Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Win7, Pop-up Probleme bei Chrome

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 18.09.2016, 19:41   #1
Phlipsi
 
Win7, Pop-up Probleme bei Chrome - Standard

Win7, Pop-up Probleme bei Chrome



Seit einiger Zeit passiert es, dass Weiterleitungen auf Websites nicht hervorgehoben werden und es öffnen sich Pop-ups im neuen Tab, egal wo ich klicke. Nach Schließung der neu geöffneten Tabs funktioniert alles wieder normal.
Aktuell nutze ich Firefox als Alternative, wobei dort bislang keine Probleme aufgetreten sind.

Logs von FRST64, TDSSKiller und AdwCleaner sind vorhanden, kann ich allerdings aufgrund ihrer Größe nicht alle gleichzeitig posten.
Auch habe ich es auch mit der Software Malwarebytes-Anti-Rootkit versucht.
Das Problem besteht weiterhin.


FRST
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 17-09-2016
durchgeführt von Philip (Administrator) auf PHILIP-PC (18-09-2016 18:23:52)
Gestartet von C:\Users\Philip\Downloads
Geladene Profile: Philip (Verfügbare Profile: Philip)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
() C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
(A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_162.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_162.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1860120 2016-01-12] (NVIDIA Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-08-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [830064 2016-09-06] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-08-22] (Razer Inc.)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-4121084442-288992259-759938091-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8722136 2016-06-01] (Piriform Ltd)
HKU\S-1-5-21-4121084442-288992259-759938091-1000\...\Run: [Chromium] => c:\users\philip\appdata\local\chromium\application\chrome.exe [1068544 2016-03-18] (The Chromium Authors)
HKU\S-1-5-21-4121084442-288992259-759938091-1000\...\MountPoints2: {95d9ec57-4cfd-11e5-b1dc-806e6f6e6963} - D:\LaunchU3.exe -a
HKU\S-1-5-21-4121084442-288992259-759938091-1000\...\MountPoints2: {b8943bd8-7869-11e6-b641-d05099767378} - D:\LaunchU3.exe -a

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{87A8199B-4AD4-4FD9-A2C6-CA68A6A8E5BF}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{B72FD6E1-AAB7-4E1B-AD18-2B2FFB6718F6}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{CBF9AD99-F54B-44A9-A1EC-3046EAC462C3}: [DhcpNameServer] 192.168.2.1 192.168.2.1
ManualProxies: 

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKU\S-1-5-21-4121084442-288992259-759938091-1000\Software\Microsoft\Internet Explorer\Main,Start Page = 
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4121084442-288992259-759938091-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_71\bin\ssv.dll [2016-01-21] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-21] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Arc\Plugins\ArcPluginIE.dll [2016-06-15] (Perfect World Entertainment Inc)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab

FireFox:
========
FF ProfilePath: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\YdSozOTI.default
FF Homepage: Google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-18] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-21] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-18] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-10-28] (DivX, LLC)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Arc\Plugins\npArcPluginFF.dll [2016-06-15] (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-12] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
FF Extension: (Avira Browser Safety) - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\YdSozOTI.default\Extensions\abs@avira.com [2016-09-17]
FF Extension: (Firefox Hotfix) - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\YdSozOTI.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-17]
FF Extension: (BetterTTV) - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\YdSozOTI.default\Extensions\firefox@betterttv.net.xpi [2016-09-17]
FF Extension: (Adblock Plus) - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\YdSozOTI.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-09-17]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-02-19]

Chrome: 
=======
CHR HomePage: Default -> hxxps://www.google.de/
CHR StartupUrls: Default -> "hxxp://google.de/"
CHR Profile: C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default [2016-09-18]
CHR Extension: (Google Präsentationen) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-11]
CHR Extension: (BetterTTV) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2016-09-11]
CHR Extension: (Google Docs) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-11]
CHR Extension: (Google Drive) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-11]
CHR Extension: (YouTube) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-11]
CHR Extension: (Adblock Plus) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-09-13]
CHR Extension: (Google Tabellen) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-11]
CHR Extension: (Google Docs Offline) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-11]
CHR Extension: (Mists of Pandaria) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgekjpcoanfekfacmkppcjkdlnpmnlac [2016-09-11]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-11]
CHR Extension: (Google Mail) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-11]
CHR Extension: (Chrome Media Router) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-14]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2159320 2016-08-22] (Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [989696 2016-09-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [470600 2016-09-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [470600 2016-09-06] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1454720 2016-09-06] (Avira Operations GmbH & Co. KG)
S3 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [88024 2016-06-15] (Perfect World Entertainment Inc)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [324304 2016-08-19] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1404936 2016-08-02] ()
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [249104 2016-06-28] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2868736 2015-06-11] (Deutsche Telekom AG) [Datei ist nicht signiert]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3520872 2015-09-22] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-08-30] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2016-03-27] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187824 2016-07-20] ()
R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [18432 2016-06-25] () [Datei ist nicht signiert]
R2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4255232 2016-02-15] (A-Volute) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [171752 2016-07-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [145984 2016-07-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-04-04] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
S3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [32768 2014-05-23] (Windows (R) Win 7 DDK provider)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-05-07] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [136312 2016-06-27] (Razer, Inc.)
R3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [40640 2016-02-15] (Windows (R) Win 7 DDK provider)
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 VBAudioVACMME; system32\DRIVERS\vbaudio_cable64_win7.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-18 18:23 - 2016-09-18 18:24 - 00019821 _____ C:\Users\Philip\Downloads\FRST.txt
2016-09-18 18:04 - 2016-09-18 18:04 - 00007089 _____ C:\Users\Philip\Desktop\AdwCleaner[C0].txt
2016-09-18 17:55 - 2016-09-18 18:01 - 00000000 ____D C:\AdwCleaner
2016-09-18 17:54 - 2016-09-18 17:55 - 03861056 _____ C:\Users\Philip\Downloads\AdwCleaner_6.020.exe
2016-09-18 17:10 - 2016-09-18 18:23 - 00000000 ____D C:\FRST
2016-09-18 17:06 - 2016-09-18 17:07 - 02399232 _____ (Farbar) C:\Users\Philip\Downloads\FRST64.exe
2016-09-18 16:39 - 2016-09-18 16:39 - 00003288 ____N C:\bootsqm.dat
2016-09-18 16:09 - 2016-09-18 17:01 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-09-18 16:09 - 2016-09-18 16:42 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-09-18 16:09 - 2016-09-18 16:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-18 16:08 - 2016-09-18 16:42 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-09-18 16:07 - 2016-09-18 16:08 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Philip\Downloads\mbar-1.09.3.1001.exe
2016-09-18 16:07 - 2016-09-18 16:08 - 00000000 ____D C:\Users\Philip\Desktop\Malwarebytes
2016-09-18 14:06 - 2016-09-18 14:06 - 00000000 ____D C:\Users\Philip\AppData\Local\Macromedia
2016-09-18 13:53 - 2016-09-18 17:48 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-09-18 13:53 - 2016-09-18 13:53 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-09-18 13:53 - 2016-09-18 13:53 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-18 13:53 - 2016-09-18 13:53 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-09-18 13:53 - 2016-09-18 13:53 - 00000000 ____D C:\Windows\system32\Macromed
2016-09-17 20:16 - 2016-09-17 20:24 - 00000000 ____D C:\Users\Philip\AppData\Local\Mozilla
2016-09-17 20:16 - 2016-09-17 20:16 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-09-17 20:16 - 2016-09-17 20:16 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-09-17 20:16 - 2016-09-17 20:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-17 20:15 - 2016-09-17 20:15 - 00242296 _____ C:\Users\Philip\Downloads\Firefox Setup Stub 48.0.2.exe
2016-09-17 05:10 - 2016-09-17 05:10 - 00001138 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-09-15 23:26 - 2016-09-15 23:26 - 00000674 _____ C:\Users\Philip\Desktop\Star Defender 4.lnk
2016-09-15 23:26 - 2016-09-15 23:26 - 00000000 ____D C:\Users\Philip\AppData\Roaming\Awem
2016-09-15 23:26 - 2016-09-15 23:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameTop.com
2016-09-15 23:25 - 2016-09-15 23:26 - 00000000 ____D C:\Users\Philip\Desktop\Star Defender 4
2016-09-15 23:24 - 2016-09-15 23:25 - 13088376 _____ (GameTop Pte. Ltd. ) C:\Users\Philip\Downloads\Star-Defender4.exe
2016-09-15 11:02 - 2016-05-07 00:50 - 00044144 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpmgrk.sys
2016-09-14 09:22 - 2016-09-02 17:35 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-09-14 09:22 - 2016-09-02 17:21 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-09-14 09:22 - 2016-09-01 21:26 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-09-14 09:22 - 2016-09-01 20:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-09-14 09:22 - 2016-09-01 05:18 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-09-14 09:22 - 2016-09-01 05:08 - 20312064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-09-14 09:22 - 2016-09-01 04:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-09-14 09:22 - 2016-09-01 04:46 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-09-14 09:22 - 2016-09-01 04:46 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-09-14 09:22 - 2016-09-01 04:46 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-09-14 09:22 - 2016-09-01 04:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-09-14 09:22 - 2016-09-01 04:34 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-09-14 09:22 - 2016-09-01 04:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-09-14 09:22 - 2016-09-01 04:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-09-14 09:22 - 2016-09-01 04:26 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-09-14 09:22 - 2016-09-01 04:24 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-09-14 09:22 - 2016-09-01 04:24 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-09-14 09:22 - 2016-09-01 04:23 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-09-14 09:22 - 2016-09-01 04:08 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-09-14 09:22 - 2016-09-01 03:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-09-14 09:22 - 2016-09-01 03:57 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-09-14 09:22 - 2016-09-01 03:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-09-14 09:22 - 2016-09-01 03:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-09-14 09:22 - 2016-09-01 03:48 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-09-14 09:22 - 2016-09-01 03:45 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-09-14 09:22 - 2016-09-01 03:34 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-09-14 09:22 - 2016-09-01 03:30 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-09-14 09:22 - 2016-09-01 03:29 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-09-14 09:22 - 2016-09-01 03:29 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-09-14 09:22 - 2016-09-01 03:27 - 13808128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-09-14 09:22 - 2016-09-01 03:24 - 04607488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-09-14 09:22 - 2016-09-01 02:45 - 25770496 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-09-14 09:22 - 2016-09-01 02:43 - 02445824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-09-14 09:22 - 2016-09-01 02:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-09-14 09:22 - 2016-09-01 02:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-09-14 09:22 - 2016-09-01 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-09-14 09:22 - 2016-09-01 02:38 - 01316352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-09-14 09:22 - 2016-09-01 02:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-09-14 09:22 - 2016-09-01 02:24 - 02894336 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-09-14 09:22 - 2016-09-01 02:24 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-09-14 09:22 - 2016-09-01 02:24 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-09-14 09:22 - 2016-09-01 02:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-09-14 09:22 - 2016-09-01 02:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-09-14 09:22 - 2016-09-01 02:16 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-09-14 09:22 - 2016-09-01 02:15 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-09-14 09:22 - 2016-09-01 02:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-09-14 09:22 - 2016-09-01 02:11 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-09-14 09:22 - 2016-09-01 02:11 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-09-14 09:22 - 2016-09-01 02:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-09-14 09:22 - 2016-09-01 02:10 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-09-14 09:22 - 2016-09-01 02:06 - 06047232 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-09-14 09:22 - 2016-09-01 02:03 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-09-14 09:22 - 2016-09-01 01:59 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-09-14 09:22 - 2016-09-01 01:51 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-09-14 09:22 - 2016-09-01 01:50 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-09-14 09:22 - 2016-09-01 01:47 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-09-14 09:22 - 2016-09-01 01:46 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-09-14 09:22 - 2016-09-01 01:44 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-09-14 09:22 - 2016-09-01 01:42 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-09-14 09:22 - 2016-09-01 01:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-09-14 09:22 - 2016-09-01 01:29 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-09-14 09:22 - 2016-09-01 01:28 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-09-14 09:22 - 2016-09-01 01:27 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-09-14 09:22 - 2016-09-01 01:26 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-09-14 09:22 - 2016-09-01 01:15 - 15411712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-09-14 09:22 - 2016-09-01 01:10 - 02921472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-09-14 09:22 - 2016-09-01 00:58 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-09-14 09:22 - 2016-09-01 00:47 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-09-14 09:22 - 2016-08-12 18:26 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-09-14 09:22 - 2016-08-12 18:26 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-09-14 09:22 - 2016-08-12 18:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-09-14 09:21 - 2016-09-02 17:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-09-14 09:21 - 2016-09-02 17:35 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-09-14 09:21 - 2016-09-02 17:35 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-09-14 09:21 - 2016-09-02 17:35 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-09-14 09:21 - 2016-09-02 17:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:21 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-09-14 09:21 - 2016-09-02 17:18 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:02 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-09-14 09:21 - 2016-09-02 17:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-09-14 09:21 - 2016-09-02 17:02 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-09-14 09:21 - 2016-09-02 17:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-09-14 09:21 - 2016-09-02 16:58 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-09-14 09:21 - 2016-09-02 16:57 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-09-14 09:21 - 2016-09-02 16:55 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-09-14 09:21 - 2016-09-02 16:54 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-09-14 09:21 - 2016-09-02 16:54 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-09-14 09:21 - 2016-09-02 16:53 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-09-14 09:21 - 2016-09-02 16:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-09-14 09:21 - 2016-09-02 16:53 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-09-14 09:21 - 2016-09-02 16:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-09-14 09:21 - 2016-09-02 16:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-09-14 09:21 - 2016-09-02 16:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-09-14 09:21 - 2016-09-02 16:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-09-14 09:21 - 2016-09-02 16:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-09-14 09:21 - 2016-09-02 16:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 16:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 16:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 16:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-09-14 09:21 - 2016-08-16 19:36 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-09-14 09:21 - 2016-08-16 04:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-09-14 09:21 - 2016-08-16 04:35 - 03218432 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-09-14 09:21 - 2016-08-06 17:31 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-09-14 09:21 - 2016-08-06 17:15 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-09-14 09:21 - 2016-07-07 17:36 - 01896168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-09-14 09:21 - 2016-07-07 17:36 - 00377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-09-14 09:21 - 2016-07-07 17:36 - 00287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2016-09-14 09:21 - 2016-07-07 17:08 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2016-09-14 09:21 - 2016-07-01 17:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-09-14 09:21 - 2016-07-01 17:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-09-14 09:21 - 2016-07-01 17:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-09-14 09:21 - 2016-07-01 17:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-09-14 09:21 - 2016-06-06 18:50 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-09-14 09:21 - 2016-06-06 18:50 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-09-14 09:21 - 2016-06-06 18:50 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-09-14 09:21 - 2016-06-06 18:50 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-09-14 09:21 - 2016-06-06 17:23 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-09-14 09:21 - 2016-06-06 17:23 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-09-14 09:21 - 2016-06-06 17:23 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-09-14 09:21 - 2016-06-06 17:23 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-09-13 20:02 - 2016-09-13 20:02 - 30533688 _____ C:\Users\Philip\Downloads\vlc-2.2.4-win32 (1).exe
2016-09-11 23:56 - 2016-09-17 02:09 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-11 23:56 - 2016-09-17 02:09 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-11 23:56 - 2016-09-12 00:14 - 00000000 ____D C:\Users\Philip\AppData\Local\chromium
2016-09-11 23:55 - 2016-09-18 18:06 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-11 23:55 - 2016-09-18 18:02 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-11 23:55 - 2016-09-12 00:01 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-09-11 23:55 - 2016-09-12 00:00 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-09-11 23:54 - 2016-09-18 18:01 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-09-11 15:29 - 2016-09-11 15:29 - 00000000 ____D C:\Users\Philip\AppData\Local\Real
2016-09-11 15:28 - 2016-09-11 15:28 - 00000000 ____D C:\Users\Philip\AppData\Roaming\RealNetworks
2016-09-11 15:28 - 2016-09-11 15:28 - 00000000 ____D C:\ProgramData\RealNetworks
2016-09-11 15:27 - 2016-09-11 15:29 - 00000000 ____D C:\ProgramData\Real
2016-09-11 15:26 - 2016-09-11 15:29 - 00000000 ____D C:\Users\Philip\AppData\Roaming\Real
2016-09-03 12:42 - 2016-01-12 06:40 - 00112032 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-09-03 12:41 - 2015-12-18 08:11 - 00047760 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-09-03 12:41 - 2015-12-18 08:10 - 00090768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-09-02 15:58 - 2016-09-12 18:25 - 00000000 ____D C:\Program Files (x86)\Winamp
2016-09-02 15:39 - 2016-09-02 15:39 - 00000000 ____D C:\Program Files\VB
2016-09-01 13:14 - 2016-09-01 13:14 - 00000000 ____D C:\ProgramData\Webitar Production Inc
2016-08-29 14:34 - 2016-08-29 21:21 - 00000000 ____D C:\Program Files (x86)\ClipboardManager
2016-08-29 14:34 - 2016-08-29 14:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClipboardManager
2016-08-29 12:52 - 2016-08-29 12:52 - 00000000 ____D C:\ProgramData\UniqueId
2016-08-29 12:50 - 2016-09-03 09:55 - 00000000 ____D C:\ProgramData\WinZip
2016-08-27 09:24 - 2015-09-16 08:07 - 00127432 _____ (BigNox Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2016-08-27 09:23 - 2015-09-16 05:29 - 00253384 _____ (BigNox Corporation) C:\Windows\system32\Drivers\XQHDrv.sys
2016-08-27 08:57 - 2016-08-27 08:57 - 00000000 __SHD C:\found.000
2016-08-24 23:03 - 2016-09-01 21:16 - 00000000 ____D C:\Program Files\Unity
2016-08-23 12:28 - 2016-08-28 22:28 - 00000000 ____D C:\Users\Philip\AppData\Roaming\TeamViewer
2016-08-23 11:40 - 2016-08-23 11:40 - 00000000 ____H C:\Users\Philip\Documents\Default.rdp
2016-08-22 21:29 - 2016-08-22 21:29 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2016-08-20 21:29 - 2016-08-30 16:04 - 00000000 ____D C:\Users\Philip\BrawlhallaReplays
2016-08-20 20:57 - 2016-08-20 20:57 - 00000000 ____D C:\Users\Philip\AppData\Roaming\BrawlhallaAir
2016-08-20 20:29 - 2016-08-20 20:29 - 00000222 _____ C:\Users\Philip\Desktop\Brawlhalla.url
2016-08-20 16:04 - 2016-08-20 16:05 - 00000171 _____ C:\Users\Philip\Desktop\Uranium Download Link - Lösch Link.txt

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-18 18:23 - 2016-06-12 11:47 - 00000000 _____ C:\Windows\system32\RzSurroundVADAudioDeviceManager_log.txt
2016-09-18 18:10 - 2009-07-14 06:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-18 18:10 - 2009-07-14 06:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-18 18:02 - 2015-08-28 06:23 - 00000000 ____D C:\ProgramData\NVIDIA
2016-09-18 18:02 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-18 18:01 - 2015-08-27 22:56 - 00000997 _____ C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-09-18 17:12 - 2015-09-07 23:46 - 00000000 ____D C:\Users\Philip\Desktop\Tor Browser
2016-09-18 16:29 - 2015-08-29 14:58 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-18 16:28 - 2015-12-25 09:26 - 00000000 ____D C:\Windows\Minidump
2016-09-18 13:58 - 2015-09-04 11:52 - 00000000 ____D C:\Users\Philip\AppData\Local\Adobe
2016-09-18 13:53 - 2016-04-16 21:07 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-09-17 20:16 - 2015-12-14 19:26 - 00000000 ____D C:\Users\Philip\AppData\Roaming\Mozilla
2016-09-17 05:10 - 2016-06-09 19:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-09-16 18:39 - 2015-08-27 23:38 - 00000000 ____D C:\Program Files (x86)\Steam
2016-09-15 23:09 - 2015-08-28 21:42 - 00000000 ____D C:\Users\Philip\AppData\Local\osu!
2016-09-15 22:07 - 2015-08-28 23:01 - 00000000 ____D C:\Users\Philip\AppData\Roaming\TS3Client
2016-09-14 23:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-09-14 22:49 - 2011-04-12 09:43 - 00661538 _____ C:\Windows\system32\perfh007.dat
2016-09-14 22:49 - 2011-04-12 09:43 - 00141550 _____ C:\Windows\system32\perfc007.dat
2016-09-14 22:49 - 2009-07-14 07:13 - 01528932 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-14 22:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-09-14 22:43 - 2009-07-14 06:45 - 00337704 _____ C:\Windows\system32\FNTCACHE.DAT
2016-09-14 22:41 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker
2016-09-14 22:41 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-09-14 20:36 - 2015-08-28 16:34 - 00000000 ____D C:\Windows\system32\MRT
2016-09-14 20:31 - 2015-08-28 16:34 - 144199024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-09-13 20:08 - 2015-09-17 20:39 - 00000000 ____D C:\Users\Philip\AppData\Roaming\vlc
2016-09-12 18:25 - 2016-07-20 15:09 - 00000000 ____D C:\Users\Philip\AppData\Local\Nox
2016-09-12 18:25 - 2015-08-27 22:55 - 00000000 ____D C:\Users\Philip
2016-09-11 23:56 - 2015-08-27 23:03 - 00000000 ____D C:\Program Files (x86)\Google
2016-09-11 23:51 - 2016-06-09 15:33 - 00002794 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-09-11 23:49 - 2016-07-10 10:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2016-09-11 23:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2016-09-06 00:08 - 2016-07-20 15:12 - 00000000 ____D C:\Users\Philip\.android
2016-09-06 00:08 - 2016-07-20 15:11 - 00000000 ____D C:\Users\Philip\vmlogs
2016-09-04 21:04 - 2015-08-30 17:35 - 00000726 _____ C:\Users\Philip\Desktop\Neues Textdokument.txt
2016-09-03 12:42 - 2015-08-28 06:25 - 00000000 ____D C:\Users\Philip\AppData\Local\NVIDIA
2016-09-03 12:42 - 2015-08-28 06:17 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-09-01 13:37 - 2015-11-23 20:39 - 00000000 ____D C:\Users\Philip\Documents\PCSX2
2016-09-01 13:15 - 2016-02-05 21:36 - 00001267 _____ C:\Users\Public\Desktop\Play Euro Truck Simulator 2 Multiplayer.lnk
2016-09-01 13:15 - 2015-11-30 21:59 - 00001177 _____ C:\Users\Public\Desktop\Dragon's Prophet.lnk
2016-08-30 11:54 - 2015-08-28 06:25 - 00000000 ____D C:\ProgramData\Origin
2016-08-30 11:54 - 2015-08-27 22:55 - 00000000 ____D C:\Users\Philip\AppData\Local\VirtualStore
2016-08-30 11:08 - 2015-08-28 06:24 - 00000000 ____D C:\Program Files (x86)\Origin
2016-08-29 12:47 - 2015-11-23 20:45 - 00000000 ____D C:\Users\Philip\AppData\Local\Nico Mak Computing
2016-08-27 09:23 - 2016-07-20 19:04 - 00000000 ____D C:\Users\Philip\Desktop\Nox
2016-08-27 09:23 - 2016-07-20 15:10 - 00000000 ____D C:\Program Files\DIFX
2016-08-25 21:20 - 2016-06-16 11:31 - 00001491 _____ C:\Users\Philip\Desktop\Keys.txt
2016-08-25 16:13 - 2016-03-12 13:24 - 00002166 _____ C:\Users\Philip\Desktop\Discord.lnk
2016-08-25 16:13 - 2016-03-12 13:24 - 00000000 ____D C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2016-08-25 16:13 - 2016-03-12 13:24 - 00000000 ____D C:\Users\Philip\AppData\Roaming\discord
2016-08-25 16:13 - 2016-03-12 13:23 - 00000000 ____D C:\Users\Philip\AppData\Local\Discord
2016-08-20 18:34 - 2016-08-12 22:30 - 00000000 ____D C:\Users\Philip\Desktop\Pokemon Uranium
2016-08-19 18:14 - 2016-01-26 23:08 - 00000000 ____D C:\Users\Philip\Desktop\Sammelstelle
2016-08-19 13:02 - 2015-09-04 11:54 - 00004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-31 02:43 - 2016-07-05 20:41 - 0007631 _____ () C:\Users\Philip\AppData\Local\Resmon.ResmonCfg
2016-07-24 19:04 - 2016-07-24 19:04 - 0000016 _____ () C:\ProgramData\mntemp

Einige Dateien in TEMP:
====================
C:\Users\Philip\AppData\Local\Temp\avgnt.exe
C:\Users\Philip\AppData\Local\Temp\libeay32.dll
C:\Users\Philip\AppData\Local\Temp\msvcr120.dll
C:\Users\Philip\AppData\Local\Temp\SpotifyUninstall.exe
C:\Users\Philip\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-09-15 00:06

==================== Ende von FRST.txt ============================
         
Addition
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-09-2016
durchgeführt von Philip (18-09-2016 18:24:27)
Gestartet von C:\Users\Philip\Downloads
Windows 7 Professional Service Pack 1 (X64) (2015-08-27 20:55:07)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-4121084442-288992259-759938091-500 - Administrator - Disabled)
Gast (S-1-5-21-4121084442-288992259-759938091-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4121084442-288992259-759938091-1002 - Limited - Enabled)
Philip (S-1-5-21-4121084442-288992259-759938091-1000 - Administrator - Enabled) => C:\Users\Philip

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7 Days to Die (HKLM\...\Steam App 251570) (Version:  - The Fun Pimps)
7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-4121084442-288992259-759938091-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version:  - Studio Wildcard)
Arma 3 (HKLM\...\Steam App 107410) (Version:  - Bohemia Interactive)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Assassin's Creed® III (HKLM-x32\...\Steam App 208480) (Version:  - Ubisoft Montreal)
Aura Kingdom (HKLM-x32\...\Steam App 268420) (Version:  - X-Legend)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.20.59 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{6052a753-acc6-4c02-b5a8-70962ff8e0a4}) (Version: 1.2.69.16114 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{82dc2ab6-088f-4e0a-8e27-bb829481d3bc}) (Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version:  - 2K Australia)
Brawlhalla (HKLM\...\Steam App 291550) (Version:  - Blue Mammoth Games)
Call of Duty: Black Ops III (HKLM-x32\...\Steam App 311210) (Version:  - Treyarch)
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
Chatango Message Catcher (HKLM-x32\...\Chatango) (Version:  - )
Cossacks: Back to War (HKLM\...\Steam App 4850) (Version:  - GSC Game World)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Crystals of Time (HKLM\...\Steam App 306410) (Version:  - RVL Games)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Deponia: The Complete Journey (HKLM\...\Steam App 292910) (Version:  - Daedalic Entertainment)
Discord (HKU\S-1-5-21-4121084442-288992259-759938091-1000\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.1.2 - DivX, LLC)
Echo of Soul (HKLM\...\Steam App 290140) (Version:  - Nvius)
Epic Games Launcher (HKLM-x32\...\{C34FBCF4-5365-4136-A434-C4E086C9E649}) (Version: 1.1.55.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Fairy Fencer F (HKLM\...\Steam App 347830) (Version:  - Idea Factory)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Ghost in the Shell Stand Alone Complex First Assault Online (HKLM\...\Steam App 369200) (Version:  - Neople)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Java 8 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LibreOffice 5.0.2.2 (HKLM-x32\...\{71508AE2-346A-4E56-AE95-DBB8DE692258}) (Version: 5.0.2.2 - The Document Foundation)
Life is Feudal: Your Own (HKLM\...\Steam App 290080) (Version:  - Bitbox Ltd.)
Life Is Strange™ (HKLM\...\Steam App 319630) (Version:  - DONTNOD Entertainment)
METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM-x32\...\Steam App 287700) (Version:  - Konami Digital Entertainment)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
mIRC (HKLM-x32\...\mIRC) (Version: 7.43 - mIRC Co. Ltd.)
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
NARUTO SHIPPUDEN: Ultimate Ninja STORM 3 Full Burst (HKLM-x32\...\Steam App 234670) (Version:  - CyberConnect 2)
NARUTO SHIPPUDEN: Ultimate Ninja STORM Revolution (HKLM-x32\...\Steam App 272510) (Version:  - CyberConnect2 Co., Ltd.)
Netzmanager (Version: 1.201 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.82 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.82 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{15eb2f2d-51e3-4d74-861d-6ecb8d67a749}) (Version: latest - ppy Pty Ltd)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - OVERKILL Software)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version:  - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.19 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.822 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Riders of Icarus (HKLM\...\Steam App 442080) (Version:  - WeMade)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games)
S4 League (HKLM-x32\...\S4 League) (Version:  - )
Saints Row: The Third (HKLM\...\Steam App 55230) (Version:  - Volition)
Sanctum 2 (HKLM-x32\...\Steam App 210770) (Version:  - Coffee Stain Studios)
Sauerbraten (HKLM-x32\...\Sauerbraten) (Version:  - )
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Star Defender 4 (HKLM-x32\...\Star Defender 4_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Star Wars: The Force Unleashed II (HKLM-x32\...\Steam App 32500) (Version:  - Aspyr Studios)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
Tom Clancy's Splinter Cell Blacklist (HKLM-x32\...\Steam App 235600) (Version:  - Ubisoft Toronto)
Trove (HKLM-x32\...\Steam App 304050) (Version:  - Trion Worlds)
Uplay (HKLM-x32\...\Uplay) (Version: 7.4 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Warface (HKLM\...\Steam App 291480) (Version:  - Crytek)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {17937C0B-6587-49B8-95E5-06B766B0A4AB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-01] (Piriform Ltd)
Task: {36CB3D2D-3938-4F3B-8935-151A98F0DB6C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-18] (Adobe Systems Incorporated)
Task: {3D164FAE-063E-4F36-BCDC-F1288127F200} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-11] (Google Inc.)
Task: {71C82F22-CFFF-4034-BF7F-5DC785375BE7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {90EA9818-4ACA-429F-BBF7-6BBF28724254} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-11] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Philip\Desktop\Sauerbraten.lnk -> C:\Program Files (x86)\Sauerbraten\sauerbraten.bat ()

ShortcutWithArgument: C:\Users\Philip\Desktop\Tor Browser\Start Tor Browser.lnk -> C:\Users\Philip\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation) -> "hxxp://tech-connect.biz/?ssid=1472728486&a=1003691&src=sh&uuid=46654931-58a0-45d4-b7d5-736f7c21b767,1472728445683"
ShortcutWithArgument: C:\Users\Public\Desktop\Dragon's Prophet.lnk -> C:\Program Files (x86)\Dragon's Prophet\launcher.exe () -> "hxxp://tech-connect.biz/?ssid=1472728486&a=1003691&src=sh&uuid=46654931-58a0-45d4-b7d5-736f7c21b767,1472728445683"
ShortcutWithArgument: C:\Users\Public\Desktop\Play Euro Truck Simulator 2 Multiplayer.lnk -> C:\Program Files (x86)\Euro Truck Simulator 2 Multiplayer\launcher.exe (ETS2MP Team) -> "hxxp://tech-connect.biz/?ssid=1472728486&a=1003691&src=sh&uuid=46654931-58a0-45d4-b7d5-736f7c21b767,1472728445683"

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-08-28 06:23 - 2015-08-07 02:44 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-09-03 12:42 - 2016-01-12 06:43 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-03-27 21:19 - 2016-03-27 21:19 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2016-07-20 02:10 - 2016-07-20 02:11 - 00187824 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-07-24 19:54 - 2016-06-25 08:52 - 00018432 _____ () C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
2016-06-01 20:15 - 2016-06-01 20:15 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-08-28 06:23 - 2016-01-12 06:43 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-08-29 10:09 - 2016-08-29 10:09 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2016-09-17 02:09 - 2016-09-14 02:38 - 01806152 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libglesv2.dll
2016-09-17 02:09 - 2016-09-14 02:38 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libegl.dll
2016-09-18 13:53 - 2016-09-18 13:53 - 19588800 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2016-09-14 22:43 - 00002024 ____A C:\Windows\system32\Drivers\etc\hosts

0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com

Da befinden sich 4 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-4121084442-288992259-759938091-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Synchronizer => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Philip\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Chatango => C:\Program Files (x86)\Chatango\Chatango.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Philip\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Philip\AppData\Roaming\Spotify\SpotifyWebHelper.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{1FDFD353-DB95-424E-BD39-D1B3F3C51093}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{EB1882BA-AB47-469E-949C-AEA85B50E1EC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{38812632-1CDF-4714-8530-F439F89DDB46}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{63AD4D90-F7DC-4FA9-B7C0-BEA545F5A186}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{64830CE0-6278-4023-AEC0-F5EFBB732124}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{F1017A8C-F000-42D2-8EDD-7CAA17A0E423}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3AF8D9A9-EFD5-4DD4-9F0A-0EC07DFC3DB9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{46457780-E5CA-4021-81D8-9287C19C5A04}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CBF8DA71-277A-49E4-B044-2B3511972661}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DF69578B-EE38-4362-98ED-C6E57CCE0D4F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2804E1B8-3FAC-4A2B-B4E3-05FEEE6EF4C3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{51898237-2680-4E2C-A0B0-6D4A3D70FE3B}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [{FD622B8D-728F-4EA8-B985-8BEA5F6F4E49}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [{6FBFC44D-53A6-48C7-9273-A8944C5960E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{2EDB23A8-30E1-431D-B323-AED07DD0A273}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{1F384DCF-16EC-4C43-BF98-512BF4740D5C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{46BA1C88-D8EC-45B6-BE35-83FE48EA5C73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{4D58504E-0BAC-423F-9B18-EFB06AD6657F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{46CD2CD8-5B0A-467B-BDA4-027588DB02DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{0C40983F-0AB3-41A9-8468-EBF5974975CC}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{08EF928C-C2AB-44CF-9E01-BD0988077B03}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{4AEF111F-6B98-48DB-850D-53422EEB844E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9E22EF4C-B998-4318-8762-574D04631EC2}] => (Block) %ProgramFiles%\TeamSpeak 3 Client\ts3client_win64.exe
FirewallRules: [{5222AA72-1D7A-4693-B7B1-674D18335852}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{B56660D6-446F-4862-8A3B-332287DF6902}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{092834C5-AD37-4F0B-8B3D-FBC6AA774FE1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{9BB8FAE7-2375-4518-9C6F-C558C67C3CE3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{13149D2F-96E1-4CD5-A5E0-927928D8A963}] => (Block) %USERPROFILE%\Desktop\Tor Browser\Browser\firefox.exe
FirewallRules: [{297DD556-E9E7-4290-8E42-C04DF04F4475}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{64D432DC-CE90-445C-9F9A-50A98E57F6A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{058B55BF-C53C-4AF2-9246-53E3D0FEE76C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst\NS3FB_launcher.exe
FirewallRules: [{A86D820E-1BDC-4A18-9059-8FAAFBE83A4E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst\NS3FB_launcher.exe
FirewallRules: [{B1034079-DB64-45D0-BFD3-BF2A41389460}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{9923AE53-9398-40EB-8A3A-75E51699DAA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{DA6066D9-65B4-42B7-BAE8-63F79ACD1F01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{29F175BC-0902-4EC2-A1FD-411F189F42EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [TCP Query User{F7BC919B-983C-4E8E-9C6A-949EC462DE45}C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{1EFC927B-F015-4BC9-93B0-BFC28B1D7D63}C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{0271708C-CD43-4261-A31B-B8C62DB47864}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sanctum2\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{C1C6486E-85DD-472A-99D6-DDC0DF7C15B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sanctum2\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{3C917DBB-0F72-464C-B9F8-E6DA706F84FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed 3\AC3SP.exe
FirewallRules: [{DDB64B8D-F563-4579-A742-95ED72FA8935}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed 3\AC3SP.exe
FirewallRules: [{37448111-DE2F-4381-ADA9-A3C3E0FE94CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Splinter Cell Blacklist\Blacklist_Launcher.exe
FirewallRules: [{6650B79B-5444-4516-9181-D67BEC1F8133}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Splinter Cell Blacklist\Blacklist_Launcher.exe
FirewallRules: [{39BB52BF-5799-4359-9966-001972D2A099}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{FACD69A7-E1AB-456E-B123-1CB0394A1023}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{CDFD58E3-EA29-4455-93A2-5E33F23CC069}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{FD73FD7A-7ADF-4229-AA9D-648046E83090}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{BBB45A82-8728-42EF-853F-0D7A628A8EAF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\gu.exe
FirewallRules: [{08DD4417-CBC0-4147-AE09-867CEB793A62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\gu.exe
FirewallRules: [{B74D0C64-41C0-4484-8582-49D074DD0AEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{16748C60-8A6B-45B5-86F6-38F16737F739}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{9DD8C337-D365-4CF0-AFFB-C4A2D7B09E22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{0C043B48-6B70-4585-BC04-88402EEBDC07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{FD66B1C9-ACF9-43A6-A1CB-D402D4E121B1}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{155C090C-9933-4F3C-8151-A711569DA30A}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{0F27AAE6-8B32-4C12-8CF2-50B0AB0F81D4}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [{38432C91-9C82-4C56-888C-B425FBC8F2C3}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [TCP Query User{C1D7AB77-B398-4A75-B4FE-4DABDB899AF1}C:\program files (x86)\dragon's prophet\launcher.exe] => (Allow) C:\program files (x86)\dragon's prophet\launcher.exe
FirewallRules: [UDP Query User{B2338360-B006-4876-9CB7-0CB0DBEEF69E}C:\program files (x86)\dragon's prophet\launcher.exe] => (Allow) C:\program files (x86)\dragon's prophet\launcher.exe
FirewallRules: [TCP Query User{C30A60F7-8B0A-4733-A506-7C546EAF2724}C:\program files (x86)\dragon's prophet\dp_x64.exe] => (Allow) C:\program files (x86)\dragon's prophet\dp_x64.exe
FirewallRules: [UDP Query User{664D32F4-272A-4F04-A7DC-4B93127850DB}C:\program files (x86)\dragon's prophet\dp_x64.exe] => (Allow) C:\program files (x86)\dragon's prophet\dp_x64.exe
FirewallRules: [{3CB58306-E6E1-42B9-A54A-DE9C14C6AC0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{B5DF0070-13D1-4C98-BAB8-72430B1821A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [TCP Query User{E253C01D-20E4-4D4A-BC5C-212021361F87}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [UDP Query User{49EB3DC4-487B-4DDE-B452-448324977598}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [{0E26DC39-AA1A-4500-87A2-ED5B4D22E708}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{D53BEEEA-43F3-48E1-A4AF-D1F0CD71EC72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{959C5A7F-4650-4053-A8B0-87D638BA8F54}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{D63A9C68-F8B5-47A2-9B95-4879F8415371}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{53C5812B-C3B7-4CB1-84C7-4F3FDA8FA81C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Wars The Force Unleashed 2\SWTFU2.exe
FirewallRules: [{C6175968-2326-45AD-A00F-607E73116DAD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Wars The Force Unleashed 2\SWTFU2.exe
FirewallRules: [TCP Query User{D480B061-EEEF-42AF-971B-215F96C61BD0}C:\users\philip\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\philip\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{43E0CD6F-D012-48B9-A872-878C21E7A1A5}C:\users\philip\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\philip\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{E53283B4-9283-4232-B698-060DEE66535B}C:\users\philip\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\philip\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{7BE66241-3457-43F4-A115-882A0C49251C}C:\users\philip\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\philip\appdata\local\akamai\netsession_win.exe
FirewallRules: [{B10BE1A0-7233-4C30-91C2-E0509FDC1176}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{DC052E56-F66F-41E5-96B3-4FAB3CE27F0D}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [TCP Query User{B849702B-6943-4A9C-BBB5-89AE278B77E2}C:\program files (x86)\dragon's prophet\launcher.exe] => (Allow) C:\program files (x86)\dragon's prophet\launcher.exe
FirewallRules: [UDP Query User{69831827-B222-4171-BC3B-02D35102C8EC}C:\program files (x86)\dragon's prophet\launcher.exe] => (Allow) C:\program files (x86)\dragon's prophet\launcher.exe
FirewallRules: [TCP Query User{1A960530-0255-4529-B6A2-38E0917F52CA}C:\users\philip\desktop\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\philip\desktop\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{EC653305-BA56-400C-B826-7FCEB205BE33}C:\users\philip\desktop\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\philip\desktop\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{D153DA44-AED3-4FAA-9315-6D2EF6A729F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aura Kingdom\Launcher.exe
FirewallRules: [{548D119A-4A78-46B7-B551-FEDA664C1088}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aura Kingdom\Launcher.exe
FirewallRules: [{60463A6F-5D8D-40AE-AB6F-7CEDF778E310}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aura Kingdom\game.bin
FirewallRules: [{5617CE86-9C74-406F-9499-A774F4A163B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aura Kingdom\game.bin
FirewallRules: [{24BBD3EB-E6C2-4DDC-9068-8D25BF7A1D32}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Echo of Soul\EOSLauncher.exe
FirewallRules: [{771B3473-B565-4DC3-885F-D6CD9188206A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Echo of Soul\EOSLauncher.exe
FirewallRules: [{50DA3916-B928-432C-B67A-B84349C6C46D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deponia The Complete Journey\deponia.exe
FirewallRules: [{330C87CD-47EA-42DB-8394-FEE2D096EA1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deponia The Complete Journey\deponia.exe
FirewallRules: [{6E22B5BC-3D25-4D42-84C5-891917FA340B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deponia The Complete Journey\VisionaireConfigurationTool.exe
FirewallRules: [{8F16713B-7AAC-4830-BD6B-A4788CE7A1DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deponia The Complete Journey\VisionaireConfigurationTool.exe
FirewallRules: [{275D274B-16F8-4150-B82E-7AFE3044FAD1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed 3\AC3MP.exe
FirewallRules: [{A2D58140-8FEB-4BBD-8BDB-7588E797DEA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed 3\AC3MP.exe
FirewallRules: [{45BB9186-2699-45CD-893B-BB8B497B99BF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3ECB58C9-691E-4ED5-8949-A659391D4404}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A3BD4008-8F17-4064-85CF-9B433A0BFD8F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{8456E756-099A-4791-B073-7FA5C0E59B51}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{1083B8C8-BA93-4ED9-999F-907AB98F6BD0}C:\program files\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\javaw.exe
FirewallRules: [UDP Query User{7B9FE7AE-AF7F-485E-B477-4BE13DCCBFA6}C:\program files\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\javaw.exe
FirewallRules: [TCP Query User{14E6410F-0C62-45D2-974E-CAF229AD3A34}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{992FB12E-5132-4BA9-9672-2ED7B6BA9428}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{7F696382-6BD1-4439-9B72-70D42C6FA7DB}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{1EA5DAC5-2AE0-4AFB-AC1D-4352614E92E3}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{490E1FF4-50D6-48EB-A25C-6131B40C2FCD}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{1D4AFD8B-1441-4F08-B70D-38F34DEA94B0}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{2D26D25F-83CF-4ABF-86E9-3BB04347ECE5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{384CA9E3-4DBE-4AD0-8639-143B377827E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{D0488983-66B6-4052-8FD5-885078CE26DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{73F7A57C-62BE-4569-BDEF-D4B5E46E60C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{92E7FB37-47B0-4C9C-8583-CC434B80C6C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{7DA7C2AA-14FE-4E89-930B-F906B8E2C1E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{EC3B2F4E-2379-4A33-B9AC-68CB7D30A0BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crystals of Time\Crystals of Time.exe
FirewallRules: [{D0364108-4134-4818-AD56-EB33BFECBF1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crystals of Time\Crystals of Time.exe
FirewallRules: [{ABF69EF0-EA0F-48F9-95E3-CA5FD2BCF4EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{12EBA18D-8AF1-495F-83B0-E1072534BC3B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{CF5BFCA0-4ED9-42D4-AE16-5D4A6BE2A046}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\csbtw.exe
FirewallRules: [{07064308-7E0B-41DD-AB98-C950E310A56F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\csbtw.exe
FirewallRules: [{DECFF5AE-B59B-48DE-8613-5BC637392645}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\HView.exe
FirewallRules: [{37C5E968-1654-4C8E-935F-2002AA2245F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\HView.exe
FirewallRules: [{83DC5781-9982-4BEA-B624-0DF580E58F40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\ScenarioEditor.exe
FirewallRules: [{031FCDBF-22BE-4297-B1C3-AADA265DD723}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\ScenarioEditor.exe
FirewallRules: [{C466B301-2373-43C3-9F4C-AD41D5AA2C72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\cshlp.exe
FirewallRules: [{5A647387-1AB8-4065-83FD-86DE2D39C366}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\cshlp.exe
FirewallRules: [{89F930C7-3F59-447A-A61C-F1D2550372E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{F9DADF7D-D962-4B4D-8FA2-F3FAE02FCD7B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{35B3915F-333E-4210-8A38-C4751C09081A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life is Feudal Your Own\yo_cm_client.exe
FirewallRules: [{8566A02C-FDA3-4DF9-BFE6-1E40FE8F1316}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life is Feudal Your Own\yo_cm_client.exe
FirewallRules: [{4E26DFBA-5D32-44C7-9503-908DFB9B2452}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\firstassault\Shipping\GAME.exe
FirewallRules: [{C18243DE-0AD3-44F0-BCBD-B80D4B9EDFDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\firstassault\Shipping\GAME.exe
FirewallRules: [TCP Query User{983BBAE4-F68D-4BA5-9F8B-8CE8C1812CF5}C:\program files (x86)\neverwinter_de\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\neverwinter_de\neverwinter\live\gameclient.exe
FirewallRules: [UDP Query User{BB650065-1A41-4BC7-9A34-AEF38B6606BF}C:\program files (x86)\neverwinter_de\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\neverwinter_de\neverwinter\live\gameclient.exe
FirewallRules: [{91073044-DCE5-4622-94C9-879C23F017C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fairy Fencer F\FairyFencer.exe
FirewallRules: [{3F50690D-B5D0-47A1-87F0-DE5F9D958D64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fairy Fencer F\FairyFencer.exe
FirewallRules: [{FC7A729A-4D3F-4172-9FBC-169726F4B1F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{745B987A-736A-4076-B434-F10404F0E4C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{B6C5C0F6-EEBF-41B3-97FE-2EE05006020F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{A860739D-2D99-4BA3-BA4B-E5DBD8544850}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{08EAD17A-C8F1-4798-A830-8E96DED99B15}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{A2034420-0281-43F9-A373-E20EA192FE90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{3F2B3038-57C9-4C89-B394-CBAC2D7709BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{B1A3DE32-7C31-48DA-85F3-E1153DE3E4FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{A412A5A9-FE31-4045-8598-450A4325A235}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{F0193371-06B8-439D-B2AA-58D14957F260}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{3112B373-708E-4763-9F4C-4D7422967D24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\dmcr.exe
FirewallRules: [{8E4B95C5-455D-4A89-8EA6-FD285B99AAA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\dmcr.exe
FirewallRules: [{5C94A499-E44D-4961-BB6D-F53EE7A611AA}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{E64FAC19-35FF-4FB6-8F40-EBB3CECFA021}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{C1672358-8461-4805-98F2-9B47F3D3EEDD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Riders of Icarus\Bin32\nxsteam.exe
FirewallRules: [{5B5B245A-374E-4BC9-842D-3829224875E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Riders of Icarus\Bin32\nxsteam.exe
FirewallRules: [TCP Query User{0CD3041E-3DDF-4082-A029-032908831161}C:\program files (x86)\steam\steamapps\common\riders of icarus\bin32\launcher32.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\riders of icarus\bin32\launcher32.exe
FirewallRules: [UDP Query User{75178641-3017-4414-89F6-0E84755E082D}C:\program files (x86)\steam\steamapps\common\riders of icarus\bin32\launcher32.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\riders of icarus\bin32\launcher32.exe
FirewallRules: [TCP Query User{98EDC6B9-9EB7-4501-91A7-C6EDEAB94CDA}C:\program files (x86)\steam\steamapps\common\riders of icarus\bin64\launcher.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\riders of icarus\bin64\launcher.exe
FirewallRules: [UDP Query User{A1E979F8-9097-4AF7-9459-2745D215331C}C:\program files (x86)\steam\steamapps\common\riders of icarus\bin64\launcher.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\riders of icarus\bin64\launcher.exe
FirewallRules: [{D15278CA-DD5B-44F8-8F7C-417279107A0F}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{F5B10DF9-9E2B-4BD5-81E3-F5E363FA0F35}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{6DC1F1E3-40D0-40BA-B83E-19A0C04582FB}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
FirewallRules: [{90FFB6C1-7126-4290-ACCD-C6E8343AE034}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
FirewallRules: [TCP Query User{C62204E2-9099-4D79-B9F9-E3DF89B59840}C:\users\philip\desktop\cheat engine\cheat engine 6.5.1\cheatengine-x86_64.exe] => (Block) C:\users\philip\desktop\cheat engine\cheat engine 6.5.1\cheatengine-x86_64.exe
FirewallRules: [UDP Query User{0E9975A0-C91F-499D-9649-8F1F5FB767CB}C:\users\philip\desktop\cheat engine\cheat engine 6.5.1\cheatengine-x86_64.exe] => (Block) C:\users\philip\desktop\cheat engine\cheat engine 6.5.1\cheatengine-x86_64.exe
FirewallRules: [{426A4A15-26C8-4B35-B493-166ED8E4BA53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{67D0D46A-7DCF-42CD-A98F-CFBEAA151E2D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{866B115F-E66B-4337-9E59-795F7F879025}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{A82EC7E6-7F53-4ECE-AE00-67E4F3E93679}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [TCP Query User{06B197DA-27F1-4DBE-AA3E-2A5467988AD8}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{DFFD2C83-1261-4E38-93BB-7BD961EB25FE}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{2755F3AD-8713-47E9-8BED-16F68E1D9E8D}] => (Allow) C:\Users\Philip\Desktop\Nox\Nox\bin\Nox.exe
FirewallRules: [{A499D3CE-6802-4E52-96EB-7614D9258704}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\firstassault\Shipping\nxsteam.exe
FirewallRules: [{072F56F3-75D6-4E61-B80D-9FF2F02803AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\firstassault\Shipping\nxsteam.exe
FirewallRules: [{A5B1ABAD-C66B-427D-9C90-1071ACE66497}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{83A374FA-0895-43B2-9BA6-4703B54C9FFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [TCP Query User{13487E11-94CA-474E-9DBE-325B2E0B7ED4}C:\users\philip\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\philip\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{DC589DCA-5085-4450-9E40-5EE7AE571125}C:\users\philip\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\philip\appdata\roaming\spotify\spotify.exe
FirewallRules: [{3B22D71D-6120-487A-BE78-2AED19395886}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{C75FC7E7-B01F-49F2-8EAB-A422AA918652}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{D4CC247C-F13A-4A99-BECA-6957B4CC9DCF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{6480F938-5D6F-4D3B-9D20-FE23D914DF77}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{2D4E94A4-6A57-4294-8812-F43626BCC733}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BE0F92E8-52D2-425F-B4DF-8FDE7E9C4250}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B2B7E2E3-4656-4616-A75A-E259214BF05D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Wiederherstellungspunkte =========================

18-09-2016 16:26:29 Malwarebytes Anti-Rootkit Restore Point

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/18/2016 06:03:11 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Users\Philip\AppData\Local\chromium\Application\chrome.exe".
Die abhängige Assemblierung "51.0.2683.0,language="*",type="win32",version="51.0.2683.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/18/2016 06:03:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (09/18/2016 04:41:00 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Users\Philip\AppData\Local\chromium\Application\chrome.exe".
Die abhängige Assemblierung "51.0.2683.0,language="*",type="win32",version="51.0.2683.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/18/2016 04:40:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (09/18/2016 04:29:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (09/14/2016 10:44:36 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Users\Philip\AppData\Local\chromium\Application\chrome.exe".
Die abhängige Assemblierung "51.0.2683.0,language="*",type="win32",version="51.0.2683.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/14/2016 10:44:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (09/12/2016 12:11:55 AM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

Error: (09/12/2016 12:11:33 AM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

Error: (09/12/2016 12:10:54 AM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!


Systemfehler:
=============
Error: (09/18/2016 06:03:07 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (09/18/2016 06:01:30 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (09/18/2016 06:01:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/18/2016 06:01:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/18/2016 06:00:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/18/2016 06:00:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "RzSurroundVADStreamingService" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/18/2016 06:00:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "RemoteMouseService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/18/2016 06:00:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Razer Game Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/18/2016 06:00:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/18/2016 06:00:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i3-4160 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 42%
Installierter physikalischer RAM: 8143.27 MB
Verfügbarer physikalischer RAM: 4652.28 MB
Summe virtueller Speicher: 16284.71 MB
Verfügbarer virtueller Speicher: 12015.1 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:1862.79 GB) (Free:1032.94 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================
         

Alt 19.09.2016, 10:51   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win7, Pop-up Probleme bei Chrome - Standard

Win7, Pop-up Probleme bei Chrome



Zitat:
Logs von FRST64, TDSSKiller und AdwCleaner sind vorhanden, kann ich allerdings aufgrund ihrer Größe nicht alle gleichzeitig posten.
Auch habe ich es auch mit der Software Malwarebytes-Anti-Rootkit versucht.
Bitte alle Logs nachreichen


Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 19.09.2016, 16:40   #3
Phlipsi
 
Win7, Pop-up Probleme bei Chrome - Standard

Win7, Pop-up Probleme bei Chrome



AdwCleaner[C0]

Code:
ATTFilter
# AdwCleaner v6.020 - Bericht erstellt am 18/09/2016 um 18:01:23
# Aktualisiert am 14/09/2016 von ToolsLib
# Datenbank : 2016-09-17.1 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X64)
# Benutzername : Philip - PHILIP-PC
# Gestartet von : C:\Users\Philip\Downloads\AdwCleaner_6.020.exe
# Modus: Löschen
# Unterstützung : https://toolslib.net/forum



***** [ Dienste ] *****



***** [ Ordner ] *****

[-] Ordner gelöscht: C:\Users\Philip\AppData\Local\DriverToolkit
[-] Ordner gelöscht: C:\Users\Philip\AppData\Local\PackageAware
[-] Ordner gelöscht: C:\Users\Philip\AppData\LocalLow\Browser-Security
[-] Ordner gelöscht: C:\Users\Philip\AppData\Roaming\Browser-Security
[-] Ordner gelöscht: C:\Program Files\ByteFence
[-] Ordner gelöscht: C:\Program Files (x86)\DriverToolkit


***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****

[-] Verknüpfung desinfiziert: C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[-] Verknüpfung desinfiziert: C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
[-] Verknüpfung desinfiziert: C:\Users\Philip\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[-] Verknüpfung desinfiziert: C:\Users\Philip\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk


***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{E6E66045-E911-4C01-961D-42487CE12089}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E6E66045-E911-4C01-961D-42487CE12089}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E6E66045-E911-4C01-961D-42487CE12089}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E6E66045-E911-4C01-961D-42487CE12089}
[-] Schlüssel gelöscht: HKU\S-1-5-21-4121084442-288992259-759938091-1000\Software\DriverToolkit
[-] Schlüssel gelöscht: HKU\S-1-5-21-4121084442-288992259-759938091-1000\Software\PRODUCTSETUP
[-] Schlüssel gelöscht: HKU\S-1-5-21-4121084442-288992259-759938091-1000\Software\SecuredDownload
[-] Schlüssel gelöscht: HKU\S-1-5-21-4121084442-288992259-759938091-1000\Software\csastats
[-] Schlüssel gelöscht: HKU\S-1-5-21-4121084442-288992259-759938091-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\DriverToolkit
[-] Schlüssel gelöscht: HKU\S-1-5-21-4121084442-288992259-759938091-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\PRODUCTSETUP
[-] Schlüssel gelöscht: HKU\S-1-5-21-4121084442-288992259-759938091-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\SecuredDownload
[-] Schlüssel gelöscht: HKU\S-1-5-21-4121084442-288992259-759938091-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\csastats
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\DriverToolkit
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\PRODUCTSETUP
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\SecuredDownload
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\csastats
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Browser-Security
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\DriverToolkit
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\PRODUCTSETUP
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\SecuredDownload
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\csastats
[-] Daten  wiederhergestellt: HKU\S-1-5-21-4121084442-288992259-759938091-1000\Software\Microsoft\Internet Explorer\Main [Start Page] 
[-] Daten  wiederhergestellt: HKU\S-1-5-21-4121084442-288992259-759938091-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main [Start Page] 
[-] Daten  wiederhergestellt: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] 
[-] Daten  wiederhergestellt: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] 
[-] Daten  wiederhergestellt: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] 
[-] Daten  wiederhergestellt: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] 
[-] Schlüssel gelöscht: HKU\S-1-5-21-4121084442-288992259-759938091-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Daten  wiederhergestellt: HKU\S-1-5-21-4121084442-288992259-759938091-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Schlüssel gelöscht: HKU\S-1-5-21-4121084442-288992259-759938091-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Daten  wiederhergestellt: HKU\S-1-5-21-4121084442-288992259-759938091-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Daten  wiederhergestellt: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Daten  wiederhergestellt: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}
[-] Wert gelöscht: HKU\S-1-5-21-4121084442-288992259-759938091-1000\Software\Microsoft\Windows\CurrentVersion\Run [safe_urls768]
[-] Wert gelöscht: HKU\S-1-5-21-4121084442-288992259-759938091-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Run [safe_urls768]
[#] Wert mit Neustart gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [safe_urls768]
[#] Wert mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Run [safe_urls768]


***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [7332 Bytes] - [18/09/2016 18:01:23]
C:\AdwCleaner\AdwCleaner[S0].txt - [8519 Bytes] - [18/09/2016 17:56:43]
C:\AdwCleaner\AdwCleaner[S1].txt - [8592 Bytes] - [18/09/2016 17:59:43]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [7551 Bytes] ##########
         
TDSSKiller

Code:
ATTFilter
18:39:31.0117 0x11cc  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
18:39:31.0117 0x11cc  UEFI system
18:39:36.0366 0x11cc  ============================================================
18:39:36.0366 0x11cc  Current date / time: 2016/09/18 18:39:36.0366
18:39:36.0366 0x11cc  SystemInfo:
18:39:36.0366 0x11cc  
18:39:36.0366 0x11cc  OS Version: 6.1.7601 ServicePack: 1.0
18:39:36.0366 0x11cc  Product type: Workstation
18:39:36.0366 0x11cc  ComputerName: PHILIP-PC
18:39:36.0366 0x11cc  UserName: Philip
18:39:36.0366 0x11cc  Windows directory: C:\Windows
18:39:36.0366 0x11cc  System windows directory: C:\Windows
18:39:36.0366 0x11cc  Running under WOW64
18:39:36.0366 0x11cc  Processor architecture: Intel x64
18:39:36.0366 0x11cc  Number of processors: 4
18:39:36.0366 0x11cc  Page size: 0x1000
18:39:36.0366 0x11cc  Boot type: Normal boot
18:39:36.0366 0x11cc  CodeIntegrityOptions = 0x00000001
18:39:36.0366 0x11cc  ============================================================
18:39:38.0081 0x11cc  KLMD registered as C:\Windows\system32\drivers\19412894.sys
18:39:38.0081 0x11cc  KLMD ARK init status: drvProperties = 0x7FF00, osBuild = 7601.23539, osProperties = 0x1
18:39:38.0429 0x11cc  System UUID: {A80C7592-4EF2-A18A-3F52-0592F103574E}
18:39:39.0056 0x11cc  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:39:39.0066 0x11cc  ============================================================
18:39:39.0066 0x11cc  \Device\Harddisk0\DR0:
18:39:39.0066 0x11cc  GPT partitions:
18:39:39.0067 0x11cc  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {4B4086E6-7604-4920-9D79-2B3370FE82AC}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
18:39:39.0067 0x11cc  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {CEAC66ED-7797-4F49-A693-703B49C1147E}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
18:39:39.0067 0x11cc  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {58D6C16B-09AF-462C-959D-BE17E7F8EC7E}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0xE8D96000
18:39:39.0067 0x11cc  MBR partitions:
18:39:39.0067 0x11cc  ============================================================
18:39:39.0084 0x11cc  C: <-> \Device\Harddisk0\DR0\Partition3
18:39:39.0084 0x11cc  ============================================================
18:39:39.0084 0x11cc  Initialize success
18:39:39.0084 0x11cc  ============================================================
18:40:03.0724 0x0a38  ============================================================
18:40:03.0724 0x0a38  Scan started
18:40:03.0724 0x0a38  Mode: Manual; SigCheck; TDLFS; 
18:40:03.0724 0x0a38  ============================================================
18:40:03.0724 0x0a38  KSN ping started
18:40:03.0825 0x0a38  KSN ping finished: true
18:40:04.0971 0x0a38  ================ Scan system memory ========================
18:40:04.0971 0x0a38  System memory - ok
18:40:04.0971 0x0a38  ================ Scan services =============================
18:40:05.0068 0x0a38  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:40:05.0106 0x0a38  1394ohci - ok
18:40:05.0142 0x0a38  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:40:05.0155 0x0a38  ACPI - ok
18:40:05.0168 0x0a38  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:40:05.0186 0x0a38  AcpiPmi - ok
18:40:05.0305 0x0a38  [ 68E7DEA59FDEF410BAF29FDB5B7A6EEF, B808FCF0C30B465A1330E47947B84FC722A3B4C46260E261C54B1EED725A288F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:40:05.0315 0x0a38  AdobeARMservice - ok
18:40:05.0412 0x0a38  [ 8FC33A20D54FB5CC7FBBA814B4E42A22, 707F61F0CEB9467D9BD1782868403BD53DB46EAB0342772661F370E5174AAD8C ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:40:05.0422 0x0a38  AdobeFlashPlayerUpdateSvc - ok
18:40:05.0448 0x0a38  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
18:40:05.0461 0x0a38  adp94xx - ok
18:40:05.0474 0x0a38  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
18:40:05.0486 0x0a38  adpahci - ok
18:40:05.0496 0x0a38  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
18:40:05.0505 0x0a38  adpu320 - ok
18:40:05.0546 0x0a38  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:40:05.0558 0x0a38  AeLookupSvc - ok
18:40:05.0614 0x0a38  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
18:40:05.0629 0x0a38  AFD - ok
18:40:05.0637 0x0a38  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
18:40:05.0645 0x0a38  agp440 - ok
18:40:05.0784 0x0a38  [ E20C1118524DF19945BCD83A3843E8CF, 90C87096E9E2595DAA503CFD9C24D7D8F9CB2D567ACAB06FBF5527C8A6059409 ] AGSService      C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
18:40:05.0830 0x0a38  AGSService - ok
18:40:05.0845 0x0a38  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
18:40:05.0856 0x0a38  ALG - ok
18:40:05.0885 0x0a38  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:40:05.0891 0x0a38  aliide - ok
18:40:05.0901 0x0a38  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
18:40:05.0906 0x0a38  amdide - ok
18:40:05.0916 0x0a38  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
18:40:05.0923 0x0a38  AmdK8 - ok
18:40:05.0938 0x0a38  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
18:40:05.0945 0x0a38  AmdPPM - ok
18:40:05.0985 0x0a38  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:40:05.0992 0x0a38  amdsata - ok
18:40:06.0006 0x0a38  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
18:40:06.0018 0x0a38  amdsbs - ok
18:40:06.0028 0x0a38  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:40:06.0034 0x0a38  amdxata - ok
18:40:06.0138 0x0a38  [ 70EE2EA42E9F20B794C4804454F1A37A, 49B615BF138E2C5AFF04EFDF7928D49117DF41DCD48922683E4D3D3FD0DF9A04 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
18:40:06.0175 0x0a38  AntiVirMailService - ok
18:40:06.0227 0x0a38  [ 9E6642340CC7C685E07981F0B43B661A, A6CC970817B616CB4BBF37089DC687567EABC2DC326CBACBF1E370AC98E5D65A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
18:40:06.0241 0x0a38  AntiVirSchedulerService - ok
18:40:06.0280 0x0a38  [ 9E6642340CC7C685E07981F0B43B661A, A6CC970817B616CB4BBF37089DC687567EABC2DC326CBACBF1E370AC98E5D65A ] AntiVirService  C:\Program Files (x86)\Avira\Antivirus\avguard.exe
18:40:06.0291 0x0a38  AntiVirService - ok
18:40:06.0325 0x0a38  [ 96812A05A4C39CC55CF0CD286C3D6B8F, 18F38ACB3E87EFFD9B3A1126B0C4FF6CE3A6F327E01A6FC8AB2DCFFE9BF58953 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
18:40:06.0361 0x0a38  AntiVirWebService - ok
18:40:06.0499 0x0a38  [ 52F8C264D3BF90D2726FDE6642A381D4, 3780CCB0E4B89CAD818C887D65677EAB30F5ACC91FC1E6D0818F792A8D731137 ] AppID           C:\Windows\system32\drivers\appid.sys
18:40:06.0506 0x0a38  AppID - ok
18:40:06.0572 0x0a38  [ 2C49C5C911D1BE2A815BC183C0B2FED1, DDF299E05626E40417C135571F7ED78FB8BC4DD78907980316A6A277D0096074 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:40:06.0580 0x0a38  AppIDSvc - ok
18:40:06.0616 0x0a38  [ B46099A534B7989D80330EA82D9092D6, 0CAC09732FAFAE805E55428B6BE001DCC39EBC599539FADE7AA68571A8A554E5 ] Appinfo         C:\Windows\System32\appinfo.dll
18:40:06.0625 0x0a38  Appinfo - ok
18:40:06.0657 0x0a38  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
18:40:06.0674 0x0a38  AppMgmt - ok
18:40:06.0695 0x0a38  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
18:40:06.0703 0x0a38  arc - ok
18:40:06.0714 0x0a38  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
18:40:06.0723 0x0a38  arcsas - ok
18:40:06.0830 0x0a38  [ FB9D84743CAF1B4E98E46FD1FDBBA576, 050992F62D5BAA88FB9A655DAEF37AE7A4150993EAF62D2770F09D60F613A187 ] ArcService      C:\Program Files (x86)\Arc\ArcService.exe
18:40:06.0836 0x0a38  ArcService - ok
18:40:06.0931 0x0a38  [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:40:06.0942 0x0a38  aspnet_state - ok
18:40:06.0955 0x0a38  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:40:06.0975 0x0a38  AsyncMac - ok
18:40:07.0012 0x0a38  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
18:40:07.0020 0x0a38  atapi - ok
18:40:07.0089 0x0a38  [ 36322190763845975E0D001E90687BF2, EA3DB2D112015CA5C744C5A84CDEFF6D02CE7D0E7E6E141AE3E527C2FAB5600E ] athur           C:\Windows\system32\DRIVERS\athurx.sys
18:40:07.0125 0x0a38  athur - ok
18:40:07.0168 0x0a38  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:40:07.0188 0x0a38  AudioEndpointBuilder - ok
18:40:07.0200 0x0a38  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:40:07.0215 0x0a38  AudioSrv - ok
18:40:07.0264 0x0a38  [ E0304A40460FFFB14F3B067660518B9E, 68885E98ABBE72DC5EA9EEA30D1499B8E97E0963A0F19830C1F2D22689288AD4 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
18:40:07.0274 0x0a38  avgntflt - ok
18:40:07.0309 0x0a38  [ DBEFDCF8A5258A483B672EB9825E5F7F, B36CFC6FD723F43622EDB97157A0CA00494EF0C47D345DF7356B5C17B3D83513 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
18:40:07.0317 0x0a38  avipbb - ok
18:40:07.0389 0x0a38  [ A177265C1777ABE56B22D921F91DDC38, D4E9C5BFC65063EDA015723058805B03C51F5B7456B404A4548CEC8DF6A3F7B7 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
18:40:07.0402 0x0a38  Avira.ServiceHost - ok
18:40:07.0433 0x0a38  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
18:40:07.0439 0x0a38  avkmgr - ok
18:40:07.0470 0x0a38  [ 138A53D17B040F5A3A307D44A89D0905, AD212E430F2DE43F037BECF6A46FCD53270A5EE11427030C7D5CBC3EAAAAA029 ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
18:40:07.0482 0x0a38  avnetflt - ok
18:40:07.0515 0x0a38  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:40:07.0530 0x0a38  AxInstSV - ok
18:40:07.0565 0x0a38  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
18:40:07.0579 0x0a38  b06bdrv - ok
18:40:07.0591 0x0a38  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:40:07.0604 0x0a38  b57nd60a - ok
18:40:07.0608 0x0a38  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:40:07.0617 0x0a38  BDESVC - ok
18:40:07.0626 0x0a38  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:40:07.0650 0x0a38  Beep - ok
18:40:07.0729 0x0a38  [ E543472B75FC78B3205273AE1E8CFE5F, 97CCA65B2BD59DF45B069DE66522E768968CD03B377F797691429E14D448BE9F ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
18:40:07.0756 0x0a38  BEService - ok
18:40:07.0813 0x0a38  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
18:40:07.0831 0x0a38  BFE - ok
18:40:07.0878 0x0a38  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
18:40:07.0925 0x0a38  BITS - ok
18:40:07.0947 0x0a38  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:40:07.0954 0x0a38  blbdrive - ok
18:40:07.0988 0x0a38  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:40:07.0995 0x0a38  bowser - ok
18:40:08.0011 0x0a38  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
18:40:08.0022 0x0a38  BrFiltLo - ok
18:40:08.0032 0x0a38  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
18:40:08.0040 0x0a38  BrFiltUp - ok
18:40:08.0049 0x0a38  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
18:40:08.0059 0x0a38  Browser - ok
18:40:08.0077 0x0a38  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:40:08.0089 0x0a38  Brserid - ok
18:40:08.0098 0x0a38  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:40:08.0107 0x0a38  BrSerWdm - ok
18:40:08.0114 0x0a38  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:40:08.0124 0x0a38  BrUsbMdm - ok
18:40:08.0128 0x0a38  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:40:08.0136 0x0a38  BrUsbSer - ok
18:40:08.0146 0x0a38  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
18:40:08.0156 0x0a38  BTHMODEM - ok
18:40:08.0174 0x0a38  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
18:40:08.0204 0x0a38  bthserv - ok
18:40:08.0225 0x0a38  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:40:08.0251 0x0a38  cdfs - ok
18:40:08.0278 0x0a38  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:40:08.0287 0x0a38  cdrom - ok
18:40:08.0293 0x0a38  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:40:08.0315 0x0a38  CertPropSvc - ok
18:40:08.0329 0x0a38  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
18:40:08.0339 0x0a38  circlass - ok
18:40:08.0380 0x0a38  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
18:40:08.0391 0x0a38  CLFS - ok
18:40:08.0453 0x0a38  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:40:08.0460 0x0a38  clr_optimization_v2.0.50727_32 - ok
18:40:08.0477 0x0a38  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:40:08.0484 0x0a38  clr_optimization_v2.0.50727_64 - ok
18:40:08.0578 0x0a38  [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:40:08.0586 0x0a38  clr_optimization_v4.0.30319_32 - ok
18:40:08.0614 0x0a38  [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:40:08.0622 0x0a38  clr_optimization_v4.0.30319_64 - ok
18:40:08.0628 0x0a38  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
18:40:08.0635 0x0a38  CmBatt - ok
18:40:08.0641 0x0a38  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:40:08.0646 0x0a38  cmdide - ok
18:40:08.0691 0x0a38  [ 3323F76352B0AF14B2CDC4DFBF3E980A, F8E3C3508C37E647497B6889F26819B1DB30275F48A994D1BBFBAA9454E5FD70 ] CNG             C:\Windows\system32\Drivers\cng.sys
18:40:08.0706 0x0a38  CNG - ok
18:40:08.0719 0x0a38  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
18:40:08.0725 0x0a38  Compbatt - ok
18:40:08.0734 0x0a38  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
18:40:08.0743 0x0a38  CompositeBus - ok
18:40:08.0754 0x0a38  COMSysApp - ok
18:40:08.0764 0x0a38  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
18:40:08.0771 0x0a38  crcdisk - ok
18:40:08.0809 0x0a38  [ B1962E21F74697AB442FA4432B970E85, DADE4C90624EC928699246785E3DF73D795B5C68834FCD99D3063AD647423D12 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:40:08.0820 0x0a38  CryptSvc - ok
18:40:08.0842 0x0a38  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
18:40:08.0858 0x0a38  CSC - ok
18:40:08.0906 0x0a38  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
18:40:08.0923 0x0a38  CscService - ok
18:40:08.0969 0x0a38  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:40:08.0987 0x0a38  DcomLaunch - ok
18:40:09.0009 0x0a38  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
18:40:09.0038 0x0a38  defragsvc - ok
18:40:09.0044 0x0a38  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:40:09.0067 0x0a38  DfsC - ok
18:40:09.0083 0x0a38  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:40:09.0104 0x0a38  Dhcp - ok
18:40:09.0151 0x0a38  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
18:40:09.0180 0x0a38  DiagTrack - ok
18:40:09.0188 0x0a38  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
18:40:09.0210 0x0a38  discache - ok
18:40:09.0246 0x0a38  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
18:40:09.0254 0x0a38  Disk - ok
18:40:09.0287 0x0a38  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
18:40:09.0294 0x0a38  dmvsc - ok
18:40:09.0315 0x0a38  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:40:09.0324 0x0a38  Dnscache - ok
18:40:09.0347 0x0a38  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:40:09.0374 0x0a38  dot3svc - ok
18:40:09.0395 0x0a38  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
18:40:09.0419 0x0a38  DPS - ok
18:40:09.0457 0x0a38  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:40:09.0463 0x0a38  drmkaud - ok
18:40:09.0520 0x0a38  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:40:09.0541 0x0a38  DXGKrnl - ok
18:40:09.0553 0x0a38  EagleX64 - ok
18:40:09.0586 0x0a38  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
18:40:09.0609 0x0a38  EapHost - ok
18:40:09.0623 0x0a38  EasyAntiCheat - ok
18:40:09.0697 0x0a38  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
18:40:09.0756 0x0a38  ebdrv - ok
18:40:09.0790 0x0a38  [ 07932D7BA536B0BB58306A156A9AFC31, 315AA4503A9C69E476D796C8DC6D4800A623B942C8707A15A94A892E94D123D9 ] EFS             C:\Windows\System32\lsass.exe
18:40:09.0803 0x0a38  EFS - ok
18:40:09.0824 0x0a38  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
18:40:09.0839 0x0a38  elxstor - ok
18:40:09.0865 0x0a38  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:40:09.0873 0x0a38  ErrDev - ok
18:40:09.0901 0x0a38  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
18:40:09.0926 0x0a38  EventSystem - ok
18:40:09.0939 0x0a38  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
18:40:09.0962 0x0a38  exfat - ok
18:40:09.0975 0x0a38  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:40:10.0001 0x0a38  fastfat - ok
18:40:10.0019 0x0a38  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
18:40:10.0042 0x0a38  fdc - ok
18:40:10.0058 0x0a38  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
18:40:10.0088 0x0a38  fdPHost - ok
18:40:10.0096 0x0a38  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:40:10.0122 0x0a38  FDResPub - ok
18:40:10.0148 0x0a38  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:40:10.0155 0x0a38  FileInfo - ok
18:40:10.0163 0x0a38  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:40:10.0185 0x0a38  Filetrace - ok
18:40:10.0215 0x0a38  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
18:40:10.0223 0x0a38  flpydisk - ok
18:40:10.0237 0x0a38  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:40:10.0248 0x0a38  FltMgr - ok
18:40:10.0308 0x0a38  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
18:40:10.0332 0x0a38  FontCache - ok
18:40:10.0338 0x0a38  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:40:10.0344 0x0a38  FsDepends - ok
18:40:10.0397 0x0a38  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:40:10.0405 0x0a38  Fs_Rec - ok
18:40:10.0453 0x0a38  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:40:10.0463 0x0a38  fvevol - ok
18:40:10.0470 0x0a38  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
18:40:10.0477 0x0a38  gagp30kx - ok
18:40:10.0615 0x0a38  [ 061CC5C12C39899D7398CFEBFD19F69F, 62319596863A74665FA801C305C952A0F20AAA0F1CDC2195F2F69D662790C80B ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
18:40:10.0639 0x0a38  GfExperienceService - ok
18:40:10.0701 0x0a38  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
18:40:10.0721 0x0a38  gpsvc - ok
18:40:10.0785 0x0a38  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:40:10.0793 0x0a38  gupdate - ok
18:40:10.0798 0x0a38  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:40:10.0806 0x0a38  gupdatem - ok
18:40:10.0813 0x0a38  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:40:10.0822 0x0a38  hcw85cir - ok
18:40:10.0847 0x0a38  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:40:10.0863 0x0a38  HdAudAddService - ok
18:40:10.0877 0x0a38  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
18:40:10.0887 0x0a38  HDAudBus - ok
18:40:10.0900 0x0a38  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
18:40:10.0907 0x0a38  HidBatt - ok
18:40:10.0919 0x0a38  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
18:40:10.0929 0x0a38  HidBth - ok
18:40:10.0947 0x0a38  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
18:40:10.0956 0x0a38  HidIr - ok
18:40:10.0990 0x0a38  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
18:40:11.0009 0x0a38  hidserv - ok
18:40:11.0080 0x0a38  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:40:11.0086 0x0a38  HidUsb - ok
18:40:11.0127 0x0a38  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:40:11.0150 0x0a38  hkmsvc - ok
18:40:11.0166 0x0a38  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:40:11.0175 0x0a38  HomeGroupListener - ok
18:40:11.0186 0x0a38  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:40:11.0196 0x0a38  HomeGroupProvider - ok
18:40:11.0206 0x0a38  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:40:11.0212 0x0a38  HpSAMD - ok
18:40:11.0259 0x0a38  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:40:11.0279 0x0a38  HTTP - ok
18:40:11.0304 0x0a38  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:40:11.0313 0x0a38  hwpolicy - ok
18:40:11.0326 0x0a38  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
18:40:11.0335 0x0a38  i8042prt - ok
18:40:11.0379 0x0a38  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:40:11.0391 0x0a38  iaStorV - ok
18:40:11.0398 0x0a38  IEEtwCollectorService - ok
18:40:11.0407 0x0a38  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
18:40:11.0413 0x0a38  iirsp - ok
18:40:11.0459 0x0a38  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
18:40:11.0481 0x0a38  IKEEXT - ok
18:40:11.0511 0x0a38  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
18:40:11.0519 0x0a38  intelide - ok
18:40:11.0534 0x0a38  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:40:11.0542 0x0a38  intelppm - ok
18:40:11.0572 0x0a38  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:40:11.0593 0x0a38  IPBusEnum - ok
18:40:11.0605 0x0a38  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:40:11.0630 0x0a38  IpFilterDriver - ok
18:40:11.0678 0x0a38  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:40:11.0694 0x0a38  iphlpsvc - ok
18:40:11.0710 0x0a38  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:40:11.0718 0x0a38  IPMIDRV - ok
18:40:11.0732 0x0a38  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:40:11.0752 0x0a38  IPNAT - ok
18:40:11.0767 0x0a38  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:40:11.0782 0x0a38  IRENUM - ok
18:40:11.0795 0x0a38  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:40:11.0801 0x0a38  isapnp - ok
18:40:11.0843 0x0a38  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:40:11.0852 0x0a38  iScsiPrt - ok
18:40:11.0860 0x0a38  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:40:11.0866 0x0a38  kbdclass - ok
18:40:11.0876 0x0a38  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:40:11.0883 0x0a38  kbdhid - ok
18:40:11.0890 0x0a38  [ 07932D7BA536B0BB58306A156A9AFC31, 315AA4503A9C69E476D796C8DC6D4800A623B942C8707A15A94A892E94D123D9 ] KeyIso          C:\Windows\system32\lsass.exe
18:40:11.0899 0x0a38  KeyIso - ok
18:40:11.0932 0x0a38  [ EB7BB4F58971F4FE099B3CE127346563, 6CE7BF43B5775ABF954508B4B02E441C169990FDFDF35FFE3137C85C1231695B ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:40:11.0941 0x0a38  KSecDD - ok
18:40:11.0976 0x0a38  [ 6EBBA531A455E8F1092FD530A8682A97, 658F9ACADD422A2F1D48120FB4FCBB2E8F0CF245C07D439A2611878E82C61A01 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:40:11.0984 0x0a38  KSecPkg - ok
18:40:11.0997 0x0a38  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:40:12.0019 0x0a38  ksthunk - ok
18:40:12.0048 0x0a38  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:40:12.0076 0x0a38  KtmRm - ok
18:40:12.0113 0x0a38  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:40:12.0137 0x0a38  LanmanServer - ok
18:40:12.0149 0x0a38  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:40:12.0173 0x0a38  LanmanWorkstation - ok
18:40:12.0190 0x0a38  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:40:12.0210 0x0a38  lltdio - ok
18:40:12.0231 0x0a38  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:40:12.0257 0x0a38  lltdsvc - ok
18:40:12.0271 0x0a38  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:40:12.0293 0x0a38  lmhosts - ok
18:40:12.0317 0x0a38  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
18:40:12.0324 0x0a38  LSI_FC - ok
18:40:12.0338 0x0a38  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
18:40:12.0345 0x0a38  LSI_SAS - ok
18:40:12.0355 0x0a38  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
18:40:12.0364 0x0a38  LSI_SAS2 - ok
18:40:12.0374 0x0a38  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
18:40:12.0381 0x0a38  LSI_SCSI - ok
18:40:12.0402 0x0a38  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
18:40:12.0424 0x0a38  luafv - ok
18:40:12.0432 0x0a38  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
18:40:12.0440 0x0a38  megasas - ok
18:40:12.0448 0x0a38  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
18:40:12.0457 0x0a38  MegaSR - ok
18:40:12.0504 0x0a38  [ 1BC9159CF58BABD89419072EA180A8F6, 6C9AB779C2355A341800A8F93AAAF9B19FAFF444CD6A7BD27C63D53F379A75EF ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
18:40:12.0513 0x0a38  MEIx64 - ok
18:40:12.0544 0x0a38  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
18:40:12.0567 0x0a38  MMCSS - ok
18:40:12.0577 0x0a38  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
18:40:12.0598 0x0a38  Modem - ok
18:40:12.0633 0x0a38  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:40:12.0643 0x0a38  monitor - ok
18:40:12.0652 0x0a38  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:40:12.0659 0x0a38  mouclass - ok
18:40:12.0679 0x0a38  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:40:12.0688 0x0a38  mouhid - ok
18:40:12.0723 0x0a38  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:40:12.0732 0x0a38  mountmgr - ok
18:40:12.0743 0x0a38  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:40:12.0751 0x0a38  mpio - ok
18:40:12.0762 0x0a38  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:40:12.0785 0x0a38  mpsdrv - ok
18:40:12.0809 0x0a38  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:40:12.0849 0x0a38  MpsSvc - ok
18:40:12.0897 0x0a38  [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:40:12.0910 0x0a38  MRxDAV - ok
18:40:12.0951 0x0a38  [ 341C65D6D4E9AB705258AC83511F7ADD, EE3F0874DA79C95DE5E5CEC94B1545C049DE21D8F05F63184F9F5DE9553C96A0 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:40:12.0960 0x0a38  mrxsmb - ok
18:40:12.0979 0x0a38  [ F93EDDF0B69760456C6E0D73405AC078, 9EE64BAA6449A053C152783AD102DE88C3DBC79F8BEF25E5914DC736D495E9F3 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:40:12.0991 0x0a38  mrxsmb10 - ok
18:40:12.0999 0x0a38  [ A558D659B722FE5FB8C6E1BF288F7316, 3E57FF595E9EA9D53881955E7652793888A4E55743190D653A9239FF07653D7B ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:40:13.0007 0x0a38  mrxsmb20 - ok
18:40:13.0038 0x0a38  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:40:13.0044 0x0a38  msahci - ok
18:40:13.0054 0x0a38  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:40:13.0066 0x0a38  msdsm - ok
18:40:13.0079 0x0a38  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
18:40:13.0089 0x0a38  MSDTC - ok
18:40:13.0105 0x0a38  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:40:13.0128 0x0a38  Msfs - ok
18:40:13.0133 0x0a38  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:40:13.0157 0x0a38  mshidkmdf - ok
18:40:13.0165 0x0a38  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:40:13.0172 0x0a38  msisadrv - ok
18:40:13.0185 0x0a38  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:40:13.0208 0x0a38  MSiSCSI - ok
18:40:13.0211 0x0a38  msiserver - ok
18:40:13.0229 0x0a38  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:40:13.0253 0x0a38  MSKSSRV - ok
18:40:13.0260 0x0a38  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:40:13.0284 0x0a38  MSPCLOCK - ok
18:40:13.0287 0x0a38  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:40:13.0308 0x0a38  MSPQM - ok
18:40:13.0339 0x0a38  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:40:13.0352 0x0a38  MsRPC - ok
18:40:13.0364 0x0a38  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
18:40:13.0371 0x0a38  mssmbios - ok
18:40:13.0374 0x0a38  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:40:13.0396 0x0a38  MSTEE - ok
18:40:13.0408 0x0a38  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
18:40:13.0415 0x0a38  MTConfig - ok
18:40:13.0431 0x0a38  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
18:40:13.0439 0x0a38  Mup - ok
18:40:13.0465 0x0a38  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
18:40:13.0495 0x0a38  napagent - ok
18:40:13.0527 0x0a38  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:40:13.0542 0x0a38  NativeWifiP - ok
18:40:13.0591 0x0a38  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:40:13.0613 0x0a38  NDIS - ok
18:40:13.0623 0x0a38  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:40:13.0645 0x0a38  NdisCap - ok
18:40:13.0662 0x0a38  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:40:13.0681 0x0a38  NdisTapi - ok
18:40:13.0691 0x0a38  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:40:13.0710 0x0a38  Ndisuio - ok
18:40:13.0725 0x0a38  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:40:13.0751 0x0a38  NdisWan - ok
18:40:13.0764 0x0a38  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:40:13.0786 0x0a38  NDProxy - ok
18:40:13.0793 0x0a38  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:40:13.0813 0x0a38  NetBIOS - ok
18:40:13.0849 0x0a38  [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:40:13.0867 0x0a38  NetBT - ok
18:40:13.0873 0x0a38  [ 07932D7BA536B0BB58306A156A9AFC31, 315AA4503A9C69E476D796C8DC6D4800A623B942C8707A15A94A892E94D123D9 ] Netlogon        C:\Windows\system32\lsass.exe
18:40:13.0881 0x0a38  Netlogon - ok
18:40:13.0923 0x0a38  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
18:40:13.0948 0x0a38  Netman - ok
18:40:13.0986 0x0a38  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:40:13.0994 0x0a38  NetMsmqActivator - ok
18:40:13.0998 0x0a38  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:40:14.0005 0x0a38  NetPipeActivator - ok
18:40:14.0026 0x0a38  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
18:40:14.0055 0x0a38  netprofm - ok
18:40:14.0060 0x0a38  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:40:14.0072 0x0a38  NetTcpActivator - ok
18:40:14.0205 0x0a38  [ 20EEDD348A664BAD06C4E1D381D1B57C, 32961CC3157227168169A633A75E1208C75F4F0735F0E9AE7CAD08AF6CCB3FDE ] Netzmanager Service C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
18:40:14.0256 0x0a38  Netzmanager Service - detected UnsignedFile.Multi.Generic ( 1 )
18:40:14.0461 0x0a38  Detect skipped due to KSN trusted
18:40:14.0462 0x0a38  Netzmanager Service - ok
18:40:14.0483 0x0a38  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
18:40:14.0490 0x0a38  nfrd960 - ok
18:40:14.0506 0x0a38  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:40:14.0519 0x0a38  NlaSvc - ok
18:40:14.0525 0x0a38  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:40:14.0549 0x0a38  Npfs - ok
18:40:14.0569 0x0a38  npggsvc - ok
18:40:14.0580 0x0a38  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
18:40:14.0601 0x0a38  nsi - ok
18:40:14.0613 0x0a38  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:40:14.0636 0x0a38  nsiproxy - ok
18:40:14.0707 0x0a38  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:40:14.0741 0x0a38  Ntfs - ok
18:40:14.0748 0x0a38  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
18:40:14.0772 0x0a38  Null - ok
18:40:14.0791 0x0a38  [ C1CBFEA565CB9BF8AE63657EE10DCE73, E908449BFB679D950764A2BA6A2B9875327605E399626F854BA8F968BDC14107 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
18:40:14.0801 0x0a38  NVHDA - ok
18:40:15.0039 0x0a38  [ 98C14B589F567F5880C0B514632949E7, 1445D242B94E2A2228AC91B70C6EBF5A7795999A62430CE8587FD67882E82CB3 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:40:15.0221 0x0a38  nvlddmkm - ok
18:40:15.0368 0x0a38  [ 1E3277F1C9F62F90488D02869A9522B7, 464870ACE9BDF7A6A9C46701209BEED5C33454CFF44CDABEAF871E06F23FEF17 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
18:40:15.0403 0x0a38  NvNetworkService - ok
18:40:15.0416 0x0a38  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:40:15.0424 0x0a38  nvraid - ok
18:40:15.0469 0x0a38  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:40:15.0479 0x0a38  nvstor - ok
18:40:15.0548 0x0a38  [ 59A8DE923619F3DC0C6C63DC33FB231E, 29D20EA3EB9599DE829A0630F2063D5DFD2263E9222CD4E3559725792D1454A5 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
18:40:15.0554 0x0a38  NvStreamKms - ok
18:40:15.0707 0x0a38  [ 9B4B3747C6756F49B986398A46EC1FE0, D0A25F07CBFB39B86DCB148A2EC8F01FDDD9B6D994418C54F49AA2B782CE9811 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
18:40:15.0813 0x0a38  NvStreamNetworkSvc - ok
18:40:15.0921 0x0a38  [ 266512CCC3B2E195CDE3A7A2C98A353A, DCB6C88A32FE3EE11D4FF242DE6E52B3C576C2EA4E4A5A245B4451CDEDCE94B0 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
18:40:16.0003 0x0a38  NvStreamSvc - ok
18:40:16.0055 0x0a38  [ 1BC6175DAFB0BFEAF8C927F109F912BF, EDEAC4AD10518FEDA9E827E60B840F8CBD2E22CC796E798941A8C64268115224 ] nvsvc           C:\Windows\system32\nvvsvc.exe
18:40:16.0079 0x0a38  nvsvc - ok
18:40:16.0088 0x0a38  [ 64E8275CEAD43D3CA8E3A311B2F4B64A, 99E683890B9AF3243100B387317760B5F91745EF9F7FF2ABA2DC7B6551A6EAB6 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
18:40:16.0097 0x0a38  nvvad_WaveExtensible - ok
18:40:16.0112 0x0a38  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:40:16.0120 0x0a38  nv_agp - ok
18:40:16.0133 0x0a38  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:40:16.0141 0x0a38  ohci1394 - ok
18:40:16.0249 0x0a38  [ 2906AF02B5D06B0EFCD32382F19B88DB, 52A57816017591AC18693095ED6877EC6187F01A1B075ECC0F7E8FA73543E9D0 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
18:40:16.0286 0x0a38  Origin Client Service - ok
18:40:16.0309 0x0a38  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:40:16.0322 0x0a38  p2pimsvc - ok
18:40:16.0350 0x0a38  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
18:40:16.0366 0x0a38  p2psvc - ok
18:40:16.0376 0x0a38  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
18:40:16.0384 0x0a38  Parport - ok
18:40:16.0421 0x0a38  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:40:16.0427 0x0a38  partmgr - ok
18:40:16.0440 0x0a38  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:40:16.0450 0x0a38  PcaSvc - ok
18:40:16.0459 0x0a38  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
18:40:16.0468 0x0a38  pci - ok
18:40:16.0504 0x0a38  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
18:40:16.0509 0x0a38  pciide - ok
18:40:16.0514 0x0a38  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
18:40:16.0523 0x0a38  pcmcia - ok
18:40:16.0531 0x0a38  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:40:16.0537 0x0a38  pcw - ok
18:40:16.0575 0x0a38  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:40:16.0591 0x0a38  PEAUTH - ok
18:40:16.0635 0x0a38  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
18:40:16.0665 0x0a38  PeerDistSvc - ok
18:40:16.0708 0x0a38  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:40:16.0715 0x0a38  PerfHost - ok
18:40:16.0761 0x0a38  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
18:40:16.0803 0x0a38  pla - ok
18:40:16.0847 0x0a38  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:40:16.0861 0x0a38  PlugPlay - ok
18:40:16.0890 0x0a38  PnkBstrA - ok
18:40:16.0899 0x0a38  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:40:16.0909 0x0a38  PNRPAutoReg - ok
18:40:16.0926 0x0a38  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:40:16.0939 0x0a38  PNRPsvc - ok
18:40:16.0981 0x0a38  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:40:16.0999 0x0a38  PolicyAgent - ok
18:40:17.0012 0x0a38  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
18:40:17.0038 0x0a38  Power - ok
18:40:17.0057 0x0a38  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:40:17.0085 0x0a38  PptpMiniport - ok
18:40:17.0097 0x0a38  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
18:40:17.0106 0x0a38  Processor - ok
18:40:17.0128 0x0a38  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:40:17.0138 0x0a38  ProfSvc - ok
18:40:17.0157 0x0a38  [ 07932D7BA536B0BB58306A156A9AFC31, 315AA4503A9C69E476D796C8DC6D4800A623B942C8707A15A94A892E94D123D9 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:40:17.0164 0x0a38  ProtectedStorage - ok
18:40:17.0177 0x0a38  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:40:17.0202 0x0a38  Psched - ok
18:40:17.0241 0x0a38  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
18:40:17.0269 0x0a38  ql2300 - ok
18:40:17.0283 0x0a38  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
18:40:17.0291 0x0a38  ql40xx - ok
18:40:17.0311 0x0a38  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
18:40:17.0327 0x0a38  QWAVE - ok
18:40:17.0331 0x0a38  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:40:17.0340 0x0a38  QWAVEdrv - ok
18:40:17.0367 0x0a38  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:40:17.0389 0x0a38  RasAcd - ok
18:40:17.0404 0x0a38  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:40:17.0425 0x0a38  RasAgileVpn - ok
18:40:17.0437 0x0a38  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
18:40:17.0459 0x0a38  RasAuto - ok
18:40:17.0466 0x0a38  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:40:17.0490 0x0a38  Rasl2tp - ok
18:40:17.0508 0x0a38  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
18:40:17.0537 0x0a38  RasMan - ok
18:40:17.0548 0x0a38  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:40:17.0579 0x0a38  RasPppoe - ok
18:40:17.0587 0x0a38  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:40:17.0609 0x0a38  RasSstp - ok
18:40:17.0699 0x0a38  [ EAD47E3689B1699768A38002810256F1, 12620512ADFD09E7B5B904879E147DDEDE8F21D1604212498D14B93D7FD421FD ] Razer Game Scanner Service C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
18:40:17.0708 0x0a38  Razer Game Scanner Service - ok
18:40:17.0721 0x0a38  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:40:17.0748 0x0a38  rdbss - ok
18:40:17.0761 0x0a38  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:40:17.0772 0x0a38  rdpbus - ok
18:40:17.0788 0x0a38  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:40:17.0809 0x0a38  RDPCDD - ok
18:40:17.0840 0x0a38  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
18:40:17.0848 0x0a38  RDPDR - ok
18:40:17.0851 0x0a38  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:40:17.0871 0x0a38  RDPENCDD - ok
18:40:17.0876 0x0a38  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:40:17.0897 0x0a38  RDPREFMP - ok
18:40:18.0002 0x0a38  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:40:18.0009 0x0a38  RdpVideoMiniport - ok
18:40:18.0054 0x0a38  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:40:18.0064 0x0a38  RDPWD - ok
18:40:18.0079 0x0a38  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:40:18.0089 0x0a38  rdyboost - ok
18:40:18.0107 0x0a38  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:40:18.0132 0x0a38  RemoteAccess - ok
18:40:18.0183 0x0a38  [ 10E4D1F67A369A3F6E9CE00AC4A43BE0, D41D7DD9CBFB718AFE94883AE8E79832D4DA3321878BEAB81F4382DC1DFAB8A7 ] RemoteMouseService C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
18:40:18.0188 0x0a38  RemoteMouseService - detected UnsignedFile.Multi.Generic ( 1 )
18:40:18.0380 0x0a38  Detect skipped due to KSN trusted
18:40:18.0380 0x0a38  RemoteMouseService - ok
18:40:18.0399 0x0a38  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:40:18.0430 0x0a38  RemoteRegistry - ok
18:40:18.0460 0x0a38  [ 5BD6B1EC997FF3DD779D62E05D2079A8, BE4BDE29C134BAEDE4D35C777F2C6195F8C12FEF4583FAD2A442F8D1678B7FF7 ] RMCAST          C:\Windows\system32\DRIVERS\RMCAST.sys
18:40:18.0468 0x0a38  RMCAST - ok
18:40:18.0501 0x0a38  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:40:18.0523 0x0a38  RpcEptMapper - ok
18:40:18.0528 0x0a38  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
18:40:18.0536 0x0a38  RpcLocator - ok
18:40:18.0578 0x0a38  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs           C:\Windows\system32\rpcss.dll
18:40:18.0592 0x0a38  RpcSs - ok
18:40:18.0603 0x0a38  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:40:18.0628 0x0a38  rspndr - ok
18:40:18.0676 0x0a38  [ 66E06E5B77F2323B1F11EB4C70B78328, D14A6DFF95EC897EA737623A8E60D6DEF12077A54648AC78FBD19BA11985CD77 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
18:40:18.0697 0x0a38  RTL8167 - ok
18:40:18.0729 0x0a38  [ 2ADA9F126235A56EDC9F90C888E4D142, 4CE692D045F6F8A7A1D309376648E81066F6EBAF94580F2ED0B0FFC1FE6FE44E ] RZMAELSTROMVADService C:\Windows\system32\drivers\RzMaelstromVAD.sys
18:40:18.0739 0x0a38  RZMAELSTROMVADService - ok
18:40:18.0775 0x0a38  [ 30A186D6A2A2853EEFAD7011E212E41B, 367B8FCCF29470C9237FC1F0EAEB59AE51E33778BC9914A2730AC7DDBC84942B ] rzpmgrk         C:\Windows\system32\drivers\rzpmgrk.sys
18:40:18.0783 0x0a38  rzpmgrk - ok
18:40:18.0809 0x0a38  [ 2229D5A9A92B62DF4DF9CF51F48436F7, 0507D893E3FD2917C81C1DC13CCB22AE5402AB6CA9FB8D89485010838050D08D ] rzpnk           C:\Windows\system32\drivers\rzpnk.sys
18:40:18.0819 0x0a38  rzpnk - ok
18:40:18.0884 0x0a38  [ 630BD8493D336E3FF45F1148A26A9819, 8E7FA60F0AB1964E0F5DA4E615672022CDA40056830CEB3251E02091EF6B636B ] RZSURROUNDVADService C:\Windows\system32\drivers\RzSurroundVAD.sys
18:40:18.0889 0x0a38  RZSURROUNDVADService - ok
18:40:19.0181 0x0a38  [ 478D794D1A0B5DA2AB17E305CCA3D58F, 8563B1D95B1075222E90F839855C7882B7FB554C42AF7B630968960DF53CED7F ] RzSurroundVADStreamingService C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
18:40:19.0256 0x0a38  RzSurroundVADStreamingService - detected UnsignedFile.Multi.Generic ( 1 )
18:40:19.0655 0x0a38  Detect skipped due to KSN trusted
18:40:19.0656 0x0a38  RzSurroundVADStreamingService - ok
18:40:19.0677 0x0a38  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
18:40:19.0683 0x0a38  s3cap - ok
18:40:19.0690 0x0a38  [ 07932D7BA536B0BB58306A156A9AFC31, 315AA4503A9C69E476D796C8DC6D4800A623B942C8707A15A94A892E94D123D9 ] SamSs           C:\Windows\system32\lsass.exe
18:40:19.0700 0x0a38  SamSs - ok
18:40:19.0720 0x0a38  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:40:19.0728 0x0a38  sbp2port - ok
18:40:19.0741 0x0a38  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:40:19.0766 0x0a38  SCardSvr - ok
18:40:19.0777 0x0a38  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:40:19.0797 0x0a38  scfilter - ok
18:40:19.0850 0x0a38  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
18:40:19.0876 0x0a38  Schedule - ok
18:40:19.0895 0x0a38  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:40:19.0921 0x0a38  SCPolicySvc - ok
18:40:19.0933 0x0a38  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:40:19.0943 0x0a38  SDRSVC - ok
18:40:19.0949 0x0a38  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:40:19.0997 0x0a38  secdrv - ok
18:40:20.0038 0x0a38  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
18:40:20.0045 0x0a38  seclogon - ok
18:40:20.0052 0x0a38  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
18:40:20.0076 0x0a38  SENS - ok
18:40:20.0084 0x0a38  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:40:20.0091 0x0a38  SensrSvc - ok
18:40:20.0103 0x0a38  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
18:40:20.0112 0x0a38  Serenum - ok
18:40:20.0126 0x0a38  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
18:40:20.0134 0x0a38  Serial - ok
18:40:20.0145 0x0a38  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
18:40:20.0155 0x0a38  sermouse - ok
18:40:20.0172 0x0a38  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
18:40:20.0195 0x0a38  SessionEnv - ok
18:40:20.0210 0x0a38  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:40:20.0219 0x0a38  sffdisk - ok
18:40:20.0228 0x0a38  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:40:20.0241 0x0a38  sffp_mmc - ok
18:40:20.0244 0x0a38  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:40:20.0257 0x0a38  sffp_sd - ok
18:40:20.0260 0x0a38  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
18:40:20.0267 0x0a38  sfloppy - ok
18:40:20.0292 0x0a38  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:40:20.0319 0x0a38  SharedAccess - ok
18:40:20.0333 0x0a38  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:40:20.0360 0x0a38  ShellHWDetection - ok
18:40:20.0373 0x0a38  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
18:40:20.0379 0x0a38  SiSRaid2 - ok
18:40:20.0386 0x0a38  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
18:40:20.0393 0x0a38  SiSRaid4 - ok
18:40:20.0461 0x0a38  [ 6749AD471D1D44CBD1F30257C861F77B, D5A554F35E380948F13BFE0673B49F8FD8AE5A438BF3645857522E2560A58685 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:40:20.0473 0x0a38  SkypeUpdate - ok
18:40:20.0496 0x0a38  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:40:20.0519 0x0a38  Smb - ok
18:40:20.0543 0x0a38  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:40:20.0551 0x0a38  SNMPTRAP - ok
18:40:20.0554 0x0a38  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:40:20.0560 0x0a38  spldr - ok
18:40:20.0581 0x0a38  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
18:40:20.0597 0x0a38  Spooler - ok
18:40:20.0678 0x0a38  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
18:40:20.0761 0x0a38  sppsvc - ok
18:40:20.0776 0x0a38  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:40:20.0802 0x0a38  sppuinotify - ok
18:40:20.0836 0x0a38  [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:40:20.0850 0x0a38  srv - ok
18:40:20.0890 0x0a38  [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:40:20.0908 0x0a38  srv2 - ok
18:40:20.0945 0x0a38  [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:40:20.0954 0x0a38  srvnet - ok
18:40:20.0965 0x0a38  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:40:20.0990 0x0a38  SSDPSRV - ok
18:40:20.0997 0x0a38  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:40:21.0019 0x0a38  SstpSvc - ok
18:40:21.0117 0x0a38  [ E06AA279D85877268E34E9A9BC41F560, 6EFE7E3850CD19B919053293B6D8CB61CC638D3B1626BB62594C681625132689 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
18:40:21.0147 0x0a38  Steam Client Service - ok
18:40:21.0223 0x0a38  [ 0E952C9DDE28962922CCDEFA0BF8C425, 41AEA8777DDDE907E94B69A0D03D4EAD4983DB1B798CB01A77E4D8E57CA4A9AD ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:40:21.0235 0x0a38  Stereo Service - ok
18:40:21.0258 0x0a38  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
18:40:21.0264 0x0a38  stexstor - ok
18:40:21.0279 0x0a38  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
18:40:21.0298 0x0a38  stisvc - ok
18:40:21.0315 0x0a38  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
18:40:21.0322 0x0a38  storflt - ok
18:40:21.0331 0x0a38  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
18:40:21.0343 0x0a38  StorSvc - ok
18:40:21.0361 0x0a38  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
18:40:21.0368 0x0a38  storvsc - ok
18:40:21.0377 0x0a38  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
18:40:21.0382 0x0a38  swenum - ok
18:40:21.0401 0x0a38  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
18:40:21.0435 0x0a38  swprv - ok
18:40:21.0498 0x0a38  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
18:40:21.0533 0x0a38  SysMain - ok
18:40:21.0544 0x0a38  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:40:21.0555 0x0a38  TabletInputService - ok
18:40:21.0565 0x0a38  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:40:21.0593 0x0a38  TapiSrv - ok
18:40:21.0659 0x0a38  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:40:21.0695 0x0a38  Tcpip - ok
18:40:21.0733 0x0a38  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:40:21.0773 0x0a38  TCPIP6 - ok
18:40:21.0816 0x0a38  [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:40:21.0828 0x0a38  tcpipreg - ok
18:40:21.0844 0x0a38  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:40:21.0851 0x0a38  TDPIPE - ok
18:40:21.0883 0x0a38  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:40:21.0891 0x0a38  TDTCP - ok
18:40:21.0928 0x0a38  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:40:21.0937 0x0a38  tdx - ok
18:40:22.0002 0x0a38  [ 4283D7125BA4BD0CB50BB0F78B54257A, A9DBFC45CDF7444BA7AD92734E66E3E4F844BF036AC19FD43F915151191F12C5 ] TelekomNM6      C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys
18:40:22.0008 0x0a38  TelekomNM6 - ok
18:40:22.0022 0x0a38  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
18:40:22.0031 0x0a38  TermDD - ok
18:40:22.0077 0x0a38  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
18:40:22.0094 0x0a38  TermService - ok
18:40:22.0126 0x0a38  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
18:40:22.0137 0x0a38  Themes - ok
18:40:22.0171 0x0a38  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
18:40:22.0191 0x0a38  THREADORDER - ok
18:40:22.0207 0x0a38  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
18:40:22.0229 0x0a38  TrkWks - ok
18:40:22.0284 0x0a38  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:40:22.0306 0x0a38  TrustedInstaller - ok
18:40:22.0345 0x0a38  [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:40:22.0353 0x0a38  tssecsrv - ok
18:40:22.0395 0x0a38  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:40:22.0405 0x0a38  TsUsbFlt - ok
18:40:22.0439 0x0a38  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
18:40:22.0450 0x0a38  TsUsbGD - ok
18:40:22.0477 0x0a38  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:40:22.0511 0x0a38  tunnel - ok
18:40:22.0523 0x0a38  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
18:40:22.0532 0x0a38  uagp35 - ok
18:40:22.0550 0x0a38  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:40:22.0575 0x0a38  udfs - ok
18:40:22.0596 0x0a38  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:40:22.0604 0x0a38  UI0Detect - ok
18:40:22.0619 0x0a38  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:40:22.0626 0x0a38  uliagpkx - ok
18:40:22.0642 0x0a38  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
18:40:22.0649 0x0a38  umbus - ok
18:40:22.0661 0x0a38  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
18:40:22.0669 0x0a38  UmPass - ok
18:40:22.0693 0x0a38  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
18:40:22.0707 0x0a38  UmRdpService - ok
18:40:22.0721 0x0a38  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
18:40:22.0749 0x0a38  upnphost - ok
18:40:22.0792 0x0a38  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
18:40:22.0801 0x0a38  usbaudio - ok
18:40:22.0832 0x0a38  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:40:22.0841 0x0a38  usbccgp - ok
18:40:22.0877 0x0a38  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:40:22.0885 0x0a38  usbcir - ok
18:40:22.0899 0x0a38  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
18:40:22.0908 0x0a38  usbehci - ok
18:40:22.0921 0x0a38  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:40:22.0932 0x0a38  usbhub - ok
18:40:22.0943 0x0a38  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:40:22.0951 0x0a38  usbohci - ok
18:40:22.0957 0x0a38  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
18:40:22.0966 0x0a38  usbprint - ok
18:40:22.0999 0x0a38  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:40:23.0007 0x0a38  USBSTOR - ok
18:40:23.0021 0x0a38  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
18:40:23.0031 0x0a38  usbuhci - ok
18:40:23.0066 0x0a38  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
18:40:23.0092 0x0a38  UxSms - ok
18:40:23.0096 0x0a38  [ 07932D7BA536B0BB58306A156A9AFC31, 315AA4503A9C69E476D796C8DC6D4800A623B942C8707A15A94A892E94D123D9 ] VaultSvc        C:\Windows\system32\lsass.exe
18:40:23.0104 0x0a38  VaultSvc - ok
18:40:23.0121 0x0a38  VBAudioVACMME - ok
18:40:23.0165 0x0a38  [ 0E3C4F20B2CE21168F3242D9CAC6CBF2, 1BD5E1A2000EBC1C335A8960ACDCD08BDC8230F533A80D086D2EE6FE4990EA02 ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
18:40:23.0175 0x0a38  VBoxUSBMon - ok
18:40:23.0181 0x0a38  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:40:23.0188 0x0a38  vdrvroot - ok
18:40:23.0210 0x0a38  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
18:40:23.0239 0x0a38  vds - ok
18:40:23.0253 0x0a38  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:40:23.0261 0x0a38  vga - ok
18:40:23.0272 0x0a38  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:40:23.0298 0x0a38  VgaSave - ok
18:40:23.0314 0x0a38  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:40:23.0323 0x0a38  vhdmp - ok
18:40:23.0363 0x0a38  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:40:23.0369 0x0a38  viaide - ok
18:40:23.0396 0x0a38  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
18:40:23.0405 0x0a38  vmbus - ok
18:40:23.0419 0x0a38  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
18:40:23.0426 0x0a38  VMBusHID - ok
18:40:23.0444 0x0a38  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:40:23.0452 0x0a38  volmgr - ok
18:40:23.0461 0x0a38  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:40:23.0472 0x0a38  volmgrx - ok
18:40:23.0489 0x0a38  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:40:23.0501 0x0a38  volsnap - ok
18:40:23.0518 0x0a38  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
18:40:23.0526 0x0a38  vsmraid - ok
18:40:23.0562 0x0a38  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
18:40:23.0605 0x0a38  VSS - ok
18:40:23.0618 0x0a38  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
18:40:23.0629 0x0a38  vwifibus - ok
18:40:23.0648 0x0a38  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:40:23.0658 0x0a38  vwififlt - ok
18:40:23.0676 0x0a38  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
18:40:23.0685 0x0a38  vwifimp - ok
18:40:23.0702 0x0a38  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
18:40:23.0728 0x0a38  W32Time - ok
18:40:23.0740 0x0a38  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
18:40:23.0748 0x0a38  WacomPen - ok
18:40:23.0765 0x0a38  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:40:23.0788 0x0a38  WANARP - ok
18:40:23.0793 0x0a38  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:40:23.0814 0x0a38  Wanarpv6 - ok
18:40:23.0848 0x0a38  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
18:40:23.0883 0x0a38  wbengine - ok
18:40:23.0896 0x0a38  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:40:23.0914 0x0a38  WbioSrvc - ok
18:40:23.0933 0x0a38  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:40:23.0949 0x0a38  wcncsvc - ok
18:40:23.0955 0x0a38  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:40:23.0965 0x0a38  WcsPlugInService - ok
18:40:23.0971 0x0a38  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
18:40:23.0977 0x0a38  Wd - ok
18:40:24.0018 0x0a38  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:40:24.0039 0x0a38  Wdf01000 - ok
18:40:24.0068 0x0a38  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:40:24.0079 0x0a38  WdiServiceHost - ok
18:40:24.0084 0x0a38  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:40:24.0092 0x0a38  WdiSystemHost - ok
18:40:24.0126 0x0a38  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
18:40:24.0137 0x0a38  WebClient - ok
18:40:24.0150 0x0a38  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:40:24.0180 0x0a38  Wecsvc - ok
18:40:24.0188 0x0a38  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:40:24.0218 0x0a38  wercplsupport - ok
18:40:24.0234 0x0a38  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:40:24.0264 0x0a38  WerSvc - ok
18:40:24.0275 0x0a38  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:40:24.0300 0x0a38  WfpLwf - ok
18:40:24.0321 0x0a38  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:40:24.0327 0x0a38  WIMMount - ok
18:40:24.0336 0x0a38  WinDefend - ok
18:40:24.0350 0x0a38  WinHttpAutoProxySvc - ok
18:40:24.0407 0x0a38  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:40:24.0435 0x0a38  Winmgmt - ok
18:40:24.0498 0x0a38  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
18:40:24.0536 0x0a38  WinRM - ok
18:40:24.0577 0x0a38  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
18:40:24.0588 0x0a38  WinUsb - ok
18:40:24.0612 0x0a38  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:40:24.0639 0x0a38  Wlansvc - ok
18:40:24.0653 0x0a38  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
18:40:24.0662 0x0a38  WmiAcpi - ok
18:40:24.0682 0x0a38  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:40:24.0693 0x0a38  wmiApSrv - ok
18:40:24.0705 0x0a38  WMPNetworkSvc - ok
18:40:24.0718 0x0a38  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:40:24.0725 0x0a38  WPCSvc - ok
18:40:24.0739 0x0a38  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:40:24.0750 0x0a38  WPDBusEnum - ok
18:40:24.0765 0x0a38  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:40:24.0793 0x0a38  ws2ifsl - ok
18:40:24.0801 0x0a38  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
18:40:24.0812 0x0a38  wscsvc - ok
18:40:24.0814 0x0a38  WSearch - ok
18:40:24.0895 0x0a38  [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:40:24.0954 0x0a38  wuauserv - ok
18:40:24.0988 0x0a38  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:40:24.0998 0x0a38  WudfPf - ok
18:40:25.0019 0x0a38  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:40:25.0030 0x0a38  WUDFRd - ok
18:40:25.0044 0x0a38  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:40:25.0052 0x0a38  wudfsvc - ok
18:40:25.0087 0x0a38  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:40:25.0098 0x0a38  WwanSvc - ok
18:40:25.0108 0x0a38  xhunter1 - ok
18:40:25.0137 0x0a38  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
18:40:25.0144 0x0a38  xusb21 - ok
18:40:25.0158 0x0a38  ================ Scan global ===============================
18:40:25.0186 0x0a38  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
18:40:25.0247 0x0a38  [ B96D67F1BF78F1005B9D77EA7889F2B8, CD4A75C306E5B2A0898849DC8700548AE2771F6D3618ACB2E8A1A1DB04224B49 ] C:\Windows\system32\winsrv.dll
18:40:25.0258 0x0a38  [ B96D67F1BF78F1005B9D77EA7889F2B8, CD4A75C306E5B2A0898849DC8700548AE2771F6D3618ACB2E8A1A1DB04224B49 ] C:\Windows\system32\winsrv.dll
18:40:25.0297 0x0a38  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:40:25.0313 0x0a38  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
18:40:25.0318 0x0a38  [ Global ] - ok
18:40:25.0318 0x0a38  ================ Scan MBR ==================================
18:40:25.0329 0x0a38  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:40:25.0455 0x0a38  \Device\Harddisk0\DR0 - ok
18:40:25.0455 0x0a38  ================ Scan VBR ==================================
18:40:25.0475 0x0a38  [ 1C4185BEECE1EF06B0FB26070D32C511 ] \Device\Harddisk0\DR0\Partition1
18:40:25.0476 0x0a38  \Device\Harddisk0\DR0\Partition1 - ok
18:40:25.0486 0x0a38  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition2
18:40:25.0486 0x0a38  \Device\Harddisk0\DR0\Partition2 - ok
18:40:25.0495 0x0a38  [ 6BB777D5BC757C0F01C60F8672BDEE93 ] \Device\Harddisk0\DR0\Partition3
18:40:25.0497 0x0a38  \Device\Harddisk0\DR0\Partition3 - ok
18:40:25.0497 0x0a38  ================ Scan generic autorun ======================
18:40:25.0624 0x0a38  [ 20C08CA080F650B730B1E3FDEA9AD532, 1D2B0914412378E0B5834A95BDD86F8927B6A8D37F4E044C904CE381F1C19A75 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
18:40:25.0638 0x0a38  AdobeAAMUpdater-1.0 - ok
18:40:25.0743 0x0a38  [ E445C0DB7E5E89C657FC89C0C4CCEDE5, ABD7A9B36CFD6740CE06456B152D9EB1856C11CD7FB2A34E06D63BAD0639B2A0 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
18:40:25.0817 0x0a38  NvBackend - ok
18:40:25.0839 0x0a38  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
18:40:25.0847 0x0a38  ShadowPlay - ok
18:40:25.0939 0x0a38  [ E127B5D81CE968CD3858AF6BDCADEC7C, AF426B8259E2801679A8E3FAE42B617D0DA1D4E834DF0F7B1FD93AB5E64CBE34 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
18:40:25.0947 0x0a38  Avira SystrayStartTrigger - ok
18:40:26.0002 0x0a38  [ 66598E7BC1960E5E57A646B69671182F, A6B5008742A3E5C506C870CBA27711AF6F25B840E7B869FB33E9C080A4917C76 ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
18:40:26.0020 0x0a38  avgnt - ok
18:40:26.0021 0x0a38  Sidebar - ok
18:40:26.0041 0x0a38  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:40:26.0073 0x0a38  mctadmin - ok
18:40:26.0074 0x0a38  Sidebar - ok
18:40:26.0079 0x0a38  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:40:26.0096 0x0a38  mctadmin - ok
18:40:26.0314 0x0a38  [ 63405C389EB81881D68AEEB0E05F3F7D, BBE8D64C600A6FCA4BF4B89EF39B551DEB8ED826C33FD6FB2C7E2F7D773AB0E2 ] C:\Program Files\CCleaner\CCleaner64.exe
18:40:26.0509 0x0a38  CCleaner Monitoring - ok
18:40:26.0608 0x0a38  [ 562A46474509A0F52C5035727207FD40, 47769A2738B11C2A6D459663249BD9CD79ACF4E1178768F1DF5ADEA11B3079E0 ] c:\users\philip\appdata\local\chromium\application\chrome.exe
18:40:26.0627 0x0a38  Chromium - detected UnsignedFile.Multi.Generic ( 1 )
18:40:26.0936 0x0a38  Chromium ( UnsignedFile.Multi.Generic ) - warning
18:40:26.0936 0x0a38  Force sending object to P2P due to detect: c:\users\philip\appdata\local\chromium\application\chrome.exe
18:40:27.0240 0x0a38  Object send P2P result: true
18:40:27.0386 0x0a38  Waiting for KSN requests completion. In queue: 87
18:40:28.0429 0x0a38  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.20.55 ), 0x41000 ( enabled : updated )
18:40:28.0431 0x0a38  Win FW state via NFP2: enabled ( trusted )
18:40:31.0623 0x0a38  ============================================================
18:40:31.0623 0x0a38  Scan finished
18:40:31.0623 0x0a38  ============================================================
18:40:31.0629 0x1858  Detected object count: 1
18:40:31.0629 0x1858  Actual detected object count: 1
18:40:47.0363 0x1858  Chromium ( UnsignedFile.Multi.Generic ) - skipped by user
18:40:47.0363 0x1858  Chromium ( UnsignedFile.Multi.Generic ) - User select action: Skip
         
Malwarebytes 16-09-40

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.09.18.03
  rootkit: v2016.08.15.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18449
Philip :: PHILIP-PC [administrator]

18.09.2016 16:09:40
mbar-log-2016-09-18 (16-09-40).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 308518
Time elapsed: 16 minute(s), 35 second(s)

Memory Processes Detected: 1
C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe (Trojan.Dropper) -> 2096 -> Delete on reboot. [306be291a0fa82b4ed1a905b758fde22]

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\rtop (Trojan.Dropper) -> Delete on reboot. [306be291a0fa82b4ed1a905b758fde22]

Registry Values Detected: 2
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES| (Hijack.AutoConfigURL.PrxySvrRST) -> Data: 0hxxp://stoppblock.biz/wpad.dat?6ba80ce219a0b44a6786c68f59bafa6215506628 -> Delete on reboot. [f2a98be827734ceac8dce9ca2adab34d]
HKU\S-1-5-21-4121084442-288992259-759938091-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AutoConfigUrl (Hijack.AutoConfigURL.PrxySvrRST) -> Data: hxxp://stoppblock.biz/wpad.dat?6ba80ce219a0b44a6786c68f59bafa6215506628 -> Delete on reboot. [1e7db9ba7426c670d3d204afc63e7d83]

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe (Trojan.Dropper) -> Delete on reboot. [306be291a0fa82b4ed1a905b758fde22]

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Malwarebytes 16-43-11

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.09.18.03
  rootkit: v2016.08.15.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18449
Philip :: PHILIP-PC [administrator]

18.09.2016 16:43:11
mbar-log-2016-09-18 (16-43-11).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 307640
Time elapsed: 17 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
__________________

Alt 19.09.2016, 20:30   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win7, Pop-up Probleme bei Chrome - Standard

Win7, Pop-up Probleme bei Chrome



Bitte Avira deinstallieren. Das Teil empfehlen wir schon seit Jahren aus mehreren Gründen nicht mehr. Ein Grund ist ne rel. hohe Fehlalarmquote, der zweite Hauptgrund ist, dass die immer noch mit ASK zusammenarbeiten (Avira Suchfunktion geht über ASK). Auch andere Freewareanbieter wie AVG, Avast oder Panda sprangen auf diesen Zug auf; so was ist bei Sicherheitssoftware einfach inakzeptabel. Vgl. Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog

Gib Bescheid wenn Avira weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 19.09.2016, 21:26   #5
Phlipsi
 
Win7, Pop-up Probleme bei Chrome - Standard

Win7, Pop-up Probleme bei Chrome



Avira ist jetzt deinstalliert


Alt 20.09.2016, 09:45   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win7, Pop-up Probleme bei Chrome - Standard

Win7, Pop-up Probleme bei Chrome



Gut, dann weiter mit JRT

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

__________________
--> Win7, Pop-up Probleme bei Chrome

Alt 20.09.2016, 11:40   #7
Phlipsi
 
Win7, Pop-up Probleme bei Chrome - Standard

Win7, Pop-up Probleme bei Chrome



Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 7 Professional x64 
Ran by Philip (Administrator) on 20.09.2016 at 11:37:40,82
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 51 

Successfully deleted: C:\ProgramData\mntemp (File) 
Successfully deleted: C:\Users\Philip\AppData\Local\crashrpt (Folder) 
Successfully deleted: C:\Users\Philip\AppData\Local\nico mak computing (Folder) 
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1BYNBJ5Z (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\616B2EIR (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6BGKP0DW (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9M01D2CL (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A86MTNDT (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BU32VV8S (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CGQ2LMGA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ET3JX4N4 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HSVOI9R0 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JAUYADBT (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P04HB3ZP (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PPFKTDGC (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QGIZZ65M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QLRTGR8I (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R81DMQY2 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\REGN3XEU (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SWMWG3FQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XAK4800V (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y8CJX0S4 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YOK89Q9F (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1BYNBJ5Z (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\616B2EIR (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6BGKP0DW (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9M01D2CL (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A86MTNDT (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BU32VV8S (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CGQ2LMGA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ET3JX4N4 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HSVOI9R0 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JAUYADBT (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P04HB3ZP (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PPFKTDGC (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QGIZZ65M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QLRTGR8I (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R81DMQY2 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\REGN3XEU (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SWMWG3FQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XAK4800V (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y8CJX0S4 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YOK89Q9F (Temporary Internet Files Folder) 



Registry: 2 

Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.09.2016 at 11:39:47,03
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Alt 20.09.2016, 11:48   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win7, Pop-up Probleme bei Chrome - Standard

Win7, Pop-up Probleme bei Chrome



Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 20.09.2016, 11:51   #9
Phlipsi
 
Win7, Pop-up Probleme bei Chrome - Standard

Win7, Pop-up Probleme bei Chrome



FRST
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-09-2016
durchgeführt von Philip (Administrator) auf PHILIP-PC (20-09-2016 11:50:27)
Gestartet von C:\Users\Philip\Downloads\Cleantools und Logs
Geladene Profile: Philip (Verfügbare Profile: Philip)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
() C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
(A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1860120 2016-01-12] (NVIDIA Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-08-22] (Razer Inc.)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-4121084442-288992259-759938091-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8722136 2016-06-01] (Piriform Ltd)
HKU\S-1-5-21-4121084442-288992259-759938091-1000\...\Run: [Chromium] => c:\users\philip\appdata\local\chromium\application\chrome.exe [1068544 2016-03-18] (The Chromium Authors)
HKU\S-1-5-21-4121084442-288992259-759938091-1000\...\MountPoints2: {95d9ec57-4cfd-11e5-b1dc-806e6f6e6963} - D:\LaunchU3.exe -a
HKU\S-1-5-21-4121084442-288992259-759938091-1000\...\MountPoints2: {b8943bd8-7869-11e6-b641-d05099767378} - D:\LaunchU3.exe -a

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{87A8199B-4AD4-4FD9-A2C6-CA68A6A8E5BF}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{B72FD6E1-AAB7-4E1B-AD18-2B2FFB6718F6}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{CBF9AD99-F54B-44A9-A1EC-3046EAC462C3}: [DhcpNameServer] 192.168.2.1 192.168.2.1
ManualProxies: 

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKU\S-1-5-21-4121084442-288992259-759938091-1000\Software\Microsoft\Internet Explorer\Main,Start Page = 
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4121084442-288992259-759938091-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_71\bin\ssv.dll [2016-01-21] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-21] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Arc\Plugins\ArcPluginIE.dll [2016-06-15] (Perfect World Entertainment Inc)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab

FireFox:
========
FF ProfilePath: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\YdSozOTI.default
FF Homepage: Google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-18] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-21] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-18] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-10-28] (DivX, LLC)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Arc\Plugins\npArcPluginFF.dll [2016-06-15] (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-12] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
FF Extension: (Firefox Hotfix) - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\YdSozOTI.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-17]
FF Extension: (BetterTTV) - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\YdSozOTI.default\Extensions\firefox@betterttv.net.xpi [2016-09-17]
FF Extension: (Adblock Plus) - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\YdSozOTI.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-09-17]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-02-19]

Chrome: 
=======
CHR HomePage: Default -> hxxps://www.google.de/
CHR StartupUrls: Default -> "hxxp://google.de/"
CHR Profile: C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default [2016-09-20]
CHR Extension: (Google Präsentationen) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-11]
CHR Extension: (BetterTTV) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2016-09-11]
CHR Extension: (Google Docs) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-11]
CHR Extension: (Google Drive) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-11]
CHR Extension: (YouTube) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-11]
CHR Extension: (Adblock Plus) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-09-13]
CHR Extension: (Google Tabellen) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-11]
CHR Extension: (Google Docs Offline) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-11]
CHR Extension: (Mists of Pandaria) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgekjpcoanfekfacmkppcjkdlnpmnlac [2016-09-11]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-11]
CHR Extension: (Google Mail) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-11]
CHR Extension: (Chrome Media Router) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-14]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2159320 2016-08-22] (Adobe Systems, Incorporated)
S3 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [88024 2016-06-15] (Perfect World Entertainment Inc)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1404936 2016-08-02] ()
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [249104 2016-06-28] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2868736 2015-06-11] (Deutsche Telekom AG) [Datei ist nicht signiert]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3520872 2015-09-22] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-08-30] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2016-03-27] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187824 2016-07-20] ()
R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [18432 2016-06-25] () [Datei ist nicht signiert]
R2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4255232 2016-02-15] (A-Volute) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
S3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [32768 2014-05-23] (Windows (R) Win 7 DDK provider)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-05-07] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [136312 2016-06-27] (Razer, Inc.)
R3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [40640 2016-02-15] (Windows (R) Win 7 DDK provider)
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 VBAudioVACMME; system32\DRIVERS\vbaudio_cable64_win7.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-20 11:42 - 2016-09-20 11:50 - 00000000 ____D C:\Users\Philip\Downloads\Cleantools und Logs
2016-09-18 18:39 - 2016-09-18 18:44 - 00202712 _____ C:\TDSSKiller.3.1.0.11_18.09.2016_18.39.31_log.txt
2016-09-18 17:55 - 2016-09-18 18:01 - 00000000 ____D C:\AdwCleaner
2016-09-18 17:10 - 2016-09-20 11:50 - 00000000 ____D C:\FRST
2016-09-18 16:39 - 2016-09-18 16:39 - 00003288 ____N C:\bootsqm.dat
2016-09-18 16:09 - 2016-09-18 17:01 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-09-18 16:09 - 2016-09-18 16:42 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-09-18 16:09 - 2016-09-18 16:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-18 16:08 - 2016-09-18 16:42 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-09-18 14:06 - 2016-09-18 14:06 - 00000000 ____D C:\Users\Philip\AppData\Local\Macromedia
2016-09-18 13:53 - 2016-09-20 11:48 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-09-18 13:53 - 2016-09-18 13:53 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-09-18 13:53 - 2016-09-18 13:53 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-18 13:53 - 2016-09-18 13:53 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-09-18 13:53 - 2016-09-18 13:53 - 00000000 ____D C:\Windows\system32\Macromed
2016-09-17 20:16 - 2016-09-17 20:24 - 00000000 ____D C:\Users\Philip\AppData\Local\Mozilla
2016-09-17 20:16 - 2016-09-17 20:16 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-09-17 20:16 - 2016-09-17 20:16 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-09-17 20:16 - 2016-09-17 20:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-17 20:15 - 2016-09-17 20:15 - 00242296 _____ C:\Users\Philip\Downloads\Firefox Setup Stub 48.0.2.exe
2016-09-15 23:26 - 2016-09-15 23:26 - 00000674 _____ C:\Users\Philip\Desktop\Star Defender 4.lnk
2016-09-15 23:26 - 2016-09-15 23:26 - 00000000 ____D C:\Users\Philip\AppData\Roaming\Awem
2016-09-15 23:26 - 2016-09-15 23:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameTop.com
2016-09-15 23:25 - 2016-09-15 23:26 - 00000000 ____D C:\Users\Philip\Desktop\Star Defender 4
2016-09-15 23:24 - 2016-09-15 23:25 - 13088376 _____ (GameTop Pte. Ltd. ) C:\Users\Philip\Downloads\Star-Defender4.exe
2016-09-15 11:02 - 2016-05-07 00:50 - 00044144 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpmgrk.sys
2016-09-14 09:22 - 2016-09-02 17:35 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-09-14 09:22 - 2016-09-02 17:21 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-09-14 09:22 - 2016-09-01 21:26 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-09-14 09:22 - 2016-09-01 20:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-09-14 09:22 - 2016-09-01 05:18 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-09-14 09:22 - 2016-09-01 05:08 - 20312064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-09-14 09:22 - 2016-09-01 04:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-09-14 09:22 - 2016-09-01 04:46 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-09-14 09:22 - 2016-09-01 04:46 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-09-14 09:22 - 2016-09-01 04:46 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-09-14 09:22 - 2016-09-01 04:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-09-14 09:22 - 2016-09-01 04:34 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-09-14 09:22 - 2016-09-01 04:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-09-14 09:22 - 2016-09-01 04:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-09-14 09:22 - 2016-09-01 04:26 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-09-14 09:22 - 2016-09-01 04:24 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-09-14 09:22 - 2016-09-01 04:24 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-09-14 09:22 - 2016-09-01 04:23 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-09-14 09:22 - 2016-09-01 04:08 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-09-14 09:22 - 2016-09-01 03:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-09-14 09:22 - 2016-09-01 03:57 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-09-14 09:22 - 2016-09-01 03:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-09-14 09:22 - 2016-09-01 03:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-09-14 09:22 - 2016-09-01 03:48 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-09-14 09:22 - 2016-09-01 03:45 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-09-14 09:22 - 2016-09-01 03:34 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-09-14 09:22 - 2016-09-01 03:30 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-09-14 09:22 - 2016-09-01 03:29 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-09-14 09:22 - 2016-09-01 03:29 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-09-14 09:22 - 2016-09-01 03:27 - 13808128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-09-14 09:22 - 2016-09-01 03:24 - 04607488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-09-14 09:22 - 2016-09-01 02:45 - 25770496 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-09-14 09:22 - 2016-09-01 02:43 - 02445824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-09-14 09:22 - 2016-09-01 02:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-09-14 09:22 - 2016-09-01 02:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-09-14 09:22 - 2016-09-01 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-09-14 09:22 - 2016-09-01 02:38 - 01316352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-09-14 09:22 - 2016-09-01 02:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-09-14 09:22 - 2016-09-01 02:24 - 02894336 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-09-14 09:22 - 2016-09-01 02:24 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-09-14 09:22 - 2016-09-01 02:24 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-09-14 09:22 - 2016-09-01 02:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-09-14 09:22 - 2016-09-01 02:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-09-14 09:22 - 2016-09-01 02:16 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-09-14 09:22 - 2016-09-01 02:15 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-09-14 09:22 - 2016-09-01 02:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-09-14 09:22 - 2016-09-01 02:11 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-09-14 09:22 - 2016-09-01 02:11 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-09-14 09:22 - 2016-09-01 02:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-09-14 09:22 - 2016-09-01 02:10 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-09-14 09:22 - 2016-09-01 02:06 - 06047232 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-09-14 09:22 - 2016-09-01 02:03 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-09-14 09:22 - 2016-09-01 01:59 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-09-14 09:22 - 2016-09-01 01:51 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-09-14 09:22 - 2016-09-01 01:50 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-09-14 09:22 - 2016-09-01 01:47 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-09-14 09:22 - 2016-09-01 01:46 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-09-14 09:22 - 2016-09-01 01:44 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-09-14 09:22 - 2016-09-01 01:42 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-09-14 09:22 - 2016-09-01 01:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-09-14 09:22 - 2016-09-01 01:29 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-09-14 09:22 - 2016-09-01 01:28 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-09-14 09:22 - 2016-09-01 01:27 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-09-14 09:22 - 2016-09-01 01:26 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-09-14 09:22 - 2016-09-01 01:15 - 15411712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-09-14 09:22 - 2016-09-01 01:10 - 02921472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-09-14 09:22 - 2016-09-01 00:58 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-09-14 09:22 - 2016-09-01 00:47 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-09-14 09:22 - 2016-08-12 18:26 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-09-14 09:22 - 2016-08-12 18:26 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-09-14 09:22 - 2016-08-12 18:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-09-14 09:21 - 2016-09-02 17:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-09-14 09:21 - 2016-09-02 17:35 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-09-14 09:21 - 2016-09-02 17:35 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-09-14 09:21 - 2016-09-02 17:35 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-09-14 09:21 - 2016-09-02 17:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:21 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-09-14 09:21 - 2016-09-02 17:18 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:02 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-09-14 09:21 - 2016-09-02 17:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-09-14 09:21 - 2016-09-02 17:02 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-09-14 09:21 - 2016-09-02 17:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-09-14 09:21 - 2016-09-02 16:58 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-09-14 09:21 - 2016-09-02 16:57 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-09-14 09:21 - 2016-09-02 16:55 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-09-14 09:21 - 2016-09-02 16:54 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-09-14 09:21 - 2016-09-02 16:54 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-09-14 09:21 - 2016-09-02 16:53 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-09-14 09:21 - 2016-09-02 16:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-09-14 09:21 - 2016-09-02 16:53 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-09-14 09:21 - 2016-09-02 16:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-09-14 09:21 - 2016-09-02 16:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-09-14 09:21 - 2016-09-02 16:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-09-14 09:21 - 2016-09-02 16:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-09-14 09:21 - 2016-09-02 16:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-09-14 09:21 - 2016-09-02 16:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 16:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 16:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 16:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-09-14 09:21 - 2016-08-16 19:36 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-09-14 09:21 - 2016-08-16 04:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-09-14 09:21 - 2016-08-16 04:35 - 03218432 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-09-14 09:21 - 2016-08-06 17:31 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-09-14 09:21 - 2016-08-06 17:15 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-09-14 09:21 - 2016-07-07 17:36 - 01896168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-09-14 09:21 - 2016-07-07 17:36 - 00377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-09-14 09:21 - 2016-07-07 17:36 - 00287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2016-09-14 09:21 - 2016-07-07 17:08 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2016-09-14 09:21 - 2016-07-01 17:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-09-14 09:21 - 2016-07-01 17:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-09-14 09:21 - 2016-07-01 17:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-09-14 09:21 - 2016-07-01 17:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-09-14 09:21 - 2016-06-06 18:50 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-09-14 09:21 - 2016-06-06 18:50 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-09-14 09:21 - 2016-06-06 18:50 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-09-14 09:21 - 2016-06-06 18:50 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-09-14 09:21 - 2016-06-06 17:23 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-09-14 09:21 - 2016-06-06 17:23 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-09-14 09:21 - 2016-06-06 17:23 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-09-14 09:21 - 2016-06-06 17:23 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-09-13 20:02 - 2016-09-13 20:02 - 30533688 _____ C:\Users\Philip\Downloads\vlc-2.2.4-win32 (1).exe
2016-09-11 23:56 - 2016-09-17 02:09 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-11 23:56 - 2016-09-17 02:09 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-11 23:56 - 2016-09-12 00:14 - 00000000 ____D C:\Users\Philip\AppData\Local\chromium
2016-09-11 23:55 - 2016-09-20 11:35 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-11 23:55 - 2016-09-19 23:06 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-11 23:55 - 2016-09-12 00:01 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-09-11 23:55 - 2016-09-12 00:00 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-09-11 23:54 - 2016-09-18 18:01 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-09-11 15:29 - 2016-09-11 15:29 - 00000000 ____D C:\Users\Philip\AppData\Local\Real
2016-09-11 15:28 - 2016-09-11 15:28 - 00000000 ____D C:\Users\Philip\AppData\Roaming\RealNetworks
2016-09-11 15:28 - 2016-09-11 15:28 - 00000000 ____D C:\ProgramData\RealNetworks
2016-09-11 15:27 - 2016-09-11 15:29 - 00000000 ____D C:\ProgramData\Real
2016-09-11 15:26 - 2016-09-11 15:29 - 00000000 ____D C:\Users\Philip\AppData\Roaming\Real
2016-09-03 12:42 - 2016-01-12 06:40 - 00112032 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-09-03 12:41 - 2015-12-18 08:11 - 00047760 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-09-03 12:41 - 2015-12-18 08:10 - 00090768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-09-02 15:58 - 2016-09-12 18:25 - 00000000 ____D C:\Program Files (x86)\Winamp
2016-09-02 15:39 - 2016-09-02 15:39 - 00000000 ____D C:\Program Files\VB
2016-09-01 13:14 - 2016-09-01 13:14 - 00000000 ____D C:\ProgramData\Webitar Production Inc
2016-08-29 14:34 - 2016-08-29 21:21 - 00000000 ____D C:\Program Files (x86)\ClipboardManager
2016-08-29 14:34 - 2016-08-29 14:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClipboardManager
2016-08-29 12:52 - 2016-08-29 12:52 - 00000000 ____D C:\ProgramData\UniqueId
2016-08-29 12:50 - 2016-09-03 09:55 - 00000000 ____D C:\ProgramData\WinZip
2016-08-27 09:24 - 2015-09-16 08:07 - 00127432 _____ (BigNox Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2016-08-27 09:23 - 2015-09-16 05:29 - 00253384 _____ (BigNox Corporation) C:\Windows\system32\Drivers\XQHDrv.sys
2016-08-27 08:57 - 2016-08-27 08:57 - 00000000 __SHD C:\found.000
2016-08-24 23:03 - 2016-09-01 21:16 - 00000000 ____D C:\Program Files\Unity
2016-08-23 12:28 - 2016-08-28 22:28 - 00000000 ____D C:\Users\Philip\AppData\Roaming\TeamViewer
2016-08-23 11:40 - 2016-08-23 11:40 - 00000000 ____H C:\Users\Philip\Documents\Default.rdp
2016-08-22 21:29 - 2016-08-22 21:29 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-20 11:48 - 2016-06-12 11:47 - 00000000 _____ C:\Windows\system32\RzSurroundVADAudioDeviceManager_log.txt
2016-09-20 11:45 - 2009-07-14 06:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-20 11:45 - 2009-07-14 06:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-20 11:35 - 2015-08-28 06:37 - 00000000 ____D C:\Program Files (x86)\Avira
2016-09-20 11:35 - 2015-08-28 06:23 - 00000000 ____D C:\ProgramData\NVIDIA
2016-09-20 11:35 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-19 23:29 - 2015-08-27 23:38 - 00000000 ____D C:\Program Files (x86)\Steam
2016-09-19 21:23 - 2015-08-29 14:58 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-19 21:23 - 2015-08-28 06:37 - 00000000 ____D C:\ProgramData\Avira
2016-09-19 00:58 - 2015-08-28 21:42 - 00000000 ____D C:\Users\Philip\AppData\Local\osu!
2016-09-18 18:01 - 2015-08-27 22:56 - 00000997 _____ C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-09-18 17:12 - 2015-09-07 23:46 - 00000000 ____D C:\Users\Philip\Desktop\Tor Browser
2016-09-18 16:28 - 2015-12-25 09:26 - 00000000 ____D C:\Windows\Minidump
2016-09-18 13:58 - 2015-09-04 11:52 - 00000000 ____D C:\Users\Philip\AppData\Local\Adobe
2016-09-18 13:53 - 2016-04-16 21:07 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-09-17 20:16 - 2015-12-14 19:26 - 00000000 ____D C:\Users\Philip\AppData\Roaming\Mozilla
2016-09-15 22:07 - 2015-08-28 23:01 - 00000000 ____D C:\Users\Philip\AppData\Roaming\TS3Client
2016-09-14 23:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-09-14 22:49 - 2011-04-12 09:43 - 00661538 _____ C:\Windows\system32\perfh007.dat
2016-09-14 22:49 - 2011-04-12 09:43 - 00141550 _____ C:\Windows\system32\perfc007.dat
2016-09-14 22:49 - 2009-07-14 07:13 - 01528932 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-14 22:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-09-14 22:43 - 2009-07-14 06:45 - 00337704 _____ C:\Windows\system32\FNTCACHE.DAT
2016-09-14 22:41 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker
2016-09-14 22:41 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-09-14 20:36 - 2015-08-28 16:34 - 00000000 ____D C:\Windows\system32\MRT
2016-09-14 20:31 - 2015-08-28 16:34 - 144199024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-09-13 20:08 - 2015-09-17 20:39 - 00000000 ____D C:\Users\Philip\AppData\Roaming\vlc
2016-09-12 18:25 - 2016-07-20 15:09 - 00000000 ____D C:\Users\Philip\AppData\Local\Nox
2016-09-12 18:25 - 2015-08-27 22:55 - 00000000 ____D C:\Users\Philip
2016-09-11 23:56 - 2015-08-27 23:03 - 00000000 ____D C:\Program Files (x86)\Google
2016-09-11 23:51 - 2016-06-09 15:33 - 00002794 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-09-11 23:49 - 2016-07-10 10:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2016-09-11 23:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2016-09-06 00:08 - 2016-07-20 15:12 - 00000000 ____D C:\Users\Philip\.android
2016-09-06 00:08 - 2016-07-20 15:11 - 00000000 ____D C:\Users\Philip\vmlogs
2016-09-04 21:04 - 2015-08-30 17:35 - 00000726 _____ C:\Users\Philip\Desktop\Neues Textdokument.txt
2016-09-03 12:42 - 2015-08-28 06:25 - 00000000 ____D C:\Users\Philip\AppData\Local\NVIDIA
2016-09-03 12:42 - 2015-08-28 06:17 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-09-01 13:37 - 2015-11-23 20:39 - 00000000 ____D C:\Users\Philip\Documents\PCSX2
2016-09-01 13:15 - 2016-02-05 21:36 - 00001267 _____ C:\Users\Public\Desktop\Play Euro Truck Simulator 2 Multiplayer.lnk
2016-09-01 13:15 - 2015-11-30 21:59 - 00001177 _____ C:\Users\Public\Desktop\Dragon's Prophet.lnk
2016-08-30 16:04 - 2016-08-20 21:29 - 00000000 ____D C:\Users\Philip\BrawlhallaReplays
2016-08-30 11:54 - 2015-08-28 06:25 - 00000000 ____D C:\ProgramData\Origin
2016-08-30 11:54 - 2015-08-27 22:55 - 00000000 ____D C:\Users\Philip\AppData\Local\VirtualStore
2016-08-30 11:08 - 2015-08-28 06:24 - 00000000 ____D C:\Program Files (x86)\Origin
2016-08-27 09:23 - 2016-07-20 19:04 - 00000000 ____D C:\Users\Philip\Desktop\Nox
2016-08-27 09:23 - 2016-07-20 15:10 - 00000000 ____D C:\Program Files\DIFX
2016-08-25 21:20 - 2016-06-16 11:31 - 00001491 _____ C:\Users\Philip\Desktop\Keys.txt
2016-08-25 16:13 - 2016-03-12 13:24 - 00002166 _____ C:\Users\Philip\Desktop\Discord.lnk
2016-08-25 16:13 - 2016-03-12 13:24 - 00000000 ____D C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2016-08-25 16:13 - 2016-03-12 13:24 - 00000000 ____D C:\Users\Philip\AppData\Roaming\discord
2016-08-25 16:13 - 2016-03-12 13:23 - 00000000 ____D C:\Users\Philip\AppData\Local\Discord

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-31 02:43 - 2016-07-05 20:41 - 0007631 _____ () C:\Users\Philip\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
C:\Users\Philip\AppData\Local\Temp\avgnt.exe
C:\Users\Philip\AppData\Local\Temp\libeay32.dll
C:\Users\Philip\AppData\Local\Temp\msvcr120.dll
C:\Users\Philip\AppData\Local\Temp\SpotifyUninstall.exe
C:\Users\Philip\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-09-15 00:06

==================== Ende von FRST.txt ============================
         

Addition

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-09-2016
durchgeführt von Philip (20-09-2016 11:50:55)
Gestartet von C:\Users\Philip\Downloads\Cleantools und Logs
Windows 7 Professional Service Pack 1 (X64) (2015-08-27 20:55:07)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-4121084442-288992259-759938091-500 - Administrator - Disabled)
Gast (S-1-5-21-4121084442-288992259-759938091-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4121084442-288992259-759938091-1002 - Limited - Enabled)
Philip (S-1-5-21-4121084442-288992259-759938091-1000 - Administrator - Enabled) => C:\Users\Philip

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7 Days to Die (HKLM\...\Steam App 251570) (Version:  - The Fun Pimps)
7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-4121084442-288992259-759938091-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version:  - Studio Wildcard)
Arma 3 (HKLM\...\Steam App 107410) (Version:  - Bohemia Interactive)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Assassin's Creed® III (HKLM-x32\...\Steam App 208480) (Version:  - Ubisoft Montreal)
Aura Kingdom (HKLM-x32\...\Steam App 268420) (Version:  - X-Legend)
Avira Launcher (HKLM-x32\...\{6052a753-acc6-4c02-b5a8-70962ff8e0a4}) (Version: 1.2.69.16114 - Avira Operations GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version:  - 2K Australia)
Brawlhalla (HKLM\...\Steam App 291550) (Version:  - Blue Mammoth Games)
Call of Duty: Black Ops III (HKLM-x32\...\Steam App 311210) (Version:  - Treyarch)
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
Chatango Message Catcher (HKLM-x32\...\Chatango) (Version:  - )
Cossacks: Back to War (HKLM\...\Steam App 4850) (Version:  - GSC Game World)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Crystals of Time (HKLM\...\Steam App 306410) (Version:  - RVL Games)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Deponia: The Complete Journey (HKLM\...\Steam App 292910) (Version:  - Daedalic Entertainment)
Discord (HKU\S-1-5-21-4121084442-288992259-759938091-1000\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.1.2 - DivX, LLC)
Echo of Soul (HKLM\...\Steam App 290140) (Version:  - Nvius)
Epic Games Launcher (HKLM-x32\...\{C34FBCF4-5365-4136-A434-C4E086C9E649}) (Version: 1.1.55.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Fairy Fencer F (HKLM\...\Steam App 347830) (Version:  - Idea Factory)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Ghost in the Shell Stand Alone Complex First Assault Online (HKLM\...\Steam App 369200) (Version:  - Neople)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Java 8 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LibreOffice 5.0.2.2 (HKLM-x32\...\{71508AE2-346A-4E56-AE95-DBB8DE692258}) (Version: 5.0.2.2 - The Document Foundation)
Life is Feudal: Your Own (HKLM\...\Steam App 290080) (Version:  - Bitbox Ltd.)
Life Is Strange™ (HKLM\...\Steam App 319630) (Version:  - DONTNOD Entertainment)
METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM-x32\...\Steam App 287700) (Version:  - Konami Digital Entertainment)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
mIRC (HKLM-x32\...\mIRC) (Version: 7.43 - mIRC Co. Ltd.)
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
NARUTO SHIPPUDEN: Ultimate Ninja STORM 3 Full Burst (HKLM-x32\...\Steam App 234670) (Version:  - CyberConnect 2)
NARUTO SHIPPUDEN: Ultimate Ninja STORM Revolution (HKLM-x32\...\Steam App 272510) (Version:  - CyberConnect2 Co., Ltd.)
Netzmanager (Version: 1.201 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.82 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.82 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{15eb2f2d-51e3-4d74-861d-6ecb8d67a749}) (Version: latest - ppy Pty Ltd)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - OVERKILL Software)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version:  - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.19 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.822 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Riders of Icarus (HKLM\...\Steam App 442080) (Version:  - WeMade)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games)
S4 League (HKLM-x32\...\S4 League) (Version:  - )
Saints Row: The Third (HKLM\...\Steam App 55230) (Version:  - Volition)
Sanctum 2 (HKLM-x32\...\Steam App 210770) (Version:  - Coffee Stain Studios)
Sauerbraten (HKLM-x32\...\Sauerbraten) (Version:  - )
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Star Defender 4 (HKLM-x32\...\Star Defender 4_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Star Wars: The Force Unleashed II (HKLM-x32\...\Steam App 32500) (Version:  - Aspyr Studios)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
Tom Clancy's Splinter Cell Blacklist (HKLM-x32\...\Steam App 235600) (Version:  - Ubisoft Toronto)
Trove (HKLM-x32\...\Steam App 304050) (Version:  - Trion Worlds)
Uplay (HKLM-x32\...\Uplay) (Version: 7.4 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Warface (HKLM\...\Steam App 291480) (Version:  - Crytek)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {17937C0B-6587-49B8-95E5-06B766B0A4AB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-01] (Piriform Ltd)
Task: {36CB3D2D-3938-4F3B-8935-151A98F0DB6C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-18] (Adobe Systems Incorporated)
Task: {3D164FAE-063E-4F36-BCDC-F1288127F200} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-11] (Google Inc.)
Task: {71C82F22-CFFF-4034-BF7F-5DC785375BE7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {90EA9818-4ACA-429F-BBF7-6BBF28724254} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-11] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Philip\Desktop\Sauerbraten.lnk -> C:\Program Files (x86)\Sauerbraten\sauerbraten.bat ()

ShortcutWithArgument: C:\Users\Philip\Desktop\Tor Browser\Start Tor Browser.lnk -> C:\Users\Philip\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation) -> "hxxp://tech-connect.biz/?ssid=1472728486&a=1003691&src=sh&uuid=46654931-58a0-45d4-b7d5-736f7c21b767,1472728445683"
ShortcutWithArgument: C:\Users\Public\Desktop\Dragon's Prophet.lnk -> C:\Program Files (x86)\Dragon's Prophet\launcher.exe () -> "hxxp://tech-connect.biz/?ssid=1472728486&a=1003691&src=sh&uuid=46654931-58a0-45d4-b7d5-736f7c21b767,1472728445683"
ShortcutWithArgument: C:\Users\Public\Desktop\Play Euro Truck Simulator 2 Multiplayer.lnk -> C:\Program Files (x86)\Euro Truck Simulator 2 Multiplayer\launcher.exe (ETS2MP Team) -> "hxxp://tech-connect.biz/?ssid=1472728486&a=1003691&src=sh&uuid=46654931-58a0-45d4-b7d5-736f7c21b767,1472728445683"

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-06-01 20:15 - 2016-06-01 20:15 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2016-09-03 12:42 - 2016-01-12 06:43 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-03-27 21:19 - 2016-03-27 21:19 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2016-07-20 02:10 - 2016-07-20 02:11 - 00187824 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-07-24 19:54 - 2016-06-25 08:52 - 00018432 _____ () C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
2015-08-28 06:23 - 2016-01-12 06:43 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-17 02:09 - 2016-09-14 02:38 - 01806152 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libglesv2.dll
2016-09-17 02:09 - 2016-09-14 02:38 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libegl.dll
2015-03-17 02:34 - 2015-03-17 02:34 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\AcroTray.deu

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2016-09-14 22:43 - 00002024 ____A C:\Windows\system32\Drivers\etc\hosts

0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com

Da befinden sich 4 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-4121084442-288992259-759938091-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Synchronizer => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Philip\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Chatango => C:\Program Files (x86)\Chatango\Chatango.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Philip\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Philip\AppData\Roaming\Spotify\SpotifyWebHelper.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{1FDFD353-DB95-424E-BD39-D1B3F3C51093}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{EB1882BA-AB47-469E-949C-AEA85B50E1EC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{38812632-1CDF-4714-8530-F439F89DDB46}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{63AD4D90-F7DC-4FA9-B7C0-BEA545F5A186}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{64830CE0-6278-4023-AEC0-F5EFBB732124}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{F1017A8C-F000-42D2-8EDD-7CAA17A0E423}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3AF8D9A9-EFD5-4DD4-9F0A-0EC07DFC3DB9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{46457780-E5CA-4021-81D8-9287C19C5A04}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CBF8DA71-277A-49E4-B044-2B3511972661}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DF69578B-EE38-4362-98ED-C6E57CCE0D4F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2804E1B8-3FAC-4A2B-B4E3-05FEEE6EF4C3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{51898237-2680-4E2C-A0B0-6D4A3D70FE3B}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [{FD622B8D-728F-4EA8-B985-8BEA5F6F4E49}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [{6FBFC44D-53A6-48C7-9273-A8944C5960E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{2EDB23A8-30E1-431D-B323-AED07DD0A273}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{1F384DCF-16EC-4C43-BF98-512BF4740D5C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{46BA1C88-D8EC-45B6-BE35-83FE48EA5C73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{4D58504E-0BAC-423F-9B18-EFB06AD6657F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{46CD2CD8-5B0A-467B-BDA4-027588DB02DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{0C40983F-0AB3-41A9-8468-EBF5974975CC}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{08EF928C-C2AB-44CF-9E01-BD0988077B03}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{4AEF111F-6B98-48DB-850D-53422EEB844E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9E22EF4C-B998-4318-8762-574D04631EC2}] => (Block) %ProgramFiles%\TeamSpeak 3 Client\ts3client_win64.exe
FirewallRules: [{5222AA72-1D7A-4693-B7B1-674D18335852}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{B56660D6-446F-4862-8A3B-332287DF6902}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{092834C5-AD37-4F0B-8B3D-FBC6AA774FE1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{9BB8FAE7-2375-4518-9C6F-C558C67C3CE3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{13149D2F-96E1-4CD5-A5E0-927928D8A963}] => (Block) %USERPROFILE%\Desktop\Tor Browser\Browser\firefox.exe
FirewallRules: [{297DD556-E9E7-4290-8E42-C04DF04F4475}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{64D432DC-CE90-445C-9F9A-50A98E57F6A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{058B55BF-C53C-4AF2-9246-53E3D0FEE76C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst\NS3FB_launcher.exe
FirewallRules: [{A86D820E-1BDC-4A18-9059-8FAAFBE83A4E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst\NS3FB_launcher.exe
FirewallRules: [{B1034079-DB64-45D0-BFD3-BF2A41389460}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{9923AE53-9398-40EB-8A3A-75E51699DAA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{DA6066D9-65B4-42B7-BAE8-63F79ACD1F01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{29F175BC-0902-4EC2-A1FD-411F189F42EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [TCP Query User{F7BC919B-983C-4E8E-9C6A-949EC462DE45}C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{1EFC927B-F015-4BC9-93B0-BFC28B1D7D63}C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{0271708C-CD43-4261-A31B-B8C62DB47864}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sanctum2\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{C1C6486E-85DD-472A-99D6-DDC0DF7C15B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sanctum2\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{3C917DBB-0F72-464C-B9F8-E6DA706F84FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed 3\AC3SP.exe
FirewallRules: [{DDB64B8D-F563-4579-A742-95ED72FA8935}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed 3\AC3SP.exe
FirewallRules: [{37448111-DE2F-4381-ADA9-A3C3E0FE94CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Splinter Cell Blacklist\Blacklist_Launcher.exe
FirewallRules: [{6650B79B-5444-4516-9181-D67BEC1F8133}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Splinter Cell Blacklist\Blacklist_Launcher.exe
FirewallRules: [{39BB52BF-5799-4359-9966-001972D2A099}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{FACD69A7-E1AB-456E-B123-1CB0394A1023}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{CDFD58E3-EA29-4455-93A2-5E33F23CC069}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{FD73FD7A-7ADF-4229-AA9D-648046E83090}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{BBB45A82-8728-42EF-853F-0D7A628A8EAF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\gu.exe
FirewallRules: [{08DD4417-CBC0-4147-AE09-867CEB793A62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\gu.exe
FirewallRules: [{B74D0C64-41C0-4484-8582-49D074DD0AEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{16748C60-8A6B-45B5-86F6-38F16737F739}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{9DD8C337-D365-4CF0-AFFB-C4A2D7B09E22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{0C043B48-6B70-4585-BC04-88402EEBDC07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{FD66B1C9-ACF9-43A6-A1CB-D402D4E121B1}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{155C090C-9933-4F3C-8151-A711569DA30A}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{0F27AAE6-8B32-4C12-8CF2-50B0AB0F81D4}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [{38432C91-9C82-4C56-888C-B425FBC8F2C3}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [TCP Query User{C1D7AB77-B398-4A75-B4FE-4DABDB899AF1}C:\program files (x86)\dragon's prophet\launcher.exe] => (Allow) C:\program files (x86)\dragon's prophet\launcher.exe
FirewallRules: [UDP Query User{B2338360-B006-4876-9CB7-0CB0DBEEF69E}C:\program files (x86)\dragon's prophet\launcher.exe] => (Allow) C:\program files (x86)\dragon's prophet\launcher.exe
FirewallRules: [TCP Query User{C30A60F7-8B0A-4733-A506-7C546EAF2724}C:\program files (x86)\dragon's prophet\dp_x64.exe] => (Allow) C:\program files (x86)\dragon's prophet\dp_x64.exe
FirewallRules: [UDP Query User{664D32F4-272A-4F04-A7DC-4B93127850DB}C:\program files (x86)\dragon's prophet\dp_x64.exe] => (Allow) C:\program files (x86)\dragon's prophet\dp_x64.exe
FirewallRules: [{3CB58306-E6E1-42B9-A54A-DE9C14C6AC0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{B5DF0070-13D1-4C98-BAB8-72430B1821A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [TCP Query User{E253C01D-20E4-4D4A-BC5C-212021361F87}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [UDP Query User{49EB3DC4-487B-4DDE-B452-448324977598}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [{0E26DC39-AA1A-4500-87A2-ED5B4D22E708}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{D53BEEEA-43F3-48E1-A4AF-D1F0CD71EC72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{959C5A7F-4650-4053-A8B0-87D638BA8F54}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{D63A9C68-F8B5-47A2-9B95-4879F8415371}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{53C5812B-C3B7-4CB1-84C7-4F3FDA8FA81C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Wars The Force Unleashed 2\SWTFU2.exe
FirewallRules: [{C6175968-2326-45AD-A00F-607E73116DAD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Wars The Force Unleashed 2\SWTFU2.exe
FirewallRules: [TCP Query User{D480B061-EEEF-42AF-971B-215F96C61BD0}C:\users\philip\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\philip\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{43E0CD6F-D012-48B9-A872-878C21E7A1A5}C:\users\philip\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\philip\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{E53283B4-9283-4232-B698-060DEE66535B}C:\users\philip\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\philip\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{7BE66241-3457-43F4-A115-882A0C49251C}C:\users\philip\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\philip\appdata\local\akamai\netsession_win.exe
FirewallRules: [{B10BE1A0-7233-4C30-91C2-E0509FDC1176}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{DC052E56-F66F-41E5-96B3-4FAB3CE27F0D}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [TCP Query User{B849702B-6943-4A9C-BBB5-89AE278B77E2}C:\program files (x86)\dragon's prophet\launcher.exe] => (Allow) C:\program files (x86)\dragon's prophet\launcher.exe
FirewallRules: [UDP Query User{69831827-B222-4171-BC3B-02D35102C8EC}C:\program files (x86)\dragon's prophet\launcher.exe] => (Allow) C:\program files (x86)\dragon's prophet\launcher.exe
FirewallRules: [TCP Query User{1A960530-0255-4529-B6A2-38E0917F52CA}C:\users\philip\desktop\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\philip\desktop\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{EC653305-BA56-400C-B826-7FCEB205BE33}C:\users\philip\desktop\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\philip\desktop\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{D153DA44-AED3-4FAA-9315-6D2EF6A729F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aura Kingdom\Launcher.exe
FirewallRules: [{548D119A-4A78-46B7-B551-FEDA664C1088}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aura Kingdom\Launcher.exe
FirewallRules: [{60463A6F-5D8D-40AE-AB6F-7CEDF778E310}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aura Kingdom\game.bin
FirewallRules: [{5617CE86-9C74-406F-9499-A774F4A163B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aura Kingdom\game.bin
FirewallRules: [{24BBD3EB-E6C2-4DDC-9068-8D25BF7A1D32}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Echo of Soul\EOSLauncher.exe
FirewallRules: [{771B3473-B565-4DC3-885F-D6CD9188206A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Echo of Soul\EOSLauncher.exe
FirewallRules: [{50DA3916-B928-432C-B67A-B84349C6C46D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deponia The Complete Journey\deponia.exe
FirewallRules: [{330C87CD-47EA-42DB-8394-FEE2D096EA1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deponia The Complete Journey\deponia.exe
FirewallRules: [{6E22B5BC-3D25-4D42-84C5-891917FA340B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deponia The Complete Journey\VisionaireConfigurationTool.exe
FirewallRules: [{8F16713B-7AAC-4830-BD6B-A4788CE7A1DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deponia The Complete Journey\VisionaireConfigurationTool.exe
FirewallRules: [{275D274B-16F8-4150-B82E-7AFE3044FAD1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed 3\AC3MP.exe
FirewallRules: [{A2D58140-8FEB-4BBD-8BDB-7588E797DEA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed 3\AC3MP.exe
FirewallRules: [{45BB9186-2699-45CD-893B-BB8B497B99BF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3ECB58C9-691E-4ED5-8949-A659391D4404}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A3BD4008-8F17-4064-85CF-9B433A0BFD8F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{8456E756-099A-4791-B073-7FA5C0E59B51}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{1083B8C8-BA93-4ED9-999F-907AB98F6BD0}C:\program files\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\javaw.exe
FirewallRules: [UDP Query User{7B9FE7AE-AF7F-485E-B477-4BE13DCCBFA6}C:\program files\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\javaw.exe
FirewallRules: [TCP Query User{14E6410F-0C62-45D2-974E-CAF229AD3A34}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{992FB12E-5132-4BA9-9672-2ED7B6BA9428}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{7F696382-6BD1-4439-9B72-70D42C6FA7DB}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{1EA5DAC5-2AE0-4AFB-AC1D-4352614E92E3}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{490E1FF4-50D6-48EB-A25C-6131B40C2FCD}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{1D4AFD8B-1441-4F08-B70D-38F34DEA94B0}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{2D26D25F-83CF-4ABF-86E9-3BB04347ECE5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{384CA9E3-4DBE-4AD0-8639-143B377827E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{D0488983-66B6-4052-8FD5-885078CE26DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{73F7A57C-62BE-4569-BDEF-D4B5E46E60C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{92E7FB37-47B0-4C9C-8583-CC434B80C6C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{7DA7C2AA-14FE-4E89-930B-F906B8E2C1E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{EC3B2F4E-2379-4A33-B9AC-68CB7D30A0BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crystals of Time\Crystals of Time.exe
FirewallRules: [{D0364108-4134-4818-AD56-EB33BFECBF1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crystals of Time\Crystals of Time.exe
FirewallRules: [{ABF69EF0-EA0F-48F9-95E3-CA5FD2BCF4EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{12EBA18D-8AF1-495F-83B0-E1072534BC3B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{CF5BFCA0-4ED9-42D4-AE16-5D4A6BE2A046}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\csbtw.exe
FirewallRules: [{07064308-7E0B-41DD-AB98-C950E310A56F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\csbtw.exe
FirewallRules: [{DECFF5AE-B59B-48DE-8613-5BC637392645}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\HView.exe
FirewallRules: [{37C5E968-1654-4C8E-935F-2002AA2245F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\HView.exe
FirewallRules: [{83DC5781-9982-4BEA-B624-0DF580E58F40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\ScenarioEditor.exe
FirewallRules: [{031FCDBF-22BE-4297-B1C3-AADA265DD723}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\ScenarioEditor.exe
FirewallRules: [{C466B301-2373-43C3-9F4C-AD41D5AA2C72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\cshlp.exe
FirewallRules: [{5A647387-1AB8-4065-83FD-86DE2D39C366}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\cshlp.exe
FirewallRules: [{89F930C7-3F59-447A-A61C-F1D2550372E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{F9DADF7D-D962-4B4D-8FA2-F3FAE02FCD7B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{35B3915F-333E-4210-8A38-C4751C09081A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life is Feudal Your Own\yo_cm_client.exe
FirewallRules: [{8566A02C-FDA3-4DF9-BFE6-1E40FE8F1316}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life is Feudal Your Own\yo_cm_client.exe
FirewallRules: [{4E26DFBA-5D32-44C7-9503-908DFB9B2452}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\firstassault\Shipping\GAME.exe
FirewallRules: [{C18243DE-0AD3-44F0-BCBD-B80D4B9EDFDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\firstassault\Shipping\GAME.exe
FirewallRules: [TCP Query User{983BBAE4-F68D-4BA5-9F8B-8CE8C1812CF5}C:\program files (x86)\neverwinter_de\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\neverwinter_de\neverwinter\live\gameclient.exe
FirewallRules: [UDP Query User{BB650065-1A41-4BC7-9A34-AEF38B6606BF}C:\program files (x86)\neverwinter_de\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\neverwinter_de\neverwinter\live\gameclient.exe
FirewallRules: [{91073044-DCE5-4622-94C9-879C23F017C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fairy Fencer F\FairyFencer.exe
FirewallRules: [{3F50690D-B5D0-47A1-87F0-DE5F9D958D64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fairy Fencer F\FairyFencer.exe
FirewallRules: [{FC7A729A-4D3F-4172-9FBC-169726F4B1F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{745B987A-736A-4076-B434-F10404F0E4C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{B6C5C0F6-EEBF-41B3-97FE-2EE05006020F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{A860739D-2D99-4BA3-BA4B-E5DBD8544850}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{08EAD17A-C8F1-4798-A830-8E96DED99B15}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{A2034420-0281-43F9-A373-E20EA192FE90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{3F2B3038-57C9-4C89-B394-CBAC2D7709BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{B1A3DE32-7C31-48DA-85F3-E1153DE3E4FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{A412A5A9-FE31-4045-8598-450A4325A235}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{F0193371-06B8-439D-B2AA-58D14957F260}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{3112B373-708E-4763-9F4C-4D7422967D24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\dmcr.exe
FirewallRules: [{8E4B95C5-455D-4A89-8EA6-FD285B99AAA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\dmcr.exe
FirewallRules: [{5C94A499-E44D-4961-BB6D-F53EE7A611AA}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{E64FAC19-35FF-4FB6-8F40-EBB3CECFA021}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{C1672358-8461-4805-98F2-9B47F3D3EEDD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Riders of Icarus\Bin32\nxsteam.exe
FirewallRules: [{5B5B245A-374E-4BC9-842D-3829224875E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Riders of Icarus\Bin32\nxsteam.exe
FirewallRules: [TCP Query User{0CD3041E-3DDF-4082-A029-032908831161}C:\program files (x86)\steam\steamapps\common\riders of icarus\bin32\launcher32.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\riders of icarus\bin32\launcher32.exe
FirewallRules: [UDP Query User{75178641-3017-4414-89F6-0E84755E082D}C:\program files (x86)\steam\steamapps\common\riders of icarus\bin32\launcher32.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\riders of icarus\bin32\launcher32.exe
FirewallRules: [TCP Query User{98EDC6B9-9EB7-4501-91A7-C6EDEAB94CDA}C:\program files (x86)\steam\steamapps\common\riders of icarus\bin64\launcher.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\riders of icarus\bin64\launcher.exe
FirewallRules: [UDP Query User{A1E979F8-9097-4AF7-9459-2745D215331C}C:\program files (x86)\steam\steamapps\common\riders of icarus\bin64\launcher.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\riders of icarus\bin64\launcher.exe
FirewallRules: [{D15278CA-DD5B-44F8-8F7C-417279107A0F}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{F5B10DF9-9E2B-4BD5-81E3-F5E363FA0F35}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{6DC1F1E3-40D0-40BA-B83E-19A0C04582FB}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
FirewallRules: [{90FFB6C1-7126-4290-ACCD-C6E8343AE034}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
FirewallRules: [TCP Query User{C62204E2-9099-4D79-B9F9-E3DF89B59840}C:\users\philip\desktop\cheat engine\cheat engine 6.5.1\cheatengine-x86_64.exe] => (Block) C:\users\philip\desktop\cheat engine\cheat engine 6.5.1\cheatengine-x86_64.exe
FirewallRules: [UDP Query User{0E9975A0-C91F-499D-9649-8F1F5FB767CB}C:\users\philip\desktop\cheat engine\cheat engine 6.5.1\cheatengine-x86_64.exe] => (Block) C:\users\philip\desktop\cheat engine\cheat engine 6.5.1\cheatengine-x86_64.exe
FirewallRules: [{426A4A15-26C8-4B35-B493-166ED8E4BA53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{67D0D46A-7DCF-42CD-A98F-CFBEAA151E2D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{866B115F-E66B-4337-9E59-795F7F879025}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{A82EC7E6-7F53-4ECE-AE00-67E4F3E93679}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [TCP Query User{06B197DA-27F1-4DBE-AA3E-2A5467988AD8}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{DFFD2C83-1261-4E38-93BB-7BD961EB25FE}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{2755F3AD-8713-47E9-8BED-16F68E1D9E8D}] => (Allow) C:\Users\Philip\Desktop\Nox\Nox\bin\Nox.exe
FirewallRules: [TCP Query User{13487E11-94CA-474E-9DBE-325B2E0B7ED4}C:\users\philip\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\philip\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{DC589DCA-5085-4450-9E40-5EE7AE571125}C:\users\philip\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\philip\appdata\roaming\spotify\spotify.exe
FirewallRules: [{3B22D71D-6120-487A-BE78-2AED19395886}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{C75FC7E7-B01F-49F2-8EAB-A422AA918652}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{D4CC247C-F13A-4A99-BECA-6957B4CC9DCF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{6480F938-5D6F-4D3B-9D20-FE23D914DF77}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{2D4E94A4-6A57-4294-8812-F43626BCC733}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BE0F92E8-52D2-425F-B4DF-8FDE7E9C4250}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B2B7E2E3-4656-4616-A75A-E259214BF05D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B4AE2C42-C816-42D8-93A1-B8DEE2A9FEC0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{C200283D-D233-49C4-A1B4-0846B3A05FBE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{32BBEFF2-C75D-4132-8321-0C9B360A49FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\firstassault\Shipping\nxsteam.exe
FirewallRules: [{14FE985E-C4C7-4CCA-9A19-8AF96EEAC3E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\firstassault\Shipping\nxsteam.exe

==================== Wiederherstellungspunkte =========================

18-09-2016 16:26:29 Malwarebytes Anti-Rootkit Restore Point
20-09-2016 11:37:45 JRT Pre-Junkware Removal
20-09-2016 11:41:27 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/20/2016 11:37:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (09/20/2016 11:35:58 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Users\Philip\AppData\Local\chromium\Application\chrome.exe".
Die abhängige Assemblierung "51.0.2683.0,language="*",type="win32",version="51.0.2683.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/19/2016 04:37:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (09/19/2016 04:35:59 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Users\Philip\AppData\Local\chromium\Application\chrome.exe".
Die abhängige Assemblierung "51.0.2683.0,language="*",type="win32",version="51.0.2683.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/18/2016 06:03:11 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Users\Philip\AppData\Local\chromium\Application\chrome.exe".
Die abhängige Assemblierung "51.0.2683.0,language="*",type="win32",version="51.0.2683.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/18/2016 06:03:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (09/18/2016 04:41:00 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Users\Philip\AppData\Local\chromium\Application\chrome.exe".
Die abhängige Assemblierung "51.0.2683.0,language="*",type="win32",version="51.0.2683.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/18/2016 04:40:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (09/18/2016 04:29:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (09/14/2016 10:44:36 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Users\Philip\AppData\Local\chromium\Application\chrome.exe".
Die abhängige Assemblierung "51.0.2683.0,language="*",type="win32",version="51.0.2683.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


Systemfehler:
=============
Error: (09/20/2016 11:38:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/20/2016 11:36:10 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (09/19/2016 04:37:26 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (09/18/2016 06:03:07 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (09/18/2016 06:01:30 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (09/18/2016 06:01:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/18/2016 06:01:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/18/2016 06:00:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/18/2016 06:00:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "RzSurroundVADStreamingService" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/18/2016 06:00:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "RemoteMouseService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i3-4160 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 25%
Installierter physikalischer RAM: 8143.27 MB
Verfügbarer physikalischer RAM: 6057.48 MB
Summe virtueller Speicher: 16284.71 MB
Verfügbarer virtueller Speicher: 14006.05 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:1862.79 GB) (Free:1031.69 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================
         

Alt 20.09.2016, 13:21   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win7, Pop-up Probleme bei Chrome - Standard

Win7, Pop-up Probleme bei Chrome



FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 20.09.2016, 13:58   #11
Phlipsi
 
Win7, Pop-up Probleme bei Chrome - Standard

Win7, Pop-up Probleme bei Chrome



Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-09-2016
durchgeführt von Philip (20-09-2016 13:50:54) Run:1
Gestartet von C:\Users\Philip\Downloads\Cleantools und Logs
Geladene Profile: Philip (Verfügbare Profile: Philip)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
emptytemp:
         
*****************


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10149569 B
Java, Flash, Steam htmlcache => 410209250 B
Windows/system/drivers => 3559019 B
Edge => 0 B
Chrome => 740465979 B
Firefox => 377241961 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 83620 B
systemprofile32 => 548034 B
LocalService => 66228 B
NetworkService => 66228 B
Philip => 48577552 B

RecycleBin => 0 B
EmptyTemp: => 1.5 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 13:51:01 ====
         

Alt 20.09.2016, 14:02   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win7, Pop-up Probleme bei Chrome - Standard

Win7, Pop-up Probleme bei Chrome



Okay, dann Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte:


1. Schritt: MBAM

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




2. Schritt: ESET

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset




3. Schritt: SecurityCheck

Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 20.09.2016, 18:52   #13
Phlipsi
 
Win7, Pop-up Probleme bei Chrome - Standard

Win7, Pop-up Probleme bei Chrome



mbam

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 20.09.2016
Suchlaufzeit: 14:11
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.09.20.05
Rootkit-Datenbank: v2016.08.15.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Philip

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 303069
Abgelaufene Zeit: 6 Min., 33 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
ESET

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=0493a6bc0165eb4f993590d30c814c96
# end=init
# utc_time=2016-09-20 12:36:49
# local_time=2016-09-20 02:36:49 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 30811
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=0493a6bc0165eb4f993590d30c814c96
# end=updated
# utc_time=2016-09-20 12:40:41
# local_time=2016-09-20 02:40:41 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=0493a6bc0165eb4f993590d30c814c96
# engine=30811
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-09-20 02:48:15
# local_time=2016-09-20 04:48:15 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 18392 226012745 0 0
# scanned=593242
# found=0
# cleaned=0
# scan_time=7653
         
Security Check

Code:
ATTFilter
 Results of screen317's Security Check version 1.009  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Java version 32-bit out of Date! 
 Adobe Flash Player 23.0.0.162  
 Mozilla Firefox (48.0.2) 
 Google Chrome (53.0.2785.101) 
 Google Chrome (53.0.2785.116) 
 Google Chrome (SetupMetrics...) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         

Alt 20.09.2016, 21:09   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Win7, Pop-up Probleme bei Chrome - Standard

Win7, Pop-up Probleme bei Chrome



Zitat:
Adobe Flash Player 23.0.0.162
Wenn möglich deinstallieren

Flash Player: Was Adobe mit seinem Flash Player veranstaltet, ist irgendwo zwischen Frechheit und Inkompetenz einzustufen; in dem Teil werden ständig neue dicke Sicherheitslücken gefunden - für YT reicht meistens HTML5 aus, das ist der Standardplayer wenn der Flash Player inaktiv oder nicht installiert ist; für spezielle Browsergames kann es aber sein, dass du den Flash Player brauchst. Nutze Flash so sparsam wie möglich und wenn dann immer aktuell halten!!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 20.09.2016, 21:37   #15
Phlipsi
 
Win7, Pop-up Probleme bei Chrome - Standard

Win7, Pop-up Probleme bei Chrome



Deinstalliert.

Antwort

Themen zu Win7, Pop-up Probleme bei Chrome
adobe, antivirus, avira, defender, desktop, euro, explorer, firefox, flash player, google, helper, homepage, mozilla, netstat, neustart, problem gelöst, prozesse, registry, scan, secur, services.exe, software, svchost.exe, system, udp, uplay, windows



Ähnliche Themen: Win7, Pop-up Probleme bei Chrome


  1. Win7- Avast meldet mir Chrome als Bedrohung
    Plagegeister aller Art und deren Bekämpfung - 27.01.2016 (12)
  2. Win7, Google Chrome, Einblendungen ähnlich Bundestrojaner
    Log-Analyse und Auswertung - 11.11.2015 (9)
  3. Win7 Chrome Secure Preferences?
    Log-Analyse und Auswertung - 16.08.2015 (10)
  4. Win7 (64): Chrome stürzt ab und installiert Werbe-Erweiterungen
    Log-Analyse und Auswertung - 22.02.2015 (13)
  5. WIN7: Google Suchergebnisse auf Chrome manipuliert
    Log-Analyse und Auswertung - 22.02.2015 (6)
  6. Google Chrome - öffnet eine andere Seite beim Starten von Google Chrome (Win7)
    Plagegeister aller Art und deren Bekämpfung - 19.01.2015 (29)
  7. Win7: Chrome öffnet selbstständig Werbe-Tabs
    Log-Analyse und Auswertung - 10.12.2014 (21)
  8. Win7: Adware in Google Chrome
    Plagegeister aller Art und deren Bekämpfung - 20.07.2014 (4)
  9. WIN7 - Chrome startet immer mit websearches Seite
    Log-Analyse und Auswertung - 13.06.2014 (16)
  10. win7: google chrome öffnet automatisch tabs mit werbung
    Log-Analyse und Auswertung - 04.06.2014 (19)
  11. win7: google chrome öffnet automatisch tabs mit werbung, danke an M-K- D-B!
    Lob, Kritik und Wünsche - 04.06.2014 (0)
  12. Doppelt grün unterstrichene Wörter (Win7 Google Chrome)
    Log-Analyse und Auswertung - 01.04.2014 (5)
  13. Win7 - Secure Banking in Sekundentakt bei Chrome & Bluescreen
    Plagegeister aller Art und deren Bekämpfung - 19.02.2014 (19)
  14. JS:Trojan.Clicker.NBP (B) im Chrome Cache unter WIN7
    Log-Analyse und Auswertung - 21.12.2013 (15)
  15. do-search lässt sich aus chrome unter win7 x64 nicht löschen
    Log-Analyse und Auswertung - 15.11.2013 (1)
  16. Win7 - Unerwünschte Chrome AddOn's nicht entfernbar [CortonExt u. Applon]
    Plagegeister aller Art und deren Bekämpfung - 08.09.2013 (2)
  17. Click Compare Trojaner - Laptop (Win7 / Google Chrome)
    Plagegeister aller Art und deren Bekämpfung - 30.05.2013 (11)

Zum Thema Win7, Pop-up Probleme bei Chrome - Seit einiger Zeit passiert es, dass Weiterleitungen auf Websites nicht hervorgehoben werden und es öffnen sich Pop-ups im neuen Tab, egal wo ich klicke. Nach Schließung der neu geöffneten Tabs - Win7, Pop-up Probleme bei Chrome...
Archiv
Du betrachtest: Win7, Pop-up Probleme bei Chrome auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.