721 0x06c0  DcomLaunch - ok
18:23:56.0822 0x06c0  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
18:23:56.0825 0x068c  Object send P2P result: true
18:23:56.0864 0x06c0  defragsvc - ok
18:23:56.0911 0x06c0  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
18:23:58.0036 0x06c0  DeviceAssociationService - ok
18:23:58.0097 0x06c0  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
18:23:58.0151 0x06c0  DeviceInstall - ok
18:23:58.0443 0x06c0  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
18:23:58.0505 0x06c0  Dfsc - ok
18:23:58.0728 0x06c0  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
18:23:58.0805 0x06c0  Dhcp - ok
18:23:59.0240 0x06c0  [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
18:23:59.0545 0x06c0  DiagTrack - ok
18:23:59.0777 0x06c0  [ 6B589D7870F836BEFC183897CCAB2856, 2D00DD081DDC3AC1A936AB7E58A0CB3DDB3F02F609B308F464C2719581848262 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
18:23:59.0785 0x06c0  DigitalWave.Update.Service - ok
18:24:00.0129 0x06c0  [ 8B1E62881D5AC68E673CD94B136B34AC, A0C50F17041E43AC07B67A74F2C408820316201439F47CDEA37A4F5891CC0E6F ] disk            C:\WINDOWS\system32\drivers\disk.sys
18:24:00.0137 0x06c0  disk - ok
18:24:00.0291 0x06c0  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
18:24:00.0313 0x06c0  dmvsc - ok
18:24:00.0358 0x06c0  [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
18:24:00.0390 0x06c0  Dnscache - ok
18:24:00.0500 0x06c0  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
18:24:00.0571 0x06c0  dot3svc - ok
18:24:00.0642 0x06c0  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\WINDOWS\system32\dps.dll
18:24:00.0665 0x06c0  DPS - ok
18:24:00.0715 0x06c0  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
18:24:00.0720 0x06c0  drmkaud - ok
18:24:00.0759 0x06c0  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
18:24:00.0800 0x06c0  DsmSvc - ok
18:24:00.0970 0x06c0  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
18:24:01.0005 0x06c0  DXGKrnl - ok
18:24:01.0038 0x06c0  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
18:24:01.0184 0x06c0  Eaphost - ok
18:24:01.0186 0x06c0  EasyAntiCheat - ok
18:24:01.0504 0x06c0  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
18:24:01.0909 0x06c0  ebdrv - ok
18:24:02.0000 0x06c0  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\WINDOWS\System32\lsass.exe
18:24:02.0007 0x06c0  EFS - ok
18:24:02.0024 0x06c0  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
18:24:02.0031 0x06c0  EhStorClass - ok
18:24:02.0204 0x06c0  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
18:24:02.0211 0x06c0  EhStorTcgDrv - ok
18:24:02.0234 0x06c0  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
18:24:02.0256 0x06c0  ErrDev - ok
18:24:02.0811 0x06c0  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\WINDOWS\system32\es.dll
18:24:03.0054 0x06c0  EventSystem - ok
18:24:03.0283 0x06c0  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
18:24:03.0388 0x06c0  exfat - ok
18:24:03.0458 0x06c0  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
18:24:03.0489 0x06c0  fastfat - ok
18:24:04.0124 0x06c0  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\WINDOWS\system32\fxssvc.exe
18:24:04.0172 0x06c0  Fax - ok
18:24:04.0256 0x06c0  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
18:24:04.0350 0x06c0  fdc - ok
18:24:04.0437 0x06c0  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
18:24:04.0509 0x06c0  fdPHost - ok
18:24:04.0551 0x06c0  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
18:24:04.0573 0x06c0  FDResPub - ok
18:24:04.0653 0x06c0  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
18:24:04.0676 0x06c0  fhsvc - ok
18:24:04.0720 0x06c0  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
18:24:04.0727 0x06c0  FileInfo - ok
18:24:04.0767 0x06c0  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
18:24:04.0885 0x06c0  Filetrace - ok
18:24:04.0925 0x06c0  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
18:24:04.0951 0x06c0  flpydisk - ok
18:24:05.0016 0x06c0  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
18:24:05.0028 0x06c0  FltMgr - ok
18:24:05.0217 0x06c0  [ 2F225BC85B84C04EA01BAB8D8DACFA83, 1F6E20C8F0FFD3FA60BDF556FB8392FE014E6519C3F314D1D22D394DB2A040CA ] FontCache       C:\WINDOWS\system32\FntCache.dll
18:24:05.0272 0x06c0  FontCache - ok
18:24:05.0372 0x06c0  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:24:05.0377 0x06c0  FontCache3.0.0.0 - ok
18:24:05.0420 0x06c0  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
18:24:05.0426 0x06c0  FsDepends - ok
18:24:05.0445 0x06c0  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:24:05.0452 0x06c0  Fs_Rec - ok
18:24:05.0469 0x06c0  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
18:24:05.0485 0x06c0  fvevol - ok
18:24:05.0490 0x06c0  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
18:24:05.0515 0x06c0  FxPPM - ok
18:24:05.0551 0x06c0  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
18:24:05.0558 0x06c0  gagp30kx - ok
18:24:05.0598 0x06c0  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
18:24:05.0602 0x06c0  GEARAspiWDM - ok
18:24:05.0644 0x06c0  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
18:24:05.0667 0x06c0  gencounter - ok
18:24:05.0795 0x06c0  [ E6057C066C7FECB49D4A27CFC4558C8E, F9E9498D4E924E6169CFDAE7E893B6F26014E9C24B833AE23BBBF9D568CB4057 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
18:24:05.0818 0x06c0  GfExperienceService - ok
18:24:05.0863 0x06c0  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
18:24:05.0871 0x06c0  GPIOClx0101 - ok
18:24:05.0948 0x06c0  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
18:24:06.0691 0x06c0  gpsvc - ok
18:24:06.0718 0x06c0  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
18:24:06.0736 0x06c0  HdAudAddService - ok
18:24:06.0751 0x06c0  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
18:24:07.0392 0x06c0  HDAudBus - ok
18:24:07.0434 0x06c0  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
18:24:08.0145 0x06c0  HidBatt - ok
18:24:08.0343 0x06c0  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
18:24:08.0409 0x06c0  HidBth - ok
18:24:08.0576 0x06c0  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
18:24:08.0591 0x06c0  hidi2c - ok
18:24:08.0628 0x06c0  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
18:24:08.0791 0x06c0  HidIr - ok
18:24:08.0833 0x06c0  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\WINDOWS\system32\hidserv.dll
18:24:08.0873 0x06c0  hidserv - ok
18:24:09.0369 0x06c0  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
18:24:09.0433 0x06c0  HidUsb - ok
18:24:09.0522 0x06c0  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
18:24:09.0563 0x06c0  hkmsvc - ok
18:24:09.0592 0x06c0  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
18:24:09.0612 0x06c0  HomeGroupListener - ok
18:24:10.0196 0x06c0  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
18:24:10.0249 0x06c0  HomeGroupProvider - ok
18:24:10.0381 0x06c0  [ E2550FBBBA31E2D4F9757E0A533689F0, 0AE6B0D89E74E57F87A6431D005BFF4213AC4C98A74A7C796894FC2A8D42E0DD ] HPConnectedRemote c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
18:24:10.0386 0x06c0  HPConnectedRemote - ok
18:24:10.0553 0x06c0  [ 7B7DE6B3DC30F3246958F42C67A6F7BB, 4B66B90CFEC2231B905B21DECC4EC7C6500E546F080A452EF67E724EDF37ADD9 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
18:24:10.0575 0x06c0  hpqwmiex - ok
18:24:10.0592 0x06c0  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
18:24:10.0599 0x06c0  HpSAMD - ok
18:24:10.0629 0x06c0  [ 2C884CBC1CC8804B771C845CD683BA84, 4BDCD012AB9D2ED0A2831BB01F77DB47B83565527C4964CA7BE6FC66917AC265 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
18:24:10.0634 0x06c0  HPSupportSolutionsFrameworkService - ok
18:24:10.0767 0x06c0  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
18:24:10.0791 0x06c0  HTTP - ok
18:24:10.0829 0x06c0  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
18:24:10.0835 0x06c0  hwpolicy - ok
18:24:10.0888 0x06c0  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
18:24:10.0904 0x06c0  hyperkbd - ok
18:24:10.0948 0x06c0  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
18:24:10.0991 0x06c0  HyperVideo - ok
18:24:11.0075 0x06c0  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
18:24:11.0142 0x06c0  i8042prt - ok
18:24:11.0191 0x06c0  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
18:24:11.0196 0x06c0  iaLPSSi_GPIO - ok
18:24:11.0212 0x06c0  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
18:24:11.0218 0x06c0  iaLPSSi_I2C - ok
18:24:11.0335 0x06c0  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
18:24:11.0351 0x06c0  iaStorAV - ok
18:24:11.0370 0x06c0  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
18:24:11.0678 0x06c0  iaStorV - ok
18:24:12.0065 0x06c0  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
18:24:12.0069 0x06c0  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
18:24:14.0382 0x06c0  Detect skipped due to KSN trusted
18:24:14.0382 0x06c0  IDriverT - ok
18:24:14.0384 0x06c0  IEEtwCollectorService - ok
18:24:14.0502 0x06c0  [ 2530D33CE2F5F30D08A039EC33E91F17, DE1669A9F67C9CA3EEF6D0D0A56167318E4DB50965D87BF94A2795A21EBEE979 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
18:24:14.0559 0x06c0  IKEEXT - ok
18:24:14.0620 0x06c0  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface c:\Program Files\Intel\iCLS Client\HeciServer.exe
18:24:14.0633 0x06c0  Intel(R) Capability Licensing Service Interface - ok
18:24:14.0682 0x06c0  [ 30E9FAC23E2537D82F2836CB81AEE186, 03E5072D43ECED70EF004D2E6E654B4CCCE059825CC3C641C0534E4C0BC0C7E8 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
18:24:14.0687 0x06c0  Intel(R) ME Service - ok
18:24:14.0730 0x06c0  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
18:24:14.0736 0x06c0  intelide - ok
18:24:14.0781 0x06c0  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
18:24:14.0787 0x06c0  intelpep - ok
18:24:14.0794 0x06c0  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
18:24:14.0810 0x06c0  intelppm - ok
18:24:14.0826 0x06c0  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:24:14.0844 0x06c0  IpFilterDriver - ok
18:24:14.0892 0x06c0  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
18:24:14.0915 0x06c0  iphlpsvc - ok
18:24:14.0954 0x06c0  [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
18:24:15.0001 0x06c0  IPMIDRV - ok
18:24:15.0006 0x06c0  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
18:24:15.0024 0x06c0  IPNAT - ok
18:24:15.0084 0x06c0  [ F96B9EDC032E61EB87652896E92ED526, F9E3CD2FA2D963C56034A4F606869467FDC6647B916CF457249270E6C337A8A5 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:24:15.0098 0x06c0  iPod Service - ok
18:24:15.0132 0x06c0  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
18:24:15.0546 0x06c0  IRENUM - ok
18:24:15.0592 0x06c0  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
18:24:15.0853 0x06c0  isapnp - ok
18:24:15.0919 0x06c0  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
18:24:16.0420 0x06c0  iScsiPrt - ok
18:24:16.0485 0x0ce4  Object required for P2P: [ 5CF5E80616F74B769AABCF76FEA791D1 ] avgntflt
18:24:16.0510 0x06c0  [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
18:24:16.0515 0x06c0  jhi_service - ok
18:24:16.0524 0x06c0  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
18:24:16.0530 0x06c0  kbdclass - ok
18:24:16.0566 0x06c0  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
18:24:16.0675 0x06c0  kbdhid - ok
18:24:16.0841 0x06c0  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
18:24:16.0892 0x06c0  kdnic - ok
18:24:16.0900 0x06c0  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\WINDOWS\system32\lsass.exe
18:24:16.0907 0x06c0  KeyIso - ok
18:24:17.0066 0x06c0  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
18:24:17.0073 0x06c0  KSecDD - ok
18:24:17.0112 0x06c0  [ A950AB512ED2BD847789FAAD3E967AFA, 005340965B30C5A14E4E081E2CDF7214D2C00BAF05C62DA9ED63EA3026E70C8A ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
18:24:17.0120 0x06c0  KSecPkg - ok
18:24:17.0235 0x06c0  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
18:24:17.0252 0x06c0  ksthunk - ok
18:24:17.0358 0x06c0  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
18:24:17.0371 0x06c0  KtmRm - ok
18:24:17.0970 0x06c0  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
18:24:18.0019 0x06c0  LanmanServer - ok
18:24:18.0122 0x06c0  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
18:24:18.0156 0x06c0  LanmanWorkstation - ok
18:24:18.0234 0x06c0  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
18:24:18.0580 0x06c0  lfsvc - ok
18:24:18.0726 0x06c0  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
18:24:18.0760 0x06c0  lltdio - ok
18:24:18.0835 0x06c0  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
18:24:18.0847 0x06c0  lltdsvc - ok
18:24:18.0885 0x06c0  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
18:24:18.0894 0x0ce4  Object send P2P result: true
18:24:18.0894 0x0ce4  Object required for P2P: [ 8B86696A7030DDBD85B64621BD5B9C44 ] Avira.ServiceHost
18:24:18.0918 0x06c0  lmhosts - ok
18:24:18.0944 0x06c0  [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:24:18.0950 0x06c0  LMS - ok
18:24:18.0966 0x06c0  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
18:24:18.0973 0x06c0  LSI_SAS - ok
18:24:18.0990 0x06c0  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
18:24:18.0997 0x06c0  LSI_SAS2 - ok
18:24:19.0058 0x06c0  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
18:24:19.0065 0x06c0  LSI_SAS3 - ok
18:24:19.0089 0x06c0  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
18:24:19.0096 0x06c0  LSI_SSS - ok
18:24:19.0186 0x06c0  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\WINDOWS\System32\lsm.dll
18:24:19.0326 0x06c0  LSM - ok
18:24:19.0359 0x06c0  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
18:24:19.0402 0x06c0  luafv - ok
18:24:19.0435 0x06c0  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
18:24:19.0441 0x06c0  megasas - ok
18:24:19.0530 0x06c0  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
18:24:19.0563 0x06c0  megasr - ok
18:24:19.0614 0x06c0  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
18:24:19.0618 0x06c0  MEIx64 - ok
18:24:19.0750 0x06c0  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\WINDOWS\system32\mmcss.dll
18:24:19.0781 0x06c0  MMCSS - ok
18:24:19.0790 0x06c0  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
18:24:20.0120 0x06c0  Modem - ok
18:24:20.0316 0x06c0  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
18:24:20.0586 0x06c0  monitor - ok
18:24:20.0641 0x06c0  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
18:24:20.0647 0x06c0  mouclass - ok
18:24:20.0665 0x06c0  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
18:24:20.0856 0x06c0  mouhid - ok
18:24:20.0937 0x06c0  [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
18:24:20.0944 0x06c0  mountmgr - ok
18:24:21.0301 0x0ce4  Object send P2P result: true
18:24:21.0640 0x06c0  [ FC9A9C09B35A93F76A03D5E355FA862C, B7ED57B9D39D547BA2927FC5F02C2475BF131FDB8AD40FFDE72C966506756B56 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:24:21.0647 0x06c0  MozillaMaintenance - ok
18:24:21.0735 0x06c0  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
18:24:21.0840 0x06c0  mpsdrv - ok
18:24:22.0460 0x06c0  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
18:24:22.0556 0x06c0  MpsSvc - ok
18:24:22.0654 0x06c0  [ D2AC8F07995CE6CD18848C129435B481, 839B04116B49A757950E049150F6AADE41335914CC699ED73BE886BECAC39D36 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
18:24:22.0726 0x06c0  MRxDAV - ok
18:24:22.0852 0x06c0  [ 5F2BB54E0223E46646789E90BB4CCD81, 44D5983512688D3C36D66C1D9EFFEED91A2CA5FDB3B106E313015082C72E344D ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:24:22.0993 0x06c0  mrxsmb - ok
18:24:23.0110 0x06c0  [ C83AF14432DF58324FBC2E80A5E42AB5, 63281C114CD9F4BDC80ED5DEE0578C0084DBE10D34DD2103F3BDEB2AF9AB757E ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
18:24:23.0176 0x06c0  mrxsmb10 - ok
18:24:23.0228 0x06c0  [ 9EFBEC37E87DB6C9E791075987AAB413, 9533F54C494FBD8868A2A973EA956C22E3C1AD9FA79C4F6A2C43F2CAB14DB9D4 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
18:24:23.0283 0x06c0  mrxsmb20 - ok
18:24:23.0308 0x06c0  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
18:24:23.0343 0x06c0  MsBridge - ok
18:24:23.0406 0x06c0  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
18:24:23.0414 0x06c0  MSDTC - ok
18:24:23.0435 0x06c0  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
18:24:23.0459 0x06c0  Msfs - ok
18:24:23.0509 0x06c0  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
18:24:23.0515 0x06c0  msgpiowin32 - ok
18:24:23.0524 0x06c0  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
18:24:23.0561 0x06c0  mshidkmdf - ok
18:24:23.0580 0x06c0  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
18:24:23.0596 0x06c0  mshidumdf - ok
18:24:23.0608 0x06c0  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
18:24:23.0614 0x06c0  msisadrv - ok
18:24:23.0657 0x06c0  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
18:24:23.0682 0x06c0  MSiSCSI - ok
18:24:23.0684 0x06c0  msiserver - ok
18:24:23.0698 0x06c0  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:24:23.0706 0x06c0  MSKSSRV - ok
18:24:23.0720 0x06c0  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
18:24:23.0751 0x06c0  MsLldp - ok
18:24:23.0789 0x06c0  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:24:23.0796 0x06c0  MSPCLOCK - ok
18:24:23.0799 0x06c0  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
18:24:23.0850 0x06c0  MSPQM - ok
18:24:23.0872 0x06c0  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
18:24:23.0884 0x06c0  MsRPC - ok
18:24:23.0889 0x06c0  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
18:24:23.0895 0x06c0  mssmbios - ok
18:24:23.0945 0x06c0  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
18:24:23.0967 0x06c0  MSTEE - ok
18:24:23.0977 0x06c0  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
18:24:23.0997 0x06c0  MTConfig - ok
18:24:24.0012 0x06c0  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
18:24:24.0019 0x06c0  Mup - ok
18:24:24.0068 0x06c0  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
18:24:24.0075 0x06c0  mvumis - ok
18:24:24.0128 0x06c0  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\WINDOWS\system32\qagentRT.dll
18:24:24.0154 0x06c0  napagent - ok
18:24:24.0205 0x06c0  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
18:24:24.0247 0x06c0  NativeWifiP - ok
18:24:24.0281 0x06c0  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
18:24:24.0314 0x06c0  NcaSvc - ok
18:24:24.0331 0x06c0  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\WINDOWS\System32\ncbservice.dll
18:24:24.0365 0x06c0  NcbService - ok
18:24:24.0471 0x06c0  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
18:24:24.0516 0x06c0  NcdAutoSetup - ok
18:24:24.0571 0x06c0  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
18:24:24.0599 0x06c0  NDIS - ok
18:24:24.0604 0x06c0  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
18:24:24.0623 0x06c0  NdisCap - ok
18:24:24.0636 0x06c0  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
18:24:24.0651 0x06c0  NdisImPlatform - ok
18:24:24.0656 0x06c0  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:24:24.0688 0x06c0  NdisTapi - ok
18:24:24.0731 0x06c0  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:24:24.0752 0x06c0  Ndisuio - ok
18:24:24.0766 0x06c0  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
18:24:24.0790 0x06c0  NdisVirtualBus - ok
18:24:24.0806 0x06c0  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:24:24.0829 0x06c0  NdisWan - ok
18:24:24.0842 0x06c0  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:24:24.0852 0x06c0  NdisWanLegacy - ok
18:24:24.0863 0x06c0  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
18:24:24.0871 0x06c0  NDProxy - ok
18:24:24.0885 0x06c0  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
18:24:24.0903 0x06c0  Ndu - ok
18:24:24.0935 0x06c0  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
18:24:24.0958 0x06c0  NetBIOS - ok
18:24:24.0977 0x06c0  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
18:24:25.0009 0x06c0  NetBT - ok
18:24:25.0026 0x06c0  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\WINDOWS\system32\lsass.exe
18:24:25.0032 0x06c0  Netlogon - ok
18:24:25.0084 0x06c0  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\WINDOWS\System32\netman.dll
18:24:25.0098 0x06c0  Netman - ok
18:24:25.0144 0x06c0  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
18:24:25.0449 0x06c0  netprofm - ok
18:24:25.0528 0x06c0  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:24:26.0185 0x06c0  NetTcpPortSharing - ok
18:24:26.0229 0x06c0  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\WINDOWS\System32\drivers\netvsc63.sys
18:24:26.0886 0x06c0  netvsc - ok
18:24:27.0167 0x06c0  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
18:24:27.0205 0x06c0  NlaSvc - ok
18:24:27.0416 0x06c0  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
18:24:27.0464 0x06c0  Npfs - ok
18:24:27.0493 0x06c0  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
18:24:27.0695 0x06c0  npsvctrig - ok
18:24:27.0756 0x06c0  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\WINDOWS\system32\nsisvc.dll
18:24:27.0958 0x06c0  nsi - ok
18:24:28.0023 0x06c0  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
18:24:28.0244 0x06c0  nsiproxy - ok
18:24:28.0487 0x06c0  [ 9980B262DBE439AE6BDC91AA985F19EE, E998E4CAE9CD103ADA9CA3C737C4DAD017D056828BFA42A41C7B4E4E108FB13C ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
18:24:28.0582 0x06c0  Ntfs - ok
18:24:29.0023 0x06c0  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
18:24:29.0052 0x06c0  Null - ok
18:24:29.0130 0x06c0  [ D812362E8AF615B521AD4DF19A93BD5A, B1F04122DFE9FCC3FC56BE327D86912D624C89F2EFB9684BE66FC22115D0E19F ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
18:24:29.0137 0x06c0  NVHDA - ok
18:24:29.0840 0x06c0  [ 668E7BC286D8436FBCF08BF999FEF840, BD3DF96598F111B58CEDA9A35CD0504B6C197DD7BB5FBD318BC3273D954F643E ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
18:24:30.0427 0x06c0  nvlddmkm - ok
18:24:31.0284 0x06c0  [ AF9BDCDDDDDDF7D99F821E1F96AA5C6A, 1FCF538F7B08BABD8AB8545C1868CA791F3641E69CB28D98209A17D03D836892 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
18:24:31.0366 0x06c0  NvNetworkService - ok
18:24:31.0724 0x06c0  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
18:24:31.0732 0x06c0  nvraid - ok
18:24:31.0823 0x06c0  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
18:24:31.0831 0x06c0  nvstor - ok
18:24:32.0594 0x06c0  [ CE7D19D5865937045DBF7FB87675BCCC, 6B05319F7501C5481763D950652187DE1AFEA84A68A496D3D7D8F0D2D47532D2 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
18:24:32.0599 0x06c0  NvStreamKms - ok
18:24:33.0206 0x06c0  [ C2E5FC52454CD0FB19426632A491C34D, 29462AE92824718C061C215BF4DC584D4BA7F0E18DD44E0F9162F93014E5B537 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
18:24:33.0283 0x06c0  NvStreamNetworkSvc - ok
18:24:33.0529 0x06c0  [ D1837C396165D1B5A0811A3B39071F97, 9AB66A86F8B94874162C6E4EF1843AA34F8979324B391289B2F494B7BDAED3E2 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
18:24:33.0578 0x06c0  NvStreamSvc - ok
18:24:33.0717 0x06c0  [ 3FA65FFED10B9191C6381A6D86D4C367, FB18958E169FD9CEAA204403A232E39C86E979798F664179DA823E8C4B4B8F50 ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
18:24:33.0798 0x06c0  nvsvc - ok
18:24:33.0936 0x06c0  [ A994D884CC8042CC1929976B15FDD54B, BC3D9D982B609C444341E90070E84BD501281B63E65AA510897BEB2C3D360C62 ] NVVADARM        C:\WINDOWS\system32\drivers\nvvadarm.sys
18:24:33.0941 0x06c0  NVVADARM - ok
18:24:33.0987 0x06c0  [ 0BAF8B3DF77EFF04CC0BEA5F2C3657F9, 8E7A542E20416835F31B8648B5724446A78609C0ACC26FCC20E885CF83BE9CB2 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
18:24:33.0994 0x06c0  nvvad_WaveExtensible - ok
18:24:34.0014 0x06c0  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
18:24:34.0023 0x06c0  nv_agp - ok
18:24:34.0212 0x06c0  [ A309633A4BA2DE3FC30468C3103E0BA5, 530C707A4FCD36A45E9D370D20105356C8019DE41EF1C1F1A728A523D5FBEE25 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
18:24:34.0269 0x06c0  Origin Client Service - ok
18:24:34.0364 0x06c0  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
18:24:34.0416 0x06c0  p2pimsvc - ok
18:24:34.0463 0x06c0  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
18:24:34.0498 0x06c0  p2psvc - ok
18:24:34.0525 0x06c0  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
18:24:34.0532 0x06c0  Parport - ok
18:24:34.0539 0x06c0  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
18:24:34.0546 0x06c0  partmgr - ok
18:24:34.0561 0x06c0  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
18:24:34.0591 0x06c0  PcaSvc - ok
18:24:34.0633 0x06c0  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys
18:24:34.0643 0x06c0  pci - ok
18:24:34.0678 0x06c0  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
18:24:34.0684 0x06c0  pciide - ok
18:24:34.0712 0x06c0  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
18:24:34.0719 0x06c0  pcmcia - ok
18:24:34.0760 0x06c0  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
18:24:35.0014 0x06c0  pcw - ok
18:24:35.0032 0x06c0  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
18:24:35.0039 0x06c0  pdc - ok
18:24:35.0154 0x06c0  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
18:24:36.0557 0x06c0  PEAUTH - ok
18:24:37.0116 0x06c0  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
18:24:37.0149 0x06c0  PerfHost - ok
18:24:37.0335 0x06c0  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\WINDOWS\system32\pla.dll
18:24:37.0436 0x06c0  pla - ok
18:24:37.0481 0x06c0  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
18:24:37.0490 0x06c0  PlugPlay - ok
18:24:37.0491 0x06c0  PnkBstrA - ok
18:24:37.0730 0x06c0  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
18:24:38.0016 0x06c0  PNRPAutoReg - ok
18:24:38.0128 0x06c0  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
18:24:38.0139 0x06c0  PNRPsvc - ok
18:24:38.0246 0x06c0  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
18:24:38.0275 0x06c0  PolicyAgent - ok
18:24:38.0297 0x06c0  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\WINDOWS\system32\umpo.dll
18:24:38.0338 0x06c0  Power - ok
18:24:38.0632 0x06c0  [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:24:38.0751 0x06c0  PptpMiniport - ok
18:24:39.0087 0x06c0  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
18:24:39.0190 0x06c0  PrintNotify - ok
18:24:39.0242 0x06c0  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
18:24:39.0273 0x06c0  Processor - ok
18:24:39.0329 0x06c0  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
18:24:39.0361 0x06c0  ProfSvc - ok
18:24:39.0430 0x06c0  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
18:24:39.0462 0x06c0  Psched - ok
18:24:39.0502 0x06c0  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\WINDOWS\system32\qwave.dll
18:24:39.0578 0x06c0  QWAVE - ok
18:24:39.0629 0x06c0  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
18:24:39.0648 0x06c0  QWAVEdrv - ok
18:24:39.0671 0x06c0  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:24:39.0700 0x06c0  RasAcd - ok
18:24:39.0735 0x06c0  [ E8FFD8BE3C50E7A71C5FBB87BDD1128E, 3E3EB906CC9A1CCA09580DA9F94DD0E1162CABD343874B76718DC4F2E9069C4E ] RasAgileVpn     C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
18:24:39.0764 0x06c0  RasAgileVpn - ok
18:24:39.0801 0x06c0  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
18:24:39.0821 0x06c0  RasAuto - ok
18:24:39.0885 0x06c0  [ 235624C147E3CB4C288D5D3D8E8D64A2, B3F182019DBAD9C761FE9F62EAED34AD5902B41A13A766D814FC3E2EA29D8D92 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:24:39.0978 0x06c0  Rasl2tp - ok
18:24:40.0022 0x06c0  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\WINDOWS\System32\rasmans.dll
18:24:40.0336 0x06c0  RasMan - ok
18:24:40.0456 0x06c0  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:24:40.0513 0x06c0  RasPppoe - ok
18:24:40.0691 0x06c0  [ 41F631007A158FEBB67F0E2AD1601BBA, EB5EA7277F4178BC27E55BF850AEBCD84B6BED80B2383CFB29548824AAFED135 ] RasSstp         C:\WINDOWS\system32\DRIVERS\rassstp.sys
18:24:40.0703 0x06c0  RasSstp - ok
18:24:40.0731 0x06c0  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:24:40.0900 0x06c0  rdbss - ok
18:24:41.0019 0x06c0  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
18:24:41.0170 0x06c0  rdpbus - ok
18:24:41.0315 0x06c0  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
18:24:41.0590 0x06c0  RDPDR - ok
18:24:41.0745 0x06c0  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
18:24:41.0750 0x06c0  RdpVideoMiniport - ok
18:24:41.0794 0x06c0  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
18:24:41.0803 0x06c0  rdyboost - ok
18:24:42.0281 0x06c0  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
18:24:42.0306 0x06c0  ReFS - ok
18:24:42.0537 0x06c0  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
18:24:42.0558 0x06c0  RemoteAccess - ok
18:24:42.0647 0x06c0  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
18:24:42.0697 0x06c0  RemoteRegistry - ok
18:24:42.0775 0x06c0  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
18:24:42.0986 0x06c0  RpcEptMapper - ok
18:24:43.0081 0x06c0  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\WINDOWS\system32\locator.exe
18:24:43.0113 0x06c0  RpcLocator - ok
18:24:43.0240 0x06c0  [ E4220FD9C7F1579D9C5F9DFB00427841, 77740122A01A08F18CC82A4BB3F00EC59F29EE10779092F872572C264F6728D0 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
18:24:43.0258 0x06c0  RpcSs - ok
18:24:43.0311 0x06c0  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
18:24:43.0363 0x06c0  rspndr - ok
18:24:43.0422 0x06c0  [ 948D5E71CF9DB59961353A355EA45139, A23D012B07A92CC217C67C904CDFBA2BCCDCC2BD49B24FB694BD230D000F2B7B ] RTL8168         C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
18:24:43.0439 0x06c0  RTL8168 - ok
18:24:43.0490 0x06c0  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
18:24:43.0512 0x06c0  s3cap - ok
18:24:43.0559 0x06c0  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\WINDOWS\system32\lsass.exe
18:24:43.0566 0x06c0  SamSs - ok
18:24:43.0602 0x06c0  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
18:24:43.0609 0x06c0  sbp2port - ok
18:24:43.0653 0x06c0  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
18:24:43.0674 0x06c0  SCardSvr - ok
18:24:43.0702 0x06c0  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
18:24:43.0727 0x06c0  ScDeviceEnum - ok
18:24:43.0893 0x06c0  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
18:24:43.0910 0x06c0  scfilter - ok
18:24:43.0966 0x06c0  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
18:24:44.0035 0x06c0  Schedule - ok
18:24:44.0075 0x06c0  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
18:24:44.0084 0x06c0  SCPolicySvc - ok
18:24:44.0130 0x06c0  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
18:24:44.0140 0x06c0  sdbus - ok
18:24:44.0197 0x06c0  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
18:24:44.0203 0x06c0  sdstor - ok
18:24:44.0217 0x06c0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
18:24:44.0280 0x06c0  secdrv - ok
18:24:44.0298 0x06c0  [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon        C:\WINDOWS\system32\seclogon.dll
18:24:44.0349 0x06c0  seclogon - ok
18:24:44.0361 0x06c0  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\WINDOWS\System32\sens.dll
18:24:44.0387 0x06c0  SENS - ok
18:24:44.0401 0x06c0  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
18:24:44.0434 0x06c0  SensrSvc - ok
18:24:44.0454 0x06c0  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
18:24:44.0460 0x06c0  SerCx - ok
18:24:44.0475 0x06c0  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
18:24:44.0483 0x06c0  SerCx2 - ok
18:24:44.0497 0x06c0  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
18:24:44.0506 0x06c0  Serenum - ok
18:24:44.0543 0x06c0  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
18:24:44.0902 0x06c0  Serial - ok
18:24:44.0926 0x06c0  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
18:24:46.0222 0x06c0  sermouse - ok
18:24:46.0292 0x06c0  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
18:24:47.0429 0x06c0  SessionEnv - ok
18:24:47.0446 0x06c0  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
18:24:47.0619 0x06c0  sfloppy - ok
18:24:47.0695 0x06c0  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
18:24:47.0724 0x06c0  SharedAccess - ok
18:24:48.0106 0x06c0  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:24:48.0166 0x06c0  ShellHWDetection - ok
18:24:48.0248 0x06c0  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
18:24:48.0254 0x06c0  SiSRaid2 - ok
18:24:48.0427 0x06c0  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
18:24:48.0434 0x06c0  SiSRaid4 - ok
18:24:48.0712 0x06c0  [ 9A66A87BBC0EC4463042959B7C0D4AC1, 2E61DC50AD4A4D4782F3271BAD010137DA9A6AFC46C7568C709F68C7621DCD40 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:24:48.0722 0x06c0  SkypeUpdate - ok
18:24:48.0778 0x06c0  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\WINDOWS\System32\smphost.dll
18:24:48.0798 0x06c0  smphost - ok
18:24:48.0943 0x06c0  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
18:24:48.0965 0x06c0  SNMPTRAP - ok
18:24:49.0049 0x06c0  [ B45AE0970B2D66CCE756DE6989E23EEC, 8393CF2DC4F65CD48D4D7B3C8C2D29E26728593B652D6CEAB65B50AEDA0884B7 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
18:24:49.0063 0x06c0  spaceport - ok
18:24:49.0117 0x06c0  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
18:24:49.0124 0x06c0  SpbCx - ok
18:24:49.0309 0x06c0  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
18:24:49.0409 0x06c0  Spooler - ok
18:24:50.0047 0x06c0  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
18:24:50.0522 0x06c0  sppsvc - ok
18:24:50.0631 0x06c0  [ 8003E034E3EA0E29DA54215A770FC27C, 28AB1FDEA372D33540A26DAE413A10336409D33B91F51DC0AE144D451022A2A7 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
18:24:50.0741 0x06c0  srv - ok
18:24:51.0032 0x06c0  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
18:24:51.0109 0x06c0  srv2 - ok
18:24:51.0181 0x06c0  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
18:24:51.0803 0x06c0  srvnet - ok
18:24:51.0915 0x06c0  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
18:24:52.0005 0x06c0  SSDPSRV - ok
18:24:52.0141 0x06c0  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
18:24:52.0310 0x06c0  SstpSvc - ok
18:24:52.0749 0x06c0  [ D67F951F6BA708812420195B8D0AB8B6, 6583DB22EB8AA5FF0134D2536C9A46BC0D7D8F8B2829D5719DD68968C22F5917 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
18:24:52.0915 0x06c0  STacSV - detected UnsignedFile.Multi.Generic ( 1 )
18:24:55.0230 0x06c0  Detect skipped due to KSN trusted
18:24:55.0230 0x06c0  STacSV - ok
18:24:55.0547 0x06c0  [ BE826A247D22F2FDF24B92AD40049F89, 06996ECCE5A694DEFDC99DB56F45DD0ABD9A2150581F1FD132FBBD863C474DE3 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
18:24:55.0562 0x06c0  Steam Client Service - ok
18:24:56.0365 0x06c0  [ DBFF852134402B17BECC2356B126ECFE, B58B02E98B4B1AF245488EF4E839A763506A6EF5AD97442605B0AA38CA6A9987 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:24:56.0376 0x06c0  Stereo Service - ok
18:24:56.0440 0x06c0  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
18:24:56.0446 0x06c0  stexstor - ok
18:24:56.0558 0x06c0  [ 71CB3BB20F08BB724769DAAAFD5AB26E, FC4B2BD03037EC07F4443BBE13A28859035F7229CA06D4E42AFB42ABF1A89F09 ] STHDA           C:\WINDOWS\system32\DRIVERS\stwrt64.sys
18:24:56.0804 0x06c0  STHDA - ok
18:24:57.0056 0x06c0  [ 8F3C0CCF27CFFE89424F30E9FB3381AB, 74E54541B4A16DC97098428E1715A27557BAB97E05AF346F88958580199C1541 ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
18:24:57.0088 0x06c0  StillCam - ok
18:24:57.0249 0x06c0  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
18:24:57.0292 0x06c0  stisvc - ok
18:24:57.0354 0x06c0  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
18:24:57.0361 0x06c0  storahci - ok
18:24:57.0406 0x06c0  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
18:24:57.0412 0x06c0  storflt - ok
18:24:57.0437 0x06c0  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
18:24:57.0444 0x06c0  stornvme - ok
18:24:57.0536 0x06c0  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
18:24:57.0581 0x06c0  StorSvc - ok
18:24:57.0619 0x06c0  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
18:24:57.0625 0x06c0  storvsc - ok
18:24:57.0679 0x06c0  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\WINDOWS\system32\svsvc.dll
18:24:57.0773 0x06c0  svsvc - ok
18:24:57.0783 0x06c0  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
18:24:57.0789 0x06c0  swenum - ok
18:24:57.0837 0x06c0  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\WINDOWS\System32\swprv.dll
18:24:57.0890 0x06c0  swprv - ok
18:24:58.0049 0x06c0  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\WINDOWS\system32\sysmain.dll
18:24:58.0150 0x06c0  SysMain - ok
18:24:58.0201 0x06c0  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
18:24:59.0219 0x06c0  SystemEventsBroker - ok
18:24:59.0636 0x06c0  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
18:24:59.0909 0x06c0  TabletInputService - ok
18:25:00.0017 0x06c0  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
18:25:00.0097 0x06c0  TapiSrv - ok
18:25:00.0871 0x06c0  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
18:25:01.0014 0x06c0  Tcpip - ok
18:25:01.0263 0x06c0  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:25:01.0308 0x06c0  TCPIP6 - ok
18:25:01.0354 0x06c0  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
18:25:01.0388 0x06c0  tcpipreg - ok
18:25:01.0432 0x06c0  [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
18:25:01.0440 0x06c0  tdx - ok
18:25:01.0471 0x06c0  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
18:25:01.0477 0x06c0  terminpt - ok
18:25:01.0529 0x06c0  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\WINDOWS\System32\termsrv.dll
18:25:01.0578 0x06c0  TermService - ok
18:25:01.0595 0x06c0  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\WINDOWS\system32\themeservice.dll
18:25:01.0612 0x06c0  Themes - ok
18:25:01.0652 0x06c0  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
18:25:01.0659 0x06c0  THREADORDER - ok
18:25:01.0688 0x06c0  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
18:25:01.0723 0x06c0  TimeBroker - ok
18:25:01.0741 0x06c0  [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
18:25:01.0749 0x06c0  TPM - ok
18:25:01.0764 0x06c0  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
18:25:01.0773 0x06c0  TrkWks - ok
18:25:01.0850 0x06c0  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
18:25:01.0869 0x06c0  TrustedInstaller - ok
18:25:01.0878 0x06c0  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
18:25:01.0893 0x06c0  TsUsbFlt - ok
18:25:01.0896 0x06c0  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
18:25:01.0926 0x06c0  TsUsbGD - ok
18:25:01.0947 0x06c0  [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
18:25:01.0980 0x06c0  tunnel - ok
18:25:02.0024 0x06c0  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
18:25:02.0031 0x06c0  uagp35 - ok
18:25:02.0040 0x06c0  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
18:25:02.0047 0x06c0  UASPStor - ok
18:25:02.0141 0x06c0  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
18:25:02.0443 0x06c0  UCX01000 - ok
18:25:02.0488 0x06c0  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
18:25:03.0500 0x06c0  udfs - ok
18:25:03.0553 0x06c0  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
18:25:03.0559 0x06c0  UEFI - ok
18:25:03.0606 0x06c0  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
18:25:03.0647 0x06c0  UI0Detect - ok
18:25:03.0661 0x06c0  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
18:25:03.0667 0x06c0  uliagpkx - ok
18:25:03.0993 0x06c0  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
18:25:04.0015 0x06c0  umbus - ok
18:25:04.0027 0x06c0  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
18:25:04.0033 0x06c0  UmPass - ok
18:25:04.0257 0x06c0  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
18:25:04.0295 0x06c0  UmRdpService - ok
18:25:04.0559 0x06c0  [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:25:04.0567 0x06c0  UNS - ok
18:25:05.0141 0x06c0  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\WINDOWS\System32\upnphost.dll
18:25:05.0169 0x06c0  upnphost - ok
18:25:05.0272 0x06c0  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
18:25:05.0302 0x06c0  USBAAPL64 - ok
18:25:05.0311 0x06c0  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
18:25:05.0319 0x06c0  usbccgp - ok
18:25:05.0405 0x06c0  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
18:25:05.0583 0x06c0  usbcir - ok
18:25:06.0011 0x06c0  [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
18:25:06.0018 0x06c0  usbehci - ok
18:25:06.0151 0x06c0  [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
18:25:06.0166 0x06c0  usbhub - ok
18:25:06.0240 0x06c0  [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
18:25:06.0255 0x06c0  USBHUB3 - ok
18:25:06.0351 0x06c0  [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
18:25:06.0413 0x06c0  usbohci - ok
18:25:06.0434 0x06c0  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
18:25:06.0537 0x06c0  usbprint - ok
18:25:06.0619 0x06c0  [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
18:25:06.0627 0x06c0  USBSTOR - ok
18:25:06.0689 0x06c0  [ C44D96B1CDDE705B23F55AB423CCA73D, AB9842E90DD3D686E66BDBE043EB0068272B611D6F63C818EB9D1B6FE2FE23BD ] USBTINSP        C:\WINDOWS\System32\drivers\tinspusb.sys
18:25:06.0733 0x06c0  USBTINSP - ok
18:25:06.0770 0x06c0  [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
18:25:06.0793 0x06c0  usbuhci - ok
18:25:06.0880 0x06c0  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
18:25:06.0955 0x06c0  usbvideo - ok
18:25:06.0992 0x06c0  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
18:25:07.0003 0x06c0  USBXHCI - ok
18:25:07.0019 0x06c0  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\WINDOWS\system32\lsass.exe
18:25:07.0026 0x06c0  VaultSvc - ok
18:25:07.0061 0x06c0  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
18:25:07.0067 0x06c0  vdrvroot - ok
18:25:07.0174 0x06c0  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\WINDOWS\System32\vds.exe
18:25:07.0517 0x06c0  vds - ok
18:25:07.0739 0x06c0  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
18:25:07.0747 0x06c0  VerifierExt - ok
18:25:08.0208 0x06c0  [ 34CAF69BF4166AB40BFF0ED068FF6F91, BF5DA4F85A2C537DD76A3271956EC5BDB9ABC495FAA9371037F608152BE2725D ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
18:25:08.0224 0x06c0  vhdmp - ok
18:25:08.0347 0x06c0  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
18:25:08.0353 0x06c0  viaide - ok
18:25:08.0981 0x06c0  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
18:25:08.0988 0x06c0  vmbus - ok
18:25:09.0044 0x06c0  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
18:25:09.0052 0x06c0  VMBusHID - ok
18:25:09.0147 0x06c0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
18:25:09.0217 0x06c0  vmicguestinterface - ok
18:25:09.0647 0x06c0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
18:25:09.0660 0x06c0  vmicheartbeat - ok
18:25:09.0883 0x06c0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
18:25:09.0896 0x06c0  vmickvpexchange - ok
18:25:09.0968 0x06c0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
18:25:09.0981 0x06c0  vmicrdv - ok
18:25:10.0048 0x06c0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
18:25:10.0061 0x06c0  vmicshutdown - ok
18:25:10.0127 0x06c0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
18:25:10.0141 0x06c0  vmictimesync - ok
18:25:10.0276 0x06c0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
18:25:10.0289 0x06c0  vmicvss - ok
18:25:10.0319 0x06c0  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
18:25:10.0325 0x06c0  volmgr - ok
18:25:10.0401 0x06c0  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
18:25:10.0413 0x06c0  volmgrx - ok
18:25:10.0575 0x06c0  [ D537962695CAFEC1301F3EB7C8C3A1D2, 76FBEE866C4191E43B232B7ED34CB1FC1603C15F930EBBC5EFC6EA4B4500E1E8 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
18:25:10.0587 0x06c0  volsnap - ok
18:25:10.0643 0x06c0  [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
18:25:10.0649 0x06c0  vpci - ok
18:25:10.0680 0x06c0  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
18:25:10.0689 0x06c0  vsmraid - ok
18:25:10.0804 0x06c0  [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS             C:\WINDOWS\system32\vssvc.exe
18:25:10.0865 0x06c0  VSS - ok
18:25:10.0909 0x06c0  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
18:25:10.0920 0x06c0  VSTXRAID - ok
18:25:10.0956 0x06c0  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
18:25:11.0007 0x06c0  vwifibus - ok
18:25:11.0046 0x06c0  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\WINDOWS\system32\w32time.dll
18:25:11.0079 0x06c0  W32Time - ok
18:25:11.0159 0x06c0  [ 8E553C859C83784DEC08B10AFC3EAC92, 41D8DBA1500DBD3AC9783169ACF545805EF05069F12866238992A30794369254 ] w3logsvc        C:\WINDOWS\system32\inetsrv\w3logsvc.dll
18:25:11.0185 0x06c0  w3logsvc - ok
18:25:11.0193 0x06c0  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
18:25:11.0205 0x06c0  WacomPen - ok
18:25:11.0222 0x06c0  [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:25:11.0244 0x06c0  Wanarp - ok
18:25:11.0247 0x06c0  [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:25:11.0254 0x06c0  Wanarpv6 - ok
18:25:11.0302 0x06c0  [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC, 2419AC815C95F2629E1832973501983D06F788728755605D42D6C8565C3CBBF1 ] WAS             C:\WINDOWS\system32\inetsrv\iisw3adm.dll
18:25:11.0330 0x06c0  WAS - ok
18:25:11.0375 0x06c0  [ 139D842E5FB75A1E2F0212FBD7B0E457, F29F73B56865C5EBBE89B8F92AEFE2DB19E5C29A94D2E006A23243C23A41AE79 ] wbengine        C:\WINDOWS\system32\wbengine.exe
18:25:11.0461 0x06c0  wbengine - ok
18:25:11.0507 0x06c0  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
18:25:11.0547 0x06c0  WbioSrvc - ok
18:25:11.0564 0x06c0  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
18:25:11.0577 0x06c0  Wcmsvc - ok
18:25:11.0590 0x06c0  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
18:25:11.0604 0x06c0  wcncsvc - ok
18:25:11.0610 0x06c0  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
18:25:11.0700 0x06c0  WcsPlugInService - ok
18:25:11.0736 0x06c0  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
18:25:11.0743 0x06c0  WdBoot - ok
18:25:11.0791 0x06c0  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
18:25:11.0809 0x06c0  Wdf01000 - ok
18:25:11.0836 0x06c0  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
18:25:11.0846 0x06c0  WdFilter - ok
18:25:11.0861 0x06c0  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
18:25:11.0870 0x06c0  WdiServiceHost - ok
18:25:11.0874 0x06c0  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
18:25:11.0882 0x06c0  WdiSystemHost - ok
18:25:11.0895 0x06c0  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
18:25:11.0902 0x06c0  WdNisDrv - ok
18:25:11.0938 0x06c0  WdNisSvc - ok
18:25:11.0980 0x06c0  [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient       C:\WINDOWS\System32\webclnt.dll
18:25:12.0040 0x06c0  WebClient - ok
18:25:12.0055 0x06c0  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
18:25:12.0066 0x06c0  Wecsvc - ok
18:25:12.0086 0x06c0  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
18:25:12.0110 0x06c0  WEPHOSTSVC - ok
18:25:12.0129 0x06c0  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
18:25:12.0162 0x06c0  wercplsupport - ok
18:25:12.0179 0x06c0  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
18:25:12.0200 0x06c0  WerSvc - ok
18:25:12.0235 0x06c0  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
18:25:12.0242 0x06c0  WFPLWFS - ok
18:25:12.0246 0x06c0  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
18:25:12.0275 0x06c0  WiaRpc - ok
18:25:12.0311 0x06c0  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
18:25:12.0317 0x06c0  WIMMount - ok
18:25:12.0318 0x06c0  WinDefend - ok
18:25:12.0392 0x06c0  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
18:25:12.0428 0x06c0  WinHttpAutoProxySvc - ok
18:25:12.0485 0x06c0  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
18:25:12.0519 0x06c0  Winmgmt - ok
18:25:12.0599 0x06c0  [ 427873F889F2F508BE8BE982219CE578, CA8DCFB774BF0F747295A7A0CB46A6177DE12AD6BD58266182206C41A3C9001E ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
18:25:12.0713 0x06c0  WinRM - ok
18:25:12.0773 0x06c0  [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb          C:\WINDOWS\System32\drivers\WinUSB.SYS
18:25:12.0816 0x06c0  WinUsb - ok
18:25:12.0850 0x06c0  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
18:25:12.0888 0x06c0  WlanSvc - ok
18:25:12.0935 0x06c0  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
18:25:12.0972 0x06c0  wlidsvc - ok
18:25:13.0014 0x06c0  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
18:25:13.0021 0x06c0  WmiAcpi - ok
18:25:13.0045 0x06c0  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
18:25:13.0054 0x06c0  wmiApSrv - ok
18:25:13.0091 0x06c0  WMPNetworkSvc - ok
18:25:13.0100 0x06c0  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
18:25:13.0109 0x06c0  Wof - ok
18:25:13.0173 0x06c0  [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
18:25:13.0224 0x06c0  workfolderssvc - ok
18:25:13.0266 0x06c0  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
18:25:13.0273 0x06c0  wpcfltr - ok
18:25:13.0291 0x06c0  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
18:25:13.0306 0x06c0  WPCSvc - ok
18:25:13.0321 0x06c0  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
18:25:13.0338 0x06c0  WPDBusEnum - ok
18:25:13.0346 0x06c0  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
18:25:13.0352 0x06c0  WpdUpFltr - ok
18:25:13.0388 0x06c0  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
18:25:13.0396 0x06c0  ws2ifsl - ok
18:25:13.0421 0x06c0  [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
18:25:13.0435 0x06c0  wscsvc - ok
18:25:13.0454 0x06c0  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
18:25:13.0461 0x06c0  WSDPrintDevice - ok
18:25:13.0463 0x06c0  WSearch - ok
18:25:13.0546 0x06c0  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\WINDOWS\System32\WSService.dll
18:25:13.0630 0x06c0  WSService - ok
18:25:13.0725 0x06c0  [ 020F47C655ED1F63BBA834AA53575D5C, 7E36BB83B937CEA8B5D1EAF1DF63D32D64CA8045DA377DF5237D2F4DC16574CC ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
18:25:13.0848 0x06c0  wuauserv - ok
18:25:13.0890 0x06c0  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
18:25:13.0904 0x06c0  WudfPf - ok
18:25:13.0919 0x06c0  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
18:25:13.0928 0x06c0  WUDFRd - ok
18:25:13.0934 0x06c0  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP    C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
18:25:13.0942 0x06c0  WUDFSensorLP - ok
18:25:13.0982 0x06c0  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
18:25:13.0990 0x06c0  wudfsvc - ok
18:25:13.0995 0x06c0  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
18:25:14.0004 0x06c0  WUDFWpdFs - ok
18:25:14.0009 0x06c0  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
18:25:14.0017 0x06c0  WUDFWpdMtp - ok
18:25:14.0064 0x06c0  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
18:25:14.0079 0x06c0  WwanSvc - ok
18:25:14.0094 0x06c0  [ A0F661902AFCAAD77CC2ED3894927A10, 0DCD860F7F4029EBFE1F409BA23CC8BAA55BC22084C81940FF170B665E4804BD ] xusb22          C:\WINDOWS\System32\drivers\xusb22.sys
18:25:14.0112 0x06c0  xusb22 - ok
18:25:14.0131 0x06c0  [ 18B6869E23937175144E6F1D3CB85FC2, CB04A3948951F2D7943DCDDD5A7894B50B1C1DC0F0629ECCA652F66E20D2015B ] ZDCNDIS6a64     C:\windows\system32\ZDCNDIS6a64.sys
18:25:14.0137 0x06c0  ZDCNDIS6a64 - ok
18:25:14.0140 0x06c0  ================ Scan global ===============================
18:25:14.0270 0x06c0  [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\WINDOWS\system32\basesrv.dll
18:25:14.0315 0x06c0  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
18:25:14.0355 0x06c0  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
18:25:14.0397 0x06c0  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
18:25:14.0402 0x06c0  [ Global ] - ok
18:25:14.0402 0x06c0  ================ Scan MBR ==================================
18:25:14.0410 0x06c0  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
18:25:14.0493 0x06c0  \Device\Harddisk0\DR0 - ok
18:25:14.0493 0x06c0  ================ Scan VBR ==================================
18:25:14.0514 0x06c0  [ 81D10884DEA288B14839DF64225FE362 ] \Device\Harddisk0\DR0\Partition1
18:25:14.0570 0x06c0  \Device\Harddisk0\DR0\Partition1 - ok
18:25:14.0577 0x06c0  [ AE8E92C89E0B9F6B2309E85E1D6FBB80 ] \Device\Harddisk0\DR0\Partition2
18:25:14.0626 0x06c0  \Device\Harddisk0\DR0\Partition2 - ok
18:25:14.0632 0x06c0  [ F88D23DA637CE73862A3400B604B061B ] \Device\Harddisk0\DR0\Partition3
18:25:14.0633 0x06c0  \Device\Harddisk0\DR0\Partition3 - ok
18:25:14.0642 0x06c0  [ 1C0568145FD40C174A795AB95610A56F ] \Device\Harddisk0\DR0\Partition4
18:25:14.0734 0x06c0  \Device\Harddisk0\DR0\Partition4 - ok
18:25:14.0763 0x06c0  [ 569F17A39108C5852D740DEA65668D9C ] \Device\Harddisk0\DR0\Partition5
18:25:14.0764 0x06c0  \Device\Harddisk0\DR0\Partition5 - ok
18:25:14.0772 0x06c0  [ 0370475E55D6022E2AE80397CED8335B ] \Device\Harddisk0\DR0\Partition6
18:25:14.0773 0x06c0  \Device\Harddisk0\DR0\Partition6 - ok
18:25:14.0774 0x06c0  ================ Scan generic autorun ======================
18:25:14.0800 0x06c0  [ 96A1D93D16F959C6F5A63E749A9F2EF7, 9EDD4EEC5C625ECF4A1C82318ED6B74404E63A3D43312B53E4F627D76D47658C ] C:\Program Files\IDT\WDM\beats64.exe
18:25:14.0805 0x06c0  BeatsOSDApp - detected UnsignedFile.Multi.Generic ( 1 )
18:25:16.0352 0x1b50  Object required for P2P: [ 51B3AC0560848CD6D65AC2033E293113 ] MsLldp
18:25:17.0122 0x06c0  Detect skipped due to KSN trusted
18:25:17.0122 0x06c0  BeatsOSDApp - ok
18:25:17.0179 0x06c0  [ ED43758BF94B8A5221D69F1B7F63F13D, F6E7418823E45085F4D4F50DD25A55ED517C0A335C6C2F69A1139B30677D3DA9 ] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
18:25:17.0194 0x06c0  XboxStat - ok
18:25:17.0270 0x06c0  [ 4A57AB2D5E3624D63E7F8854C79F3D8C, 2637E8933193F10BC8CD893EE0CCF7ABF7A7B32A2278EFE95D958FDAD3794696 ] C:\Program Files\IDT\WDM\sttray64.exe
18:25:17.0304 0x06c0  SysTrayApp - detected UnsignedFile.Multi.Generic ( 1 )
18:25:18.0759 0x1b50  Object send P2P result: true
18:25:18.0763 0x1b50  Object required for P2P: [ 3FA65FFED10B9191C6381A6D86D4C367 ] nvsvc
18:25:19.0617 0x06c0  Detect skipped due to KSN trusted
18:25:19.0617 0x06c0  SysTrayApp - ok
18:25:19.0737 0x06c0  [ EEE565252F4585B2DD840C8CE871C6C0, AF1FBA9CBBA218F1C511282242A647AC3462D1D83FA9209F1FEBFBD39E68FC2F ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
18:25:19.0786 0x06c0  NvBackend - ok
18:25:19.0810 0x06c0  [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\WINDOWS\system32\rundll32.exe
18:25:19.0857 0x06c0  ShadowPlay - ok
18:25:19.0886 0x06c0  [ CC9823AA6E3F6229CD6DA193551314A5, 76BCD2BCA391C2114BF9D28FA290D9B39D16379C410070E0E3A6376FDEE51CE1 ] C:\Program Files\iTunes\iTunesHelper.exe
18:25:19.0893 0x06c0  iTunesHelper - ok
18:25:20.0027 0x06c0  [ 724CB7A116F7E1A67009D751BCF86586, F0C4BE7451C5573AD584F5EF125C0702841E30D928909B5B3EA702831EF2FD9B ] c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
18:25:20.0033 0x06c0  CLMLServer_For_P2G8 - ok
18:25:20.0051 0x06c0  [ B35B97FC934A9A7D02232094128CD636, 08F9E36F7DB86325986712210DF1B235DAC4F76FB599D2756E863A9FAFEBD57B ] c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
18:25:20.0062 0x06c0  CLVirtualDrive - ok
18:25:20.0114 0x06c0  [ F316A9C0C8BBA9D2A98BE70EE0D8CA96, 20C83B6D1706DED7B645008CD29346A5FD14A4F67FCF17FED28E7A17F021E15B ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
18:25:20.0130 0x06c0  avgnt - ok
18:25:20.0208 0x06c0  [ CE5C9977DA751DDC30952AC4DCBCA788, 295172C4681E9AC27121122CDD2BA6F2A62435917A083CC8490D584CA0164BE6 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
18:25:20.0213 0x06c0  HP Software Update - ok
18:25:20.0344 0x06c0  [ 341ADA552AAC541FD34C262296C256EE, 32672460EDDD46550955508343904705D8F26E10F713E3CACDC84689567A9ECF ] C:\Program Files (x86)\Steam\steam.exe
18:25:20.0413 0x06c0  Steam - ok
18:25:20.0525 0x06c0  [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
18:25:20.0573 0x06c0  HP Deskjet 3050A J611 series (NET) - ok
18:25:20.0916 0x06c0  [ 8E3A4D64A060C5CAA90F3B0C15A7DFE9, 62CEE1449AF368A5FA16DDF9690526965C32979564CF66BD8B3BB534110A910C ] C:\Users\André\AppData\Roaming\Spotify\SpotifyWebHelper.exe
18:25:20.0977 0x06c0  Spotify Web Helper - ok
18:25:21.0121 0x06c0  [ 96C06D6C65559D1B7D6C5A62288725EE, 61CCCA9248742414AAE8973DF121CE2E7EC1385D219E3F3D306EAA3A2989C28C ] C:\Users\André\AppData\Roaming\Spotify\Spotify.exe
18:25:21.0173 0x1b50  Object send P2P result: true
18:25:21.0181 0x1b50  Object required for P2P: [ BF8F54CA37E9C9D6582C31C5761F8C93 ] TsUsbFlt
18:25:21.0290 0x06c0  Spotify - ok
18:25:21.0319 0x06c0  Skype - ok
18:25:21.0482 0x06c0  [ 35C570B08308326298DB8298376226A8, 2932C15E6B8BC854C2648DBF66F14531A4CF672C5D84244C9310CA8EEE1C55BC ] C:\Program Files\CCleaner\CCleaner64.exe
18:25:21.0653 0x06c0  CCleaner Monitoring - ok
18:25:21.0719 0x06c0  [ BF8A25CE852A1F083367A8D014B36B6F, F8B40EF17912CB333384BB3E5546A62B3849F752929A893CB07B21C66AFE96F4 ] C:\Users\André\AppData\Roaming\faraday-1\faraday-73.exe
18:25:21.0745 0x06c0  faraday-84 - detected UnsignedFile.Multi.Generic ( 1 )
18:25:23.0581 0x1b50  Object send P2P result: true
18:25:24.0187 0x06c0  faraday-84 ( UnsignedFile.Multi.Generic ) - warning
18:25:26.0009 0x06fc  Object required for P2P: [ 341ADA552AAC541FD34C262296C256EE ] C:\Program Files (x86)\Steam\steam.exe
18:25:26.0531 0x06c0  Waiting for KSN requests completion. In queue: 5
18:25:27.0533 0x06c0  Waiting for KSN requests completion. In queue: 5
18:25:28.0417 0x06fc  Object send P2P result: true
18:25:28.0417 0x06fc  Object required for P2P: [ 8E3A4D64A060C5CAA90F3B0C15A7DFE9 ] C:\Users\André\AppData\Roaming\Spotify\SpotifyWebHelper.exe
18:25:28.0534 0x06c0  Waiting for KSN requests completion. In queue: 3
18:25:29.0534 0x06c0  Waiting for KSN requests completion. In queue: 3
18:25:30.0535 0x06c0  Waiting for KSN requests completion. In queue: 3
18:25:30.0840 0x06fc  Object send P2P result: true
18:25:30.0840 0x06fc  Object required for P2P: [ 96C06D6C65559D1B7D6C5A62288725EE ] C:\Users\André\AppData\Roaming\Spotify\Spotify.exe
18:25:31.0535 0x06c0  Waiting for KSN requests completion. In queue: 2
18:25:32.0535 0x06c0  Waiting for KSN requests completion. In queue: 2
18:25:33.0265 0x06fc  Object send P2P result: true
18:25:33.0549 0x06c0  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.17.264 ), 0x41000 ( enabled : updated )
18:25:33.0549 0x06c0  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
18:25:33.0557 0x06c0  Win FW state via NFP2: enabled ( trusted )
18:25:35.0903 0x06c0  ============================================================
18:25:35.0903 0x06c0  Scan finished
18:25:35.0903 0x06c0  ============================================================
18:25:35.0907 0x03d4  Detected object count: 1
18:25:35.0907 0x03d4  Actual detected object count: 1
18:26:50.0825 0x03d4  faraday-84 ( UnsignedFile.Multi.Generic ) - skipped by user
18:26:50.0825 0x03d4  faraday-84 ( UnsignedFile.Multi.Generic ) - User select action: Skip
         


Alt 10.05.2016, 19:10   #6
M-K-D-B
/// TB-Ausbilder
 
Windows 8: Für mich unbekannter Trojaner von Avira gefunden - Standard

Windows 8: Für mich unbekannter Trojaner von Avira gefunden



Servus,



du bist mit einem Trojaner infiziert, der Online-Banking ausspioniert. Keine Online-Geschäfte mehr bitte!



Servus,





Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\RunOnce: [faraday-84] => C:\Users\André\AppData\Roaming\faraday-1\faraday-73.exe [777216 2016-05-10] ()
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Policies\Explorer: [DisallowRun] 1
C:\Users\André\AppData\Roaming\faraday-1
HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [faraday-84] => C:\Users\André\AppData\Roaming\faraday-1\faraday-73.exe [777216 2016-05-10] ()
C:\ProgramData\componet-66
C:\Users\André\AppData\Roaming\scsi2-13
C:\ProgramData\uum
RemoveProxy:
EmptyTemp:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.








Schritt 2
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die beiden neuen Logdateien von FRST.
__________________
--> Windows 8: Für mich unbekannter Trojaner von Avira gefunden

Alt 10.05.2016, 19:44   #7
Chronos5896
 
Windows 8: Für mich unbekannter Trojaner von Avira gefunden - Standard

Windows 8: Für mich unbekannter Trojaner von Avira gefunden



Hey, danke für deine Hilfe! Hier sind nun die Log Dateien!
Ich habe jedoch noch eine Frage undzwar hast du geschrieben "Keine Online-Geschäfte mehr bitte!", das gilt jetzt aber nur während der Trojaner noch da ist? Danach ist alles wieder picobello oder? Ich bin leider sehr vorsichtig, wenn ich gewarnt werde!

Fixlog
Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:09-05-2016
durchgeführt von André (2016-05-10 20:28:44) Run:1
Gestartet von C:\Users\André\Desktop
Geladene Profile: André (Verfügbare Profile: André)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\RunOnce: [faraday-84] => C:\Users\André\AppData\Roaming\faraday-1\faraday-73.exe [777216 2016-05-10] ()
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Policies\Explorer: [DisallowRun] 1
C:\Users\André\AppData\Roaming\faraday-1
HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [faraday-84] => C:\Users\André\AppData\Roaming\faraday-1\faraday-73.exe [777216 2016-05-10] ()
C:\ProgramData\componet-66
C:\Users\André\AppData\Roaming\scsi2-13
C:\ProgramData\uum
RemoveProxy:
EmptyTemp:
end
         
*****************

Prozess erfolgreich geschlossen.
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\faraday-84 => Wert nicht gefunden.
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisallowRun => Wert erfolgreich entfernt
"C:\Users\André\AppData\Roaming\faraday-1" => nicht gefunden.
HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\RunOnce\\faraday-84 => Wert nicht gefunden.
C:\ProgramData\componet-66 => erfolgreich verschoben
C:\Users\André\AppData\Roaming\scsi2-13 => erfolgreich verschoben
C:\ProgramData\uum => erfolgreich verschoben

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========

EmptyTemp: => 1 GB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 20:29:08 ====
         
FRST

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:09-05-2016
durchgeführt von André (Administrator) auf ANDRÉ-PC (10-05-2016 20:33:06)
Gestartet von C:\Users\André\Desktop
Geladene Profile: André (Verfügbare Profile: André)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Bitsum LLC) C:\Program Files\ParkControl\ParkControl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Users\André\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Konami Digital Entertainment) C:\Program Files (x86)\Steam\SteamApps\common\MGS_TPP\mgsvtpp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2013-11-20] (Hewlett-Packard )
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-11-20] (IDT, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2396096 2016-03-30] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [814608 2016-05-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-03-18] (Apple Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-03-30] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [FireStormStartUpAutoRun] => C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe [24278016 2015-03-11] (PC Partner Co.Ltd)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Spotify Web Helper] => C:\Users\André\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-04-26] (Spotify Ltd)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Spotify] => C:\Users\André\AppData\Roaming\Spotify\Spotify.exe [6890608 2016-04-26] (Spotify Ltd)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [51662464 2016-04-08] (Skype Technologies S.A.)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8813784 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\MountPoints2: {4314a68d-f93b-11e3-bef5-b4b52fc7b10a} - "G:\setup.exe" 
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\MountPoints2: {8fad102a-54d2-11e2-be6d-806e6f6e6963} - "E:\ZToolBar.exe" 
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [132608 2014-11-21] (Microsoft Corporation)
Startup: C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scsi2-6.lnk [2016-05-10]
ShortcutTarget: scsi2-6.lnk -> C:\FRST\Quarantine\C\Users\André\AppData\Roaming\scsi2-13\scsi2-7.exe (SkinSharp Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{9A94A0F4-2D9B-45C3-9E0A-94ED23BCC2BF}: [DhcpNameServer] 192.168.0.1 192.168.0.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM -> {E9CF137E-FB25-49C6-A0D0-A0DE744D2C27} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-447048058-3512354665-2473454594-1001 -> DefaultScope {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout
SearchScopes: HKU\S-1-5-21-447048058-3512354665-2473454594-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25] (HP)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-11-07] (DVDVideoSoft Ltd.)
BHO-x32: Kein Name -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-19] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-19] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095} 
DPF: HKLM-x32 {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.203.0.cab
DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} hxxps://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.96.0.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-16] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-16] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-07-18] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-07-18] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-19] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-03-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-03-08] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-447048058-3512354665-2473454594-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\André\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Extension: WEB.DE MailCheck - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\extensions\mailcheck@web.de [2016-03-18]
FF Extension: FoxyProxy Standard - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\Extensions\foxyproxy@eric.h.jung [2016-02-18]
FF Extension: ProxTube - Unblock YouTube - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\Extensions\ich@maltegoetz.de.xpi [2016-01-25]
FF Extension: Game Debate PC System Requirement Tool - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\Extensions\jid1-E6k1NoroBGfTwA@jetpack.xpi [2016-04-28]
FF Extension: Adblock Plus - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\André\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [970656 2016-05-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [467016 2016-05-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [467016 2016-05-10] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1435704 2016-05-10] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [272304 2016-03-30] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1860616 2016-04-04] ()
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-03-23] (Digital Wave Ltd.)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [243984 2016-03-22] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-03-30] (NVIDIA Corporation)
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-18] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-03-30] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-03-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-03-30] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-26] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2015-03-26] ()
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-11-20] (IDT, Inc.) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2014-03-01] (Advanced Micro Devices, Inc.)
S3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [13209088 2014-07-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [626688 2014-07-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S3 athrusb; C:\Windows\system32\DRIVERS\athrxusb.sys [1075712 2008-07-29] (Atheros Communications, Inc.)
S3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Advanced Micro Devices) [Datei ist nicht signiert]
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-03-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146712 2016-05-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-15] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-05-10] (Avira Operations GmbH & Co. KG)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-03-30] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [47672 2016-03-08] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-03-21] (NVIDIA Corporation)
S3 USBTINSP; C:\Windows\System32\drivers\tinspusb.sys [142848 2010-03-29] (Texas Instruments)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [71680 2014-04-30] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 ZDCNDIS6a64; C:\windows\system32\ZDCNDIS6a64.sys [41280 2009-06-26] (Printing Communications Assoc., Inc. (PCAUSA))
S3 ZDCNDIS6a64; C:\windows\SysWOW64\ZDCNDIS6a64.sys [41280 2009-06-26] (Printing Communications Assoc., Inc. (PCAUSA))

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-10 20:30 - 2016-05-10 20:31 - 00000000 ____D C:\ProgramData\uum
2016-05-10 20:28 - 2016-05-10 20:29 - 00002586 _____ C:\Users\André\Desktop\Fixlog.txt
2016-05-10 18:38 - 2016-05-10 20:29 - 00000000 ____D C:\ProgramData\algae-0
2016-05-10 18:22 - 2016-05-10 18:32 - 00468044 _____ C:\TDSSKiller.3.1.0.9_10.05.2016_18.22.23_log.txt
2016-05-10 17:59 - 2016-05-10 17:59 - 00000560 _____ C:\TDSSKiller.3.1.0.9_10.05.2016_17.59.03_log.txt
2016-05-10 17:58 - 2016-05-10 17:58 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\André\Desktop\tdsskiller.exe
2016-05-10 17:56 - 2016-05-10 17:56 - 02381312 _____ (Farbar) C:\Users\André\Downloads\FRST64(1).exe
2016-05-10 17:42 - 2016-05-10 17:42 - 00000000 ____D C:\ProgramData\AVAST Software
2016-05-10 17:34 - 2016-05-10 17:34 - 05066104 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_online.exe
2016-05-10 17:34 - 2016-05-10 17:34 - 05066104 _____ (AVAST Software) C:\Users\André\Downloads\avast_free_antivirus_setup_online.exe
2016-05-10 16:50 - 2016-05-10 16:54 - 00083169 _____ C:\Users\André\Desktop\Addition.txt
2016-05-10 16:49 - 2016-05-10 20:34 - 00022099 _____ C:\Users\André\Desktop\FRST.txt
2016-05-10 16:38 - 2016-05-10 18:04 - 00082755 _____ C:\Users\André\Downloads\Addition.txt
2016-05-10 16:33 - 2016-05-10 18:04 - 00057627 _____ C:\Users\André\Downloads\FRST.txt
2016-05-10 16:32 - 2016-05-10 20:33 - 00000000 ____D C:\FRST
2016-05-10 16:31 - 2016-05-10 16:31 - 02381312 _____ (Farbar) C:\Users\André\Desktop\FRST64.exe
2016-05-10 16:14 - 2016-05-10 16:14 - 00000094 ____H C:\Users\André\Downloads\.~lock.Hurricanes.pptx#
2016-05-10 16:12 - 2016-05-10 16:12 - 00000094 ____H C:\Users\André\Downloads\.~lock.Chemie.pptx#
2016-05-10 15:07 - 2016-05-10 15:07 - 03640384 _____ C:\Users\André\Downloads\adwcleaner_5.116.exe
2016-05-10 14:38 - 2016-05-10 14:39 - 129662736 _____ (Microsoft Corporation) C:\Users\André\Downloads\msert.exe
2016-05-10 14:28 - 2016-05-10 14:28 - 00001116 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-05-10 14:20 - 2016-05-10 14:20 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-10 14:20 - 2016-05-10 14:20 - 00002069 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-05-10 14:17 - 2016-05-10 14:17 - 90330808 _____ (Adobe Systems Incorporated) C:\Users\André\Downloads\AcroRdrDC1501620039_de_DE.exe
2016-05-09 21:41 - 2016-05-09 21:41 - 04489175 _____ C:\Users\André\Downloads\Hurricanes .pptx
2016-05-09 15:51 - 2016-05-09 15:51 - 00212133 _____ C:\Users\André\Desktop\WhatsApp-Image-20160509
2016-05-09 15:50 - 2016-05-09 15:51 - 00212133 _____ C:\Users\André\Downloads\WhatsApp-Image-20160509
2016-05-08 14:07 - 2016-05-08 14:07 - 00000222 _____ C:\Users\André\Desktop\Cosmic DJ.url
2016-05-08 14:07 - 2016-05-08 14:07 - 00000000 ____D C:\Users\André\AppData\LocalLow\GL33k
2016-05-08 12:08 - 2016-05-10 20:30 - 00003050 _____ C:\WINDOWS\System32\Tasks\ParkControl
2016-05-07 23:22 - 2016-05-07 23:22 - 00466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2016-05-07 23:22 - 2016-05-07 23:22 - 00444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2016-05-07 23:22 - 2016-05-07 23:22 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2016-05-07 23:22 - 2016-05-07 23:22 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2016-05-07 23:22 - 2016-05-07 23:22 - 00000000 ____D C:\Program Files (x86)\OpenAL
2016-05-06 18:17 - 2016-05-06 18:17 - 00000222 _____ C:\Users\André\Desktop\Hotline Miami 2 Wrong Number.url
2016-05-06 18:17 - 2016-05-06 18:17 - 00000137 _____ C:\Users\André\Desktop\Hotline Miami.url
2016-05-05 02:23 - 2016-05-05 02:23 - 00000000 ____D C:\Users\André\Documents\Overwatch
2016-05-05 01:08 - 2016-05-05 01:08 - 00001114 _____ C:\Users\Public\Desktop\Overwatch.lnk
2016-05-05 01:08 - 2016-05-05 01:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
2016-05-05 01:00 - 2016-05-10 14:14 - 00000000 ____D C:\Program Files (x86)\Overwatch
2016-05-02 20:13 - 2016-05-02 20:15 - 85367756 _____ C:\Users\André\Downloads\Why Do We Fall - Motivational Video.mp4
2016-05-02 19:19 - 2016-04-30 21:42 - 04483870 _____ C:\Users\André\Desktop\Hurricanes.pptx
2016-05-02 19:14 - 2016-05-02 19:15 - 00477426 _____ C:\Users\André\Downloads\Chemie.pptx
2016-05-02 18:46 - 2016-05-02 18:46 - 00169110 _____ C:\Users\André\Downloads\WhatsApp-Image-20160502
2016-05-02 18:10 - 2016-05-02 18:10 - 00194857 _____ C:\Users\André\Downloads\WhatsApp-Image-20160430
2016-04-30 14:56 - 2016-04-30 14:56 - 00001644 _____ C:\Users\André\Desktop\Neues Textdokument.txt
2016-04-30 12:56 - 2016-04-30 12:56 - 04448793 _____ C:\Users\André\Downloads\Hurricanes.pptx
2016-04-26 20:11 - 2016-04-26 20:11 - 00121060 _____ C:\Users\André\Downloads\Cgco6leh.jpeg
2016-04-25 16:48 - 2016-04-25 16:48 - 00146693 _____ C:\Users\André\Downloads\GlSILUQj.jpeg
2016-04-24 20:55 - 2016-04-24 20:57 - 00000000 ____D C:\Users\André\AppData\Roaming\MediaPurge
2016-04-24 20:55 - 2016-04-24 20:55 - 00001945 _____ C:\Users\André\Desktop\Mediapurge.lnk
2016-04-24 20:55 - 2016-04-24 20:55 - 00000000 ____D C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mediapurge
2016-04-24 20:55 - 2016-04-24 20:55 - 00000000 ____D C:\Program Files (x86)\Mediapurge
2016-04-24 20:54 - 2016-04-24 20:54 - 01475080 _____ C:\Users\André\Downloads\MediaPurge - CHIP-Installer.exe
2016-04-24 20:44 - 2016-04-24 20:44 - 00001259 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2016-04-22 22:15 - 2016-04-22 22:15 - 74885612 _____ C:\Users\André\Downloads\3DM-MGS5-v1.005-Crack_only.rar
2016-04-21 10:01 - 2016-04-23 14:37 - 00000000 ____D C:\driver_memscan
2016-04-16 14:22 - 2016-04-16 14:22 - 00000222 _____ C:\Users\André\Desktop\Call of Duty Black Ops II - Zombies.url
2016-04-16 14:18 - 2016-04-16 14:18 - 00000222 _____ C:\Users\André\Desktop\Call of Duty Black Ops II - Multiplayer.url
2016-04-16 13:56 - 2016-04-16 13:56 - 00000222 _____ C:\Users\André\Desktop\Call of Duty Black Ops II.url
2016-04-14 16:11 - 2016-04-14 16:11 - 00000836 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-04-14 16:11 - 2016-04-14 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-04-14 16:07 - 2016-04-14 16:07 - 05683392 _____ (Piriform Ltd) C:\Users\André\Downloads\ccsetup516_slim.exe
2016-04-13 18:45 - 2016-04-13 18:49 - 00000518 _____ C:\Users\André\Documents\Neues Textdokument.txt
2016-04-13 13:58 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-13 13:58 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-04-13 13:58 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-04-13 13:58 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-13 13:58 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-04-13 13:58 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-04-13 13:58 - 2016-03-31 01:43 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-04-13 13:58 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-04-13 13:58 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-13 13:58 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-13 13:58 - 2016-03-31 01:23 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-04-13 13:58 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-13 13:58 - 2016-02-02 20:16 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-04-13 13:57 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-04-13 13:57 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-04-13 13:57 - 2016-03-31 01:56 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-04-13 13:57 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-04-13 13:57 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-04-13 13:57 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-04-13 13:57 - 2016-03-31 01:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-04-13 13:57 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-04-13 13:57 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-04-13 13:57 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-04-13 13:57 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-04-13 13:57 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-04-13 13:57 - 2016-03-31 01:30 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-04-13 13:57 - 2016-03-31 01:27 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-04-13 13:57 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-04-13 13:57 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-04-13 13:57 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-04-13 13:57 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-13 13:57 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-04-13 13:57 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-13 13:57 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-13 13:57 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-04-13 13:56 - 2016-04-04 08:35 - 00046768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-04-13 13:56 - 2016-04-02 15:26 - 01386496 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-04-13 13:56 - 2016-04-02 15:26 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-04-13 13:56 - 2016-03-28 15:21 - 00698368 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-04-13 13:56 - 2016-03-28 15:21 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-04-13 13:56 - 2016-03-28 15:21 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-04-13 13:56 - 2016-03-28 15:21 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-04-13 13:56 - 2016-03-28 15:21 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-04-13 13:56 - 2016-03-16 01:00 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-13 13:56 - 2016-03-15 16:14 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-13 13:56 - 2016-03-11 16:48 - 00833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-13 13:56 - 2016-03-10 20:22 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-04-13 13:56 - 2016-03-10 20:21 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-04-13 13:56 - 2016-03-10 20:20 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-04-13 13:56 - 2016-03-10 19:44 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-04-13 13:56 - 2016-03-10 19:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-04-13 13:56 - 2016-03-10 19:03 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-13 13:56 - 2016-03-10 18:48 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-13 13:56 - 2016-03-03 18:47 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-13 13:56 - 2016-03-03 18:33 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-13 13:56 - 2016-03-03 03:39 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-04-13 13:56 - 2016-03-03 03:39 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-04-13 13:56 - 2016-02-09 03:31 - 22365472 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-04-13 13:56 - 2016-02-09 03:31 - 19794896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-04-13 13:56 - 2016-02-09 03:31 - 02757616 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-04-13 13:56 - 2016-02-09 03:31 - 02412576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-04-13 13:56 - 2016-02-09 03:31 - 00273264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-13 13:56 - 2016-02-08 22:55 - 02712576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-04-13 13:56 - 2016-02-08 22:15 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-04-13 13:56 - 2016-02-08 22:02 - 01197056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-04-13 13:56 - 2016-02-08 21:48 - 12879360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-13 13:56 - 2016-02-08 21:43 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-04-13 13:56 - 2016-02-08 21:40 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-04-13 13:56 - 2016-02-08 21:39 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-04-13 13:56 - 2016-02-08 21:37 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2016-04-13 13:56 - 2016-02-08 21:35 - 00954880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-04-13 13:56 - 2016-02-08 21:34 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-04-13 13:56 - 2016-02-08 21:33 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-04-13 13:56 - 2016-02-08 20:50 - 03120640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-04-13 13:56 - 2016-02-08 19:55 - 02592256 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-04-13 13:56 - 2016-02-08 19:33 - 01278464 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-04-13 13:56 - 2016-02-08 19:12 - 14466560 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-13 13:56 - 2016-02-08 19:02 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-04-13 13:56 - 2016-02-08 19:00 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-04-13 13:56 - 2016-02-08 18:58 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-04-13 13:56 - 2016-02-08 18:55 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2016-04-13 13:56 - 2016-02-08 18:53 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2016-04-13 13:56 - 2016-02-08 18:53 - 01348096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-13 13:56 - 2016-02-08 18:50 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-04-13 13:56 - 2016-02-08 18:50 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-04-13 13:56 - 2016-02-08 18:48 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-04-13 13:56 - 2016-02-08 18:47 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2016-04-13 13:56 - 2016-02-08 18:44 - 00955392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-13 13:56 - 2016-02-05 16:46 - 01455104 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2016-04-13 13:56 - 2016-02-03 17:14 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2016-04-13 13:56 - 2016-02-03 17:11 - 01673728 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2016-04-13 13:56 - 2016-02-02 19:51 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2016-04-13 13:56 - 2016-02-02 19:19 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2016-04-13 13:56 - 2016-02-02 19:15 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2016-04-13 13:56 - 2016-02-02 19:01 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2016-04-13 13:56 - 2016-02-02 18:51 - 02609152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-04-13 13:56 - 2016-02-02 18:48 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2016-04-13 13:56 - 2016-02-02 18:46 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2016-04-13 13:56 - 2016-02-02 18:41 - 02170880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-04-13 13:56 - 2016-02-02 18:39 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2016-04-13 13:56 - 2016-01-27 17:18 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2016-04-13 13:56 - 2016-01-26 21:15 - 00072024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2016-04-13 13:56 - 2016-01-21 21:35 - 00952928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-04-13 13:56 - 2016-01-21 20:42 - 00786152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-04-13 13:56 - 2016-01-21 00:40 - 00099672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys
2016-04-13 13:56 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-04-13 13:56 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-04-13 13:55 - 2016-03-29 16:05 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-04-13 13:55 - 2016-03-10 21:19 - 07452512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-13 13:55 - 2016-03-10 21:17 - 01663192 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-13 13:55 - 2016-03-10 21:17 - 01523216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-13 13:55 - 2016-03-10 21:17 - 01490128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-13 13:55 - 2016-03-10 21:17 - 01358960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-13 13:55 - 2016-03-10 21:17 - 01133752 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-04-13 13:55 - 2016-03-10 19:48 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-04-13 13:55 - 2016-03-10 19:43 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-13 13:55 - 2016-03-10 18:55 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-13 13:55 - 2016-03-10 18:42 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-13 13:55 - 2016-03-03 18:13 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-13 13:55 - 2016-02-07 01:05 - 00551256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-04-13 13:55 - 2016-02-07 00:41 - 00316760 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2016-04-13 13:55 - 2016-02-05 21:07 - 00378712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-04-13 13:55 - 2016-02-05 17:11 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-13 13:55 - 2016-02-05 17:11 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-13 13:55 - 2016-02-05 17:07 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-13 13:55 - 2016-02-05 17:02 - 01083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-13 13:55 - 2016-02-04 20:07 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpsapi.dll
2016-04-13 13:55 - 2016-02-04 19:35 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpsapi.dll
2016-04-13 13:55 - 2016-02-04 18:23 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2016-04-13 13:55 - 2016-02-04 18:22 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2016-04-13 13:55 - 2016-02-02 19:18 - 01574912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2016-04-13 13:55 - 2016-01-31 19:17 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe
2016-04-13 13:55 - 2016-01-22 07:22 - 02487296 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-04-13 13:55 - 2016-01-22 07:11 - 01482240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-10 20:32 - 2015-02-22 21:08 - 00753152 ___SH C:\Users\André\Downloads\Thumbs.db
2016-05-10 20:30 - 2016-03-18 22:35 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-10 20:30 - 2015-02-01 12:26 - 00601600 ___SH C:\Users\André\Desktop\Thumbs.db
2016-05-10 20:30 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-10 20:30 - 2013-02-02 18:30 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-10 20:28 - 2013-01-11 20:51 - 00000000 ____D C:\Users\André\AppData\LocalLow\Temp
2016-05-10 20:12 - 2013-01-03 15:41 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-05-10 19:42 - 2013-01-02 14:08 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-447048058-3512354665-2473454594-1001
2016-05-10 18:15 - 2016-03-19 15:32 - 00000000 ____D C:\Users\André\AppData\Local\CrashDumps
2016-05-10 18:15 - 2013-05-04 10:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-05-10 18:13 - 2013-05-07 16:01 - 00078208 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2016-05-10 18:13 - 2013-05-04 10:38 - 00146712 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-05-10 17:36 - 2014-09-24 19:06 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-05-10 17:23 - 2013-08-22 15:25 - 01048576 ___SH C:\WINDOWS\system32\config\BBI
2016-05-10 17:17 - 2013-01-03 16:09 - 00000000 ____D C:\Users\André\AppData\Roaming\Skype
2016-05-10 16:37 - 2015-03-13 21:29 - 00000000 ____D C:\Users\André\Downloads\Archives
2016-05-10 15:50 - 2013-02-18 14:36 - 00007667 _____ C:\Users\André\AppData\Local\resmon.resmoncfg
2016-05-10 15:43 - 2013-11-11 21:04 - 00000000 ____D C:\AdwCleaner
2016-05-10 15:33 - 2014-09-24 19:06 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-05-10 15:33 - 2014-01-06 18:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-10 14:28 - 2014-09-24 19:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-05-10 14:21 - 2014-12-29 11:31 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-05-10 14:20 - 2013-01-05 14:01 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-05-10 14:20 - 2013-01-03 15:39 - 00000000 ____D C:\ProgramData\Adobe
2016-05-10 14:15 - 2015-02-06 20:43 - 00003930 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E60977FA-3A81-4898-8919-E45EAAFEA251}
2016-05-10 14:13 - 2015-07-29 16:33 - 00000000 ____D C:\Users\André\AppData\Local\Battle.net
2016-05-10 14:13 - 2015-07-29 16:33 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-05-09 21:53 - 2014-11-21 05:35 - 01980998 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-09 21:53 - 2014-11-21 04:45 - 00841326 _____ C:\WINDOWS\system32\perfh007.dat
2016-05-09 21:53 - 2014-11-21 04:45 - 00191558 _____ C:\WINDOWS\system32\perfc007.dat
2016-05-09 21:53 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-05-09 21:44 - 2013-06-19 16:13 - 00000000 ____D C:\Users\André\AppData\Roaming\TS3Client
2016-05-09 20:47 - 2014-01-13 17:25 - 00000000 ____D C:\Users\André\AppData\Local\DayZ
2016-05-08 20:22 - 2015-10-01 18:48 - 00000000 ____D C:\Users\André\AppData\Roaming\Spotify
2016-05-08 20:17 - 2015-10-09 13:23 - 00000000 ____D C:\Users\André\AppData\Local\Spotify
2016-05-08 19:54 - 2015-04-02 12:38 - 00000000 ____D C:\Users\André\Downloads\Wallpaper
2016-05-08 12:15 - 2015-01-30 20:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-07 23:23 - 2013-07-06 14:35 - 00000000 ____D C:\Users\André\Documents\My Games
2016-05-06 14:25 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-06 14:23 - 2015-08-30 19:09 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2016-05-06 14:23 - 2015-08-30 19:09 - 00000000 ___SD C:\WINDOWS\system32\GWX
2016-05-06 14:23 - 2015-02-03 19:00 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-05-05 00:43 - 2016-03-26 00:19 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2016-05-04 21:02 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-04 21:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-02 20:31 - 2013-01-12 14:43 - 00000000 ____D C:\Users\André\AppData\Local\ElevatedDiagnostics
2016-04-29 21:41 - 2016-02-18 20:30 - 00000000 ____D C:\Users\André\Documents\CCleaner Reg Backups!
2016-04-29 07:31 - 2015-03-24 14:29 - 00000000 ____D C:\Users\André\Downloads\LUPO
2016-04-29 06:35 - 2013-01-11 20:49 - 00000000 ____D C:\Users\André\AppData\Roaming\DVDVideoSoft
2016-04-27 20:40 - 2014-08-16 14:13 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-27 20:20 - 2013-09-06 14:40 - 00000000 ____D C:\Users\André\AppData\Roaming\OBS
2016-04-26 15:17 - 2016-02-17 15:39 - 00000000 ____D C:\Users\André\AppData\Local\TeamSpeak 3 Client
2016-04-26 13:01 - 2016-01-01 15:33 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-26 13:01 - 2013-01-03 16:09 - 00000000 ____D C:\ProgramData\Skype
2016-04-24 20:44 - 2016-03-25 15:57 - 00001416 _____ C:\Users\Public\Desktop\Free YouTube To MP3 Converter.lnk
2016-04-24 20:44 - 2013-08-18 13:28 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-04-24 20:44 - 2013-01-11 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-04-20 12:35 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2016-04-16 21:16 - 2013-01-03 15:41 - 00003766 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-04-14 16:20 - 2013-01-02 14:01 - 00000000 ____D C:\Users\André\AppData\Local\Packages
2016-04-14 16:18 - 2012-11-22 11:37 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-04-14 16:17 - 2013-01-18 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
2016-04-14 16:17 - 2013-01-18 20:38 - 00000000 ____D C:\Program Files (x86)\THQ
2016-04-14 16:15 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-04-14 16:15 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-04-14 16:12 - 2015-03-27 22:10 - 00000000 ____D C:\WINDOWS\Minidump
2016-04-14 14:43 - 2013-08-22 16:44 - 00405368 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-13 20:59 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-04-13 19:20 - 2013-08-15 12:24 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-13 19:17 - 2013-01-03 18:22 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-13 13:50 - 2016-01-13 13:43 - 00177488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-04-13 13:47 - 2016-03-09 15:30 - 01501488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-04-13 13:47 - 2016-03-09 15:30 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-04-13 13:46 - 2016-03-09 15:30 - 01737080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-09-14 19:20 - 2014-09-14 19:20 - 0000297 _____ () C:\Users\André\AppData\Roaming\BreakingPoint_Login.ini
2014-09-14 19:23 - 2014-09-14 19:23 - 0001370 _____ () C:\Users\André\AppData\Roaming\BreakingPoint_Options.ini
2014-02-15 10:22 - 2014-02-15 10:22 - 0000011 _____ () C:\Users\André\AppData\Roaming\Network Meter_Usage.ini
2013-08-21 13:54 - 2013-12-21 14:58 - 0000134 _____ () C:\Users\André\AppData\Roaming\Network Monitor II_Traffic.ini
2013-08-21 13:04 - 2013-08-21 13:04 - 0000725 _____ () C:\Users\André\AppData\Roaming\Ping Monitor_Settings.ini
2014-12-21 15:16 - 2014-12-21 15:16 - 0000000 _____ () C:\Users\André\AppData\Roaming\Stardockfences_debug_snapshot.dat
2014-06-19 18:50 - 2014-06-19 18:50 - 0000024 _____ () C:\Users\André\AppData\Roaming\temp.ini
2013-02-16 16:01 - 2013-02-19 18:05 - 0004608 _____ () C:\Users\André\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-03-13 21:16 - 2016-03-13 21:16 - 0007890 _____ () C:\Users\André\AppData\Local\recently-used.xbel
2013-02-18 14:36 - 2016-05-10 15:50 - 0007667 _____ () C:\Users\André\AppData\Local\resmon.resmoncfg
2013-11-25 18:04 - 2013-11-25 18:04 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-01-02 14:02 - 2013-01-02 14:02 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\André\Arcanum4.dat
C:\Users\André\Arcanum5.dat
C:\Users\André\Arcanum6.dat


Einige Dateien in TEMP:
====================
C:\Users\André\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-05-06 14:22

==================== Ende von FRST.txt ============================
         

Alt 10.05.2016, 19:45   #8
Chronos5896
 
Windows 8: Für mich unbekannter Trojaner von Avira gefunden - Standard

Windows 8: Für mich unbekannter Trojaner von Avira gefunden



Addition

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:09-05-2016
durchgeführt von André (2016-05-10 20:34:25)
Gestartet von C:\Users\André\Desktop
Windows 8.1 (X64) (2015-01-31 20:32:58)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-447048058-3512354665-2473454594-500 - Administrator - Enabled)
André (S-1-5-21-447048058-3512354665-2473454594-1001 - Administrator - Enabled) => C:\Users\André
Gast (S-1-5-21-447048058-3512354665-2473454594-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-447048058-3512354665-2473454594-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20039 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version:  - Ensemble Studios)
Apple Application Support (32-Bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Arma 3 (HKLM\...\Steam App 107410) (Version:  - Bohemia Interactive)
Assassin's Creed IV Black Flag (HKLM-x32\...\Steam App 242050) (Version:  - Ubisoft Montreal)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{3b87484e-d70b-4b4f-ad59-2ae89571e2cf}) (Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{74d1ef14-dd39-4749-b051-e183a1e27f5e}) (Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{ccdc9cfe-8ba7-4c6c-ac5f-b2d6cfa49efc}) (Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 2(TM) (HKLM-x32\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version:  - )
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty: Black Ops II - Multiplayer (HKLM\...\Steam App 202990) (Version:  - Treyarch)
Call of Duty: Black Ops II - Zombies (HKLM\...\Steam App 212910) (Version:  - )
Call of Duty: Black Ops II (HKLM\...\Steam App 202970) (Version:  - Treyarch)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
Cosmic DJ (HKLM\...\Steam App 297110) (Version:  - Gl33k)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4319 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM\...\Steam App 221100) (Version:  - Bohemia Interactive)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
DVDVideoSoftTB DE Toolbar (HKLM-x32\...\DVDVideoSoftTB_DE Toolbar) (Version: 6.9.0.16 - DVDVideoSoftTB DE)
Empire Earth II (HKLM-x32\...\{DF315348-721C-40B8-BAE2-58C6C7D935A2}) (Version: 1.02 - Sierra)
Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version:  - Bethesda Game Studios)
Fistful of Frags (HKLM-x32\...\Steam App 265630) (Version:  - Fistful of Frags Team)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)
GD Hardware Scan (HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\GD Hardware Scan) (Version: 00.00.00.01 - Social Web Tech LTD)
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version:  - Rockstar North)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hotline Miami (HKLM\...\Steam App 219150) (Version:  - Dennaton Games)
Hotline Miami 2: Wrong Number (HKLM\...\Steam App 274170) (Version:  - Dennaton Games)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1206 - Hewlett-Packard)
HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (HKLM\...\{61ADDE9C-3AE6-46FC-9127-DFFF637AED03}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Hilfe (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.2.8.25 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{B1AD4FFB-DD17-43EC-8C30-B9E71EAD9132}) (Version: 12.2.8.17 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LibreOffice 4.0.0.3 (HKLM-x32\...\{8EA569F1-97AF-4C3E-A0CB-4846C2D35A81}) (Version: 4.0.0.3 - The Document Foundation)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mediapurge (HKLM-x32\...\Mediapurge) (Version: 5.74 - Peter Lorenz)
METAL GEAR SOLID V: GROUND ZEROES (HKLM-x32\...\Steam App 311340) (Version:  - Kojima Productions)
METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM-x32\...\Steam App 287700) (Version:  - Konami Digital Entertainment)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 46.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 de)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.2 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 364.51 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.2.55 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.2.55 - NVIDIA Corporation)
NVIDIA Grafiktreiber 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.51 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 364.51 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Oblivion (HKLM-x32\...\{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}) (Version: 1.2.0416 - Bethesda Softworks)
Oddworld: New 'n' Tasty (HKLM-x32\...\Steam App 314660) (Version:  - Just Add Water (Developments), Ltd.)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
ParkControl (HKLM-x32\...\ParkControl) (Version: 1.0.1.1 - Bitsum)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Prezi (HKLM-x32\...\{63B8F931-2BF3-4D5D-9C28-E2EF88D83DFD}) (Version: 5.2.8 - Ihr Firmenname)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games)
Rust (HKLM\...\Steam App 252490) (Version:  - Facepunch Studios)
Savant - Ascent (HKLM-x32\...\Steam App 259530) (Version:  - DPad Studios)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.2.55 - NVIDIA Corporation) Hidden
Shovel Knight (HKLM-x32\...\Steam App 250760) (Version:  - Yacht Club Games)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
Source SDK Base 2006 (HKLM-x32\...\Steam App 215) (Version:  - Valve)
Spelunky (HKLM-x32\...\Steam App 239350) (Version:  - )
Splinter Cell Pandora Tomorrow (HKLM-x32\...\{084A9731-D05B-4ADA-B4A0-0ADD25FD7152}) (Version: 1.00.000 - )
Spore (HKLM-x32\...\Steam App 17390) (Version:  - Maxis™)
Spore: Creepy & Cute Parts Pack (HKLM-x32\...\Steam App 17440) (Version:  - Maxis™)
Spore: Galactic Adventures (HKLM-x32\...\Steam App 24720) (Version:  - EA - Maxis)
Spotify (HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Spotify) (Version: 1.0.28.87.g8f9312a4 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: 1.20.0000 - Firefly Studios)
Stronghold 2 (HKLM-x32\...\{16D2C649-CBA8-44EE-B730-12584667D487}) (Version: 1.40.1000 - Firefly Studios)
Stronghold Legends (HKLM-x32\...\{66A405D2-BA14-4594-BF36-B3B544F0754E}) (Version: 1.20.0000 - Firefly Studios)
Studie zur Verbesserung von HP Deskjet 3050A J611 series Produkten (HKLM\...\{EF27865C-E636-47C4-8B35-CE8A88045681}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Culling (HKLM\...\Steam App 437220) (Version:  - Xaviant)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
TI xHCI Filter Driver 1.0.0.4 (HKLM-x32\...\TI xHCI Filter Driver) (Version: 1.0.0.4 - Texas Instruments Inc.)
TI-Nspire™ Computer Link (HKLM-x32\...\{6C5AC088-3136-4043-8985-8B0772A9580E}) (Version: 3.9.0.455 - Texas Instruments Inc.)
Titan Quest (HKLM-x32\...\{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}) (Version: 1.00.0000 - Iron Lore)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Steam App 359550) (Version:  - Ubisoft Montreal)
Tom Clancy's Splinter Cell (HKLM-x32\...\{A174402A-2EE6-4B86-A930-7BC85A9933BD}) (Version: 1.00.000 - )
Tom Clancy's Splinter Cell Chaos Theory (HKLM-x32\...\{888DD888-82BE-4D85-BCB2-2E042CD3E844}) (Version: 1.05.157 - Ubisoft)
Tom Clancy's Splinter Cell Double Agent (HKLM-x32\...\{CAD1691A-FA24-4B95-9009-3257B8440ECC}) (Version: 1.00.0000 - Ubisoft)
Torchlight (HKLM-x32\...\{4F64A46D-67F7-4497-AEA2-313D4305A5F6}) (Version: 1.0.0 - JoWooD)
Total War: SHOGUN 2 (HKLM-x32\...\Steam App 34330) (Version:  - The Creative Assembly)
UE4 Prerequisites (x64) (HKLM-x32\...\{b46d36bc-2438-471e-abe8-1fbbd51754ee}) (Version: 1.0.10.0 - Epic Games, Inc.)
UE4 Prerequisites (x64) (Version: 1.0.10.0 - Epic Games, Inc.) Hidden
Unity Web Player (HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 13.0 - Ubisoft)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Warface Launcher (Beta) (HKLM-x32\...\{28D1723C-31C4-4A83-9799-DFFB3739026D}) (Version: 1.0.0 - Crytek GmbH)
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 3.0.2.1739 - 1&1 Mail & Media GmbH)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Phone app for desktop (HKLM-x32\...\{19773614-FC22-4ACC-AAA3-E6BDA81ACF92}) (Version: 1.1.2726.0 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Xfire (remove only) (HKLM-x32\...\Xfire) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-447048058-3512354665-2473454594-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\André\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {07B1D83F-8BE6-4268-AC95-5B99EDED3305} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {1134DC2D-A6A0-4857-8DFB-4E0F493CAD27} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-01-29] (Oracle Corporation)
Task: {209E117D-060D-4095-8226-DA5E1595625F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-13] (Microsoft Corporation)
Task: {2C070C45-DDCC-4C2E-AABF-5FE429D98BD1} - System32\Tasks\ParkControl => C:\Program Files\ParkControl\ParkControl.exe [2015-12-19] (Bitsum LLC)
Task: {3580C528-E0CC-4735-86E3-63A0B8BCC508} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)
Task: {47FBDEF3-2941-4F4E-B108-6C180438BAE8} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {49C98BDB-BD1D-44D9-96D6-A9FD5A0AA4AA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-04-06] (Hewlett-Packard)
Task: {4F62D898-94B2-44CA-967B-B256E3AA2E0F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-03-07] (Hewlett-Packard)
Task: {515A7EF6-E89A-4707-835F-F8036BCBB02A} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => C:\Windows\system32\GWX\GWXDetector.exe [2016-04-26] (Microsoft Corporation)
Task: {6F39FF7F-B3BA-4B3A-A5AB-3A23DF5DAB64} - System32\Tasks\ScanToPCActivationApp.exe_{1848EEB4-045A-492D-97B5-A1ABDF8FFF51} => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {92B2AB27-9A52-4CB1-8134-B402BA47CF27} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {9D530CB6-040B-44AE-9475-D09A3FB7A7AC} - System32\Tasks\AdobeFlashPlayerUpdate => C:\windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {9DC3DA29-DD1B-43FF-AE81-EAAF2E7E2D03} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-16] (Adobe Systems Incorporated)
Task: {A5222A0D-D798-4B9B-AB9E-7AE2C8386DCC} - System32\Tasks\{4E94E5CB-7B80-4D4F-9653-5B045DBB0562} => pcalua.exe -a "C:\Users\André\Desktop\Slender\Slender - The Eight Pages.exe" -d C:\Users\André\Desktop\Slender
Task: {CE8DAAA5-D76A-4FA8-9C91-D49F86D10B9A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {D019B7C6-F960-47C3-90A7-9C8E4C03031F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {D36339C6-3F6E-4807-AD00-0BB992F63485} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {D506C41B-B7C3-473F-B43A-792AF9162E0D} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {D66487DC-8EB8-41B7-8AB1-DB26B7F97C86} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {FDD4D2D1-CB44-4FBA-B4E2-759CB8AA2E0C} - System32\Tasks\Game_Booster_Startup => C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\HP Deskjet 3050A J611 series.exe_{ADEB0F8D-477A-423E-88C7-3805843D3C4B}.job => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HP Deskjet 3050A J611 series.exeĖ-install -prfn HP Deskjet 3050A J611 series (Netzwerk) -ePCUrl hxxps:/h30495.www3.hp.com
Task: C:\WINDOWS\Tasks\HPCustPartic.exe_{490607ED-986D-40BF-BE2C-16BB55AA064D}.job => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\ScanToPCActivationApp.exe_{E224E030-DCCD-4312-8F4E-8929E6A12B66}.job => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
Task: C:\WINDOWS\Tasks\Toolbox.exe_{69C0F34C-8CBD-4512-B13B-F24BE0CC5553}.job => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\Toolbox.exe
Task: C:\WINDOWS\Tasks\XboxStatTask.job => C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-03-18 22:35 - 2016-03-08 08:27 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-03-18 22:37 - 2016-03-30 03:21 - 00366528 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-03-18 22:36 - 2016-03-30 03:21 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-04-01 13:38 - 2016-03-30 03:21 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-03-18 22:37 - 2016-03-30 03:22 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2013-01-03 19:54 - 2015-03-26 21:23 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2016-04-01 13:38 - 2016-03-30 03:21 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-04-01 13:38 - 2016-03-30 03:22 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-03-18 22:37 - 2016-03-30 03:22 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-04-01 13:38 - 2016-03-30 03:21 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-04-01 13:38 - 2016-03-30 03:20 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-04-01 13:38 - 2016-03-30 03:20 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-03-11 22:49 - 2016-03-11 22:49 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-11-23 10:58 - 2016-03-23 14:06 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2014-11-23 10:58 - 2016-03-23 14:06 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2014-11-23 10:58 - 2016-03-23 14:06 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2014-11-23 10:58 - 2016-03-23 14:06 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2014-11-23 10:58 - 2016-03-23 14:06 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2014-11-23 10:58 - 2016-03-23 14:06 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-03-18 22:36 - 2016-03-30 03:28 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-03-12 18:10 - 2016-04-29 22:10 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-23 16:20 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-05-23 14:15 - 2016-04-30 02:10 - 02549840 _____ () C:\Program Files (x86)\Steam\video.dll
2015-01-23 16:20 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-23 16:20 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-08-29 14:47 - 2016-02-09 01:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 14:47 - 2016-02-09 01:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 14:47 - 2016-02-09 01:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 14:47 - 2016-02-09 01:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 14:47 - 2016-02-09 01:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2013-02-02 18:37 - 2016-04-30 02:10 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 15:02 - 2016-02-18 00:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2013-02-02 18:37 - 2016-04-28 03:00 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-11-22 11:38 - 2012-07-18 10:50 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-447048058-3512354665-2473454594-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\André\Downloads\Wallpaper\wallhaven-156813.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: WeGameClientService => 2
HKLM\...\StartupApproved\StartupFolder: => "Speedport W 101 WLAN Manager.lnk"
HKLM\...\StartupApproved\StartupFolder: => "LOLRecorder.lnk"
HKLM\...\StartupApproved\StartupFolder: => "simplicheck.lnk"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "BingDesktop"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "BF2Hub Client"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\StartupFolder: => "Xfire.lnk"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\StartupFolder: => "OpenOffice.org 3.4.1.lnk"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\StartupFolder: => "Steam.lnk"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "SUPERAntiSpyware"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "GUDelayStartup"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{2F81C9A0-7BBE-4D71-8051-29AB84EE6F7C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9DE8F934-ADAD-4318-880A-BA8C00675792}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{525FF56F-BD8E-4FF1-AC06-78A70ED5832D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SavantAscent\Savant_Ascent.exe
FirewallRules: [{40D1C4D5-5783-45CE-B50D-2EEC03C7C17A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SavantAscent\Savant_Ascent.exe
FirewallRules: [UDP Query User{C90CE360-557C-4657-B704-20F529B34C8E}C:\songan's ttt server - kopie\srcds.exe] => (Allow) C:\songan's ttt server - kopie\srcds.exe
FirewallRules: [TCP Query User{D4F0CF27-9B16-40CA-B125-178FA527F955}C:\songan's ttt server - kopie\srcds.exe] => (Allow) C:\songan's ttt server - kopie\srcds.exe
FirewallRules: [{A3195EE6-31BB-4692-B88C-0E8C843A9BF7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{06EA1C1B-FFA2-492D-8A33-9B57E002C990}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{E1EB2855-1798-4EDE-8B3B-82F5861378C5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{FE4BB57F-B9C3-4B90-9532-3E31FAD1EC69}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{557AFC36-E381-4CA4-AEE1-AC9E8DABCAF7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{31EE1A19-89CE-40CC-9182-EF6F2780E78D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{FC0B2104-7D49-442C-97B7-677F51721FFA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{03DEC87D-CCA7-47CD-9190-805E58AD02C6}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{0B154B0F-E8BF-4E10-9AFB-602ACE45A389}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{EA882129-9F6E-47F3-B8A1-B714FAC38BB0}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{BDB3192D-E7E9-413A-9396-70B3873A65C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{9C5C6319-4BD7-4958-AF85-0390C636FE26}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{0344D2C1-5B07-4B6F-9100-DC8397B20E52}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shovel Knight\ShovelKnight.exe
FirewallRules: [{6060FB65-6E8E-42FF-B1B8-775DECDC7404}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shovel Knight\ShovelKnight.exe
FirewallRules: [{14ABDB4B-012F-4764-A146-87C57D507349}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{3ECB7973-9619-405E-A6BE-1388AE65C0B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{E3578200-F99C-4118-8086-3D55D018DEBE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{77A50C45-2191-4923-814A-6E2BA8B0A02E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{D35C7CB8-288E-4C90-B301-D96FD6B4F1C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporebinEP1\SporeApp.exe
FirewallRules: [{654C398B-5DF4-4B24-B2E4-377168A393CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporebinEP1\SporeApp.exe
FirewallRules: [{355A24CE-660C-4E0D-B3CF-5F9A3A64C921}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\runme.exe
FirewallRules: [{22118AC4-2C6C-4A21-98E3-22CFE6EF30C1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\runme.exe
FirewallRules: [{F1B9229F-40C8-4BF7-8D09-07764066B3BF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe
FirewallRules: [{2673C359-B53B-40E4-9129-0E366B225601}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe
FirewallRules: [{19FCCC1D-B026-4BE5-9F5E-A60048284120}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{2F8C6559-20EB-4C1C-A37B-B5B2985E543D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{31DF9A60-1465-4A7A-B93D-7EFBCDCFFCF2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{3887276F-6885-4E22-9F4B-3ABC201D6449}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D4C2095B-7F89-4922-B8C4-B8827F84A2DB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D0268C2D-602B-4546-BA83-BB6BABE79EDF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2CA630FB-839D-40DB-9F36-228B7F224361}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{AF7CEDE2-2D7E-4353-8884-1C2491D82A4C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [UDP Query User{AB62C390-516F-4D0D-9FA3-691F9B6D52D2}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [TCP Query User{61338F15-C415-4289-88E5-E4D1456EF082}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [{AE67764D-BD85-405D-909A-B40D6A2D364B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{A05353E0-15C5-4636-91E5-3EC3DB7A9298}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{74FD4306-F4CE-4F02-AA0A-66FABFAF2526}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{D8D25627-2D6B-416C-A1B7-F15DB81C4CC1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [UDP Query User{60F2F817-AD57-4421-9452-9459338C4CB0}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [TCP Query User{04AD78F5-1C42-4AC3-8B08-0F992D282CA5}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [UDP Query User{6484B4C8-1523-4FEA-896C-6D9D95068AA8}C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe] => (Allow) C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe
FirewallRules: [TCP Query User{510AED7B-4C10-43DD-9E41-C64994BFEC9E}C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe] => (Allow) C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe
FirewallRules: [{10B45A3C-510B-49D0-B8E9-18C5B443BB7F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{DC6B5AFF-687B-42F4-B773-5B4C844B8A0A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{937343C7-994B-47F9-A316-66587B212F11}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{1A3EF871-27E4-4CBC-B74B-B2383F0DFFF9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{E54F4129-E34D-4242-B28A-3934E7456BA7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{DA5F7BAC-034D-4514-AB1E-3A8F49EC98FC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{4CCB3275-446A-4A5E-984B-E661A5906CE1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{3B2F061E-9DEE-4A60-BB66-553D949A1CE8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{16766F7A-84A3-47D2-BB13-C739A79A6BC4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{F4AD3048-6EC2-4C89-9AE4-3079E222A515}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{4C19DB87-1819-4DEC-A423-C5D30DED153C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{B76F0C57-6BE2-41BA-8FDC-D600A548733A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [UDP Query User{C7B0AA1C-B270-46B5-A6DD-E789B6CF0316}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [TCP Query User{434FF7C0-9231-4B8F-98BD-4272CB9EA40F}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{4368F7BC-2A7C-4AF9-AB66-A7C6C67449E8}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [TCP Query User{CA39CCB2-445B-4394-977C-B740672B0350}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{D5C94B11-2437-48C8-A43B-1EBADF3BE765}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{A878638D-E967-4491-BF24-9D823CEE97A8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{B04BA630-71E3-48BB-A53D-43E9B3AD9A5F}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{4E37412E-E309-4DA4-84C7-61826D930253}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{BE7C4B8C-D22C-4D39-8769-D7D17B52C432}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe
FirewallRules: [{81FA855D-D76B-4447-984C-FD3599D90623}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{67C1EB95-DE28-4F2B-9058-7B3A2C72D823}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [UDP Query User{816344A6-B7AA-436A-BAF9-ED24DFB232A6}C:\gog games\arcanum\arcanum.exe] => (Block) C:\gog games\arcanum\arcanum.exe
FirewallRules: [TCP Query User{FCADCA24-8865-4D9D-A358-492C0B930FD7}C:\gog games\arcanum\arcanum.exe] => (Block) C:\gog games\arcanum\arcanum.exe
FirewallRules: [{CC9108CA-CAB2-488E-8173-A09E6DBEFB19}] => (Allow) C:\Program Files (x86)\7DaysToDie-Alpha\7DaysToDie.exe
FirewallRules: [{6E596561-2567-4AA7-8292-2F13D08053FD}] => (Allow) C:\Program Files (x86)\7DaysToDie-Alpha\7DaysToDie.exe
FirewallRules: [{E211D57C-F8D2-4000-8717-F6EB9BFED9C1}] => (Allow) C:\Program Files (x86)\7DaysToDie-Alpha\7DaysToDie.exe
FirewallRules: [{89D923D0-52AD-45D3-AB79-2B2FCFA7EEC9}] => (Allow) C:\Program Files (x86)\7DaysToDie-Alpha\7DaysToDie.exe
FirewallRules: [UDP Query User{20BC6940-EC8A-4D84-ADA8-0CAC1583C908}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{5B108050-331D-4078-91F7-333C2FD058F0}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{F7029719-F975-4165-B9DE-4B50E21FBD96}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spelunky\Spelunky.exe
FirewallRules: [{552360C1-3E4D-4478-B81A-743E57C60ADE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spelunky\Spelunky.exe
FirewallRules: [UDP Query User{1AF00546-D969-4B95-BCE1-20AD60109548}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [TCP Query User{2DED59E3-BCD4-4AD1-A751-69C0D993C9C0}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [{E167F28F-3CDB-4E9C-BC93-54BA1A2C3C01}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{866386DB-549E-451B-8B08-324399D57293}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{84D5A424-B0E1-48B8-99F7-56DB8A7D831D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{B320A94D-2C0A-40BC-A57E-B8FF09548745}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{3D8FCAA0-AF8A-4080-B76E-91B00EEF2A12}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{4A5D0F96-864C-488C-A3DE-31A996CDA638}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [UDP Query User{7A239781-B79A-4B27-92BB-D85A772CDE98}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{7061FBA7-108A-4A04-A3F1-0C3A4259C982}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{11A23F99-555C-444F-857D-496287B9A48F}G:\photoshop elements 7.0\adobephotoshopelementsmediaserver.exe] => (Allow) G:\photoshop elements 7.0\adobephotoshopelementsmediaserver.exe
FirewallRules: [TCP Query User{BA0ECDB6-A448-4439-A0A6-374398724581}G:\photoshop elements 7.0\adobephotoshopelementsmediaserver.exe] => (Allow) G:\photoshop elements 7.0\adobephotoshopelementsmediaserver.exe
FirewallRules: [UDP Query User{2AD03E61-6CB6-4DB2-A353-217D91DEBB80}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{0A63AFDA-95CA-4F6C-8E66-D7A04EF5F6CA}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{854A33A6-B57B-49A4-BC0B-B447864978E7}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [TCP Query User{3D45854F-3635-4D6A-ADF4-0EBEE2575081}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [UDP Query User{979C4E21-D9C4-49F4-BCE0-EF5DA3644EDE}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{2C72D711-F6FE-41A5-8E01-8BD6424A81C9}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{F7667282-18D2-4EEC-845E-3B3BCA6702EA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{DC7BF070-51A4-41A4-B1FB-F05B12A05E32}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{B9B504D2-0BED-44C8-87A1-B03F9A25CB3D}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{88C338FE-13BA-49E4-B938-296AEF29807B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4EEC4502-D631-42C4-8990-017FBDE70B5A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CFC7DE7C-9FD1-46FC-86B0-78C26A9B7775}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold\Stronghold.exe
FirewallRules: [{47442B8F-1B8A-4BF4-98E7-5A4025AA9F33}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold\Stronghold.exe
FirewallRules: [{8E386419-8F65-43C5-A842-65EC79A74C5E}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold 2\Stronghold2.exe
FirewallRules: [{0FEB2ABB-96A2-4F9B-B5DF-352080B000A0}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold 2\Stronghold2.exe
FirewallRules: [UDP Query User{A73EB24B-5760-406C-92F6-01680BFD0E17}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{ABC0EAEB-F6E3-42D6-A4AF-E4698720895E}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{615E09E1-58DF-4F2B-9001-EC72C28F1ED4}C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\system\splintercell3.exe] => (Allow) C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\system\splintercell3.exe
FirewallRules: [TCP Query User{199F5DA8-537B-4802-A081-BCC0BDCA4D49}C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\system\splintercell3.exe] => (Allow) C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\system\splintercell3.exe
FirewallRules: [{84A117B9-6229-4B07-AA4C-592C006DAF17}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Legends\StrongholdLegends.exe
FirewallRules: [{F547011A-F4A2-4823-9514-BFBC0F04DF47}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Legends\StrongholdLegends.exe
FirewallRules: [UDP Query User{1F14F8E7-EF0B-4C0D-A2DC-7D79E56FCD90}C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe] => (Allow) C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe
FirewallRules: [TCP Query User{843B521A-F575-49BB-A5E6-A8BAF3F39FDB}C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe] => (Allow) C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe
FirewallRules: [{0B44211B-1D40-4E7E-B060-6CA1F81528A3}] => (Allow) LPort=1900
FirewallRules: [{CE1660CA-ECA5-44DE-A94C-25D5ADC5A300}] => (Allow) LPort=2869
FirewallRules: [{E1FD84FD-A7D8-4832-9B25-FBFC9302E2EA}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{2060FED0-2274-4EAA-BF88-879831BB9D71}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{35E64E04-DDCC-40A5-B7DF-DC924212030D}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [TCP Query User{7A28D840-1BC8-4A6B-8A79-EFF25E28477E}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{EDD83D34-D790-4F04-AF0B-12A09F8A5F6B}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{6C8D7433-1032-4924-92EE-E231B2C60069}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{080B0641-9913-418C-83AF-B418D6421F3E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{4A0EF7F6-2123-422C-9B03-E67434EC229A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Oddworld New n Tasty\NNT.exe
FirewallRules: [{863BA61A-4FEF-4D22-B6F7-2A6A445CD55D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Oddworld New n Tasty\NNT.exe
FirewallRules: [TCP Query User{EE59E25E-E681-4F6D-AF72-AD2A1F391D43}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{F7147E30-BE04-4702-BB59-3CF913696D06}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{7366368D-2C3F-4C0C-94C9-79291994E5EF}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{8A83C40E-4BAC-4B5E-A74D-221CCD63CF3D}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{B0603A95-9371-4DDE-873B-3E9B50060C5E}] => (Allow) C:\Program Files (x86)\EA Games\Battlefield 2\BF2.exe
FirewallRules: [{0D170153-EA06-42AA-9A18-94CF56EC2C1D}] => (Allow) C:\Program Files (x86)\EA Games\Battlefield 2\BF2.exe
FirewallRules: [TCP Query User{5F2D22DE-18CE-4B5B-A2A4-AE30C787FF0F}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe
FirewallRules: [UDP Query User{042AC962-6FD7-4955-A24A-518DF58804BB}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe
FirewallRules: [{82DD64BA-BE73-4A59-BC83-D0CBCAD11B33}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{44407D7A-EA04-4913-90A4-F6270C3E8934}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D5E03025-EB0F-4A7C-BB33-A3F9DD115AE6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D9D485A7-E593-4F69-8763-71B6B32FA889}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{18EBDBB0-6F97-4DBD-9FE2-E95D002547EA}C:\program files (x86)\ea games\battlefield 2\bf2.exe] => (Allow) C:\program files (x86)\ea games\battlefield 2\bf2.exe
FirewallRules: [UDP Query User{73446A00-A12F-4119-8470-7F8545100C5C}C:\program files (x86)\ea games\battlefield 2\bf2.exe] => (Allow) C:\program files (x86)\ea games\battlefield 2\bf2.exe
FirewallRules: [{148BD9DE-CE7B-495B-808D-4493B12374BC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [{74E5C093-E8B3-43AF-B873-FF22E5D9C20D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [{83BA189A-2359-4DF2-9B85-4243C11527B5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B3852A97-3C8C-4718-9B64-A8BDCA0A2E5C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{75D3D7EE-8634-44FC-9B6D-398DBD05BDDC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fistful of Frags\sdk\hl2.exe
FirewallRules: [{55B707B7-0D91-4B83-BD64-3B43BC35E5C3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fistful of Frags\sdk\hl2.exe
FirewallRules: [TCP Query User{3FA714E6-27A8-4C83-A83D-3F14708C7522}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe
FirewallRules: [UDP Query User{4B650623-F185-4E8F-B32C-923681610894}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe
FirewallRules: [{3FB0EED4-4D83-4864-8256-1112E438528A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 3 goty\FalloutLauncher.exe
FirewallRules: [{5EBD8610-3469-4A9A-B763-93442B6B1E9B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 3 goty\FalloutLauncher.exe
FirewallRules: [{10F8A69D-4A78-43DE-A010-A8D58C912584}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [{CCC81A88-F96B-482F-A763-63A8BC4FBABD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [{04A68A81-678E-4E08-A891-118BF8A82A13}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{5601EF96-3EE6-4AC2-8E5C-9B3C70F1E055}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{F900103E-5B80-4ECD-88B4-7F921E7982DA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{03192198-3130-4974-96A8-59765F30ABE5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{07E757A0-BEA6-4D39-BA47-1322E5A4F972}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{AA00C280-76B2-4D38-A4EA-F40C474FE62D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [TCP Query User{80A3FF00-1CE5-40FA-BD74-CDF7B1FEE7A5}C:\program files (x86)\ti education\ti-nspire computer link\ti-nspire computer link.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire computer link\ti-nspire computer link.exe
FirewallRules: [UDP Query User{A24F1D35-3B16-4FC8-AE35-EFD7D74302B5}C:\program files (x86)\ti education\ti-nspire computer link\ti-nspire computer link.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire computer link\ti-nspire computer link.exe
FirewallRules: [TCP Query User{04AEA058-464E-45DC-9F12-93012201A387}C:\program files (x86)\ti education\ti-nspire computer link\jre\bin\java.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire computer link\jre\bin\java.exe
FirewallRules: [UDP Query User{BE617A23-6191-4E1B-A1CE-EF5C38152015}C:\program files (x86)\ti education\ti-nspire computer link\jre\bin\java.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire computer link\jre\bin\java.exe
FirewallRules: [TCP Query User{B5EF835B-497F-41DE-BC00-7BF39F3DBAB2}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{87D57B25-B389-4873-99F1-F1F4B56DB10E}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [TCP Query User{009D5093-8B1A-47ED-B2D1-75DCD3A253AF}C:\users\andré\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\andré\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{8B7F0374-A4DB-4F25-96A9-11C334A778A5}C:\users\andré\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\andré\appdata\roaming\spotify\spotify.exe
FirewallRules: [{68241CF8-3F67-4606-9CD6-9B44629D1FA3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{371DDF5E-863C-4B04-AA36-9BCA8957ABAF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B3852398-F898-4F6F-A736-001671E9D853}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2F46FAC5-39DA-48CB-87B7-2DB63DF9CC9B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{57EA8011-8988-497E-84D0-F9502DB2A1CA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{11C55929-3DB5-4FFF-8D23-A6A63911510C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5A8CFE7B-899A-4490-BA84-3F58FA2E8F38}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{0464378F-CD97-4216-A966-760782823490}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{35496E53-0B61-408F-8762-039BB5C1035C}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{2E6E8688-E1C8-47E6-B2D9-7E594F859EA7}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{9522C61C-0FA5-42CF-99A6-8796BC8ABBB3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{E25BCE61-2553-4378-B9C8-32AA3DE4414B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{FABC240F-274B-47AC-858F-438E14DB95F9}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [TCP Query User{6A11780A-C673-4C25-B63A-2AC4A906E120}C:\songan's ttt server - kopie\srcds.exe] => (Allow) C:\songan's ttt server - kopie\srcds.exe
FirewallRules: [UDP Query User{FEBEFACE-4396-49C6-91E1-33AFCF378EB8}C:\songan's ttt server - kopie\srcds.exe] => (Allow) C:\songan's ttt server - kopie\srcds.exe
FirewallRules: [{8E73AB31-C8AD-4F78-AEBF-565629D44666}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{2330A750-582C-4E3D-8E02-56F0FA5E1800}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{7A629A0A-1D85-462A-8131-C0F1A0FED8BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{569AB28B-79DA-4152-98C7-8FC358FC16A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{56C07A57-BFA5-470E-8B65-52E04CA6E40E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{BDCC194D-ABA9-4892-B891-FCC35B720DD7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{55449DDA-7F51-4C61-8861-B3C700B4A81F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B2D89EFE-0FB9-4756-9144-21CFA0AA27BA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{44F22EFC-FB2D-4E4D-B1A1-3A9C31E2D3A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{4B96DCC9-61BA-4747-8A57-9B0DEC5D083A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1274CD60-E8E4-469D-9A12-04443BFCBAF8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F0065602-B604-471B-AF08-8447902B5DA3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{262C47AA-404B-48BA-8D26-F495E5069386}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{410F82CB-A332-4660-91D6-53EC5F42E57D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheCulling\TheCulling_Launcher.exe
FirewallRules: [{AFFB53C2-13B6-4304-A294-3BB329BD7A32}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheCulling\TheCulling_Launcher.exe
FirewallRules: [TCP Query User{5CC79050-2FF6-4A33-8DA8-E4C465A2A3DE}C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe
FirewallRules: [UDP Query User{4765706F-B3BB-43A0-B242-0A13CE229922}C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe
FirewallRules: [{637479C3-5E89-4FAC-8365-DDD65B257ED8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{EC6C7D2A-4B98-43D4-A98D-A5F23E492F17}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{874A6590-5815-43EC-B566-7CBEB1912029}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{F6A32B85-6372-45E2-92B3-0AFC0691F1B7}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{99098603-601D-4775-9C3F-BEC0C8D673D8}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{5B9E721E-7C91-4AFB-8D54-F23B323D8D38}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{3AF93217-33B9-474C-8F86-6DA2552DA48D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{B0ACEF2B-4DBF-4D2D-81F2-89919DADDAE2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{2DADFF23-7A32-40C7-97D3-74EBF26FC353}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{D904EB1D-3CF6-4D18-ABAD-152EC199EABB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{61D4255A-0725-4A20-86E9-A34E748B4F71}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{9211B61F-6AB9-436E-AE60-FB5D52BFC6F2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{34F5F4C6-599F-4D22-A403-1FEFEB04F774}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{E43876E3-8A49-45C9-A1BE-FD30D5F51304}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{7D629C6C-2852-4C13-AE7C-C6E7D0F14E6E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{4E5CBD26-E8EA-4812-9703-902E1871A0D9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rust\Rust.exe
FirewallRules: [{7040C603-3913-4BA6-BD1E-E937BD819C14}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rust\Rust.exe
FirewallRules: [TCP Query User{4C1C0507-D001-4114-820D-F8D2A26F0901}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{559A0FF3-0735-4B3A-A8DC-D372E4F2896F}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{4B42444C-39EC-4DE6-93C4-F37658C012D4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hotline Miami 2\HotlineMiami2.exe
FirewallRules: [{0EEDE53D-E7BD-4BFE-8190-8761E301FC43}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hotline Miami 2\HotlineMiami2.exe
FirewallRules: [{22E36B34-93CD-4B4F-A5FB-5AFFD7F9217C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{B9204EB4-20CE-4AA5-8A1A-9324E6806329}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{58307D7D-485E-456D-8D40-11B231A2D5F2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cosmic DJ\CosmicDJ.exe
FirewallRules: [{305A4E45-3FEB-4293-B381-B5077FD9A4ED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cosmic DJ\CosmicDJ.exe
FirewallRules: [{8447CB76-1E1A-4652-8F66-88A1224E76FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{82D905D9-6316-4F94-8EF1-DE72C857E929}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{ADE8712D-097D-4CAB-B06D-30469C9D1E44}] => (Allow) LPort=53000
FirewallRules: [{129C15C6-B9F1-4A79-A073-88AA5E349D67}] => (Allow) LPort=52000

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/10/2016 07:38:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: avscan.exe, Version: 15.0.17.264, Zeitstempel: 0x56f29038
Name des fehlerhaften Moduls: AVSCPLR.DLL, Version: 15.0.17.264, Zeitstempel: 0x56f28832
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000638b
ID des fehlerhaften Prozesses: 0x78c
Startzeit der fehlerhaften Anwendung: 0xavscan.exe0
Pfad der fehlerhaften Anwendung: avscan.exe1
Pfad des fehlerhaften Moduls: avscan.exe2
Berichtskennung: avscan.exe3
Vollständiger Name des fehlerhaften Pakets: avscan.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: avscan.exe5

Error: (05/10/2016 06:15:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: avcenter.exe, Version: 15.0.17.264, Zeitstempel: 0x56f28f71
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x17a4
Startzeit der fehlerhaften Anwendung: 0xavcenter.exe0
Pfad der fehlerhaften Anwendung: avcenter.exe1
Pfad des fehlerhaften Moduls: avcenter.exe2
Berichtskennung: avcenter.exe3
Vollständiger Name des fehlerhaften Pakets: avcenter.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: avcenter.exe5

Error: (05/10/2016 05:25:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: avscan.exe, Version: 15.0.16.276, Zeitstempel: 0x56c489d7
Name des fehlerhaften Moduls: AVSCPLR.DLL, Version: 15.0.16.280, Zeitstempel: 0x56c6e004
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000649b
ID des fehlerhaften Prozesses: 0x790
Startzeit der fehlerhaften Anwendung: 0xavscan.exe0
Pfad der fehlerhaften Anwendung: avscan.exe1
Pfad des fehlerhaften Moduls: avscan.exe2
Berichtskennung: avscan.exe3
Vollständiger Name des fehlerhaften Pakets: avscan.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: avscan.exe5

Error: (05/10/2016 04:15:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm soffice.bin, Version 4.0.0.103 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 134

Startzeit: 01d1aac5e6629c16

Endzeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\LibreOffice 4.0\program\soffice.bin

Berichts-ID: 905d7871-16b9-11e6-bf73-b4b52fc7b10a

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/10/2016 03:54:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17415 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1c18

Startzeit: 01d1aac2ba88ef09

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe

Berichts-ID: adf18511-16b6-11e6-bf73-b4b52fc7b10a

Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (05/10/2016 03:32:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HPConnectedRemoteService.exe, Version: 1.0.1206.0, Zeitstempel: 0x503e3c5d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18264, Zeitstempel: 0x56e1bd71
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000000000008a5c
ID des fehlerhaften Prozesses: 0x218c
Startzeit der fehlerhaften Anwendung: 0xHPConnectedRemoteService.exe0
Pfad der fehlerhaften Anwendung: HPConnectedRemoteService.exe1
Pfad des fehlerhaften Moduls: HPConnectedRemoteService.exe2
Berichtskennung: HPConnectedRemoteService.exe3
Vollständiger Name des fehlerhaften Pakets: HPConnectedRemoteService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: HPConnectedRemoteService.exe5

Error: (05/10/2016 03:32:03 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: HPConnectedRemoteService.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Management.ManagementException
   bei System.Management.ManagementException.ThrowWithExtendedInfo(System.Management.ManagementStatus)
   bei System.Management.SinkForEventQuery.Cancel()
   bei System.Management.ManagementEventWatcher.Stop()
   bei HP.Seeker.ProcessMonitor.StopProcessWatchers()
   bei HP.Seeker.ProcessKeeperService.StopProcesMonitors()
   bei HP.Seeker.HPSeekerSwitchboard.StartUserService()
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   bei System.Threading.ThreadHelper.ThreadStart()

Error: (05/07/2016 12:48:42 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database

Error: (05/05/2016 07:39:07 PM) (Source: MsiInstaller) (EventID: 1002) (User: André-PC)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList".

Error: (05/05/2016 07:38:29 PM) (Source: MsiInstaller) (EventID: 1002) (User: André-PC)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\3992CCA085027EB4A929D9DCAAB94321\SourceList".


Systemfehler:
=============
Error: (05/10/2016 08:32:55 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (05/10/2016 08:32:54 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (05/10/2016 08:29:15 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (05/10/2016 08:28:51 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (05/10/2016 08:28:51 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (05/10/2016 08:28:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/10/2016 08:28:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "HP Connected Remote Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/10/2016 08:28:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/10/2016 08:28:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) ME Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/10/2016 08:28:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HP Support Solutions Framework Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2013-08-19 13:11:11.339
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 8147.35 MB
Verfügbarer physikalischer RAM: 5101.02 MB
Summe virtueller Speicher: 12499.35 MB
Verfügbarer virtueller Speicher: 8801.29 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:918.61 GB) (Free:95.47 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Recovery Image) (Fixed) (Total:10.98 GB) (Free:1.33 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (NVCDV243) (CDROM) (Total:1.18 GB) (Free:0 GB) CDFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 9FE15288)

Partition: GPT.

==================== Ende von Addition.txt ============================
         

Alt 11.05.2016, 16:10   #9
M-K-D-B
/// TB-Ausbilder
 
Windows 8: Für mich unbekannter Trojaner von Avira gefunden - Standard

Windows 8: Für mich unbekannter Trojaner von Avira gefunden



Servus,



ja, das gilt nur während der Bereinigung.


Du hast AdwCleaner ausgeführt? Logdatei bitte dazu posten. Wieso erwähnst du das nicht?




Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\MountPoints2: {4314a68d-f93b-11e3-bef5-b4b52fc7b10a} - "G:\setup.exe" 
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\MountPoints2: {8fad102a-54d2-11e2-be6d-806e6f6e6963} - "E:\ZToolBar.exe" 
Startup: C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scsi2-6.lnk [2016-05-10]
C\Users\André\AppData\Roaming\scsi2-13
C:\ProgramData\algae-0
C:\ProgramData\uum
C:\Users\André\Downloads\* CHIP-Installer.exe
C:\Users\André\Arcanum4.dat
C:\Users\André\Arcanum5.dat
C:\Users\André\Arcanum6.dat
EmptyTemp:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die beiden neuen Logdateien von FRST.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 11.05.2016, 16:33   #10
Chronos5896
 
Windows 8: Für mich unbekannter Trojaner von Avira gefunden - Standard

Windows 8: Für mich unbekannter Trojaner von Avira gefunden



Hey!
Hier sind die Logs! Und natürlich kann ich dir die ADWCleaner Logs poste, nur weiß ich nicht wo diese sind bzw. abgespeichert werden! Des weiteren habe ich TDSSKiller nochmal laufen gelassen und er hat 2 weitere "Auffäligkeiten" gefunden. Der TDSSKiller Log ist jedoch zu groß. Soll ich diesen dann als Anhang senden oder ist das nicht nötig?

FRST-Fix

Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:09-05-2016
durchgeführt von André (2016-05-11 17:15:19) Run:2
Gestartet von C:\Users\André\Desktop
Geladene Profile: André (Verfügbare Profile: André)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\MountPoints2: {4314a68d-f93b-11e3-bef5-b4b52fc7b10a} - "G:\setup.exe" 
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\MountPoints2: {8fad102a-54d2-11e2-be6d-806e6f6e6963} - "E:\ZToolBar.exe" 
Startup: C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scsi2-6.lnk [2016-05-10]
C\Users\André\AppData\Roaming\scsi2-13
C:\ProgramData\algae-0
C:\ProgramData\uum
C:\Users\André\Downloads\* CHIP-Installer.exe
C:\Users\André\Arcanum4.dat
C:\Users\André\Arcanum5.dat
C:\Users\André\Arcanum6.dat
EmptyTemp:
end
*****************

Prozess erfolgreich geschlossen.
"HKU\S-1-5-21-447048058-3512354665-2473454594-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4314a68d-f93b-11e3-bef5-b4b52fc7b10a}" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{4314a68d-f93b-11e3-bef5-b4b52fc7b10a} => Schlüssel nicht gefunden. 
"HKU\S-1-5-21-447048058-3512354665-2473454594-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8fad102a-54d2-11e2-be6d-806e6f6e6963}" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{8fad102a-54d2-11e2-be6d-806e6f6e6963} => Schlüssel nicht gefunden. 
C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scsi2-6.lnk => nicht gefunden.
C\Users\André\AppData\Roaming\scsi2-13 => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
"C:\ProgramData\algae-0" => nicht gefunden.
C:\ProgramData\uum => erfolgreich verschoben

=========== "C:\Users\André\Downloads\* CHIP-Installer.exe" ==========

C:\Users\André\Downloads\MediaPurge - CHIP-Installer.exe => erfolgreich verschoben

========= Ende -> "C:\Users\André\Downloads\* CHIP-Installer.exe" ========

C:\Users\André\Arcanum4.dat => erfolgreich verschoben
C:\Users\André\Arcanum5.dat => erfolgreich verschoben
C:\Users\André\Arcanum6.dat => erfolgreich verschoben
EmptyTemp: => 373.1 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 17:15:30 ====
         
FRST

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:09-05-2016
durchgeführt von André (Administrator) auf ANDRÉ-PC (11-05-2016 17:20:22)
Gestartet von C:\Users\André\Desktop
Geladene Profile: André (Verfügbare Profile: André)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Bitsum LLC) C:\Program Files\ParkControl\ParkControl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Users\André\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Konami Digital Entertainment) C:\Program Files (x86)\Steam\SteamApps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei 

wird nicht verschoben.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2013-11-20] (Hewlett-Packard )
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-11-20] (IDT, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2396096 2016-03-30] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [814608 2016-05-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-03-18] 

(Apple Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-03-30] 

(Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [FireStormStartUpAutoRun] => C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe [24278016 2015-03-11] (PC Partner 

Co.Ltd)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] 

(Advanced Micro Devices, Inc.)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve 

Corporation)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A 

J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Spotify Web Helper] => C:\Users\André\AppData\Roaming\Spotify

\SpotifyWebHelper.exe [1525360 2016-04-26] (Spotify Ltd)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Spotify] => C:\Users\André\AppData\Roaming\Spotify\Spotify.exe [6890608 2016-

04-26] (Spotify Ltd)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [51662464 2016-04-08] 

(Skype Technologies S.A.)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8813784 

2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [lvecl-3] => C:\ProgramData\lvecl-74\lvecl-04.exe [916320 2016-05-11] ()
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\RunOnce: [lvecl-9] => C:\Users\André\AppData\Roaming\lvecl-7\lvecl-7.exe [775680 

2016-05-11] ()
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [132608 2014-11-

21] (Microsoft Corporation)
Startup: C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pfmea-2.lnk [2016-05-11]
ShortcutTarget: pfmea-2.lnk -> C:\Users\André\AppData\Roaming\pfmea-5\pfmea-09.exe (Keine Datei)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um 

einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{9A94A0F4-2D9B-45C3-9E0A-94ED23BCC2BF}: [DhcpNameServer] 192.168.0.1 192.168.0.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F

%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM -> {E9CF137E-FB25-49C6-A0D0-A0DE744D2C27} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-

21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-447048058-3512354665-2473454594-1001 -> DefaultScope {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 

hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout
SearchScopes: HKU\S-1-5-21-447048058-3512354665-2473454594-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 

hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework

\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25] (HP)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin

\IEDownloadMenuAndBtns64.dll [2014-11-07] (DVDVideoSoft Ltd.)
BHO-x32: Kein Name -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll 

[2016-02-19] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll 

[2016-02-19] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework

\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095} 
DPF: HKLM-x32 {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.203.0.cab
DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} hxxps://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.96.0.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] 

(Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-16] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA 

Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft 

Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-16] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA 

Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine 

Components\IPT\npIntelWebAPIIPT.dll [2012-07-18] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT

\npIntelWebAPIUpdater.dll [2012-07-18] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-19] 

(Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-19] (Oracle 

Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( 

Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] 

(Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] 

(Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-03-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-03-08] 

(NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-447048058-3512354665-2473454594-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\André\AppData\LocalLow

\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Extension: WEB.DE MailCheck - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\extensions

\mailcheck@web.de [2016-03-18]
FF Extension: FoxyProxy Standard - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\Extensions

\foxyproxy@eric.h.jung [2016-02-18]
FF Extension: ProxTube - Unblock YouTube - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-

1438960782100\Extensions\ich@maltegoetz.de.xpi [2016-01-25]
FF Extension: Game Debate PC System Requirement Tool - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-

1438960782100\Extensions\jid1-E6k1NoroBGfTwA@jetpack.xpi [2016-04-28]
FF Extension: Adblock Plus - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\Extensions\{d10d0bf8-

f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\André\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj

\amazon-icon-2.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht 

separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [970656 2016-05-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [467016 2016-05-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [467016 2016-05-10] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1435704 2016-05-10] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] 

(Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [272304 2016-03-30] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1860616 2016-04-04] ()
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-03-23] (Digital Wave 

Ltd.)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [243984 2016-03-22] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-03-30] 

(NVIDIA Corporation)
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] 

(Hewlett-Packard)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe 

[26680 2016-02-18] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision 

Corporation) [Datei ist nicht signiert]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07

-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel 

Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-03-30] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-03-30] (NVIDIA 

Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-03-30] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-26] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2015-03-26] ()
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-11-20] (IDT, Inc.) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht 

separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2014-03-01] (Advanced Micro Devices, Inc.)
S3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [13209088 2014-07-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [626688 2014-07-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S3 athrusb; C:\Windows\system32\DRIVERS\athrxusb.sys [1075712 2008-07-29] (Atheros Communications, Inc.)
S3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Advanced Micro Devices) [Datei ist nicht signiert]
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-03-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146712 2016-05-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-15] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-05-10] (Avira Operations GmbH & Co. KG)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-03-30] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [47672 2016-03-08] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-03-21] (NVIDIA Corporation)
S3 USBTINSP; C:\Windows\System32\drivers\tinspusb.sys [142848 2010-03-29] (Texas Instruments)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [71680 2014-04-30] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 ZDCNDIS6a64; C:\windows\system32\ZDCNDIS6a64.sys [41280 2009-06-26] (Printing Communications Assoc., Inc. (PCAUSA))
S3 ZDCNDIS6a64; C:\windows\SysWOW64\ZDCNDIS6a64.sys [41280 2009-06-26] (Printing Communications Assoc., Inc. (PCAUSA))

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht 

separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-11 17:17 - 2016-05-11 17:17 - 00000000 ____D C:\ProgramData\uum
2016-05-11 15:05 - 2016-05-11 15:05 - 00000000 ____D C:\Users\André\AppData\Roaming\lvecl-7
2016-05-11 15:03 - 2016-05-11 15:03 - 00000000 ____D C:\ProgramData\lvecl-74
2016-05-11 11:25 - 2016-05-11 11:25 - 00000000 ____D C:\ProgramData\kelvin-2
2016-05-11 11:01 - 2016-05-11 11:01 - 130070296 _____ (Microsoft Corporation) C:\Users\André\Downloads\msert(1).exe
2016-05-11 10:54 - 2016-05-11 11:11 - 00120270 _____ C:\Users\André\Desktop\TDSSKILELR.txt
2016-05-11 10:52 - 2016-05-11 10:52 - 00000000 _____ C:\Users\André\Desktop\adsada.txt
2016-05-11 10:49 - 2016-05-11 11:10 - 00240630 _____ C:\TDSSKiller.3.1.0.9_11.05.2016_10.49.39_log.txt
2016-05-10 20:28 - 2016-05-11 17:15 - 00002420 _____ C:\Users\André\Desktop\Fixlog.txt
2016-05-10 18:22 - 2016-05-10 18:32 - 00468044 _____ C:\TDSSKiller.3.1.0.9_10.05.2016_18.22.23_log.txt
2016-05-10 17:59 - 2016-05-10 17:59 - 00000560 _____ C:\TDSSKiller.3.1.0.9_10.05.2016_17.59.03_log.txt
2016-05-10 17:58 - 2016-05-10 17:58 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\André\Desktop\tdsskiller.exe
2016-05-10 17:56 - 2016-05-10 17:56 - 02381312 _____ (Farbar) C:\Users\André\Downloads\FRST64(1).exe
2016-05-10 17:42 - 2016-05-10 17:42 - 00000000 ____D C:\ProgramData\AVAST Software
2016-05-10 17:34 - 2016-05-10 17:34 - 05066104 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_online.exe
2016-05-10 17:34 - 2016-05-10 17:34 - 05066104 _____ (AVAST Software) C:\Users\André\Downloads\avast_free_antivirus_setup_online.exe
2016-05-10 16:50 - 2016-05-10 20:35 - 00080371 _____ C:\Users\André\Desktop\Addition.txt
2016-05-10 16:49 - 2016-05-11 17:20 - 00022237 _____ C:\Users\André\Desktop\FRST.txt
2016-05-10 16:38 - 2016-05-11 15:00 - 00080908 _____ C:\Users\André\Downloads\Addition.txt
2016-05-10 16:33 - 2016-05-11 15:00 - 00054665 _____ C:\Users\André\Downloads\FRST.txt
2016-05-10 16:32 - 2016-05-11 17:20 - 00000000 ____D C:\FRST
2016-05-10 16:31 - 2016-05-10 16:31 - 02381312 _____ (Farbar) C:\Users\André\Desktop\FRST64.exe
2016-05-10 16:14 - 2016-05-10 16:14 - 00000094 ____H C:\Users\André\Downloads\.~lock.Hurricanes.pptx#
2016-05-10 16:12 - 2016-05-10 16:12 - 00000094 ____H C:\Users\André\Downloads\.~lock.Chemie.pptx#
2016-05-10 15:07 - 2016-05-10 15:07 - 03640384 _____ C:\Users\André\Downloads\adwcleaner_5.116.exe
2016-05-10 14:38 - 2016-05-10 14:39 - 129662736 _____ (Microsoft Corporation) C:\Users\André\Downloads\msert.exe
2016-05-10 14:28 - 2016-05-10 14:28 - 00001116 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-05-10 14:20 - 2016-05-10 14:20 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-10 14:20 - 2016-05-10 14:20 - 00002069 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-05-10 14:17 - 2016-05-10 14:17 - 90330808 _____ (Adobe Systems Incorporated) C:\Users\André\Downloads\AcroRdrDC1501620039_de_DE.exe
2016-05-09 21:41 - 2016-05-09 21:41 - 04489175 _____ C:\Users\André\Downloads\Hurricanes .pptx
2016-05-09 15:51 - 2016-05-09 15:51 - 00212133 _____ C:\Users\André\Desktop\WhatsApp-Image-20160509
2016-05-09 15:50 - 2016-05-09 15:51 - 00212133 _____ C:\Users\André\Downloads\WhatsApp-Image-20160509
2016-05-08 14:07 - 2016-05-08 14:07 - 00000222 _____ C:\Users\André\Desktop\Cosmic DJ.url
2016-05-08 14:07 - 2016-05-08 14:07 - 00000000 ____D C:\Users\André\AppData\LocalLow\GL33k
2016-05-08 12:08 - 2016-05-11 17:17 - 00003050 _____ C:\WINDOWS\System32\Tasks\ParkControl
2016-05-07 23:22 - 2016-05-07 23:22 - 00466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2016-05-07 23:22 - 2016-05-07 23:22 - 00444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2016-05-07 23:22 - 2016-05-07 23:22 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2016-05-07 23:22 - 2016-05-07 23:22 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2016-05-07 23:22 - 2016-05-07 23:22 - 00000000 ____D C:\Program Files (x86)\OpenAL
2016-05-06 18:17 - 2016-05-06 18:17 - 00000222 _____ C:\Users\André\Desktop\Hotline Miami 2 Wrong Number.url
2016-05-06 18:17 - 2016-05-06 18:17 - 00000137 _____ C:\Users\André\Desktop\Hotline Miami.url
2016-05-05 02:23 - 2016-05-05 02:23 - 00000000 ____D C:\Users\André\Documents\Overwatch
2016-05-05 01:08 - 2016-05-05 01:08 - 00001114 _____ C:\Users\Public\Desktop\Overwatch.lnk
2016-05-05 01:08 - 2016-05-05 01:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
2016-05-05 01:00 - 2016-05-10 14:14 - 00000000 ____D C:\Program Files (x86)\Overwatch
2016-05-02 20:13 - 2016-05-02 20:15 - 85367756 _____ C:\Users\André\Downloads\Why Do We Fall - Motivational Video.mp4
2016-05-02 19:19 - 2016-04-30 21:42 - 04483870 _____ C:\Users\André\Desktop\Hurricanes.pptx
2016-05-02 19:14 - 2016-05-02 19:15 - 00477426 _____ C:\Users\André\Downloads\Chemie.pptx
2016-05-02 18:46 - 2016-05-02 18:46 - 00169110 _____ C:\Users\André\Downloads\WhatsApp-Image-20160502
2016-05-02 18:10 - 2016-05-02 18:10 - 00194857 _____ C:\Users\André\Downloads\WhatsApp-Image-20160430
2016-04-30 14:56 - 2016-04-30 14:56 - 00001644 _____ C:\Users\André\Desktop\Neues Textdokument.txt
2016-04-30 12:56 - 2016-04-30 12:56 - 04448793 _____ C:\Users\André\Downloads\Hurricanes.pptx
2016-04-26 20:11 - 2016-04-26 20:11 - 00121060 _____ C:\Users\André\Downloads\Cgco6leh.jpeg
2016-04-25 16:48 - 2016-04-25 16:48 - 00146693 _____ C:\Users\André\Downloads\GlSILUQj.jpeg
2016-04-24 20:55 - 2016-04-24 20:57 - 00000000 ____D C:\Users\André\AppData\Roaming\MediaPurge
2016-04-24 20:55 - 2016-04-24 20:55 - 00001945 _____ C:\Users\André\Desktop\Mediapurge.lnk
2016-04-24 20:55 - 2016-04-24 20:55 - 00000000 ____D C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mediapurge
2016-04-24 20:55 - 2016-04-24 20:55 - 00000000 ____D C:\Program Files (x86)\Mediapurge
2016-04-24 20:44 - 2016-04-24 20:44 - 00001259 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2016-04-21 10:01 - 2016-04-23 14:37 - 00000000 ____D C:\driver_memscan
2016-04-16 14:22 - 2016-04-16 14:22 - 00000222 _____ C:\Users\André\Desktop\Call of Duty Black Ops II - Zombies.url
2016-04-16 14:18 - 2016-04-16 14:18 - 00000222 _____ C:\Users\André\Desktop\Call of Duty Black Ops II - Multiplayer.url
2016-04-16 13:56 - 2016-04-16 13:56 - 00000222 _____ C:\Users\André\Desktop\Call of Duty Black Ops II.url
2016-04-14 16:11 - 2016-04-14 16:11 - 00000836 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-04-14 16:11 - 2016-04-14 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-04-14 16:07 - 2016-04-14 16:07 - 05683392 _____ (Piriform Ltd) C:\Users\André\Downloads\ccsetup516_slim.exe
2016-04-13 18:45 - 2016-04-13 18:49 - 00000518 _____ C:\Users\André\Documents\Neues Textdokument.txt
2016-04-13 13:58 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-13 13:58 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-04-13 13:58 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-04-13 13:58 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-13 13:58 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-04-13 13:58 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-04-13 13:58 - 2016-03-31 01:43 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-04-13 13:58 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-04-13 13:58 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-13 13:58 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-13 13:58 - 2016-03-31 01:23 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-04-13 13:58 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-13 13:58 - 2016-02-02 20:16 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-04-13 13:57 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-04-13 13:57 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-04-13 13:57 - 2016-03-31 01:56 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-04-13 13:57 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-04-13 13:57 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-04-13 13:57 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-04-13 13:57 - 2016-03-31 01:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-04-13 13:57 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-04-13 13:57 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-04-13 13:57 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-04-13 13:57 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-04-13 13:57 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-04-13 13:57 - 2016-03-31 01:30 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-04-13 13:57 - 2016-03-31 01:27 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-04-13 13:57 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-04-13 13:57 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-04-13 13:57 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-04-13 13:57 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-13 13:57 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-04-13 13:57 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-13 13:57 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-13 13:57 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-04-13 13:56 - 2016-04-04 08:35 - 00046768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-04-13 13:56 - 2016-04-02 15:26 - 01386496 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-04-13 13:56 - 2016-04-02 15:26 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-04-13 13:56 - 2016-03-28 15:21 - 00698368 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-04-13 13:56 - 2016-03-28 15:21 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-04-13 13:56 - 2016-03-28 15:21 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-04-13 13:56 - 2016-03-28 15:21 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-04-13 13:56 - 2016-03-28 15:21 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-04-13 13:56 - 2016-03-16 01:00 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-13 13:56 - 2016-03-15 16:14 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-13 13:56 - 2016-03-11 16:48 - 00833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-13 13:56 - 2016-03-10 20:22 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-04-13 13:56 - 2016-03-10 20:21 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-04-13 13:56 - 2016-03-10 20:20 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-04-13 13:56 - 2016-03-10 19:44 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-04-13 13:56 - 2016-03-10 19:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-04-13 13:56 - 2016-03-10 19:03 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-13 13:56 - 2016-03-10 18:48 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-13 13:56 - 2016-03-03 18:47 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-13 13:56 - 2016-03-03 18:33 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-13 13:56 - 2016-03-03 03:39 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-04-13 13:56 - 2016-03-03 03:39 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-04-13 13:56 - 2016-02-09 03:31 - 22365472 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-04-13 13:56 - 2016-02-09 03:31 - 19794896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-04-13 13:56 - 2016-02-09 03:31 - 02757616 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-04-13 13:56 - 2016-02-09 03:31 - 02412576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-04-13 13:56 - 2016-02-09 03:31 - 00273264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-13 13:56 - 2016-02-08 22:55 - 02712576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-04-13 13:56 - 2016-02-08 22:15 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-04-13 13:56 - 2016-02-08 22:02 - 01197056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-04-13 13:56 - 2016-02-08 21:48 - 12879360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-13 13:56 - 2016-02-08 21:43 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-04-13 13:56 - 2016-02-08 21:40 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-04-13 13:56 - 2016-02-08 21:39 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-04-13 13:56 - 2016-02-08 21:37 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2016-04-13 13:56 - 2016-02-08 21:35 - 00954880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-04-13 13:56 - 2016-02-08 21:34 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-04-13 13:56 - 2016-02-08 21:33 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-04-13 13:56 - 2016-02-08 20:50 - 03120640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-04-13 13:56 - 2016-02-08 19:55 - 02592256 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-04-13 13:56 - 2016-02-08 19:33 - 01278464 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-04-13 13:56 - 2016-02-08 19:12 - 14466560 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-13 13:56 - 2016-02-08 19:02 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-04-13 13:56 - 2016-02-08 19:00 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-04-13 13:56 - 2016-02-08 18:58 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-04-13 13:56 - 2016-02-08 18:55 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2016-04-13 13:56 - 2016-02-08 18:53 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2016-04-13 13:56 - 2016-02-08 18:53 - 01348096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-13 13:56 - 2016-02-08 18:50 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-04-13 13:56 - 2016-02-08 18:50 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-04-13 13:56 - 2016-02-08 18:48 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-04-13 13:56 - 2016-02-08 18:47 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2016-04-13 13:56 - 2016-02-08 18:44 - 00955392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-13 13:56 - 2016-02-05 16:46 - 01455104 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2016-04-13 13:56 - 2016-02-03 17:14 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2016-04-13 13:56 - 2016-02-03 17:11 - 01673728 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2016-04-13 13:56 - 2016-02-02 19:51 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2016-04-13 13:56 - 2016-02-02 19:19 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2016-04-13 13:56 - 2016-02-02 19:15 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2016-04-13 13:56 - 2016-02-02 19:01 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2016-04-13 13:56 - 2016-02-02 18:51 - 02609152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-04-13 13:56 - 2016-02-02 18:48 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2016-04-13 13:56 - 2016-02-02 18:46 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2016-04-13 13:56 - 2016-02-02 18:41 - 02170880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-04-13 13:56 - 2016-02-02 18:39 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2016-04-13 13:56 - 2016-01-27 17:18 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2016-04-13 13:56 - 2016-01-26 21:15 - 00072024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2016-04-13 13:56 - 2016-01-21 21:35 - 00952928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-04-13 13:56 - 2016-01-21 20:42 - 00786152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-04-13 13:56 - 2016-01-21 00:40 - 00099672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys
2016-04-13 13:56 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-04-13 13:56 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-04-13 13:55 - 2016-03-29 16:05 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-04-13 13:55 - 2016-03-10 21:19 - 07452512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-13 13:55 - 2016-03-10 21:17 - 01663192 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-13 13:55 - 2016-03-10 21:17 - 01523216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-13 13:55 - 2016-03-10 21:17 - 01490128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-13 13:55 - 2016-03-10 21:17 - 01358960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-13 13:55 - 2016-03-10 21:17 - 01133752 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-04-13 13:55 - 2016-03-10 19:48 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-04-13 13:55 - 2016-03-10 19:43 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-13 13:55 - 2016-03-10 18:55 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-13 13:55 - 2016-03-10 18:42 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-13 13:55 - 2016-03-03 18:13 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-13 13:55 - 2016-02-07 01:05 - 00551256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-04-13 13:55 - 2016-02-07 00:41 - 00316760 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2016-04-13 13:55 - 2016-02-05 21:07 - 00378712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-04-13 13:55 - 2016-02-05 17:11 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-13 13:55 - 2016-02-05 17:11 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-13 13:55 - 2016-02-05 17:07 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-13 13:55 - 2016-02-05 17:02 - 01083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-13 13:55 - 2016-02-04 20:07 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpsapi.dll
2016-04-13 13:55 - 2016-02-04 19:35 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpsapi.dll
2016-04-13 13:55 - 2016-02-04 18:23 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2016-04-13 13:55 - 2016-02-04 18:22 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2016-04-13 13:55 - 2016-02-02 19:18 - 01574912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2016-04-13 13:55 - 2016-01-31 19:17 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe
2016-04-13 13:55 - 2016-01-22 07:22 - 02487296 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-04-13 13:55 - 2016-01-22 07:11 - 01482240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-11 17:19 - 2015-02-22 21:08 - 00753152 ___SH C:\Users\André\Downloads\Thumbs.db
2016-05-11 17:17 - 2015-02-01 12:26 - 00601600 ___SH C:\Users\André\Desktop\Thumbs.db
2016-05-11 17:17 - 2013-02-02 18:30 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-11 17:16 - 2016-03-18 22:35 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-11 17:16 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-11 17:15 - 2015-01-31 22:04 - 00000000 ____D C:\Users\André
2016-05-11 17:12 - 2013-01-03 15:41 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-05-11 16:00 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-11 14:55 - 2015-03-13 21:29 - 00000000 ____D C:\Users\André\Downloads\Archives
2016-05-11 14:51 - 2015-02-06 20:43 - 00003930 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E60977FA-3A81-4898-8919-

E45EAAFEA251}
2016-05-11 10:58 - 2013-01-02 14:08 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-447048058-

3512354665-2473454594-1001
2016-05-10 21:20 - 2015-07-29 16:33 - 00000000 ____D C:\Users\André\AppData\Local\Battle.net
2016-05-10 20:59 - 2015-07-29 16:33 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-05-10 20:28 - 2013-01-11 20:51 - 00000000 ____D C:\Users\André\AppData\LocalLow\Temp
2016-05-10 18:15 - 2016-03-19 15:32 - 00000000 ____D C:\Users\André\AppData\Local\CrashDumps
2016-05-10 18:15 - 2013-05-04 10:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-05-10 18:13 - 2013-05-07 16:01 - 00078208 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2016-05-10 18:13 - 2013-05-04 10:38 - 00146712 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-05-10 17:36 - 2014-09-24 19:06 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-05-10 17:23 - 2013-08-22 15:25 - 01048576 ___SH C:\WINDOWS\system32\config\BBI
2016-05-10 17:17 - 2013-01-03 16:09 - 00000000 ____D C:\Users\André\AppData\Roaming\Skype
2016-05-10 15:50 - 2013-02-18 14:36 - 00007667 _____ C:\Users\André\AppData\Local\resmon.resmoncfg
2016-05-10 15:43 - 2013-11-11 21:04 - 00000000 ____D C:\AdwCleaner
2016-05-10 15:33 - 2014-09-24 19:06 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-05-10 15:33 - 2014-01-06 18:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-10 14:28 - 2014-09-24 19:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-05-10 14:21 - 2014-12-29 11:31 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-05-10 14:20 - 2013-01-05 14:01 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-05-10 14:20 - 2013-01-03 15:39 - 00000000 ____D C:\ProgramData\Adobe
2016-05-09 21:53 - 2014-11-21 05:35 - 01980998 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-09 21:53 - 2014-11-21 04:45 - 00841326 _____ C:\WINDOWS\system32\perfh007.dat
2016-05-09 21:53 - 2014-11-21 04:45 - 00191558 _____ C:\WINDOWS\system32\perfc007.dat
2016-05-09 21:53 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-05-09 21:44 - 2013-06-19 16:13 - 00000000 ____D C:\Users\André\AppData\Roaming\TS3Client
2016-05-09 20:47 - 2014-01-13 17:25 - 00000000 ____D C:\Users\André\AppData\Local\DayZ
2016-05-08 20:22 - 2015-10-01 18:48 - 00000000 ____D C:\Users\André\AppData\Roaming\Spotify
2016-05-08 20:17 - 2015-10-09 13:23 - 00000000 ____D C:\Users\André\AppData\Local\Spotify
2016-05-08 19:54 - 2015-04-02 12:38 - 00000000 ____D C:\Users\André\Downloads\Wallpaper
2016-05-08 12:15 - 2015-01-30 20:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-07 23:23 - 2013-07-06 14:35 - 00000000 ____D C:\Users\André\Documents\My Games
2016-05-06 14:23 - 2015-08-30 19:09 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2016-05-06 14:23 - 2015-08-30 19:09 - 00000000 ___SD C:\WINDOWS\system32\GWX
2016-05-06 14:23 - 2015-02-03 19:00 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-05-05 00:43 - 2016-03-26 00:19 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2016-05-04 21:02 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-04 21:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-02 20:31 - 2013-01-12 14:43 - 00000000 ____D C:\Users\André\AppData\Local\ElevatedDiagnostics
2016-04-29 21:41 - 2016-02-18 20:30 - 00000000 ____D C:\Users\André\Documents\CCleaner Reg Backups!
2016-04-29 07:31 - 2015-03-24 14:29 - 00000000 ____D C:\Users\André\Downloads\LUPO
2016-04-29 06:35 - 2013-01-11 20:49 - 00000000 ____D C:\Users\André\AppData\Roaming\DVDVideoSoft
2016-04-27 20:40 - 2014-08-16 14:13 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-27 20:20 - 2013-09-06 14:40 - 00000000 ____D C:\Users\André\AppData\Roaming\OBS
2016-04-26 15:17 - 2016-02-17 15:39 - 00000000 ____D C:\Users\André\AppData\Local\TeamSpeak 3 Client
2016-04-26 13:01 - 2016-01-01 15:33 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-26 13:01 - 2013-01-03 16:09 - 00000000 ____D C:\ProgramData\Skype
2016-04-24 20:44 - 2016-03-25 15:57 - 00001416 _____ C:\Users\Public\Desktop\Free YouTube To MP3 Converter.lnk
2016-04-24 20:44 - 2013-08-18 13:28 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-04-24 20:44 - 2013-01-11 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-04-20 12:35 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2016-04-16 21:16 - 2013-01-03 15:41 - 00003766 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-04-14 16:20 - 2013-01-02 14:01 - 00000000 ____D C:\Users\André\AppData\Local\Packages
2016-04-14 16:18 - 2012-11-22 11:37 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-04-14 16:17 - 2013-01-18 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
2016-04-14 16:17 - 2013-01-18 20:38 - 00000000 ____D C:\Program Files (x86)\THQ
2016-04-14 16:15 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-04-14 16:15 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-04-14 16:12 - 2015-03-27 22:10 - 00000000 ____D C:\WINDOWS\Minidump
2016-04-14 14:43 - 2013-08-22 16:44 - 00405368 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-13 20:59 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-04-13 19:20 - 2013-08-15 12:24 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-13 19:17 - 2013-01-03 18:22 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-13 13:50 - 2016-01-13 13:43 - 00177488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-04-13 13:47 - 2016-03-09 15:30 - 01501488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-04-13 13:47 - 2016-03-09 15:30 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-04-13 13:46 - 2016-03-09 15:30 - 01737080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-09-14 19:20 - 2014-09-14 19:20 - 0000297 _____ () C:\Users\André\AppData\Roaming\BreakingPoint_Login.ini
2014-09-14 19:23 - 2014-09-14 19:23 - 0001370 _____ () C:\Users\André\AppData\Roaming\BreakingPoint_Options.ini
2014-02-15 10:22 - 2014-02-15 10:22 - 0000011 _____ () C:\Users\André\AppData\Roaming\Network Meter_Usage.ini
2013-08-21 13:54 - 2013-12-21 14:58 - 0000134 _____ () C:\Users\André\AppData\Roaming\Network Monitor II_Traffic.ini
2013-08-21 13:04 - 2013-08-21 13:04 - 0000725 _____ () C:\Users\André\AppData\Roaming\Ping Monitor_Settings.ini
2014-12-21 15:16 - 2014-12-21 15:16 - 0000000 _____ () C:\Users\André\AppData\Roaming\Stardockfences_debug_snapshot.dat
2014-06-19 18:50 - 2014-06-19 18:50 - 0000024 _____ () C:\Users\André\AppData\Roaming\temp.ini
2013-02-16 16:01 - 2013-02-19 18:05 - 0004608 _____ () C:\Users\André\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-03-13 21:16 - 2016-03-13 21:16 - 0007890 _____ () C:\Users\André\AppData\Local\recently-used.xbel
2013-02-18 14:36 - 2016-05-10 15:50 - 0007667 _____ () C:\Users\André\AppData\Local\resmon.resmoncfg
2013-11-25 18:04 - 2013-11-25 18:04 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-01-02 14:02 - 2013-01-02 14:02 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Einige Dateien in TEMP:
====================
C:\Users\André\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-05-10 21:06

==================== Ende von FRST.txt ============================
         

Geändert von Chronos5896 (11.05.2016 um 16:37 Uhr) Grund: Korrektur

Alt 11.05.2016, 16:35   #11
Chronos5896
 
Windows 8: Für mich unbekannter Trojaner von Avira gefunden - Standard

Windows 8: Für mich unbekannter Trojaner von Avira gefunden



Addition

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:09-05-2016
durchgeführt von André (2016-05-11 17:23:00)
Gestartet von C:\Users\André\Desktop
Windows 8.1 (X64) (2015-01-31 20:32:58)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-447048058-3512354665-2473454594-500 - Administrator - Enabled)
André (S-1-5-21-447048058-3512354665-2473454594-1001 - Administrator - Enabled) => C:\Users\André
Gast (S-1-5-21-447048058-3512354665-2473454594-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-447048058-3512354665-2473454594-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20039 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version:  - Ensemble Studios)
Apple Application Support (32-Bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Arma 3 (HKLM\...\Steam App 107410) (Version:  - Bohemia Interactive)
Assassin's Creed IV Black Flag (HKLM-x32\...\Steam App 242050) (Version:  - Ubisoft Montreal)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{3b87484e-d70b-4b4f-ad59-2ae89571e2cf}) (Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{74d1ef14-dd39-4749-b051-e183a1e27f5e}) (Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{ccdc9cfe-8ba7-4c6c-ac5f-b2d6cfa49efc}) (Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 2(TM) (HKLM-x32\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version:  - )
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty: Black Ops II - Multiplayer (HKLM\...\Steam App 202990) (Version:  - Treyarch)
Call of Duty: Black Ops II - Zombies (HKLM\...\Steam App 212910) (Version:  - )
Call of Duty: Black Ops II (HKLM\...\Steam App 202970) (Version:  - Treyarch)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
Cosmic DJ (HKLM\...\Steam App 297110) (Version:  - Gl33k)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4319 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM\...\Steam App 221100) (Version:  - Bohemia Interactive)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
DVDVideoSoftTB DE Toolbar (HKLM-x32\...\DVDVideoSoftTB_DE Toolbar) (Version: 6.9.0.16 - DVDVideoSoftTB DE)
Empire Earth II (HKLM-x32\...\{DF315348-721C-40B8-BAE2-58C6C7D935A2}) (Version: 1.02 - Sierra)
Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version:  - Bethesda Game Studios)
Fistful of Frags (HKLM-x32\...\Steam App 265630) (Version:  - Fistful of Frags Team)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)
GD Hardware Scan (HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\GD Hardware Scan) (Version: 00.00.00.01 - Social Web Tech LTD)
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version:  - Rockstar North)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hotline Miami (HKLM\...\Steam App 219150) (Version:  - Dennaton Games)
Hotline Miami 2: Wrong Number (HKLM\...\Steam App 274170) (Version:  - Dennaton Games)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1206 - Hewlett-Packard)
HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (HKLM\...\{61ADDE9C-3AE6-46FC-9127-DFFF637AED03}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Hilfe (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.2.8.25 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{B1AD4FFB-DD17-43EC-8C30-B9E71EAD9132}) (Version: 12.2.8.17 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LibreOffice 4.0.0.3 (HKLM-x32\...\{8EA569F1-97AF-4C3E-A0CB-4846C2D35A81}) (Version: 4.0.0.3 - The Document Foundation)
Mediapurge (HKLM-x32\...\Mediapurge) (Version: 5.74 - Peter Lorenz)
METAL GEAR SOLID V: GROUND ZEROES (HKLM-x32\...\Steam App 311340) (Version:  - Kojima Productions)
METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM-x32\...\Steam App 287700) (Version:  - Konami Digital Entertainment)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 46.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 de)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.2 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 364.51 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.2.55 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.2.55 - NVIDIA Corporation)
NVIDIA Grafiktreiber 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.51 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 364.51 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Oblivion (HKLM-x32\...\{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}) (Version: 1.2.0416 - Bethesda Softworks)
Oddworld: New 'n' Tasty (HKLM-x32\...\Steam App 314660) (Version:  - Just Add Water (Developments), Ltd.)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
ParkControl (HKLM-x32\...\ParkControl) (Version: 1.0.1.1 - Bitsum)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Prezi (HKLM-x32\...\{63B8F931-2BF3-4D5D-9C28-E2EF88D83DFD}) (Version: 5.2.8 - Ihr Firmenname)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games)
Rust (HKLM\...\Steam App 252490) (Version:  - Facepunch Studios)
Savant - Ascent (HKLM-x32\...\Steam App 259530) (Version:  - DPad Studios)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.2.55 - NVIDIA Corporation) Hidden
Shovel Knight (HKLM-x32\...\Steam App 250760) (Version:  - Yacht Club Games)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
Source SDK Base 2006 (HKLM-x32\...\Steam App 215) (Version:  - Valve)
Spelunky (HKLM-x32\...\Steam App 239350) (Version:  - )
Splinter Cell Pandora Tomorrow (HKLM-x32\...\{084A9731-D05B-4ADA-B4A0-0ADD25FD7152}) (Version: 1.00.000 - )
Spore (HKLM-x32\...\Steam App 17390) (Version:  - Maxis™)
Spore: Creepy & Cute Parts Pack (HKLM-x32\...\Steam App 17440) (Version:  - Maxis™)
Spore: Galactic Adventures (HKLM-x32\...\Steam App 24720) (Version:  - EA - Maxis)
Spotify (HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Spotify) (Version: 1.0.28.87.g8f9312a4 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: 1.20.0000 - Firefly Studios)
Stronghold 2 (HKLM-x32\...\{16D2C649-CBA8-44EE-B730-12584667D487}) (Version: 1.40.1000 - Firefly Studios)
Stronghold Legends (HKLM-x32\...\{66A405D2-BA14-4594-BF36-B3B544F0754E}) (Version: 1.20.0000 - Firefly Studios)
Studie zur Verbesserung von HP Deskjet 3050A J611 series Produkten (HKLM\...\{EF27865C-E636-47C4-8B35-CE8A88045681}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Culling (HKLM\...\Steam App 437220) (Version:  - Xaviant)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
TI xHCI Filter Driver 1.0.0.4 (HKLM-x32\...\TI xHCI Filter Driver) (Version: 1.0.0.4 - Texas Instruments Inc.)
TI-Nspire™ Computer Link (HKLM-x32\...\{6C5AC088-3136-4043-8985-8B0772A9580E}) (Version: 3.9.0.455 - Texas Instruments Inc.)
Titan Quest (HKLM-x32\...\{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}) (Version: 1.00.0000 - Iron Lore)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Steam App 359550) (Version:  - Ubisoft Montreal)
Tom Clancy's Splinter Cell (HKLM-x32\...\{A174402A-2EE6-4B86-A930-7BC85A9933BD}) (Version: 1.00.000 - )
Tom Clancy's Splinter Cell Chaos Theory (HKLM-x32\...\{888DD888-82BE-4D85-BCB2-2E042CD3E844}) (Version: 1.05.157 - Ubisoft)
Tom Clancy's Splinter Cell Double Agent (HKLM-x32\...\{CAD1691A-FA24-4B95-9009-3257B8440ECC}) (Version: 1.00.0000 - Ubisoft)
Torchlight (HKLM-x32\...\{4F64A46D-67F7-4497-AEA2-313D4305A5F6}) (Version: 1.0.0 - JoWooD)
Total War: SHOGUN 2 (HKLM-x32\...\Steam App 34330) (Version:  - The Creative Assembly)
UE4 Prerequisites (x64) (HKLM-x32\...\{b46d36bc-2438-471e-abe8-1fbbd51754ee}) (Version: 1.0.10.0 - Epic Games, Inc.)
UE4 Prerequisites (x64) (Version: 1.0.10.0 - Epic Games, Inc.) Hidden
Unity Web Player (HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 13.0 - Ubisoft)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Warface Launcher (Beta) (HKLM-x32\...\{28D1723C-31C4-4A83-9799-DFFB3739026D}) (Version: 1.0.0 - Crytek GmbH)
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 3.0.2.1739 - 1&1 Mail & Media GmbH)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Phone app for desktop (HKLM-x32\...\{19773614-FC22-4ACC-AAA3-E6BDA81ACF92}) (Version: 1.1.2726.0 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Xfire (remove only) (HKLM-x32\...\Xfire) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-447048058-3512354665-2473454594-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\André\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {07B1D83F-8BE6-4268-AC95-5B99EDED3305} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {1134DC2D-A6A0-4857-8DFB-4E0F493CAD27} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-01-29] (Oracle Corporation)
Task: {209E117D-060D-4095-8226-DA5E1595625F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-13] (Microsoft Corporation)
Task: {3580C528-E0CC-4735-86E3-63A0B8BCC508} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)
Task: {47FBDEF3-2941-4F4E-B108-6C180438BAE8} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {49C98BDB-BD1D-44D9-96D6-A9FD5A0AA4AA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-04-06] (Hewlett-Packard)
Task: {4F62D898-94B2-44CA-967B-B256E3AA2E0F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-03-07] (Hewlett-Packard)
Task: {515A7EF6-E89A-4707-835F-F8036BCBB02A} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => C:\Windows\system32\GWX\GWXDetector.exe [2016-04-26] (Microsoft Corporation)
Task: {6F39FF7F-B3BA-4B3A-A5AB-3A23DF5DAB64} - System32\Tasks\ScanToPCActivationApp.exe_{1848EEB4-045A-492D-97B5-A1ABDF8FFF51} => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {92B2AB27-9A52-4CB1-8134-B402BA47CF27} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {9D530CB6-040B-44AE-9475-D09A3FB7A7AC} - System32\Tasks\AdobeFlashPlayerUpdate => C:\windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {9DC3DA29-DD1B-43FF-AE81-EAAF2E7E2D03} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-16] (Adobe Systems Incorporated)
Task: {A5222A0D-D798-4B9B-AB9E-7AE2C8386DCC} - System32\Tasks\{4E94E5CB-7B80-4D4F-9653-5B045DBB0562} => pcalua.exe -a "C:\Users\André\Desktop\Slender\Slender - The Eight Pages.exe" -d C:\Users\André\Desktop\Slender
Task: {C1A2FCF6-99E3-4AE2-9EA2-48A2DE8E20AC} - System32\Tasks\ParkControl => C:\Program Files\ParkControl\ParkControl.exe [2015-12-19] (Bitsum LLC)
Task: {CE8DAAA5-D76A-4FA8-9C91-D49F86D10B9A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {D019B7C6-F960-47C3-90A7-9C8E4C03031F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {D36339C6-3F6E-4807-AD00-0BB992F63485} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {D506C41B-B7C3-473F-B43A-792AF9162E0D} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {D66487DC-8EB8-41B7-8AB1-DB26B7F97C86} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {FDD4D2D1-CB44-4FBA-B4E2-759CB8AA2E0C} - System32\Tasks\Game_Booster_Startup => C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\HP Deskjet 3050A J611 series.exe_{ADEB0F8D-477A-423E-88C7-3805843D3C4B}.job => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HP Deskjet 3050A J611 series.exeĖ-install -prfn HP Deskjet 3050A J611 series (Netzwerk) -ePCUrl hxxps:/h30495.www3.hp.com
Task: C:\WINDOWS\Tasks\HPCustPartic.exe_{490607ED-986D-40BF-BE2C-16BB55AA064D}.job => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\ScanToPCActivationApp.exe_{E224E030-DCCD-4312-8F4E-8929E6A12B66}.job => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
Task: C:\WINDOWS\Tasks\Toolbox.exe_{69C0F34C-8CBD-4512-B13B-F24BE0CC5553}.job => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\Toolbox.exe
Task: C:\WINDOWS\Tasks\XboxStatTask.job => C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-03-18 22:35 - 2016-03-08 08:27 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-07-30 15:30 - 2012-07-30 15:30 - 00453744 ____N () C:\Program Files (x86)\Hewlett-Packard\Recovery\Protect.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-03-18 22:37 - 2016-03-30 03:21 - 00366528 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-03-18 22:36 - 2016-03-30 03:21 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-04-01 13:38 - 2016-03-30 03:21 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-03-18 22:37 - 2016-03-30 03:22 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2013-01-03 19:54 - 2015-03-26 21:23 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2016-04-01 13:38 - 2016-03-30 03:21 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-04-01 13:38 - 2016-03-30 03:22 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-03-18 22:37 - 2016-03-30 03:22 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-04-01 13:38 - 2016-03-30 03:21 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-04-01 13:38 - 2016-03-30 03:20 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-04-01 13:38 - 2016-03-30 03:20 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2014-12-10 19:08 - 2016-04-26 12:38 - 00120912 _____ () C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
2016-03-11 22:49 - 2016-03-11 22:49 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-11-23 10:58 - 2016-03-23 14:06 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2014-11-23 10:58 - 2016-03-23 14:06 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2014-11-23 10:58 - 2016-03-23 14:06 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2014-11-23 10:58 - 2016-03-23 14:06 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2014-11-23 10:58 - 2016-03-23 14:06 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2014-11-23 10:58 - 2016-03-23 14:06 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-03-18 22:36 - 2016-03-30 03:28 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-03-12 18:10 - 2016-04-29 22:10 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-23 16:20 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-05-23 14:15 - 2016-04-30 02:10 - 02549840 _____ () C:\Program Files (x86)\Steam\video.dll
2015-01-23 16:20 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-23 16:20 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-08-29 14:47 - 2016-02-09 01:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 14:47 - 2016-02-09 01:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 14:47 - 2016-02-09 01:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 14:47 - 2016-02-09 01:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 14:47 - 2016-02-09 01:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2013-02-02 18:37 - 2016-04-30 02:10 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 15:02 - 2016-02-18 00:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2013-02-02 18:37 - 2016-04-28 03:00 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-11-22 11:38 - 2012-07-18 10:50 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-447048058-3512354665-2473454594-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\André\Downloads\Wallpaper\wallhaven-156813.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: WeGameClientService => 2
HKLM\...\StartupApproved\StartupFolder: => "Speedport W 101 WLAN Manager.lnk"
HKLM\...\StartupApproved\StartupFolder: => "LOLRecorder.lnk"
HKLM\...\StartupApproved\StartupFolder: => "simplicheck.lnk"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "BingDesktop"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "BF2Hub Client"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\StartupFolder: => "Xfire.lnk"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\StartupFolder: => "OpenOffice.org 3.4.1.lnk"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\StartupFolder: => "Steam.lnk"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "SUPERAntiSpyware"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "GUDelayStartup"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{2F81C9A0-7BBE-4D71-8051-29AB84EE6F7C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9DE8F934-ADAD-4318-880A-BA8C00675792}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{525FF56F-BD8E-4FF1-AC06-78A70ED5832D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SavantAscent\Savant_Ascent.exe
FirewallRules: [{40D1C4D5-5783-45CE-B50D-2EEC03C7C17A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SavantAscent\Savant_Ascent.exe
FirewallRules: [UDP Query User{C90CE360-557C-4657-B704-20F529B34C8E}C:\songan's ttt server - kopie\srcds.exe] => (Allow) C:\songan's ttt server - kopie\srcds.exe
FirewallRules: [TCP Query User{D4F0CF27-9B16-40CA-B125-178FA527F955}C:\songan's ttt server - kopie\srcds.exe] => (Allow) C:\songan's ttt server - kopie\srcds.exe
FirewallRules: [{A3195EE6-31BB-4692-B88C-0E8C843A9BF7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{06EA1C1B-FFA2-492D-8A33-9B57E002C990}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{E1EB2855-1798-4EDE-8B3B-82F5861378C5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{FE4BB57F-B9C3-4B90-9532-3E31FAD1EC69}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{557AFC36-E381-4CA4-AEE1-AC9E8DABCAF7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{31EE1A19-89CE-40CC-9182-EF6F2780E78D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{FC0B2104-7D49-442C-97B7-677F51721FFA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{03DEC87D-CCA7-47CD-9190-805E58AD02C6}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{0B154B0F-E8BF-4E10-9AFB-602ACE45A389}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{EA882129-9F6E-47F3-B8A1-B714FAC38BB0}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{BDB3192D-E7E9-413A-9396-70B3873A65C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{9C5C6319-4BD7-4958-AF85-0390C636FE26}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{0344D2C1-5B07-4B6F-9100-DC8397B20E52}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shovel Knight\ShovelKnight.exe
FirewallRules: [{6060FB65-6E8E-42FF-B1B8-775DECDC7404}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shovel Knight\ShovelKnight.exe
FirewallRules: [{14ABDB4B-012F-4764-A146-87C57D507349}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{3ECB7973-9619-405E-A6BE-1388AE65C0B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{E3578200-F99C-4118-8086-3D55D018DEBE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{77A50C45-2191-4923-814A-6E2BA8B0A02E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{D35C7CB8-288E-4C90-B301-D96FD6B4F1C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporebinEP1\SporeApp.exe
FirewallRules: [{654C398B-5DF4-4B24-B2E4-377168A393CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporebinEP1\SporeApp.exe
FirewallRules: [{355A24CE-660C-4E0D-B3CF-5F9A3A64C921}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\runme.exe
FirewallRules: [{22118AC4-2C6C-4A21-98E3-22CFE6EF30C1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\runme.exe
FirewallRules: [{F1B9229F-40C8-4BF7-8D09-07764066B3BF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe
FirewallRules: [{2673C359-B53B-40E4-9129-0E366B225601}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe
FirewallRules: [{19FCCC1D-B026-4BE5-9F5E-A60048284120}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{2F8C6559-20EB-4C1C-A37B-B5B2985E543D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{31DF9A60-1465-4A7A-B93D-7EFBCDCFFCF2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{3887276F-6885-4E22-9F4B-3ABC201D6449}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D4C2095B-7F89-4922-B8C4-B8827F84A2DB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D0268C2D-602B-4546-BA83-BB6BABE79EDF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2CA630FB-839D-40DB-9F36-228B7F224361}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{AF7CEDE2-2D7E-4353-8884-1C2491D82A4C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [UDP Query User{AB62C390-516F-4D0D-9FA3-691F9B6D52D2}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [TCP Query User{61338F15-C415-4289-88E5-E4D1456EF082}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [{AE67764D-BD85-405D-909A-B40D6A2D364B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{A05353E0-15C5-4636-91E5-3EC3DB7A9298}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{74FD4306-F4CE-4F02-AA0A-66FABFAF2526}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{D8D25627-2D6B-416C-A1B7-F15DB81C4CC1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [UDP Query User{60F2F817-AD57-4421-9452-9459338C4CB0}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [TCP Query User{04AD78F5-1C42-4AC3-8B08-0F992D282CA5}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [UDP Query User{6484B4C8-1523-4FEA-896C-6D9D95068AA8}C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe] => (Allow) C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe
FirewallRules: [TCP Query User{510AED7B-4C10-43DD-9E41-C64994BFEC9E}C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe] => (Allow) C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe
FirewallRules: [{10B45A3C-510B-49D0-B8E9-18C5B443BB7F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{DC6B5AFF-687B-42F4-B773-5B4C844B8A0A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{937343C7-994B-47F9-A316-66587B212F11}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{1A3EF871-27E4-4CBC-B74B-B2383F0DFFF9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{E54F4129-E34D-4242-B28A-3934E7456BA7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{DA5F7BAC-034D-4514-AB1E-3A8F49EC98FC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{4CCB3275-446A-4A5E-984B-E661A5906CE1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{3B2F061E-9DEE-4A60-BB66-553D949A1CE8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{16766F7A-84A3-47D2-BB13-C739A79A6BC4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{F4AD3048-6EC2-4C89-9AE4-3079E222A515}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{4C19DB87-1819-4DEC-A423-C5D30DED153C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{B76F0C57-6BE2-41BA-8FDC-D600A548733A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [UDP Query User{C7B0AA1C-B270-46B5-A6DD-E789B6CF0316}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [TCP Query User{434FF7C0-9231-4B8F-98BD-4272CB9EA40F}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{4368F7BC-2A7C-4AF9-AB66-A7C6C67449E8}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [TCP Query User{CA39CCB2-445B-4394-977C-B740672B0350}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{D5C94B11-2437-48C8-A43B-1EBADF3BE765}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{A878638D-E967-4491-BF24-9D823CEE97A8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{B04BA630-71E3-48BB-A53D-43E9B3AD9A5F}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{4E37412E-E309-4DA4-84C7-61826D930253}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{BE7C4B8C-D22C-4D39-8769-D7D17B52C432}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe
FirewallRules: [{81FA855D-D76B-4447-984C-FD3599D90623}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{67C1EB95-DE28-4F2B-9058-7B3A2C72D823}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [UDP Query User{816344A6-B7AA-436A-BAF9-ED24DFB232A6}C:\gog games\arcanum\arcanum.exe] => (Block) C:\gog games\arcanum\arcanum.exe
FirewallRules: [TCP Query User{FCADCA24-8865-4D9D-A358-492C0B930FD7}C:\gog games\arcanum\arcanum.exe] => (Block) C:\gog games\arcanum\arcanum.exe
FirewallRules: [{CC9108CA-CAB2-488E-8173-A09E6DBEFB19}] => (Allow) C:\Program Files (x86)\7DaysToDie-Alpha\7DaysToDie.exe
FirewallRules: [{6E596561-2567-4AA7-8292-2F13D08053FD}] => (Allow) C:\Program Files (x86)\7DaysToDie-Alpha\7DaysToDie.exe
FirewallRules: [{E211D57C-F8D2-4000-8717-F6EB9BFED9C1}] => (Allow) C:\Program Files (x86)\7DaysToDie-Alpha\7DaysToDie.exe
FirewallRules: [{89D923D0-52AD-45D3-AB79-2B2FCFA7EEC9}] => (Allow) C:\Program Files (x86)\7DaysToDie-Alpha\7DaysToDie.exe
FirewallRules: [UDP Query User{20BC6940-EC8A-4D84-ADA8-0CAC1583C908}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{5B108050-331D-4078-91F7-333C2FD058F0}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{F7029719-F975-4165-B9DE-4B50E21FBD96}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spelunky\Spelunky.exe
FirewallRules: [{552360C1-3E4D-4478-B81A-743E57C60ADE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spelunky\Spelunky.exe
FirewallRules: [UDP Query User{1AF00546-D969-4B95-BCE1-20AD60109548}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [TCP Query User{2DED59E3-BCD4-4AD1-A751-69C0D993C9C0}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [{E167F28F-3CDB-4E9C-BC93-54BA1A2C3C01}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{866386DB-549E-451B-8B08-324399D57293}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{84D5A424-B0E1-48B8-99F7-56DB8A7D831D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{B320A94D-2C0A-40BC-A57E-B8FF09548745}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{3D8FCAA0-AF8A-4080-B76E-91B00EEF2A12}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{4A5D0F96-864C-488C-A3DE-31A996CDA638}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [UDP Query User{7A239781-B79A-4B27-92BB-D85A772CDE98}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{7061FBA7-108A-4A04-A3F1-0C3A4259C982}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{11A23F99-555C-444F-857D-496287B9A48F}G:\photoshop elements 7.0\adobephotoshopelementsmediaserver.exe] => (Allow) G:\photoshop elements 7.0\adobephotoshopelementsmediaserver.exe
FirewallRules: [TCP Query User{BA0ECDB6-A448-4439-A0A6-374398724581}G:\photoshop elements 7.0\adobephotoshopelementsmediaserver.exe] => (Allow) G:\photoshop elements 7.0\adobephotoshopelementsmediaserver.exe
FirewallRules: [UDP Query User{2AD03E61-6CB6-4DB2-A353-217D91DEBB80}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{0A63AFDA-95CA-4F6C-8E66-D7A04EF5F6CA}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{854A33A6-B57B-49A4-BC0B-B447864978E7}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [TCP Query User{3D45854F-3635-4D6A-ADF4-0EBEE2575081}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [UDP Query User{979C4E21-D9C4-49F4-BCE0-EF5DA3644EDE}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{2C72D711-F6FE-41A5-8E01-8BD6424A81C9}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{F7667282-18D2-4EEC-845E-3B3BCA6702EA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{DC7BF070-51A4-41A4-B1FB-F05B12A05E32}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{B9B504D2-0BED-44C8-87A1-B03F9A25CB3D}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{88C338FE-13BA-49E4-B938-296AEF29807B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4EEC4502-D631-42C4-8990-017FBDE70B5A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CFC7DE7C-9FD1-46FC-86B0-78C26A9B7775}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold\Stronghold.exe
FirewallRules: [{47442B8F-1B8A-4BF4-98E7-5A4025AA9F33}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold\Stronghold.exe
FirewallRules: [{8E386419-8F65-43C5-A842-65EC79A74C5E}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold 2\Stronghold2.exe
FirewallRules: [{0FEB2ABB-96A2-4F9B-B5DF-352080B000A0}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold 2\Stronghold2.exe
FirewallRules: [UDP Query User{A73EB24B-5760-406C-92F6-01680BFD0E17}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{ABC0EAEB-F6E3-42D6-A4AF-E4698720895E}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{615E09E1-58DF-4F2B-9001-EC72C28F1ED4}C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\system\splintercell3.exe] => (Allow) C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\system\splintercell3.exe
FirewallRules: [TCP Query User{199F5DA8-537B-4802-A081-BCC0BDCA4D49}C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\system\splintercell3.exe] => (Allow) C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\system\splintercell3.exe
FirewallRules: [{84A117B9-6229-4B07-AA4C-592C006DAF17}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Legends\StrongholdLegends.exe
FirewallRules: [{F547011A-F4A2-4823-9514-BFBC0F04DF47}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Legends\StrongholdLegends.exe
FirewallRules: [UDP Query User{1F14F8E7-EF0B-4C0D-A2DC-7D79E56FCD90}C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe] => (Allow) C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe
FirewallRules: [TCP Query User{843B521A-F575-49BB-A5E6-A8BAF3F39FDB}C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe] => (Allow) C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe
FirewallRules: [{0B44211B-1D40-4E7E-B060-6CA1F81528A3}] => (Allow) LPort=1900
FirewallRules: [{CE1660CA-ECA5-44DE-A94C-25D5ADC5A300}] => (Allow) LPort=2869
FirewallRules: [{E1FD84FD-A7D8-4832-9B25-FBFC9302E2EA}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{2060FED0-2274-4EAA-BF88-879831BB9D71}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{35E64E04-DDCC-40A5-B7DF-DC924212030D}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [TCP Query User{7A28D840-1BC8-4A6B-8A79-EFF25E28477E}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{EDD83D34-D790-4F04-AF0B-12A09F8A5F6B}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{6C8D7433-1032-4924-92EE-E231B2C60069}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{080B0641-9913-418C-83AF-B418D6421F3E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{4A0EF7F6-2123-422C-9B03-E67434EC229A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Oddworld New n Tasty\NNT.exe
FirewallRules: [{863BA61A-4FEF-4D22-B6F7-2A6A445CD55D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Oddworld New n Tasty\NNT.exe
FirewallRules: [TCP Query User{EE59E25E-E681-4F6D-AF72-AD2A1F391D43}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{F7147E30-BE04-4702-BB59-3CF913696D06}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{7366368D-2C3F-4C0C-94C9-79291994E5EF}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{8A83C40E-4BAC-4B5E-A74D-221CCD63CF3D}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{B0603A95-9371-4DDE-873B-3E9B50060C5E}] => (Allow) C:\Program Files (x86)\EA Games\Battlefield 2\BF2.exe
FirewallRules: [{0D170153-EA06-42AA-9A18-94CF56EC2C1D}] => (Allow) C:\Program Files (x86)\EA Games\Battlefield 2\BF2.exe
FirewallRules: [TCP Query User{5F2D22DE-18CE-4B5B-A2A4-AE30C787FF0F}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe
FirewallRules: [UDP Query User{042AC962-6FD7-4955-A24A-518DF58804BB}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe
FirewallRules: [{82DD64BA-BE73-4A59-BC83-D0CBCAD11B33}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{44407D7A-EA04-4913-90A4-F6270C3E8934}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D5E03025-EB0F-4A7C-BB33-A3F9DD115AE6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D9D485A7-E593-4F69-8763-71B6B32FA889}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{18EBDBB0-6F97-4DBD-9FE2-E95D002547EA}C:\program files (x86)\ea games\battlefield 2\bf2.exe] => (Allow) C:\program files (x86)\ea games\battlefield 2\bf2.exe
FirewallRules: [UDP Query User{73446A00-A12F-4119-8470-7F8545100C5C}C:\program files (x86)\ea games\battlefield 2\bf2.exe] => (Allow) C:\program files (x86)\ea games\battlefield 2\bf2.exe
FirewallRules: [{148BD9DE-CE7B-495B-808D-4493B12374BC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [{74E5C093-E8B3-43AF-B873-FF22E5D9C20D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [{83BA189A-2359-4DF2-9B85-4243C11527B5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B3852A97-3C8C-4718-9B64-A8BDCA0A2E5C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{75D3D7EE-8634-44FC-9B6D-398DBD05BDDC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fistful of Frags\sdk\hl2.exe
FirewallRules: [{55B707B7-0D91-4B83-BD64-3B43BC35E5C3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fistful of Frags\sdk\hl2.exe
FirewallRules: [TCP Query User{3FA714E6-27A8-4C83-A83D-3F14708C7522}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe
FirewallRules: [UDP Query User{4B650623-F185-4E8F-B32C-923681610894}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe
FirewallRules: [{3FB0EED4-4D83-4864-8256-1112E438528A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 3 goty\FalloutLauncher.exe
FirewallRules: [{5EBD8610-3469-4A9A-B763-93442B6B1E9B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 3 goty\FalloutLauncher.exe
FirewallRules: [{10F8A69D-4A78-43DE-A010-A8D58C912584}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [{CCC81A88-F96B-482F-A763-63A8BC4FBABD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [{04A68A81-678E-4E08-A891-118BF8A82A13}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{5601EF96-3EE6-4AC2-8E5C-9B3C70F1E055}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{F900103E-5B80-4ECD-88B4-7F921E7982DA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{03192198-3130-4974-96A8-59765F30ABE5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{07E757A0-BEA6-4D39-BA47-1322E5A4F972}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{AA00C280-76B2-4D38-A4EA-F40C474FE62D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [TCP Query User{80A3FF00-1CE5-40FA-BD74-CDF7B1FEE7A5}C:\program files (x86)\ti education\ti-nspire computer link\ti-nspire computer link.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire computer link\ti-nspire computer link.exe
FirewallRules: [UDP Query User{A24F1D35-3B16-4FC8-AE35-EFD7D74302B5}C:\program files (x86)\ti education\ti-nspire computer link\ti-nspire computer link.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire computer link\ti-nspire computer link.exe
FirewallRules: [TCP Query User{04AEA058-464E-45DC-9F12-93012201A387}C:\program files (x86)\ti education\ti-nspire computer link\jre\bin\java.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire computer link\jre\bin\java.exe
FirewallRules: [UDP Query User{BE617A23-6191-4E1B-A1CE-EF5C38152015}C:\program files (x86)\ti education\ti-nspire computer link\jre\bin\java.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire computer link\jre\bin\java.exe
FirewallRules: [TCP Query User{B5EF835B-497F-41DE-BC00-7BF39F3DBAB2}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{87D57B25-B389-4873-99F1-F1F4B56DB10E}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [TCP Query User{009D5093-8B1A-47ED-B2D1-75DCD3A253AF}C:\users\andré\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\andré\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{8B7F0374-A4DB-4F25-96A9-11C334A778A5}C:\users\andré\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\andré\appdata\roaming\spotify\spotify.exe
FirewallRules: [{68241CF8-3F67-4606-9CD6-9B44629D1FA3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{371DDF5E-863C-4B04-AA36-9BCA8957ABAF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B3852398-F898-4F6F-A736-001671E9D853}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2F46FAC5-39DA-48CB-87B7-2DB63DF9CC9B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{57EA8011-8988-497E-84D0-F9502DB2A1CA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{11C55929-3DB5-4FFF-8D23-A6A63911510C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5A8CFE7B-899A-4490-BA84-3F58FA2E8F38}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{0464378F-CD97-4216-A966-760782823490}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{35496E53-0B61-408F-8762-039BB5C1035C}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{2E6E8688-E1C8-47E6-B2D9-7E594F859EA7}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{9522C61C-0FA5-42CF-99A6-8796BC8ABBB3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{E25BCE61-2553-4378-B9C8-32AA3DE4414B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{FABC240F-274B-47AC-858F-438E14DB95F9}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [TCP Query User{6A11780A-C673-4C25-B63A-2AC4A906E120}C:\songan's ttt server - kopie\srcds.exe] => (Allow) C:\songan's ttt server - kopie\srcds.exe
FirewallRules: [UDP Query User{FEBEFACE-4396-49C6-91E1-33AFCF378EB8}C:\songan's ttt server - kopie\srcds.exe] => (Allow) C:\songan's ttt server - kopie\srcds.exe
FirewallRules: [{8E73AB31-C8AD-4F78-AEBF-565629D44666}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{2330A750-582C-4E3D-8E02-56F0FA5E1800}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{7A629A0A-1D85-462A-8131-C0F1A0FED8BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{569AB28B-79DA-4152-98C7-8FC358FC16A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{56C07A57-BFA5-470E-8B65-52E04CA6E40E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{BDCC194D-ABA9-4892-B891-FCC35B720DD7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{55449DDA-7F51-4C61-8861-B3C700B4A81F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B2D89EFE-0FB9-4756-9144-21CFA0AA27BA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{44F22EFC-FB2D-4E4D-B1A1-3A9C31E2D3A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{4B96DCC9-61BA-4747-8A57-9B0DEC5D083A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1274CD60-E8E4-469D-9A12-04443BFCBAF8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F0065602-B604-471B-AF08-8447902B5DA3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{262C47AA-404B-48BA-8D26-F495E5069386}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{410F82CB-A332-4660-91D6-53EC5F42E57D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheCulling\TheCulling_Launcher.exe
FirewallRules: [{AFFB53C2-13B6-4304-A294-3BB329BD7A32}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheCulling\TheCulling_Launcher.exe
FirewallRules: [TCP Query User{5CC79050-2FF6-4A33-8DA8-E4C465A2A3DE}C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe
FirewallRules: [UDP Query User{4765706F-B3BB-43A0-B242-0A13CE229922}C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe
FirewallRules: [{637479C3-5E89-4FAC-8365-DDD65B257ED8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{EC6C7D2A-4B98-43D4-A98D-A5F23E492F17}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{874A6590-5815-43EC-B566-7CBEB1912029}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{F6A32B85-6372-45E2-92B3-0AFC0691F1B7}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{99098603-601D-4775-9C3F-BEC0C8D673D8}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{5B9E721E-7C91-4AFB-8D54-F23B323D8D38}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{3AF93217-33B9-474C-8F86-6DA2552DA48D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{B0ACEF2B-4DBF-4D2D-81F2-89919DADDAE2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{2DADFF23-7A32-40C7-97D3-74EBF26FC353}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{D904EB1D-3CF6-4D18-ABAD-152EC199EABB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{61D4255A-0725-4A20-86E9-A34E748B4F71}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{9211B61F-6AB9-436E-AE60-FB5D52BFC6F2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{34F5F4C6-599F-4D22-A403-1FEFEB04F774}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{E43876E3-8A49-45C9-A1BE-FD30D5F51304}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{7D629C6C-2852-4C13-AE7C-C6E7D0F14E6E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{4E5CBD26-E8EA-4812-9703-902E1871A0D9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rust\Rust.exe
FirewallRules: [{7040C603-3913-4BA6-BD1E-E937BD819C14}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rust\Rust.exe
FirewallRules: [TCP Query User{4C1C0507-D001-4114-820D-F8D2A26F0901}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{559A0FF3-0735-4B3A-A8DC-D372E4F2896F}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{4B42444C-39EC-4DE6-93C4-F37658C012D4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hotline Miami 2\HotlineMiami2.exe
FirewallRules: [{0EEDE53D-E7BD-4BFE-8190-8761E301FC43}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hotline Miami 2\HotlineMiami2.exe
FirewallRules: [{22E36B34-93CD-4B4F-A5FB-5AFFD7F9217C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{B9204EB4-20CE-4AA5-8A1A-9324E6806329}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{58307D7D-485E-456D-8D40-11B231A2D5F2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cosmic DJ\CosmicDJ.exe
FirewallRules: [{305A4E45-3FEB-4293-B381-B5077FD9A4ED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cosmic DJ\CosmicDJ.exe
FirewallRules: [{9CF03B3A-02D5-46EC-847C-B86C6D0FD8C8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{832A744E-84A5-4E7D-96D3-870816E7DCF5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{4960FF1E-13FB-4F4A-8842-D66DD000EB40}] => (Allow) LPort=53000
FirewallRules: [{C4B68FC8-AB08-477B-A699-8C1096FB3B7C}] => (Allow) LPort=52000

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/11/2016 02:59:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST64(1).exe, Version 9.5.2016.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1c74

Startzeit: 01d1ab84b3f55f5e

Endzeit: 4294967295

Anwendungspfad: C:\Users\André\Downloads\FRST64(1).exe

Berichts-ID: 21af9b2c-1778-11e6-bf76-b4b52fc7b10a

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/10/2016 07:38:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: avscan.exe, Version: 15.0.17.264, Zeitstempel: 0x56f29038
Name des fehlerhaften Moduls: AVSCPLR.DLL, Version: 15.0.17.264, Zeitstempel: 0x56f28832
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000638b
ID des fehlerhaften Prozesses: 0x78c
Startzeit der fehlerhaften Anwendung: 0xavscan.exe0
Pfad der fehlerhaften Anwendung: avscan.exe1
Pfad des fehlerhaften Moduls: avscan.exe2
Berichtskennung: avscan.exe3
Vollständiger Name des fehlerhaften Pakets: avscan.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: avscan.exe5

Error: (05/10/2016 06:15:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: avcenter.exe, Version: 15.0.17.264, Zeitstempel: 0x56f28f71
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x17a4
Startzeit der fehlerhaften Anwendung: 0xavcenter.exe0
Pfad der fehlerhaften Anwendung: avcenter.exe1
Pfad des fehlerhaften Moduls: avcenter.exe2
Berichtskennung: avcenter.exe3
Vollständiger Name des fehlerhaften Pakets: avcenter.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: avcenter.exe5

Error: (05/10/2016 05:25:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: avscan.exe, Version: 15.0.16.276, Zeitstempel: 0x56c489d7
Name des fehlerhaften Moduls: AVSCPLR.DLL, Version: 15.0.16.280, Zeitstempel: 0x56c6e004
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000649b
ID des fehlerhaften Prozesses: 0x790
Startzeit der fehlerhaften Anwendung: 0xavscan.exe0
Pfad der fehlerhaften Anwendung: avscan.exe1
Pfad des fehlerhaften Moduls: avscan.exe2
Berichtskennung: avscan.exe3
Vollständiger Name des fehlerhaften Pakets: avscan.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: avscan.exe5

Error: (05/10/2016 04:15:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm soffice.bin, Version 4.0.0.103 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 134

Startzeit: 01d1aac5e6629c16

Endzeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\LibreOffice 4.0\program\soffice.bin

Berichts-ID: 905d7871-16b9-11e6-bf73-b4b52fc7b10a

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/10/2016 03:54:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17415 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1c18

Startzeit: 01d1aac2ba88ef09

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe

Berichts-ID: adf18511-16b6-11e6-bf73-b4b52fc7b10a

Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (05/10/2016 03:32:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HPConnectedRemoteService.exe, Version: 1.0.1206.0, Zeitstempel: 0x503e3c5d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18264, Zeitstempel: 0x56e1bd71
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000000000008a5c
ID des fehlerhaften Prozesses: 0x218c
Startzeit der fehlerhaften Anwendung: 0xHPConnectedRemoteService.exe0
Pfad der fehlerhaften Anwendung: HPConnectedRemoteService.exe1
Pfad des fehlerhaften Moduls: HPConnectedRemoteService.exe2
Berichtskennung: HPConnectedRemoteService.exe3
Vollständiger Name des fehlerhaften Pakets: HPConnectedRemoteService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: HPConnectedRemoteService.exe5

Error: (05/10/2016 03:32:03 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: HPConnectedRemoteService.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Management.ManagementException
   bei System.Management.ManagementException.ThrowWithExtendedInfo(System.Management.ManagementStatus)
   bei System.Management.SinkForEventQuery.Cancel()
   bei System.Management.ManagementEventWatcher.Stop()
   bei HP.Seeker.ProcessMonitor.StopProcessWatchers()
   bei HP.Seeker.ProcessKeeperService.StopProcesMonitors()
   bei HP.Seeker.HPSeekerSwitchboard.StartUserService()
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   bei System.Threading.ThreadHelper.ThreadStart()

Error: (05/07/2016 12:48:42 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database

Error: (05/05/2016 07:39:07 PM) (Source: MsiInstaller) (EventID: 1002) (User: André-PC)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList".


Systemfehler:
=============
Error: (05/11/2016 05:19:30 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (05/11/2016 05:19:22 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (05/11/2016 05:15:49 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (05/11/2016 05:15:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/11/2016 05:15:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/11/2016 05:15:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Audio Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/11/2016 05:15:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Druckwarteschlange" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/11/2016 05:15:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Apple Mobile Device Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/11/2016 05:15:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Digital Wave Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/11/2016 05:15:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA GeForce Experience Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2013-08-19 13:11:11.339
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 36%
Installierter physikalischer RAM: 8147.35 MB
Verfügbarer physikalischer RAM: 5156.43 MB
Summe virtueller Speicher: 12499.35 MB
Verfügbarer virtueller Speicher: 9244.32 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:918.61 GB) (Free:90.93 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Recovery Image) (Fixed) (Total:10.98 GB) (Free:1.33 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (NVCDV243) (CDROM) (Total:1.18 GB) (Free:0 GB) CDFS
Drive g: () (Removable) (Total:1.86 GB) (Free:0.32 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 9FE15288)

Partition: GPT.

========================================================
Disk: 1 (Size: 1.9 GB) (Disk ID: 000A4BAE)
Partition 1: (Active) - (Size=1.9 GB) - (Type=0C)

==================== Ende von Addition.txt ============================
         

Alt 11.05.2016, 16:55   #12
M-K-D-B
/// TB-Ausbilder
 
Windows 8: Für mich unbekannter Trojaner von Avira gefunden - Standard

Windows 8: Für mich unbekannter Trojaner von Avira gefunden



Servus,


ja, füge die Logdatei von TDSS-Killer als Anhang mit.


Die Logdatei von FRST ist zeilenweise total verschoben, hast du da was verändert? So ist die Logdatei ganz schlecht lesbar.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 11.05.2016, 17:01   #13
Chronos5896
 
Windows 8: Für mich unbekannter Trojaner von Avira gefunden - Standard

Windows 8: Für mich unbekannter Trojaner von Avira gefunden



Huch? Ja gut dann mache ich noch einen Durchlauf mit FRST!

FRST

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:09-05-2016
durchgeführt von André (Administrator) auf ANDRÉ-PC (11-05-2016 17:57:20)
Gestartet von C:\Users\André\Desktop
Geladene Profile: André (Verfügbare Profile: André)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Bitsum LLC) C:\Program Files\ParkControl\ParkControl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Konami Digital Entertainment) C:\Program Files (x86)\Steam\SteamApps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2013-11-20] (Hewlett-Packard )
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-11-20] (IDT, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2396096 2016-03-30] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [814608 2016-05-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-03-18] (Apple Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-03-30] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [FireStormStartUpAutoRun] => C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe [24278016 2015-03-11] (PC Partner Co.Ltd)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Spotify Web Helper] => C:\Users\André\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-04-26] (Spotify Ltd)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Spotify] => C:\Users\André\AppData\Roaming\Spotify\Spotify.exe [6890608 2016-04-26] (Spotify Ltd)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [51662464 2016-04-08] (Skype Technologies S.A.)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8813784 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [lvecl-3] => C:\ProgramData\lvecl-74\lvecl-04.exe [916320 2016-05-11] ()
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\RunOnce: [lvecl-9] => C:\Users\André\AppData\Roaming\lvecl-7\lvecl-7.exe [775680 2016-05-11] ()
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [132608 2014-11-21] (Microsoft Corporation)
Startup: C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pfmea-2.lnk [2016-05-11]
ShortcutTarget: pfmea-2.lnk -> C:\Users\André\AppData\Roaming\pfmea-5\pfmea-09.exe (Keine Datei)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{9A94A0F4-2D9B-45C3-9E0A-94ED23BCC2BF}: [DhcpNameServer] 192.168.0.1 192.168.0.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM -> {E9CF137E-FB25-49C6-A0D0-A0DE744D2C27} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-447048058-3512354665-2473454594-1001 -> DefaultScope {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout
SearchScopes: HKU\S-1-5-21-447048058-3512354665-2473454594-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25] (HP)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-11-07] (DVDVideoSoft Ltd.)
BHO-x32: Kein Name -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-19] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-19] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095} 
DPF: HKLM-x32 {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.203.0.cab
DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} hxxps://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.96.0.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-16] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-16] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-07-18] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-07-18] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-19] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-03-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-03-08] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-447048058-3512354665-2473454594-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\André\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Extension: WEB.DE MailCheck - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\extensions\mailcheck@web.de [2016-03-18]
FF Extension: FoxyProxy Standard - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\Extensions\foxyproxy@eric.h.jung [2016-02-18]
FF Extension: ProxTube - Unblock YouTube - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\Extensions\ich@maltegoetz.de.xpi [2016-01-25]
FF Extension: Game Debate PC System Requirement Tool - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\Extensions\jid1-E6k1NoroBGfTwA@jetpack.xpi [2016-04-28]
FF Extension: Adblock Plus - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\André\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [970656 2016-05-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [467016 2016-05-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [467016 2016-05-10] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1435704 2016-05-10] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [272304 2016-03-30] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1860616 2016-04-04] ()
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-03-23] (Digital Wave Ltd.)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [243984 2016-03-22] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-03-30] (NVIDIA Corporation)
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-18] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-03-30] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-03-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-03-30] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-26] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2015-03-26] ()
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-11-20] (IDT, Inc.) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2014-03-01] (Advanced Micro Devices, Inc.)
S3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [13209088 2014-07-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [626688 2014-07-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S3 athrusb; C:\Windows\system32\DRIVERS\athrxusb.sys [1075712 2008-07-29] (Atheros Communications, Inc.)
S3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Advanced Micro Devices) [Datei ist nicht signiert]
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-03-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146712 2016-05-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-15] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-05-10] (Avira Operations GmbH & Co. KG)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-03-30] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [47672 2016-03-08] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-03-21] (NVIDIA Corporation)
S3 USBTINSP; C:\Windows\System32\drivers\tinspusb.sys [142848 2010-03-29] (Texas Instruments)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [71680 2014-04-30] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 ZDCNDIS6a64; C:\windows\system32\ZDCNDIS6a64.sys [41280 2009-06-26] (Printing Communications Assoc., Inc. (PCAUSA))
S3 ZDCNDIS6a64; C:\windows\SysWOW64\ZDCNDIS6a64.sys [41280 2009-06-26] (Printing Communications Assoc., Inc. (PCAUSA))

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-11 17:17 - 2016-05-11 17:38 - 00000000 ____D C:\ProgramData\uum
2016-05-11 15:05 - 2016-05-11 15:05 - 00000000 ____D C:\Users\André\AppData\Roaming\lvecl-7
2016-05-11 15:03 - 2016-05-11 15:03 - 00000000 ____D C:\ProgramData\lvecl-74
2016-05-11 11:25 - 2016-05-11 11:25 - 00000000 ____D C:\ProgramData\kelvin-2
2016-05-11 11:01 - 2016-05-11 11:01 - 130070296 _____ (Microsoft Corporation) C:\Users\André\Downloads\msert(1).exe
2016-05-11 10:54 - 2016-05-11 11:11 - 00120270 _____ C:\Users\André\Desktop\TDSSKILELR.txt
2016-05-11 10:52 - 2016-05-11 10:52 - 00000000 _____ C:\Users\André\Desktop\adsada.txt
2016-05-11 10:49 - 2016-05-11 11:10 - 00240630 _____ C:\TDSSKiller.3.1.0.9_11.05.2016_10.49.39_log.txt
2016-05-10 20:28 - 2016-05-11 17:15 - 00002420 _____ C:\Users\André\Desktop\Fixlog.txt
2016-05-10 18:22 - 2016-05-10 18:32 - 00468044 _____ C:\TDSSKiller.3.1.0.9_10.05.2016_18.22.23_log.txt
2016-05-10 17:59 - 2016-05-10 17:59 - 00000560 _____ C:\TDSSKiller.3.1.0.9_10.05.2016_17.59.03_log.txt
2016-05-10 17:58 - 2016-05-10 17:58 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\André\Desktop\tdsskiller.exe
2016-05-10 17:56 - 2016-05-10 17:56 - 02381312 _____ (Farbar) C:\Users\André\Downloads\FRST64(1).exe
2016-05-10 17:42 - 2016-05-10 17:42 - 00000000 ____D C:\ProgramData\AVAST Software
2016-05-10 17:34 - 2016-05-10 17:34 - 05066104 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_online.exe
2016-05-10 17:34 - 2016-05-10 17:34 - 05066104 _____ (AVAST Software) C:\Users\André\Downloads\avast_free_antivirus_setup_online.exe
2016-05-10 16:50 - 2016-05-11 17:25 - 00081019 _____ C:\Users\André\Desktop\Addition.txt
2016-05-10 16:49 - 2016-05-11 17:57 - 00022143 _____ C:\Users\André\Desktop\FRST.txt
2016-05-10 16:38 - 2016-05-11 15:00 - 00080908 _____ C:\Users\André\Downloads\Addition.txt
2016-05-10 16:33 - 2016-05-11 15:00 - 00054665 _____ C:\Users\André\Downloads\FRST.txt
2016-05-10 16:32 - 2016-05-11 17:57 - 00000000 ____D C:\FRST
2016-05-10 16:31 - 2016-05-10 16:31 - 02381312 _____ (Farbar) C:\Users\André\Desktop\FRST64.exe
2016-05-10 16:14 - 2016-05-10 16:14 - 00000094 ____H C:\Users\André\Downloads\.~lock.Hurricanes.pptx#
2016-05-10 16:12 - 2016-05-10 16:12 - 00000094 ____H C:\Users\André\Downloads\.~lock.Chemie.pptx#
2016-05-10 15:07 - 2016-05-10 15:07 - 03640384 _____ C:\Users\André\Downloads\adwcleaner_5.116.exe
2016-05-10 14:38 - 2016-05-10 14:39 - 129662736 _____ (Microsoft Corporation) C:\Users\André\Downloads\msert.exe
2016-05-10 14:28 - 2016-05-10 14:28 - 00001116 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-05-10 14:20 - 2016-05-10 14:20 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-10 14:20 - 2016-05-10 14:20 - 00002069 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-05-10 14:17 - 2016-05-10 14:17 - 90330808 _____ (Adobe Systems Incorporated) C:\Users\André\Downloads\AcroRdrDC1501620039_de_DE.exe
2016-05-09 21:41 - 2016-05-09 21:41 - 04489175 _____ C:\Users\André\Downloads\Hurricanes .pptx
2016-05-09 15:51 - 2016-05-09 15:51 - 00212133 _____ C:\Users\André\Desktop\WhatsApp-Image-20160509
2016-05-09 15:50 - 2016-05-09 15:51 - 00212133 _____ C:\Users\André\Downloads\WhatsApp-Image-20160509
2016-05-08 14:07 - 2016-05-08 14:07 - 00000222 _____ C:\Users\André\Desktop\Cosmic DJ.url
2016-05-08 14:07 - 2016-05-08 14:07 - 00000000 ____D C:\Users\André\AppData\LocalLow\GL33k
2016-05-08 12:08 - 2016-05-11 17:17 - 00003050 _____ C:\WINDOWS\System32\Tasks\ParkControl
2016-05-07 23:22 - 2016-05-07 23:22 - 00466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2016-05-07 23:22 - 2016-05-07 23:22 - 00444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2016-05-07 23:22 - 2016-05-07 23:22 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2016-05-07 23:22 - 2016-05-07 23:22 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2016-05-07 23:22 - 2016-05-07 23:22 - 00000000 ____D C:\Program Files (x86)\OpenAL
2016-05-06 18:17 - 2016-05-06 18:17 - 00000222 _____ C:\Users\André\Desktop\Hotline Miami 2 Wrong Number.url
2016-05-06 18:17 - 2016-05-06 18:17 - 00000137 _____ C:\Users\André\Desktop\Hotline Miami.url
2016-05-05 02:23 - 2016-05-05 02:23 - 00000000 ____D C:\Users\André\Documents\Overwatch
2016-05-05 01:08 - 2016-05-05 01:08 - 00001114 _____ C:\Users\Public\Desktop\Overwatch.lnk
2016-05-05 01:08 - 2016-05-05 01:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch
2016-05-05 01:00 - 2016-05-10 14:14 - 00000000 ____D C:\Program Files (x86)\Overwatch
2016-05-02 20:13 - 2016-05-02 20:15 - 85367756 _____ C:\Users\André\Downloads\Why Do We Fall - Motivational Video.mp4
2016-05-02 19:19 - 2016-04-30 21:42 - 04483870 _____ C:\Users\André\Desktop\Hurricanes.pptx
2016-05-02 19:14 - 2016-05-02 19:15 - 00477426 _____ C:\Users\André\Downloads\Chemie.pptx
2016-05-02 18:46 - 2016-05-02 18:46 - 00169110 _____ C:\Users\André\Downloads\WhatsApp-Image-20160502
2016-05-02 18:10 - 2016-05-02 18:10 - 00194857 _____ C:\Users\André\Downloads\WhatsApp-Image-20160430
2016-04-30 14:56 - 2016-04-30 14:56 - 00001644 _____ C:\Users\André\Desktop\Neues Textdokument.txt
2016-04-30 12:56 - 2016-04-30 12:56 - 04448793 _____ C:\Users\André\Downloads\Hurricanes.pptx
2016-04-26 20:11 - 2016-04-26 20:11 - 00121060 _____ C:\Users\André\Downloads\Cgco6leh.jpeg
2016-04-25 16:48 - 2016-04-25 16:48 - 00146693 _____ C:\Users\André\Downloads\GlSILUQj.jpeg
2016-04-24 20:55 - 2016-04-24 20:57 - 00000000 ____D C:\Users\André\AppData\Roaming\MediaPurge
2016-04-24 20:55 - 2016-04-24 20:55 - 00001945 _____ C:\Users\André\Desktop\Mediapurge.lnk
2016-04-24 20:55 - 2016-04-24 20:55 - 00000000 ____D C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mediapurge
2016-04-24 20:55 - 2016-04-24 20:55 - 00000000 ____D C:\Program Files (x86)\Mediapurge
2016-04-24 20:44 - 2016-04-24 20:44 - 00001259 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2016-04-21 10:01 - 2016-04-23 14:37 - 00000000 ____D C:\driver_memscan
2016-04-16 14:22 - 2016-04-16 14:22 - 00000222 _____ C:\Users\André\Desktop\Call of Duty Black Ops II - Zombies.url
2016-04-16 14:18 - 2016-04-16 14:18 - 00000222 _____ C:\Users\André\Desktop\Call of Duty Black Ops II - Multiplayer.url
2016-04-16 13:56 - 2016-04-16 13:56 - 00000222 _____ C:\Users\André\Desktop\Call of Duty Black Ops II.url
2016-04-14 16:11 - 2016-04-14 16:11 - 00000836 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-04-14 16:11 - 2016-04-14 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-04-14 16:07 - 2016-04-14 16:07 - 05683392 _____ (Piriform Ltd) C:\Users\André\Downloads\ccsetup516_slim.exe
2016-04-13 18:45 - 2016-04-13 18:49 - 00000518 _____ C:\Users\André\Documents\Neues Textdokument.txt
2016-04-13 13:58 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-13 13:58 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-04-13 13:58 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-04-13 13:58 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-13 13:58 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-04-13 13:58 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-04-13 13:58 - 2016-03-31 01:43 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-04-13 13:58 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-04-13 13:58 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-13 13:58 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-13 13:58 - 2016-03-31 01:23 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-04-13 13:58 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-13 13:58 - 2016-02-02 20:16 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-04-13 13:57 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-04-13 13:57 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-04-13 13:57 - 2016-03-31 01:56 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-04-13 13:57 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-04-13 13:57 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-04-13 13:57 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-04-13 13:57 - 2016-03-31 01:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-04-13 13:57 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-04-13 13:57 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-04-13 13:57 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-04-13 13:57 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-04-13 13:57 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-04-13 13:57 - 2016-03-31 01:30 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-04-13 13:57 - 2016-03-31 01:27 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-04-13 13:57 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-04-13 13:57 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-04-13 13:57 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-04-13 13:57 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-13 13:57 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-04-13 13:57 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-13 13:57 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-13 13:57 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-04-13 13:56 - 2016-04-04 08:35 - 00046768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-04-13 13:56 - 2016-04-02 15:26 - 01386496 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-04-13 13:56 - 2016-04-02 15:26 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-04-13 13:56 - 2016-03-28 15:21 - 00698368 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-04-13 13:56 - 2016-03-28 15:21 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-04-13 13:56 - 2016-03-28 15:21 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-04-13 13:56 - 2016-03-28 15:21 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-04-13 13:56 - 2016-03-28 15:21 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-04-13 13:56 - 2016-03-16 01:00 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-13 13:56 - 2016-03-15 16:14 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-13 13:56 - 2016-03-11 16:48 - 00833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-13 13:56 - 2016-03-10 20:22 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-04-13 13:56 - 2016-03-10 20:21 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-04-13 13:56 - 2016-03-10 20:20 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-04-13 13:56 - 2016-03-10 19:44 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-04-13 13:56 - 2016-03-10 19:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-04-13 13:56 - 2016-03-10 19:03 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-13 13:56 - 2016-03-10 18:48 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-13 13:56 - 2016-03-03 18:47 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-13 13:56 - 2016-03-03 18:33 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-13 13:56 - 2016-03-03 03:39 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-04-13 13:56 - 2016-03-03 03:39 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-04-13 13:56 - 2016-02-09 03:31 - 22365472 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-04-13 13:56 - 2016-02-09 03:31 - 19794896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-04-13 13:56 - 2016-02-09 03:31 - 02757616 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-04-13 13:56 - 2016-02-09 03:31 - 02412576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-04-13 13:56 - 2016-02-09 03:31 - 00273264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-13 13:56 - 2016-02-08 22:55 - 02712576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-04-13 13:56 - 2016-02-08 22:15 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-04-13 13:56 - 2016-02-08 22:02 - 01197056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-04-13 13:56 - 2016-02-08 21:48 - 12879360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-13 13:56 - 2016-02-08 21:43 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-04-13 13:56 - 2016-02-08 21:40 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-04-13 13:56 - 2016-02-08 21:39 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-04-13 13:56 - 2016-02-08 21:37 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2016-04-13 13:56 - 2016-02-08 21:35 - 00954880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-04-13 13:56 - 2016-02-08 21:34 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-04-13 13:56 - 2016-02-08 21:33 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-04-13 13:56 - 2016-02-08 20:50 - 03120640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-04-13 13:56 - 2016-02-08 19:55 - 02592256 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-04-13 13:56 - 2016-02-08 19:33 - 01278464 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-04-13 13:56 - 2016-02-08 19:12 - 14466560 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-13 13:56 - 2016-02-08 19:02 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-04-13 13:56 - 2016-02-08 19:00 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-04-13 13:56 - 2016-02-08 18:58 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-04-13 13:56 - 2016-02-08 18:55 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2016-04-13 13:56 - 2016-02-08 18:53 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2016-04-13 13:56 - 2016-02-08 18:53 - 01348096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-13 13:56 - 2016-02-08 18:50 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-04-13 13:56 - 2016-02-08 18:50 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-04-13 13:56 - 2016-02-08 18:48 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-04-13 13:56 - 2016-02-08 18:47 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2016-04-13 13:56 - 2016-02-08 18:44 - 00955392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-13 13:56 - 2016-02-05 16:46 - 01455104 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2016-04-13 13:56 - 2016-02-03 17:14 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2016-04-13 13:56 - 2016-02-03 17:11 - 01673728 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2016-04-13 13:56 - 2016-02-02 19:51 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2016-04-13 13:56 - 2016-02-02 19:19 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2016-04-13 13:56 - 2016-02-02 19:15 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2016-04-13 13:56 - 2016-02-02 19:01 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2016-04-13 13:56 - 2016-02-02 18:51 - 02609152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-04-13 13:56 - 2016-02-02 18:48 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2016-04-13 13:56 - 2016-02-02 18:46 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2016-04-13 13:56 - 2016-02-02 18:41 - 02170880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-04-13 13:56 - 2016-02-02 18:39 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2016-04-13 13:56 - 2016-01-27 17:18 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2016-04-13 13:56 - 2016-01-26 21:15 - 00072024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2016-04-13 13:56 - 2016-01-21 21:35 - 00952928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-04-13 13:56 - 2016-01-21 20:42 - 00786152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-04-13 13:56 - 2016-01-21 00:40 - 00099672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys
2016-04-13 13:56 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-04-13 13:56 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-04-13 13:55 - 2016-03-29 16:05 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-04-13 13:55 - 2016-03-10 21:19 - 07452512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-13 13:55 - 2016-03-10 21:17 - 01663192 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-13 13:55 - 2016-03-10 21:17 - 01523216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-13 13:55 - 2016-03-10 21:17 - 01490128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-13 13:55 - 2016-03-10 21:17 - 01358960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-13 13:55 - 2016-03-10 21:17 - 01133752 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-04-13 13:55 - 2016-03-10 19:48 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-04-13 13:55 - 2016-03-10 19:43 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-13 13:55 - 2016-03-10 18:55 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-13 13:55 - 2016-03-10 18:42 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-13 13:55 - 2016-03-03 18:13 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-13 13:55 - 2016-02-07 01:05 - 00551256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-04-13 13:55 - 2016-02-07 00:41 - 00316760 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2016-04-13 13:55 - 2016-02-05 21:07 - 00378712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-04-13 13:55 - 2016-02-05 17:11 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-13 13:55 - 2016-02-05 17:11 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-13 13:55 - 2016-02-05 17:07 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-13 13:55 - 2016-02-05 17:02 - 01083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-13 13:55 - 2016-02-04 20:07 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpsapi.dll
2016-04-13 13:55 - 2016-02-04 19:35 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpsapi.dll
2016-04-13 13:55 - 2016-02-04 18:23 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2016-04-13 13:55 - 2016-02-04 18:22 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2016-04-13 13:55 - 2016-02-02 19:18 - 01574912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2016-04-13 13:55 - 2016-01-31 19:17 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe
2016-04-13 13:55 - 2016-01-22 07:22 - 02487296 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-04-13 13:55 - 2016-01-22 07:11 - 01482240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-11 17:22 - 2013-01-02 14:08 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-447048058-3512354665-2473454594-1001
2016-05-11 17:19 - 2015-02-22 21:08 - 00753152 ___SH C:\Users\André\Downloads\Thumbs.db
2016-05-11 17:17 - 2015-02-01 12:26 - 00601600 ___SH C:\Users\André\Desktop\Thumbs.db
2016-05-11 17:17 - 2013-02-02 18:30 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-11 17:16 - 2016-03-18 22:35 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-11 17:16 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-11 17:15 - 2015-01-31 22:04 - 00000000 ____D C:\Users\André
2016-05-11 17:12 - 2013-01-03 15:41 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-05-11 16:00 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-11 14:55 - 2015-03-13 21:29 - 00000000 ____D C:\Users\André\Downloads\Archives
2016-05-11 14:51 - 2015-02-06 20:43 - 00003930 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E60977FA-3A81-4898-8919-E45EAAFEA251}
2016-05-10 21:20 - 2015-07-29 16:33 - 00000000 ____D C:\Users\André\AppData\Local\Battle.net
2016-05-10 20:59 - 2015-07-29 16:33 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-05-10 20:28 - 2013-01-11 20:51 - 00000000 ____D C:\Users\André\AppData\LocalLow\Temp
2016-05-10 18:15 - 2016-03-19 15:32 - 00000000 ____D C:\Users\André\AppData\Local\CrashDumps
2016-05-10 18:15 - 2013-05-04 10:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-05-10 18:13 - 2013-05-07 16:01 - 00078208 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2016-05-10 18:13 - 2013-05-04 10:38 - 00146712 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-05-10 17:36 - 2014-09-24 19:06 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-05-10 17:23 - 2013-08-22 15:25 - 01048576 ___SH C:\WINDOWS\system32\config\BBI
2016-05-10 17:17 - 2013-01-03 16:09 - 00000000 ____D C:\Users\André\AppData\Roaming\Skype
2016-05-10 15:50 - 2013-02-18 14:36 - 00007667 _____ C:\Users\André\AppData\Local\resmon.resmoncfg
2016-05-10 15:43 - 2013-11-11 21:04 - 00000000 ____D C:\AdwCleaner
2016-05-10 15:33 - 2014-09-24 19:06 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-05-10 15:33 - 2014-01-06 18:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-10 14:28 - 2014-09-24 19:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-05-10 14:21 - 2014-12-29 11:31 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-05-10 14:20 - 2013-01-05 14:01 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-05-10 14:20 - 2013-01-03 15:39 - 00000000 ____D C:\ProgramData\Adobe
2016-05-09 21:53 - 2014-11-21 05:35 - 01980998 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-09 21:53 - 2014-11-21 04:45 - 00841326 _____ C:\WINDOWS\system32\perfh007.dat
2016-05-09 21:53 - 2014-11-21 04:45 - 00191558 _____ C:\WINDOWS\system32\perfc007.dat
2016-05-09 21:53 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-05-09 21:44 - 2013-06-19 16:13 - 00000000 ____D C:\Users\André\AppData\Roaming\TS3Client
2016-05-09 20:47 - 2014-01-13 17:25 - 00000000 ____D C:\Users\André\AppData\Local\DayZ
2016-05-08 20:22 - 2015-10-01 18:48 - 00000000 ____D C:\Users\André\AppData\Roaming\Spotify
2016-05-08 20:17 - 2015-10-09 13:23 - 00000000 ____D C:\Users\André\AppData\Local\Spotify
2016-05-08 19:54 - 2015-04-02 12:38 - 00000000 ____D C:\Users\André\Downloads\Wallpaper
2016-05-08 12:15 - 2015-01-30 20:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-07 23:23 - 2013-07-06 14:35 - 00000000 ____D C:\Users\André\Documents\My Games
2016-05-06 14:23 - 2015-08-30 19:09 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2016-05-06 14:23 - 2015-08-30 19:09 - 00000000 ___SD C:\WINDOWS\system32\GWX
2016-05-06 14:23 - 2015-02-03 19:00 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-05-05 00:43 - 2016-03-26 00:19 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2016-05-04 21:02 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-04 21:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-02 20:31 - 2013-01-12 14:43 - 00000000 ____D C:\Users\André\AppData\Local\ElevatedDiagnostics
2016-04-29 21:41 - 2016-02-18 20:30 - 00000000 ____D C:\Users\André\Documents\CCleaner Reg Backups!
2016-04-29 07:31 - 2015-03-24 14:29 - 00000000 ____D C:\Users\André\Downloads\LUPO
2016-04-29 06:35 - 2013-01-11 20:49 - 00000000 ____D C:\Users\André\AppData\Roaming\DVDVideoSoft
2016-04-27 20:40 - 2014-08-16 14:13 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-27 20:20 - 2013-09-06 14:40 - 00000000 ____D C:\Users\André\AppData\Roaming\OBS
2016-04-26 15:17 - 2016-02-17 15:39 - 00000000 ____D C:\Users\André\AppData\Local\TeamSpeak 3 Client
2016-04-26 13:01 - 2016-01-01 15:33 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-26 13:01 - 2013-01-03 16:09 - 00000000 ____D C:\ProgramData\Skype
2016-04-24 20:44 - 2016-03-25 15:57 - 00001416 _____ C:\Users\Public\Desktop\Free YouTube To MP3 Converter.lnk
2016-04-24 20:44 - 2013-08-18 13:28 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-04-24 20:44 - 2013-01-11 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-04-20 12:35 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2016-04-16 21:16 - 2013-01-03 15:41 - 00003766 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-04-14 16:20 - 2013-01-02 14:01 - 00000000 ____D C:\Users\André\AppData\Local\Packages
2016-04-14 16:18 - 2012-11-22 11:37 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-04-14 16:17 - 2013-01-18 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
2016-04-14 16:17 - 2013-01-18 20:38 - 00000000 ____D C:\Program Files (x86)\THQ
2016-04-14 16:15 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-04-14 16:15 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-04-14 16:12 - 2015-03-27 22:10 - 00000000 ____D C:\WINDOWS\Minidump
2016-04-14 14:43 - 2013-08-22 16:44 - 00405368 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-13 20:59 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-04-13 19:20 - 2013-08-15 12:24 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-13 19:17 - 2013-01-03 18:22 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-13 13:50 - 2016-01-13 13:43 - 00177488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-04-13 13:47 - 2016-03-09 15:30 - 01501488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-04-13 13:47 - 2016-03-09 15:30 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-04-13 13:46 - 2016-03-09 15:30 - 01737080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-09-14 19:20 - 2014-09-14 19:20 - 0000297 _____ () C:\Users\André\AppData\Roaming\BreakingPoint_Login.ini
2014-09-14 19:23 - 2014-09-14 19:23 - 0001370 _____ () C:\Users\André\AppData\Roaming\BreakingPoint_Options.ini
2014-02-15 10:22 - 2014-02-15 10:22 - 0000011 _____ () C:\Users\André\AppData\Roaming\Network Meter_Usage.ini
2013-08-21 13:54 - 2013-12-21 14:58 - 0000134 _____ () C:\Users\André\AppData\Roaming\Network Monitor II_Traffic.ini
2013-08-21 13:04 - 2013-08-21 13:04 - 0000725 _____ () C:\Users\André\AppData\Roaming\Ping Monitor_Settings.ini
2014-12-21 15:16 - 2014-12-21 15:16 - 0000000 _____ () C:\Users\André\AppData\Roaming\Stardockfences_debug_snapshot.dat
2014-06-19 18:50 - 2014-06-19 18:50 - 0000024 _____ () C:\Users\André\AppData\Roaming\temp.ini
2013-02-16 16:01 - 2013-02-19 18:05 - 0004608 _____ () C:\Users\André\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-03-13 21:16 - 2016-03-13 21:16 - 0007890 _____ () C:\Users\André\AppData\Local\recently-used.xbel
2013-02-18 14:36 - 2016-05-10 15:50 - 0007667 _____ () C:\Users\André\AppData\Local\resmon.resmoncfg
2013-11-25 18:04 - 2013-11-25 18:04 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-01-02 14:02 - 2013-01-02 14:02 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Einige Dateien in TEMP:
====================
C:\Users\André\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-05-10 21:06

==================== Ende von FRST.txt ============================
         

Alt 11.05.2016, 17:07   #14
M-K-D-B
/// TB-Ausbilder
 
Windows 8: Für mich unbekannter Trojaner von Avira gefunden - Standard

Windows 8: Für mich unbekannter Trojaner von Avira gefunden



Servus,



du hast dich heute wieder neu mit der Schadsoftware infiziert... keine Ahnung was du machst, aber so werden wir nicht fertig.

Am besten alles einstellen und nur bereinigen, sonst ist das uferlos.





Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [lvecl-3] => C:\ProgramData\lvecl-74\lvecl-04.exe [916320 2016-05-11] ()
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\RunOnce: [lvecl-9] => C:\Users\André\AppData\Roaming\lvecl-7\lvecl-7.exe [775680 2016-05-11] ()
C:\ProgramData\lvecl-74
C:\Users\André\AppData\Roaming\lvecl-7
Startup: C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pfmea-2.lnk [2016-05-11]
ShortcutTarget: pfmea-2.lnk -> C:\Users\André\AppData\Roaming\pfmea-5\pfmea-09.exe (Keine Datei)
C:\Users\André\AppData\Roaming\pfmea-5
C:\ProgramData\kelvin-2
C:\ProgramData\uum
Reboot:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die beiden neuen Logdateien von FRST.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 11.05.2016, 17:08   #15
Chronos5896
 
Windows 8: Für mich unbekannter Trojaner von Avira gefunden - Standard

Windows 8: Für mich unbekannter Trojaner von Avira gefunden



Die TDSSKiller Datei ist selbst als Anhang zu groß und habe sie deshalb gezippt!


Addition

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:09-05-2016
durchgeführt von André (2016-05-11 17:57:40)
Gestartet von C:\Users\André\Desktop
Windows 8.1 (X64) (2015-01-31 20:32:58)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-447048058-3512354665-2473454594-500 - Administrator - Enabled)
André (S-1-5-21-447048058-3512354665-2473454594-1001 - Administrator - Enabled) => C:\Users\André
Gast (S-1-5-21-447048058-3512354665-2473454594-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-447048058-3512354665-2473454594-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20039 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version:  - Ensemble Studios)
Apple Application Support (32-Bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Arma 3 (HKLM\...\Steam App 107410) (Version:  - Bohemia Interactive)
Assassin's Creed IV Black Flag (HKLM-x32\...\Steam App 242050) (Version:  - Ubisoft Montreal)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{3b87484e-d70b-4b4f-ad59-2ae89571e2cf}) (Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{74d1ef14-dd39-4749-b051-e183a1e27f5e}) (Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{ccdc9cfe-8ba7-4c6c-ac5f-b2d6cfa49efc}) (Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 2(TM) (HKLM-x32\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version:  - )
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty: Black Ops II - Multiplayer (HKLM\...\Steam App 202990) (Version:  - Treyarch)
Call of Duty: Black Ops II - Zombies (HKLM\...\Steam App 212910) (Version:  - )
Call of Duty: Black Ops II (HKLM\...\Steam App 202970) (Version:  - Treyarch)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
Cosmic DJ (HKLM\...\Steam App 297110) (Version:  - Gl33k)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4319 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM\...\Steam App 221100) (Version:  - Bohemia Interactive)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
DVDVideoSoftTB DE Toolbar (HKLM-x32\...\DVDVideoSoftTB_DE Toolbar) (Version: 6.9.0.16 - DVDVideoSoftTB DE)
Empire Earth II (HKLM-x32\...\{DF315348-721C-40B8-BAE2-58C6C7D935A2}) (Version: 1.02 - Sierra)
Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version:  - Bethesda Game Studios)
Fistful of Frags (HKLM-x32\...\Steam App 265630) (Version:  - Fistful of Frags Team)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)
GD Hardware Scan (HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\GD Hardware Scan) (Version: 00.00.00.01 - Social Web Tech LTD)
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version:  - Rockstar North)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hotline Miami (HKLM\...\Steam App 219150) (Version:  - Dennaton Games)
Hotline Miami 2: Wrong Number (HKLM\...\Steam App 274170) (Version:  - Dennaton Games)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1206 - Hewlett-Packard)
HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (HKLM\...\{61ADDE9C-3AE6-46FC-9127-DFFF637AED03}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Hilfe (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.2.8.25 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{B1AD4FFB-DD17-43EC-8C30-B9E71EAD9132}) (Version: 12.2.8.17 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LibreOffice 4.0.0.3 (HKLM-x32\...\{8EA569F1-97AF-4C3E-A0CB-4846C2D35A81}) (Version: 4.0.0.3 - The Document Foundation)
Mediapurge (HKLM-x32\...\Mediapurge) (Version: 5.74 - Peter Lorenz)
METAL GEAR SOLID V: GROUND ZEROES (HKLM-x32\...\Steam App 311340) (Version:  - Kojima Productions)
METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM-x32\...\Steam App 287700) (Version:  - Konami Digital Entertainment)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 46.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 de)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.2 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 364.51 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.2.55 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.2.55 - NVIDIA Corporation)
NVIDIA Grafiktreiber 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.51 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 364.51 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Oblivion (HKLM-x32\...\{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}) (Version: 1.2.0416 - Bethesda Softworks)
Oddworld: New 'n' Tasty (HKLM-x32\...\Steam App 314660) (Version:  - Just Add Water (Developments), Ltd.)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
ParkControl (HKLM-x32\...\ParkControl) (Version: 1.0.1.1 - Bitsum)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Prezi (HKLM-x32\...\{63B8F931-2BF3-4D5D-9C28-E2EF88D83DFD}) (Version: 5.2.8 - Ihr Firmenname)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games)
Rust (HKLM\...\Steam App 252490) (Version:  - Facepunch Studios)
Savant - Ascent (HKLM-x32\...\Steam App 259530) (Version:  - DPad Studios)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.2.55 - NVIDIA Corporation) Hidden
Shovel Knight (HKLM-x32\...\Steam App 250760) (Version:  - Yacht Club Games)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
Source SDK Base 2006 (HKLM-x32\...\Steam App 215) (Version:  - Valve)
Spelunky (HKLM-x32\...\Steam App 239350) (Version:  - )
Splinter Cell Pandora Tomorrow (HKLM-x32\...\{084A9731-D05B-4ADA-B4A0-0ADD25FD7152}) (Version: 1.00.000 - )
Spore (HKLM-x32\...\Steam App 17390) (Version:  - Maxis™)
Spore: Creepy & Cute Parts Pack (HKLM-x32\...\Steam App 17440) (Version:  - Maxis™)
Spore: Galactic Adventures (HKLM-x32\...\Steam App 24720) (Version:  - EA - Maxis)
Spotify (HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Spotify) (Version: 1.0.28.87.g8f9312a4 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: 1.20.0000 - Firefly Studios)
Stronghold 2 (HKLM-x32\...\{16D2C649-CBA8-44EE-B730-12584667D487}) (Version: 1.40.1000 - Firefly Studios)
Stronghold Legends (HKLM-x32\...\{66A405D2-BA14-4594-BF36-B3B544F0754E}) (Version: 1.20.0000 - Firefly Studios)
Studie zur Verbesserung von HP Deskjet 3050A J611 series Produkten (HKLM\...\{EF27865C-E636-47C4-8B35-CE8A88045681}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Culling (HKLM\...\Steam App 437220) (Version:  - Xaviant)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
TI xHCI Filter Driver 1.0.0.4 (HKLM-x32\...\TI xHCI Filter Driver) (Version: 1.0.0.4 - Texas Instruments Inc.)
TI-Nspire™ Computer Link (HKLM-x32\...\{6C5AC088-3136-4043-8985-8B0772A9580E}) (Version: 3.9.0.455 - Texas Instruments Inc.)
Titan Quest (HKLM-x32\...\{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}) (Version: 1.00.0000 - Iron Lore)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Steam App 359550) (Version:  - Ubisoft Montreal)
Tom Clancy's Splinter Cell (HKLM-x32\...\{A174402A-2EE6-4B86-A930-7BC85A9933BD}) (Version: 1.00.000 - )
Tom Clancy's Splinter Cell Chaos Theory (HKLM-x32\...\{888DD888-82BE-4D85-BCB2-2E042CD3E844}) (Version: 1.05.157 - Ubisoft)
Tom Clancy's Splinter Cell Double Agent (HKLM-x32\...\{CAD1691A-FA24-4B95-9009-3257B8440ECC}) (Version: 1.00.0000 - Ubisoft)
Torchlight (HKLM-x32\...\{4F64A46D-67F7-4497-AEA2-313D4305A5F6}) (Version: 1.0.0 - JoWooD)
Total War: SHOGUN 2 (HKLM-x32\...\Steam App 34330) (Version:  - The Creative Assembly)
UE4 Prerequisites (x64) (HKLM-x32\...\{b46d36bc-2438-471e-abe8-1fbbd51754ee}) (Version: 1.0.10.0 - Epic Games, Inc.)
UE4 Prerequisites (x64) (Version: 1.0.10.0 - Epic Games, Inc.) Hidden
Unity Web Player (HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 13.0 - Ubisoft)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Warface Launcher (Beta) (HKLM-x32\...\{28D1723C-31C4-4A83-9799-DFFB3739026D}) (Version: 1.0.0 - Crytek GmbH)
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 3.0.2.1739 - 1&1 Mail & Media GmbH)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Phone app for desktop (HKLM-x32\...\{19773614-FC22-4ACC-AAA3-E6BDA81ACF92}) (Version: 1.1.2726.0 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Xfire (remove only) (HKLM-x32\...\Xfire) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-447048058-3512354665-2473454594-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\André\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {07B1D83F-8BE6-4268-AC95-5B99EDED3305} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {1134DC2D-A6A0-4857-8DFB-4E0F493CAD27} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-01-29] (Oracle Corporation)
Task: {209E117D-060D-4095-8226-DA5E1595625F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-13] (Microsoft Corporation)
Task: {3580C528-E0CC-4735-86E3-63A0B8BCC508} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)
Task: {47FBDEF3-2941-4F4E-B108-6C180438BAE8} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {49C98BDB-BD1D-44D9-96D6-A9FD5A0AA4AA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-04-06] (Hewlett-Packard)
Task: {4F62D898-94B2-44CA-967B-B256E3AA2E0F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-03-07] (Hewlett-Packard)
Task: {515A7EF6-E89A-4707-835F-F8036BCBB02A} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => C:\Windows\system32\GWX\GWXDetector.exe [2016-04-26] (Microsoft Corporation)
Task: {6F39FF7F-B3BA-4B3A-A5AB-3A23DF5DAB64} - System32\Tasks\ScanToPCActivationApp.exe_{1848EEB4-045A-492D-97B5-A1ABDF8FFF51} => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {92B2AB27-9A52-4CB1-8134-B402BA47CF27} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {9D530CB6-040B-44AE-9475-D09A3FB7A7AC} - System32\Tasks\AdobeFlashPlayerUpdate => C:\windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {9DC3DA29-DD1B-43FF-AE81-EAAF2E7E2D03} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-16] (Adobe Systems Incorporated)
Task: {A5222A0D-D798-4B9B-AB9E-7AE2C8386DCC} - System32\Tasks\{4E94E5CB-7B80-4D4F-9653-5B045DBB0562} => pcalua.exe -a "C:\Users\André\Desktop\Slender\Slender - The Eight Pages.exe" -d C:\Users\André\Desktop\Slender
Task: {C1A2FCF6-99E3-4AE2-9EA2-48A2DE8E20AC} - System32\Tasks\ParkControl => C:\Program Files\ParkControl\ParkControl.exe [2015-12-19] (Bitsum LLC)
Task: {CE8DAAA5-D76A-4FA8-9C91-D49F86D10B9A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {D019B7C6-F960-47C3-90A7-9C8E4C03031F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {D36339C6-3F6E-4807-AD00-0BB992F63485} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {D506C41B-B7C3-473F-B43A-792AF9162E0D} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {D66487DC-8EB8-41B7-8AB1-DB26B7F97C86} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {FDD4D2D1-CB44-4FBA-B4E2-759CB8AA2E0C} - System32\Tasks\Game_Booster_Startup => C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\HP Deskjet 3050A J611 series.exe_{ADEB0F8D-477A-423E-88C7-3805843D3C4B}.job => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HP Deskjet 3050A J611 series.exeĖ-install -prfn HP Deskjet 3050A J611 series (Netzwerk) -ePCUrl hxxps:/h30495.www3.hp.com
Task: C:\WINDOWS\Tasks\HPCustPartic.exe_{490607ED-986D-40BF-BE2C-16BB55AA064D}.job => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\ScanToPCActivationApp.exe_{E224E030-DCCD-4312-8F4E-8929E6A12B66}.job => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
Task: C:\WINDOWS\Tasks\Toolbox.exe_{69C0F34C-8CBD-4512-B13B-F24BE0CC5553}.job => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\Toolbox.exe
Task: C:\WINDOWS\Tasks\XboxStatTask.job => C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-03-18 22:35 - 2016-03-08 08:27 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-03-18 22:37 - 2016-03-30 03:21 - 00366528 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-03-18 22:36 - 2016-03-30 03:21 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-04-01 13:38 - 2016-03-30 03:21 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-03-18 22:37 - 2016-03-30 03:22 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2013-01-03 19:54 - 2015-03-26 21:23 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2016-04-01 13:38 - 2016-03-30 03:21 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-04-01 13:38 - 2016-03-30 03:22 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-03-18 22:37 - 2016-03-30 03:22 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-04-01 13:38 - 2016-03-30 03:21 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-04-01 13:38 - 2016-03-30 03:20 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-04-01 13:38 - 2016-03-30 03:20 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2014-12-10 19:08 - 2016-04-26 12:38 - 00120912 _____ () C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
2016-03-11 22:49 - 2016-03-11 22:49 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-11-23 10:58 - 2016-03-23 14:06 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2014-11-23 10:58 - 2016-03-23 14:06 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2014-11-23 10:58 - 2016-03-23 14:06 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2014-11-23 10:58 - 2016-03-23 14:06 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2014-11-23 10:58 - 2016-03-23 14:06 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2014-11-23 10:58 - 2016-03-23 14:06 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-03-18 22:36 - 2016-03-30 03:28 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-03-12 18:10 - 2016-04-29 22:10 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-23 16:20 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-05-23 14:15 - 2016-04-30 02:10 - 02549840 _____ () C:\Program Files (x86)\Steam\video.dll
2015-01-23 16:20 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-23 16:20 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-08-29 14:47 - 2016-02-09 01:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 14:47 - 2016-02-09 01:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 14:47 - 2016-02-09 01:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 14:47 - 2016-02-09 01:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 14:47 - 2016-02-09 01:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2013-02-02 18:37 - 2016-04-30 02:10 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 15:02 - 2016-02-18 00:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2013-02-02 18:37 - 2016-04-28 03:00 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-11-22 11:38 - 2012-07-18 10:50 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-01-23 16:20 - 2015-09-25 01:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-447048058-3512354665-2473454594-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\André\Downloads\Wallpaper\wallhaven-156813.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: WeGameClientService => 2
HKLM\...\StartupApproved\StartupFolder: => "Speedport W 101 WLAN Manager.lnk"
HKLM\...\StartupApproved\StartupFolder: => "LOLRecorder.lnk"
HKLM\...\StartupApproved\StartupFolder: => "simplicheck.lnk"
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "BingDesktop"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "BF2Hub Client"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\StartupFolder: => "Xfire.lnk"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\StartupFolder: => "OpenOffice.org 3.4.1.lnk"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\StartupFolder: => "Steam.lnk"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "SUPERAntiSpyware"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "GUDelayStartup"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{2F81C9A0-7BBE-4D71-8051-29AB84EE6F7C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9DE8F934-ADAD-4318-880A-BA8C00675792}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{525FF56F-BD8E-4FF1-AC06-78A70ED5832D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SavantAscent\Savant_Ascent.exe
FirewallRules: [{40D1C4D5-5783-45CE-B50D-2EEC03C7C17A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SavantAscent\Savant_Ascent.exe
FirewallRules: [UDP Query User{C90CE360-557C-4657-B704-20F529B34C8E}C:\songan's ttt server - kopie\srcds.exe] => (Allow) C:\songan's ttt server - kopie\srcds.exe
FirewallRules: [TCP Query User{D4F0CF27-9B16-40CA-B125-178FA527F955}C:\songan's ttt server - kopie\srcds.exe] => (Allow) C:\songan's ttt server - kopie\srcds.exe
FirewallRules: [{A3195EE6-31BB-4692-B88C-0E8C843A9BF7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{06EA1C1B-FFA2-492D-8A33-9B57E002C990}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{E1EB2855-1798-4EDE-8B3B-82F5861378C5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{FE4BB57F-B9C3-4B90-9532-3E31FAD1EC69}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{557AFC36-E381-4CA4-AEE1-AC9E8DABCAF7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{31EE1A19-89CE-40CC-9182-EF6F2780E78D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{FC0B2104-7D49-442C-97B7-677F51721FFA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{03DEC87D-CCA7-47CD-9190-805E58AD02C6}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{0B154B0F-E8BF-4E10-9AFB-602ACE45A389}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{EA882129-9F6E-47F3-B8A1-B714FAC38BB0}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe
FirewallRules: [{BDB3192D-E7E9-413A-9396-70B3873A65C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{9C5C6319-4BD7-4958-AF85-0390C636FE26}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{0344D2C1-5B07-4B6F-9100-DC8397B20E52}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shovel Knight\ShovelKnight.exe
FirewallRules: [{6060FB65-6E8E-42FF-B1B8-775DECDC7404}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shovel Knight\ShovelKnight.exe
FirewallRules: [{14ABDB4B-012F-4764-A146-87C57D507349}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{3ECB7973-9619-405E-A6BE-1388AE65C0B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{E3578200-F99C-4118-8086-3D55D018DEBE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{77A50C45-2191-4923-814A-6E2BA8B0A02E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{D35C7CB8-288E-4C90-B301-D96FD6B4F1C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporebinEP1\SporeApp.exe
FirewallRules: [{654C398B-5DF4-4B24-B2E4-377168A393CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporebinEP1\SporeApp.exe
FirewallRules: [{355A24CE-660C-4E0D-B3CF-5F9A3A64C921}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\runme.exe
FirewallRules: [{22118AC4-2C6C-4A21-98E3-22CFE6EF30C1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\runme.exe
FirewallRules: [{F1B9229F-40C8-4BF7-8D09-07764066B3BF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe
FirewallRules: [{2673C359-B53B-40E4-9129-0E366B225601}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe
FirewallRules: [{19FCCC1D-B026-4BE5-9F5E-A60048284120}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{2F8C6559-20EB-4C1C-A37B-B5B2985E543D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{31DF9A60-1465-4A7A-B93D-7EFBCDCFFCF2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{3887276F-6885-4E22-9F4B-3ABC201D6449}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D4C2095B-7F89-4922-B8C4-B8827F84A2DB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D0268C2D-602B-4546-BA83-BB6BABE79EDF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2CA630FB-839D-40DB-9F36-228B7F224361}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{AF7CEDE2-2D7E-4353-8884-1C2491D82A4C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [UDP Query User{AB62C390-516F-4D0D-9FA3-691F9B6D52D2}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [TCP Query User{61338F15-C415-4289-88E5-E4D1456EF082}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [{AE67764D-BD85-405D-909A-B40D6A2D364B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{A05353E0-15C5-4636-91E5-3EC3DB7A9298}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{74FD4306-F4CE-4F02-AA0A-66FABFAF2526}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{D8D25627-2D6B-416C-A1B7-F15DB81C4CC1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [UDP Query User{60F2F817-AD57-4421-9452-9459338C4CB0}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [TCP Query User{04AD78F5-1C42-4AC3-8B08-0F992D282CA5}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [UDP Query User{6484B4C8-1523-4FEA-896C-6D9D95068AA8}C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe] => (Allow) C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe
FirewallRules: [TCP Query User{510AED7B-4C10-43DD-9E41-C64994BFEC9E}C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe] => (Allow) C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe
FirewallRules: [{10B45A3C-510B-49D0-B8E9-18C5B443BB7F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{DC6B5AFF-687B-42F4-B773-5B4C844B8A0A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{937343C7-994B-47F9-A316-66587B212F11}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{1A3EF871-27E4-4CBC-B74B-B2383F0DFFF9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{E54F4129-E34D-4242-B28A-3934E7456BA7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{DA5F7BAC-034D-4514-AB1E-3A8F49EC98FC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{4CCB3275-446A-4A5E-984B-E661A5906CE1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{3B2F061E-9DEE-4A60-BB66-553D949A1CE8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{16766F7A-84A3-47D2-BB13-C739A79A6BC4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{F4AD3048-6EC2-4C89-9AE4-3079E222A515}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{4C19DB87-1819-4DEC-A423-C5D30DED153C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{B76F0C57-6BE2-41BA-8FDC-D600A548733A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [UDP Query User{C7B0AA1C-B270-46B5-A6DD-E789B6CF0316}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [TCP Query User{434FF7C0-9231-4B8F-98BD-4272CB9EA40F}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [UDP Query User{4368F7BC-2A7C-4AF9-AB66-A7C6C67449E8}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [TCP Query User{CA39CCB2-445B-4394-977C-B740672B0350}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [{D5C94B11-2437-48C8-A43B-1EBADF3BE765}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{A878638D-E967-4491-BF24-9D823CEE97A8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{B04BA630-71E3-48BB-A53D-43E9B3AD9A5F}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{4E37412E-E309-4DA4-84C7-61826D930253}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{BE7C4B8C-D22C-4D39-8769-D7D17B52C432}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe
FirewallRules: [{81FA855D-D76B-4447-984C-FD3599D90623}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{67C1EB95-DE28-4F2B-9058-7B3A2C72D823}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [UDP Query User{816344A6-B7AA-436A-BAF9-ED24DFB232A6}C:\gog games\arcanum\arcanum.exe] => (Block) C:\gog games\arcanum\arcanum.exe
FirewallRules: [TCP Query User{FCADCA24-8865-4D9D-A358-492C0B930FD7}C:\gog games\arcanum\arcanum.exe] => (Block) C:\gog games\arcanum\arcanum.exe
FirewallRules: [{CC9108CA-CAB2-488E-8173-A09E6DBEFB19}] => (Allow) C:\Program Files (x86)\7DaysToDie-Alpha\7DaysToDie.exe
FirewallRules: [{6E596561-2567-4AA7-8292-2F13D08053FD}] => (Allow) C:\Program Files (x86)\7DaysToDie-Alpha\7DaysToDie.exe
FirewallRules: [{E211D57C-F8D2-4000-8717-F6EB9BFED9C1}] => (Allow) C:\Program Files (x86)\7DaysToDie-Alpha\7DaysToDie.exe
FirewallRules: [{89D923D0-52AD-45D3-AB79-2B2FCFA7EEC9}] => (Allow) C:\Program Files (x86)\7DaysToDie-Alpha\7DaysToDie.exe
FirewallRules: [UDP Query User{20BC6940-EC8A-4D84-ADA8-0CAC1583C908}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{5B108050-331D-4078-91F7-333C2FD058F0}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{F7029719-F975-4165-B9DE-4B50E21FBD96}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spelunky\Spelunky.exe
FirewallRules: [{552360C1-3E4D-4478-B81A-743E57C60ADE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spelunky\Spelunky.exe
FirewallRules: [UDP Query User{1AF00546-D969-4B95-BCE1-20AD60109548}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [TCP Query User{2DED59E3-BCD4-4AD1-A751-69C0D993C9C0}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe
FirewallRules: [{E167F28F-3CDB-4E9C-BC93-54BA1A2C3C01}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{866386DB-549E-451B-8B08-324399D57293}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{84D5A424-B0E1-48B8-99F7-56DB8A7D831D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{B320A94D-2C0A-40BC-A57E-B8FF09548745}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{3D8FCAA0-AF8A-4080-B76E-91B00EEF2A12}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{4A5D0F96-864C-488C-A3DE-31A996CDA638}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [UDP Query User{7A239781-B79A-4B27-92BB-D85A772CDE98}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{7061FBA7-108A-4A04-A3F1-0C3A4259C982}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{11A23F99-555C-444F-857D-496287B9A48F}G:\photoshop elements 7.0\adobephotoshopelementsmediaserver.exe] => (Allow) G:\photoshop elements 7.0\adobephotoshopelementsmediaserver.exe
FirewallRules: [TCP Query User{BA0ECDB6-A448-4439-A0A6-374398724581}G:\photoshop elements 7.0\adobephotoshopelementsmediaserver.exe] => (Allow) G:\photoshop elements 7.0\adobephotoshopelementsmediaserver.exe
FirewallRules: [UDP Query User{2AD03E61-6CB6-4DB2-A353-217D91DEBB80}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{0A63AFDA-95CA-4F6C-8E66-D7A04EF5F6CA}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{854A33A6-B57B-49A4-BC0B-B447864978E7}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [TCP Query User{3D45854F-3635-4D6A-ADF4-0EBEE2575081}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [UDP Query User{979C4E21-D9C4-49F4-BCE0-EF5DA3644EDE}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{2C72D711-F6FE-41A5-8E01-8BD6424A81C9}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{F7667282-18D2-4EEC-845E-3B3BCA6702EA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{DC7BF070-51A4-41A4-B1FB-F05B12A05E32}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{B9B504D2-0BED-44C8-87A1-B03F9A25CB3D}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [{88C338FE-13BA-49E4-B938-296AEF29807B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4EEC4502-D631-42C4-8990-017FBDE70B5A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CFC7DE7C-9FD1-46FC-86B0-78C26A9B7775}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold\Stronghold.exe
FirewallRules: [{47442B8F-1B8A-4BF4-98E7-5A4025AA9F33}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold\Stronghold.exe
FirewallRules: [{8E386419-8F65-43C5-A842-65EC79A74C5E}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold 2\Stronghold2.exe
FirewallRules: [{0FEB2ABB-96A2-4F9B-B5DF-352080B000A0}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold 2\Stronghold2.exe
FirewallRules: [UDP Query User{A73EB24B-5760-406C-92F6-01680BFD0E17}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{ABC0EAEB-F6E3-42D6-A4AF-E4698720895E}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{615E09E1-58DF-4F2B-9001-EC72C28F1ED4}C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\system\splintercell3.exe] => (Allow) C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\system\splintercell3.exe
FirewallRules: [TCP Query User{199F5DA8-537B-4802-A081-BCC0BDCA4D49}C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\system\splintercell3.exe] => (Allow) C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\system\splintercell3.exe
FirewallRules: [{84A117B9-6229-4B07-AA4C-592C006DAF17}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Legends\StrongholdLegends.exe
FirewallRules: [{F547011A-F4A2-4823-9514-BFBC0F04DF47}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Legends\StrongholdLegends.exe
FirewallRules: [UDP Query User{1F14F8E7-EF0B-4C0D-A2DC-7D79E56FCD90}C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe] => (Allow) C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe
FirewallRules: [TCP Query User{843B521A-F575-49BB-A5E6-A8BAF3F39FDB}C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe] => (Allow) C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe
FirewallRules: [{0B44211B-1D40-4E7E-B060-6CA1F81528A3}] => (Allow) LPort=1900
FirewallRules: [{CE1660CA-ECA5-44DE-A94C-25D5ADC5A300}] => (Allow) LPort=2869
FirewallRules: [{E1FD84FD-A7D8-4832-9B25-FBFC9302E2EA}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{2060FED0-2274-4EAA-BF88-879831BB9D71}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{35E64E04-DDCC-40A5-B7DF-DC924212030D}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [TCP Query User{7A28D840-1BC8-4A6B-8A79-EFF25E28477E}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{EDD83D34-D790-4F04-AF0B-12A09F8A5F6B}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{6C8D7433-1032-4924-92EE-E231B2C60069}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{080B0641-9913-418C-83AF-B418D6421F3E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{4A0EF7F6-2123-422C-9B03-E67434EC229A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Oddworld New n Tasty\NNT.exe
FirewallRules: [{863BA61A-4FEF-4D22-B6F7-2A6A445CD55D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Oddworld New n Tasty\NNT.exe
FirewallRules: [TCP Query User{EE59E25E-E681-4F6D-AF72-AD2A1F391D43}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{F7147E30-BE04-4702-BB59-3CF913696D06}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{7366368D-2C3F-4C0C-94C9-79291994E5EF}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{8A83C40E-4BAC-4B5E-A74D-221CCD63CF3D}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{B0603A95-9371-4DDE-873B-3E9B50060C5E}] => (Allow) C:\Program Files (x86)\EA Games\Battlefield 2\BF2.exe
FirewallRules: [{0D170153-EA06-42AA-9A18-94CF56EC2C1D}] => (Allow) C:\Program Files (x86)\EA Games\Battlefield 2\BF2.exe
FirewallRules: [TCP Query User{5F2D22DE-18CE-4B5B-A2A4-AE30C787FF0F}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe
FirewallRules: [UDP Query User{042AC962-6FD7-4955-A24A-518DF58804BB}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe
FirewallRules: [{82DD64BA-BE73-4A59-BC83-D0CBCAD11B33}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{44407D7A-EA04-4913-90A4-F6270C3E8934}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D5E03025-EB0F-4A7C-BB33-A3F9DD115AE6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D9D485A7-E593-4F69-8763-71B6B32FA889}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{18EBDBB0-6F97-4DBD-9FE2-E95D002547EA}C:\program files (x86)\ea games\battlefield 2\bf2.exe] => (Allow) C:\program files (x86)\ea games\battlefield 2\bf2.exe
FirewallRules: [UDP Query User{73446A00-A12F-4119-8470-7F8545100C5C}C:\program files (x86)\ea games\battlefield 2\bf2.exe] => (Allow) C:\program files (x86)\ea games\battlefield 2\bf2.exe
FirewallRules: [{148BD9DE-CE7B-495B-808D-4493B12374BC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [{74E5C093-E8B3-43AF-B873-FF22E5D9C20D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [{83BA189A-2359-4DF2-9B85-4243C11527B5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B3852A97-3C8C-4718-9B64-A8BDCA0A2E5C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{75D3D7EE-8634-44FC-9B6D-398DBD05BDDC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fistful of Frags\sdk\hl2.exe
FirewallRules: [{55B707B7-0D91-4B83-BD64-3B43BC35E5C3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fistful of Frags\sdk\hl2.exe
FirewallRules: [TCP Query User{3FA714E6-27A8-4C83-A83D-3F14708C7522}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe
FirewallRules: [UDP Query User{4B650623-F185-4E8F-B32C-923681610894}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe
FirewallRules: [{3FB0EED4-4D83-4864-8256-1112E438528A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 3 goty\FalloutLauncher.exe
FirewallRules: [{5EBD8610-3469-4A9A-B763-93442B6B1E9B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 3 goty\FalloutLauncher.exe
FirewallRules: [{10F8A69D-4A78-43DE-A010-A8D58C912584}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [{CCC81A88-F96B-482F-A763-63A8BC4FBABD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe
FirewallRules: [{04A68A81-678E-4E08-A891-118BF8A82A13}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{5601EF96-3EE6-4AC2-8E5C-9B3C70F1E055}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{F900103E-5B80-4ECD-88B4-7F921E7982DA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{03192198-3130-4974-96A8-59765F30ABE5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{07E757A0-BEA6-4D39-BA47-1322E5A4F972}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{AA00C280-76B2-4D38-A4EA-F40C474FE62D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [TCP Query User{80A3FF00-1CE5-40FA-BD74-CDF7B1FEE7A5}C:\program files (x86)\ti education\ti-nspire computer link\ti-nspire computer link.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire computer link\ti-nspire computer link.exe
FirewallRules: [UDP Query User{A24F1D35-3B16-4FC8-AE35-EFD7D74302B5}C:\program files (x86)\ti education\ti-nspire computer link\ti-nspire computer link.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire computer link\ti-nspire computer link.exe
FirewallRules: [TCP Query User{04AEA058-464E-45DC-9F12-93012201A387}C:\program files (x86)\ti education\ti-nspire computer link\jre\bin\java.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire computer link\jre\bin\java.exe
FirewallRules: [UDP Query User{BE617A23-6191-4E1B-A1CE-EF5C38152015}C:\program files (x86)\ti education\ti-nspire computer link\jre\bin\java.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire computer link\jre\bin\java.exe
FirewallRules: [TCP Query User{B5EF835B-497F-41DE-BC00-7BF39F3DBAB2}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{87D57B25-B389-4873-99F1-F1F4B56DB10E}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [TCP Query User{009D5093-8B1A-47ED-B2D1-75DCD3A253AF}C:\users\andré\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\andré\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{8B7F0374-A4DB-4F25-96A9-11C334A778A5}C:\users\andré\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\andré\appdata\roaming\spotify\spotify.exe
FirewallRules: [{68241CF8-3F67-4606-9CD6-9B44629D1FA3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{371DDF5E-863C-4B04-AA36-9BCA8957ABAF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B3852398-F898-4F6F-A736-001671E9D853}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2F46FAC5-39DA-48CB-87B7-2DB63DF9CC9B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{57EA8011-8988-497E-84D0-F9502DB2A1CA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{11C55929-3DB5-4FFF-8D23-A6A63911510C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5A8CFE7B-899A-4490-BA84-3F58FA2E8F38}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{0464378F-CD97-4216-A966-760782823490}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{35496E53-0B61-408F-8762-039BB5C1035C}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{2E6E8688-E1C8-47E6-B2D9-7E594F859EA7}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{9522C61C-0FA5-42CF-99A6-8796BC8ABBB3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{E25BCE61-2553-4378-B9C8-32AA3DE4414B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{FABC240F-274B-47AC-858F-438E14DB95F9}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [TCP Query User{6A11780A-C673-4C25-B63A-2AC4A906E120}C:\songan's ttt server - kopie\srcds.exe] => (Allow) C:\songan's ttt server - kopie\srcds.exe
FirewallRules: [UDP Query User{FEBEFACE-4396-49C6-91E1-33AFCF378EB8}C:\songan's ttt server - kopie\srcds.exe] => (Allow) C:\songan's ttt server - kopie\srcds.exe
FirewallRules: [{8E73AB31-C8AD-4F78-AEBF-565629D44666}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{2330A750-582C-4E3D-8E02-56F0FA5E1800}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{7A629A0A-1D85-462A-8131-C0F1A0FED8BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{569AB28B-79DA-4152-98C7-8FC358FC16A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{56C07A57-BFA5-470E-8B65-52E04CA6E40E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{BDCC194D-ABA9-4892-B891-FCC35B720DD7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{55449DDA-7F51-4C61-8861-B3C700B4A81F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B2D89EFE-0FB9-4756-9144-21CFA0AA27BA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{44F22EFC-FB2D-4E4D-B1A1-3A9C31E2D3A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{4B96DCC9-61BA-4747-8A57-9B0DEC5D083A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1274CD60-E8E4-469D-9A12-04443BFCBAF8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F0065602-B604-471B-AF08-8447902B5DA3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{262C47AA-404B-48BA-8D26-F495E5069386}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{410F82CB-A332-4660-91D6-53EC5F42E57D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheCulling\TheCulling_Launcher.exe
FirewallRules: [{AFFB53C2-13B6-4304-A294-3BB329BD7A32}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheCulling\TheCulling_Launcher.exe
FirewallRules: [TCP Query User{5CC79050-2FF6-4A33-8DA8-E4C465A2A3DE}C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe
FirewallRules: [UDP Query User{4765706F-B3BB-43A0-B242-0A13CE229922}C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe
FirewallRules: [{637479C3-5E89-4FAC-8365-DDD65B257ED8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{EC6C7D2A-4B98-43D4-A98D-A5F23E492F17}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{874A6590-5815-43EC-B566-7CBEB1912029}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{F6A32B85-6372-45E2-92B3-0AFC0691F1B7}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{99098603-601D-4775-9C3F-BEC0C8D673D8}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{5B9E721E-7C91-4AFB-8D54-F23B323D8D38}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{3AF93217-33B9-474C-8F86-6DA2552DA48D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{B0ACEF2B-4DBF-4D2D-81F2-89919DADDAE2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{2DADFF23-7A32-40C7-97D3-74EBF26FC353}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{D904EB1D-3CF6-4D18-ABAD-152EC199EABB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{61D4255A-0725-4A20-86E9-A34E748B4F71}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{9211B61F-6AB9-436E-AE60-FB5D52BFC6F2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{34F5F4C6-599F-4D22-A403-1FEFEB04F774}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{E43876E3-8A49-45C9-A1BE-FD30D5F51304}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{7D629C6C-2852-4C13-AE7C-C6E7D0F14E6E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{4E5CBD26-E8EA-4812-9703-902E1871A0D9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rust\Rust.exe
FirewallRules: [{7040C603-3913-4BA6-BD1E-E937BD819C14}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rust\Rust.exe
FirewallRules: [TCP Query User{4C1C0507-D001-4114-820D-F8D2A26F0901}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{559A0FF3-0735-4B3A-A8DC-D372E4F2896F}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{4B42444C-39EC-4DE6-93C4-F37658C012D4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hotline Miami 2\HotlineMiami2.exe
FirewallRules: [{0EEDE53D-E7BD-4BFE-8190-8761E301FC43}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hotline Miami 2\HotlineMiami2.exe
FirewallRules: [{22E36B34-93CD-4B4F-A5FB-5AFFD7F9217C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{B9204EB4-20CE-4AA5-8A1A-9324E6806329}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{58307D7D-485E-456D-8D40-11B231A2D5F2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cosmic DJ\CosmicDJ.exe
FirewallRules: [{305A4E45-3FEB-4293-B381-B5077FD9A4ED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cosmic DJ\CosmicDJ.exe
FirewallRules: [{9CF03B3A-02D5-46EC-847C-B86C6D0FD8C8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{832A744E-84A5-4E7D-96D3-870816E7DCF5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe
FirewallRules: [{4960FF1E-13FB-4F4A-8842-D66DD000EB40}] => (Allow) LPort=53000
FirewallRules: [{C4B68FC8-AB08-477B-A699-8C1096FB3B7C}] => (Allow) LPort=52000

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/11/2016 02:59:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST64(1).exe, Version 9.5.2016.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1c74

Startzeit: 01d1ab84b3f55f5e

Endzeit: 4294967295

Anwendungspfad: C:\Users\André\Downloads\FRST64(1).exe

Berichts-ID: 21af9b2c-1778-11e6-bf76-b4b52fc7b10a

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/10/2016 07:38:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: avscan.exe, Version: 15.0.17.264, Zeitstempel: 0x56f29038
Name des fehlerhaften Moduls: AVSCPLR.DLL, Version: 15.0.17.264, Zeitstempel: 0x56f28832
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000638b
ID des fehlerhaften Prozesses: 0x78c
Startzeit der fehlerhaften Anwendung: 0xavscan.exe0
Pfad der fehlerhaften Anwendung: avscan.exe1
Pfad des fehlerhaften Moduls: avscan.exe2
Berichtskennung: avscan.exe3
Vollständiger Name des fehlerhaften Pakets: avscan.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: avscan.exe5

Error: (05/10/2016 06:15:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: avcenter.exe, Version: 15.0.17.264, Zeitstempel: 0x56f28f71
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x17a4
Startzeit der fehlerhaften Anwendung: 0xavcenter.exe0
Pfad der fehlerhaften Anwendung: avcenter.exe1
Pfad des fehlerhaften Moduls: avcenter.exe2
Berichtskennung: avcenter.exe3
Vollständiger Name des fehlerhaften Pakets: avcenter.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: avcenter.exe5

Error: (05/10/2016 05:25:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: avscan.exe, Version: 15.0.16.276, Zeitstempel: 0x56c489d7
Name des fehlerhaften Moduls: AVSCPLR.DLL, Version: 15.0.16.280, Zeitstempel: 0x56c6e004
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000649b
ID des fehlerhaften Prozesses: 0x790
Startzeit der fehlerhaften Anwendung: 0xavscan.exe0
Pfad der fehlerhaften Anwendung: avscan.exe1
Pfad des fehlerhaften Moduls: avscan.exe2
Berichtskennung: avscan.exe3
Vollständiger Name des fehlerhaften Pakets: avscan.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: avscan.exe5

Error: (05/10/2016 04:15:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm soffice.bin, Version 4.0.0.103 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 134

Startzeit: 01d1aac5e6629c16

Endzeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\LibreOffice 4.0\program\soffice.bin

Berichts-ID: 905d7871-16b9-11e6-bf73-b4b52fc7b10a

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/10/2016 03:54:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17415 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1c18

Startzeit: 01d1aac2ba88ef09

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe

Berichts-ID: adf18511-16b6-11e6-bf73-b4b52fc7b10a

Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (05/10/2016 03:32:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HPConnectedRemoteService.exe, Version: 1.0.1206.0, Zeitstempel: 0x503e3c5d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18264, Zeitstempel: 0x56e1bd71
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000000000008a5c
ID des fehlerhaften Prozesses: 0x218c
Startzeit der fehlerhaften Anwendung: 0xHPConnectedRemoteService.exe0
Pfad der fehlerhaften Anwendung: HPConnectedRemoteService.exe1
Pfad des fehlerhaften Moduls: HPConnectedRemoteService.exe2
Berichtskennung: HPConnectedRemoteService.exe3
Vollständiger Name des fehlerhaften Pakets: HPConnectedRemoteService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: HPConnectedRemoteService.exe5

Error: (05/10/2016 03:32:03 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: HPConnectedRemoteService.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Management.ManagementException
   bei System.Management.ManagementException.ThrowWithExtendedInfo(System.Management.ManagementStatus)
   bei System.Management.SinkForEventQuery.Cancel()
   bei System.Management.ManagementEventWatcher.Stop()
   bei HP.Seeker.ProcessMonitor.StopProcessWatchers()
   bei HP.Seeker.ProcessKeeperService.StopProcesMonitors()
   bei HP.Seeker.HPSeekerSwitchboard.StartUserService()
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   bei System.Threading.ThreadHelper.ThreadStart()

Error: (05/07/2016 12:48:42 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database

Error: (05/05/2016 07:39:07 PM) (Source: MsiInstaller) (EventID: 1002) (User: André-PC)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList".


Systemfehler:
=============
Error: (05/11/2016 05:19:30 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (05/11/2016 05:19:22 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (05/11/2016 05:15:49 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT)
Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001.

Error: (05/11/2016 05:15:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/11/2016 05:15:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/11/2016 05:15:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Audio Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/11/2016 05:15:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Druckwarteschlange" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/11/2016 05:15:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Apple Mobile Device Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/11/2016 05:15:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Digital Wave Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/11/2016 05:15:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA GeForce Experience Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2013-08-19 13:11:11.339
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 8147.35 MB
Verfügbarer physikalischer RAM: 5076.24 MB
Summe virtueller Speicher: 12499.35 MB
Verfügbarer virtueller Speicher: 8689.27 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:918.61 GB) (Free:91.64 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Recovery Image) (Fixed) (Total:10.98 GB) (Free:1.33 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (NVCDV243) (CDROM) (Total:1.18 GB) (Free:0 GB) CDFS
Drive g: () (Removable) (Total:1.86 GB) (Free:0.32 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 9FE15288)

Partition: GPT.

========================================================
Disk: 1 (Size: 1.9 GB) (Disk ID: 000A4BAE)
Partition 1: (Active) - (Size=1.9 GB) - (Type=0C)

==================== Ende von Addition.txt ============================
         

Antwort

Themen zu Windows 8: Für mich unbekannter Trojaner von Avira gefunden
.dll, adobe, antivir, avira, ccsetup, defender, desktop, dnsapi.dll, explorer, firefox, flash player, installation, mozilla, mp3, problem, prozesse, registry, rundll, scan, services.exe, software, svchost.exe, system, teamspeak, trojaner, trojaner 'tr/crypt.epack.gen', virus, windows



Ähnliche Themen: Windows 8: Für mich unbekannter Trojaner von Avira gefunden


  1. Windows 7: unbekannter Task poppt ständig auf
    Mülltonne - 15.03.2016 (0)
  2. Windows 7, Trojaner von Avira geblockt + entfernt, Malwarebytes möglicher Fund aber von Avira geblockt
    Log-Analyse und Auswertung - 13.05.2015 (13)
  3. Logfiles unbekannter Herkunft in Windows/Temp
    Plagegeister aller Art und deren Bekämpfung - 20.02.2015 (5)
  4. windows 7: staendig unbekannter datendownload
    Log-Analyse und Auswertung - 30.11.2014 (13)
  5. Windows XP - Die Ausnahme "Unbekannter Softwarefehler" von Avira-Scan, Windowas Firewall geht und svchost.exe verursacht hohe CPU Auslastung
    Log-Analyse und Auswertung - 20.12.2013 (9)
  6. Windows XP GVU-Trojaner lässt mich nicht in den abgesicherten Modus
    Log-Analyse und Auswertung - 22.10.2013 (5)
  7. Fehlermeldung: RunDLL Problem beim starten von C:\ Program Files (x86) \ Home Tab \ TBUpdater.dll Das angegebene Modul wurde nicht gefunde
    Log-Analyse und Auswertung - 22.10.2013 (16)
  8. Fehlermeldung: RunDLL Problem beim starten von C:\ Program Files (x86) \ Home Tab \ TBUpdater.dll Das angegebene Modul wurde nicht gefunde
    Plagegeister aller Art und deren Bekämpfung - 30.09.2013 (19)
  9. Fehlermeldung: RunDLL Problem beim starten von C:\ Program Files (x86) \ Home Tab \ TBUpdater.dll Das angegebene Modul wurde nicht gefunde
    Plagegeister aller Art und deren Bekämpfung - 13.09.2013 (13)
  10. code646 unbekannter fehler bei Windows update
    Log-Analyse und Auswertung - 27.12.2012 (1)
  11. Unbekannter Virus - Windows startet nicht
    Plagegeister aller Art und deren Bekämpfung - 28.07.2012 (1)
  12. windows verschlüsselung trojaner er hat mich^^
    Plagegeister aller Art und deren Bekämpfung - 02.05.2012 (9)
  13. Avira lässt mein pc nicht starten und zwingt mich es zu kaufen
    Antiviren-, Firewall- und andere Schutzprogramme - 24.03.2012 (2)
  14. Skriptdatei boot.ini nicht gefunde...
    Plagegeister aller Art und deren Bekämpfung - 03.05.2008 (2)
  15. Unbekannter Virus treibt mich in den Wahnsinn
    Plagegeister aller Art und deren Bekämpfung - 19.03.2008 (4)
  16. dialer instant acces gefunde bitte um hilfe
    Log-Analyse und Auswertung - 14.03.2008 (0)
  17. Unbekannter Wurm für mich
    Plagegeister aller Art und deren Bekämpfung - 22.09.2005 (3)

Zum Thema Windows 8: Für mich unbekannter Trojaner von Avira gefunden - Hallo zusammen! Heute habe ich einen Virenscan mit Avira gestartet und es wurde folgender Trojaner gefunden: TR/Crypt.EPACK.Gen8 (Cloud) Ich weiß jetzt nicht was ich unternehmen muss, da ich erstens ziemlich - Windows 8: Für mich unbekannter Trojaner von Avira gefunden...
Archiv
Du betrachtest: Windows 8: Für mich unbekannter Trojaner von Avira gefunden auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.