Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Backdoor "BDS/Cycbotcfg" in Firefox Cache gefunden

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 06.10.2016, 07:43   #1
Esdeh
 
Backdoor "BDS/Cycbotcfg" in Firefox Cache gefunden - Standard

Backdoor "BDS/Cycbotcfg" in Firefox Cache gefunden



Hallo allerseits,

Habe heute leider aus heiterem Himmel eine Benachrichtigung von Avira bekommen. Im Cache von Firefox wurde eine Backdoor-Malware vom Typ BDS/Cycbotcfg.A.1744 gefunden. Eine kurze Recherche hat ergeben, dass das eine sehr ernst zu nehmende Bedrohung ist, deswegen brauche ich wohl eure Hilfe.

Die betroffene Datei hat Avira natürlich in Quarantäne verschoben, aber ich bin mir jetzt natürlich unsicher, ob sich die Malware nicht schon tiefer eingenistet hat. Ich habe die erforderlichen Logdateien erstellt und außerdem noch einen Scan mit Malwarebytes gemacht.

Sollte sich abzeichnen, dass eine Neuinstallation von Windows die sicherste und schnellste Lösung ist, kann ich damit leben, da ich die Gelegenheit nutzen würde, um von Windows 7 auf Windows 10 zu upgraden (habe bereits eine Lizenz). In dem Fall müsste ich aber wissen, wie ich genau sicherstelle, dass auf meiner Festplatte keine Spuren hinterbleiben.

Vielen Dank im Voraus!


(Logfiles gezipt als Anhang da zu lang)
Angehängte Dateien
Dateityp: zip Logfiles_Esdeh.zip (49,5 KB, 5x aufgerufen)

Alt 06.10.2016, 11:30   #2
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Backdoor "BDS/Cycbotcfg" in Firefox Cache gefunden - Standard

Backdoor "BDS/Cycbotcfg" in Firefox Cache gefunden





Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.


Los geht's:

Bitte Logs auf mehrere Postings aufteilen.
__________________

__________________

Alt 06.10.2016, 13:34   #3
Esdeh
 
Backdoor "BDS/Cycbotcfg" in Firefox Cache gefunden - Standard

Backdoor "BDS/Cycbotcfg" in Firefox Cache gefunden



Log Avira:

Code:
ATTFilter
05.10.2016, 23:25:02 [Echtzeit-Scanner] Malware gefunden
	Muster 'BDS/Cycbotcfg.A.1744 [backdoor]'
	in Datei 'C:\Users\*****\AppData\Local\Mozilla\Firefox\Profiles\dsx1enfl.default\cache2\entries\23D48E248CE42D4482067C88ED10C561EA633A37 gefunden.
	Durchgeführte Aktion: Datei in Quarantäne verschieben


	
	

Free Antivirus
Erstellungsdatum der Reportdatei: Donnerstag, 6. Oktober 2016  07:31


Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer   : Free
Seriennummer   : 0000149996-AVHOE-0000001
Plattform      : Windows 7 Professional
Windowsversion : (Service Pack 1)  [6.1.7601]
Boot Modus     : Normal gebootet
Benutzername   : Admin
Computername   : ***********

Versionsinformationen:
build.dat      : 15.0.20.59     91997 Bytes  25.08.2016 16:12:00
AVSCAN.EXE     : 15.0.20.59   1272416 Bytes  11.09.2016 22:39:30
AVSCANRC.DLL   : 15.0.20.47     66256 Bytes  11.09.2016 22:39:30
LUKE.DLL       : 15.0.20.47     70376 Bytes  11.09.2016 22:39:36
AVSCPLR.DLL    : 15.0.20.59    134272 Bytes  11.09.2016 22:39:31
REPAIR.DLL     : 15.0.20.58    686352 Bytes  11.09.2016 22:39:30
repair.rdf     : 1.0.20.56    1783604 Bytes  04.10.2016 17:16:34
AVREG.DLL      : 15.0.20.47    352656 Bytes  11.09.2016 22:39:30
avlode.dll     : 15.0.20.55    735304 Bytes  11.09.2016 22:39:29
avlode.rdf     : 14.0.5.44     101841 Bytes  01.08.2016 02:36:50
XBV00005.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:15
XBV00006.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:15
XBV00007.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:15
XBV00008.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:15
XBV00009.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:15
XBV00010.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:15
XBV00011.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:15
XBV00012.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:15
XBV00013.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:15
XBV00014.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00015.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00016.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00017.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00018.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00019.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00020.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00021.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00022.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00023.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00024.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00025.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00026.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00027.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00028.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00029.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00030.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00031.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00032.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00033.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00034.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00035.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00036.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00037.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00038.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00039.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00040.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00041.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00208.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:01
XBV00209.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:01
XBV00210.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:01
XBV00211.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:01
XBV00212.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:01
XBV00213.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00214.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00215.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00216.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00217.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00218.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00219.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00220.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00221.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00222.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00223.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00224.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00225.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00226.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00227.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00228.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00229.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00230.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00231.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00232.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00233.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00234.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00235.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00236.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00237.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00238.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00239.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00240.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00241.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00242.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00243.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00244.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:03
XBV00245.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:03
XBV00246.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:03
XBV00247.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:03
XBV00248.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:03
XBV00249.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:03
XBV00250.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:03
XBV00251.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:03
XBV00252.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:03
XBV00253.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:03
XBV00254.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:03
XBV00255.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:03
XBV00000.VDF   : 7.11.70.0   66736640 Bytes  04.04.2013 19:00:29
XBV00001.VDF   : 7.11.237.0  48041984 Bytes  02.06.2015 22:57:35
XBV00002.VDF   : 7.12.106.228 44941312 Bytes  27.07.2016 02:37:15
XBV00003.VDF   : 8.12.113.174  5299200 Bytes  22.08.2016 10:33:52
XBV00004.VDF   : 8.12.118.140  3998720 Bytes  15.09.2016 18:53:17
XBV00042.VDF   : 8.12.118.152    15872 Bytes  15.09.2016 20:53:15
XBV00043.VDF   : 8.12.118.154    16384 Bytes  15.09.2016 22:53:14
XBV00044.VDF   : 8.12.118.156    15360 Bytes  15.09.2016 22:53:14
XBV00045.VDF   : 8.12.118.160    56832 Bytes  16.09.2016 08:57:34
XBV00046.VDF   : 8.12.118.162     9728 Bytes  16.09.2016 08:57:34
XBV00047.VDF   : 8.12.118.164     5632 Bytes  16.09.2016 08:57:34
XBV00048.VDF   : 8.12.118.166    10752 Bytes  16.09.2016 10:57:33
XBV00049.VDF   : 8.12.118.168     2048 Bytes  16.09.2016 10:57:33
XBV00050.VDF   : 8.12.118.174    51712 Bytes  16.09.2016 16:57:39
XBV00051.VDF   : 8.12.118.176    18432 Bytes  16.09.2016 18:57:36
XBV00052.VDF   : 8.12.118.178    15360 Bytes  16.09.2016 18:57:36
XBV00053.VDF   : 8.12.118.180    12288 Bytes  16.09.2016 22:06:17
XBV00054.VDF   : 8.12.118.182    12800 Bytes  16.09.2016 09:35:08
XBV00055.VDF   : 8.12.118.190    60416 Bytes  17.09.2016 09:35:08
XBV00056.VDF   : 8.12.118.192     2048 Bytes  17.09.2016 09:35:08
XBV00057.VDF   : 8.12.118.194   152064 Bytes  17.09.2016 17:28:57
XBV00058.VDF   : 8.12.118.206     2048 Bytes  17.09.2016 17:28:57
XBV00059.VDF   : 8.12.118.218   109056 Bytes  17.09.2016 17:28:57
XBV00060.VDF   : 8.12.118.230    92672 Bytes  17.09.2016 17:39:01
XBV00061.VDF   : 8.12.118.242   127488 Bytes  18.09.2016 17:39:01
XBV00062.VDF   : 8.12.119.56   113664 Bytes  18.09.2016 17:39:02
XBV00063.VDF   : 8.12.119.68    19456 Bytes  18.09.2016 17:39:02
XBV00064.VDF   : 8.12.119.78    11776 Bytes  18.09.2016 17:39:02
XBV00065.VDF   : 8.12.119.88    10240 Bytes  18.09.2016 17:39:02
XBV00066.VDF   : 8.12.119.90     5632 Bytes  18.09.2016 17:39:02
XBV00067.VDF   : 8.12.119.92    83968 Bytes  19.09.2016 10:05:04
XBV00068.VDF   : 8.12.119.102    21504 Bytes  19.09.2016 10:05:04
XBV00069.VDF   : 8.12.119.104     9216 Bytes  19.09.2016 10:05:04
XBV00070.VDF   : 8.12.119.106    15360 Bytes  19.09.2016 10:05:04
XBV00071.VDF   : 8.12.119.110    22528 Bytes  19.09.2016 12:05:02
XBV00072.VDF   : 8.12.119.122    31744 Bytes  19.09.2016 20:05:02
XBV00073.VDF   : 8.12.119.146    66560 Bytes  19.09.2016 20:05:02
XBV00074.VDF   : 8.12.119.158   109568 Bytes  19.09.2016 20:05:02
XBV00075.VDF   : 8.12.119.168     2048 Bytes  19.09.2016 20:05:02
XBV00076.VDF   : 8.12.119.178    14848 Bytes  19.09.2016 22:05:02
XBV00077.VDF   : 8.12.119.188    11776 Bytes  19.09.2016 08:31:56
XBV00078.VDF   : 8.12.119.200    57344 Bytes  20.09.2016 08:31:56
XBV00079.VDF   : 8.12.119.202    23040 Bytes  20.09.2016 08:31:56
XBV00080.VDF   : 8.12.119.204    28672 Bytes  20.09.2016 08:31:56
XBV00081.VDF   : 8.12.119.206     2048 Bytes  20.09.2016 08:31:56
XBV00082.VDF   : 8.12.119.208    58368 Bytes  20.09.2016 08:31:56
XBV00083.VDF   : 8.12.119.210    25088 Bytes  20.09.2016 10:31:53
XBV00084.VDF   : 8.12.119.214    35328 Bytes  20.09.2016 07:49:47
XBV00085.VDF   : 8.12.119.226   135680 Bytes  20.09.2016 07:49:47
XBV00086.VDF   : 8.12.119.234    22016 Bytes  20.09.2016 07:49:47
XBV00087.VDF   : 8.12.119.242    30720 Bytes  20.09.2016 07:49:47
XBV00088.VDF   : 8.12.119.252    86528 Bytes  21.09.2016 07:49:47
XBV00089.VDF   : 8.12.119.254    11776 Bytes  21.09.2016 07:49:47
XBV00090.VDF   : 8.12.120.0     19456 Bytes  21.09.2016 07:49:47
XBV00091.VDF   : 8.12.120.2     34304 Bytes  21.09.2016 07:49:47
XBV00092.VDF   : 8.12.120.4     18944 Bytes  21.09.2016 12:06:38
XBV00093.VDF   : 8.12.120.6     15360 Bytes  21.09.2016 12:09:06
XBV00094.VDF   : 8.12.120.10   101376 Bytes  21.09.2016 12:09:06
XBV00095.VDF   : 8.12.120.12     2048 Bytes  21.09.2016 12:09:06
XBV00096.VDF   : 8.12.120.16    41472 Bytes  21.09.2016 12:09:06
XBV00097.VDF   : 8.12.120.18    18944 Bytes  21.09.2016 12:09:06
XBV00098.VDF   : 8.12.120.20    17920 Bytes  21.09.2016 12:09:06
XBV00099.VDF   : 8.12.120.24   101376 Bytes  22.09.2016 12:09:06
XBV00100.VDF   : 8.12.120.32    20480 Bytes  22.09.2016 12:09:06
XBV00101.VDF   : 8.12.120.40    24064 Bytes  22.09.2016 12:09:06
XBV00102.VDF   : 8.12.120.48    15872 Bytes  22.09.2016 12:09:07
XBV00103.VDF   : 8.12.120.56     2048 Bytes  22.09.2016 12:09:07
XBV00104.VDF   : 8.12.120.66    98304 Bytes  22.09.2016 16:09:03
XBV00105.VDF   : 8.12.120.68    19968 Bytes  22.09.2016 08:42:25
XBV00106.VDF   : 8.12.120.70    11264 Bytes  22.09.2016 08:42:25
XBV00107.VDF   : 8.12.120.72    15360 Bytes  22.09.2016 08:42:25
XBV00108.VDF   : 8.12.120.74    15872 Bytes  22.09.2016 08:42:25
XBV00109.VDF   : 8.12.120.76    14848 Bytes  22.09.2016 08:42:25
XBV00110.VDF   : 8.12.120.80   118784 Bytes  23.09.2016 08:42:25
XBV00111.VDF   : 8.12.120.88     9216 Bytes  23.09.2016 08:42:25
XBV00112.VDF   : 8.12.120.94    14336 Bytes  23.09.2016 10:42:23
XBV00113.VDF   : 8.12.120.100     3584 Bytes  23.09.2016 10:42:23
XBV00114.VDF   : 8.12.120.106    35840 Bytes  23.09.2016 12:42:22
XBV00115.VDF   : 8.12.120.140     2048 Bytes  23.09.2016 16:55:34
XBV00116.VDF   : 8.12.121.12   615424 Bytes  26.09.2016 09:40:01
XBV00117.VDF   : 8.12.121.30     2048 Bytes  26.09.2016 09:40:01
XBV00118.VDF   : 8.12.121.48    30208 Bytes  26.09.2016 09:40:01
XBV00119.VDF   : 8.12.121.62    33280 Bytes  26.09.2016 09:40:01
XBV00120.VDF   : 8.12.121.74    11264 Bytes  26.09.2016 09:40:01
XBV00121.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:39:58
XBV00122.VDF   : 8.12.121.88   114176 Bytes  26.09.2016 11:47:07
XBV00123.VDF   : 8.12.121.98    15360 Bytes  26.09.2016 11:47:07
XBV00124.VDF   : 8.12.121.108     9216 Bytes  26.09.2016 11:47:07
XBV00125.VDF   : 8.12.121.118    11776 Bytes  26.09.2016 11:47:07
XBV00126.VDF   : 8.12.121.122    69120 Bytes  27.09.2016 11:47:07
XBV00127.VDF   : 8.12.121.124    15360 Bytes  27.09.2016 11:47:07
XBV00128.VDF   : 8.12.121.126    17920 Bytes  27.09.2016 11:47:07
XBV00129.VDF   : 8.12.121.128    15872 Bytes  27.09.2016 11:47:07
XBV00130.VDF   : 8.12.121.132   120832 Bytes  27.09.2016 15:47:05
XBV00131.VDF   : 8.12.121.134    34816 Bytes  27.09.2016 19:47:05
XBV00132.VDF   : 8.12.121.144    23040 Bytes  27.09.2016 21:47:05
XBV00133.VDF   : 8.12.121.152    16896 Bytes  27.09.2016 23:47:05
XBV00134.VDF   : 8.12.121.162    54272 Bytes  28.09.2016 11:25:39
XBV00135.VDF   : 8.12.121.170     7680 Bytes  28.09.2016 11:25:39
XBV00136.VDF   : 8.12.121.172    13824 Bytes  28.09.2016 11:25:39
XBV00137.VDF   : 8.12.121.174     2560 Bytes  28.09.2016 11:25:39
XBV00138.VDF   : 8.12.121.178   133120 Bytes  28.09.2016 17:25:37
XBV00139.VDF   : 8.12.121.180    17920 Bytes  28.09.2016 17:25:37
XBV00140.VDF   : 8.12.121.182     9728 Bytes  28.09.2016 21:01:43
XBV00141.VDF   : 8.12.121.184    10240 Bytes  28.09.2016 21:01:43
XBV00142.VDF   : 8.12.121.186    14336 Bytes  28.09.2016 21:01:43
XBV00143.VDF   : 8.12.121.196    56320 Bytes  29.09.2016 09:18:11
XBV00144.VDF   : 8.12.121.204    23040 Bytes  29.09.2016 09:18:11
XBV00145.VDF   : 8.12.121.212    47104 Bytes  29.09.2016 09:18:11
XBV00146.VDF   : 8.12.121.220    20992 Bytes  29.09.2016 11:18:08
XBV00147.VDF   : 8.12.121.224    73216 Bytes  29.09.2016 13:09:31
XBV00148.VDF   : 8.12.121.226    29184 Bytes  29.09.2016 13:09:31
XBV00149.VDF   : 8.12.121.228    11264 Bytes  29.09.2016 13:09:31
XBV00150.VDF   : 8.12.121.230    12288 Bytes  29.09.2016 13:09:31
XBV00151.VDF   : 8.12.121.232    13824 Bytes  29.09.2016 13:09:31
XBV00152.VDF   : 8.12.121.234    10240 Bytes  29.09.2016 13:09:31
XBV00153.VDF   : 8.12.121.238    81920 Bytes  30.09.2016 13:09:31
XBV00154.VDF   : 8.12.121.242     9216 Bytes  30.09.2016 13:09:31
XBV00155.VDF   : 8.12.121.250    10752 Bytes  30.09.2016 13:09:31
XBV00156.VDF   : 8.12.122.2      7168 Bytes  30.09.2016 13:09:31
XBV00157.VDF   : 8.12.122.12    18432 Bytes  30.09.2016 20:10:42
XBV00158.VDF   : 8.12.122.14    45056 Bytes  30.09.2016 20:10:42
XBV00159.VDF   : 8.12.122.20    21504 Bytes  30.09.2016 20:10:42
XBV00160.VDF   : 8.12.122.22    19968 Bytes  30.09.2016 20:10:42
XBV00161.VDF   : 8.12.122.24    11264 Bytes  30.09.2016 10:43:34
XBV00162.VDF   : 8.12.122.26    11264 Bytes  30.09.2016 10:43:34
XBV00163.VDF   : 8.12.122.30   107520 Bytes  01.10.2016 18:20:40
XBV00164.VDF   : 8.12.122.32     2048 Bytes  01.10.2016 18:20:40
XBV00165.VDF   : 8.12.122.34    30720 Bytes  01.10.2016 18:20:40
XBV00166.VDF   : 8.12.122.40    13824 Bytes  01.10.2016 18:20:40
XBV00167.VDF   : 8.12.122.46   125440 Bytes  02.10.2016 10:49:24
XBV00168.VDF   : 8.12.122.54    22016 Bytes  02.10.2016 12:49:22
XBV00169.VDF   : 8.12.122.68     2048 Bytes  02.10.2016 12:49:22
XBV00170.VDF   : 8.12.122.74    18944 Bytes  02.10.2016 14:49:22
XBV00171.VDF   : 8.12.122.76   132096 Bytes  03.10.2016 10:24:56
XBV00172.VDF   : 8.12.122.82    11264 Bytes  03.10.2016 10:24:56
XBV00173.VDF   : 8.12.122.86     7680 Bytes  03.10.2016 10:24:56
XBV00174.VDF   : 8.12.122.90    27136 Bytes  03.10.2016 10:24:56
XBV00175.VDF   : 8.12.122.94     8192 Bytes  03.10.2016 12:24:55
XBV00176.VDF   : 8.12.122.96     2048 Bytes  03.10.2016 12:24:55
XBV00177.VDF   : 8.12.122.98    32768 Bytes  03.10.2016 14:24:55
XBV00178.VDF   : 8.12.122.100    22016 Bytes  03.10.2016 16:24:55
XBV00179.VDF   : 8.12.122.102    11264 Bytes  03.10.2016 16:24:55
XBV00180.VDF   : 8.12.122.104     6144 Bytes  03.10.2016 18:24:55
XBV00181.VDF   : 8.12.122.106     7680 Bytes  03.10.2016 17:16:34
XBV00182.VDF   : 8.12.122.108     5632 Bytes  03.10.2016 17:16:34
XBV00183.VDF   : 8.12.122.110     5632 Bytes  03.10.2016 17:16:34
XBV00184.VDF   : 8.12.122.112     5120 Bytes  03.10.2016 17:16:34
XBV00185.VDF   : 8.12.122.114     7168 Bytes  03.10.2016 17:16:34
XBV00186.VDF   : 8.12.122.116    44032 Bytes  04.10.2016 17:16:34
XBV00187.VDF   : 8.12.122.118    25088 Bytes  04.10.2016 17:16:34
XBV00188.VDF   : 8.12.122.120    13312 Bytes  04.10.2016 17:16:34
XBV00189.VDF   : 8.12.122.122    11776 Bytes  04.10.2016 17:16:34
XBV00190.VDF   : 8.12.122.126    66560 Bytes  04.10.2016 17:16:34
XBV00191.VDF   : 8.12.122.128    54784 Bytes  04.10.2016 17:16:34
XBV00192.VDF   : 8.12.122.130    10752 Bytes  04.10.2016 19:16:33
XBV00193.VDF   : 8.12.122.132     9216 Bytes  04.10.2016 19:16:33
XBV00194.VDF   : 8.12.122.134    10240 Bytes  04.10.2016 05:27:49
XBV00195.VDF   : 8.12.122.136    11264 Bytes  04.10.2016 05:27:50
XBV00196.VDF   : 8.12.122.138     9216 Bytes  04.10.2016 05:27:50
XBV00197.VDF   : 8.12.122.142    97792 Bytes  05.10.2016 17:36:22
XBV00198.VDF   : 8.12.122.144     2048 Bytes  05.10.2016 17:36:22
XBV00199.VDF   : 8.12.122.146     2048 Bytes  05.10.2016 17:36:22
XBV00200.VDF   : 8.12.122.150    21504 Bytes  05.10.2016 17:36:22
XBV00201.VDF   : 8.12.122.154    11776 Bytes  05.10.2016 17:36:22
XBV00202.VDF   : 8.12.122.158    12288 Bytes  05.10.2016 17:36:22
XBV00203.VDF   : 8.12.122.164    69632 Bytes  05.10.2016 17:36:22
XBV00204.VDF   : 8.12.122.166    20992 Bytes  05.10.2016 17:36:22
XBV00205.VDF   : 8.12.122.172    51712 Bytes  05.10.2016 19:36:20
XBV00206.VDF   : 8.12.122.174    27648 Bytes  05.10.2016 21:36:20
XBV00207.VDF   : 8.12.122.176    11264 Bytes  05.10.2016 23:36:22
LOCAL001.VDF   : 8.12.122.176 178218496 Bytes  05.10.2016 23:36:36
Engineversion  : 8.3.40.202
AEBB.DLL       : 8.1.3.0        59296 Bytes  19.11.2015 13:51:00
AECORE.DLL     : 8.3.12.4      247720 Bytes  21.03.2016 11:57:35
AECRYPTO.DLL   : 8.2.0.2       128936 Bytes  15.05.2016 21:16:04
AEDROID.DLL    : 8.4.3.380    2726768 Bytes  27.09.2016 11:47:07
AEEMU.DLL      : 8.1.3.8       404328 Bytes  18.03.2016 13:00:40
AEEXP.DLL      : 8.4.2.202     309160 Bytes  05.08.2016 15:17:00
AEGEN.DLL      : 8.1.8.198     595880 Bytes  04.10.2016 17:16:34
AEHELP.DLL     : 8.3.2.10      284584 Bytes  15.02.2016 18:08:15
AEHEUR.DLL     : 8.1.4.2512  10565544 Bytes  30.09.2016 13:09:33
AELIBINF.DLL   : 8.2.1.4        68464 Bytes  15.05.2016 21:16:04
AEMOBILE.DLL   : 8.1.15.0      338800 Bytes  17.08.2016 14:35:54
AEOFFICE.DLL   : 8.3.6.28      518056 Bytes  05.10.2016 17:36:22
AEPACK.DLL     : 8.4.2.22      805744 Bytes  22.08.2016 12:33:48
AERDL.DLL      : 8.2.1.46      812960 Bytes  18.08.2016 14:33:30
AESBX.DLL      : 8.2.22.4     1633128 Bytes  20.06.2016 15:32:24
AESCN.DLL      : 8.3.4.6       141216 Bytes  04.05.2016 13:39:35
AESCRIPT.DLL   : 8.3.0.268     698280 Bytes  05.10.2016 17:36:22
AEVDF.DLL      : 8.3.3.4       142184 Bytes  21.03.2016 11:57:35
AVWINLL.DLL    : 15.0.20.47     27680 Bytes  11.09.2016 22:39:28
AVPREF.DLL     : 15.0.20.47     53944 Bytes  11.09.2016 22:39:30
AVREP.DLL      : 15.0.20.47    223400 Bytes  11.09.2016 22:39:30
AVARKT.DLL     : 15.0.20.47    229032 Bytes  11.09.2016 22:39:29
SQLITE3.DLL    : 15.0.20.47    459752 Bytes  11.09.2016 22:39:37
AVSMTP.DLL     : 15.0.20.47     81712 Bytes  11.09.2016 22:39:31
NETNT.DLL      : 15.0.20.47     16880 Bytes  11.09.2016 22:39:36
CommonImageRc.dll: 15.0.20.47   4307808 Bytes  11.09.2016 22:39:28
CommonTextRc.dll: 15.0.20.47     71400 Bytes  11.09.2016 22:39:28

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Schnelle Systemprüfung
Konfigurationsdatei...................: C:\Program Files (x86)\Avira\AntiVir Desktop\quicksysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Durchsuche aktive Programme...........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: aus
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Intelligente Dateiauswahl
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Auszulassende Dateien.................: 

Beginn des Suchlaufs: Donnerstag, 6. Oktober 2016  07:31

Der Suchlauf über die Bootsektoren wird begonnen:

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '101' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '106' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '83' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '161' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '81' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '89' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '79' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '133' Modul(e) wurden durchsucht
Durchsuche Prozess 'mysqld.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'NIHardwareService.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'PnkBstrA.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSVC.EXE' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.ServiceHost.exe' - '127' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSvcM.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhost.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '230' Modul(e) wurden durchsucht
Durchsuche Prozess 'LCore.exe' - '72' Modul(e) wurden durchsucht
Durchsuche Prozess 'AmazonMP3DownloaderHelper.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'HydraDM.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'SpotifyWebHelper.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'Spotify.exe' - '116' Modul(e) wurden durchsucht
Durchsuche Prozess 'PCCompanion.exe' - '171' Modul(e) wurden durchsucht
Durchsuche Prozess 'Discord.exe' - '121' Modul(e) wurden durchsucht
Durchsuche Prozess 'HydraDM64.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dropbox.exe' - '198' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '95' Modul(e) wurden durchsucht
Durchsuche Prozess 'ContentTransferWMDetector.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'PCCompanionInfo.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'SpotifyCrashService.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'Spotify.exe' - '84' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.Systray.exe' - '149' Modul(e) wurden durchsucht
Durchsuche Prozess 'Discord.exe' - '84' Modul(e) wurden durchsucht
Durchsuche Prozess 'Spotify.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '121' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'Discord.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'Last.fm Scrobbler.exe' - '84' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'SDUpdate.exe' - '121' Modul(e) wurden durchsucht
Durchsuche Prozess 'TrueCrypt.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'firefox.exe' - '181' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbam.exe' - '141' Modul(e) wurden durchsucht
Durchsuche Prozess 'FRST64.exe' - '102' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '181' Modul(e) wurden durchsucht
Durchsuche Prozess 'prevhost.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'notepad++.exe' - '129' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchFilterHost.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '88' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '120' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '31' Modul(e) wurden durchsucht

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Datei wurde im Zwischenspeicher in 'C:\Windows\SysWow64\MatroskaDX.ax' gefunden; der Scan Cloud-Sicherheit wurde übersprungen. SHA256 = 439DD90BA746175DCE7CF3E50393CB79D340DD1B6031E9361CAFA0A4844CB658
Die Datei wurde im Zwischenspeicher in 'E:\Spiele\IndustrieGigant2\UNWISE.EXE' gefunden; der Scan Cloud-Sicherheit wurde übersprungen. SHA256 = F1B7A623B1C9CBA5A48D331DCD5742D471C8FFCE17689C62D73C023A696CD6E6
Die Registry wurde durchsucht ( '6211' Dateien ).



Ende des Suchlaufs: Donnerstag, 6. Oktober 2016  07:32
Benötigte Zeit: 00:35 Minute(n)

Der Suchlauf wurde vollständig durchgeführt.

      0 Verzeichnisse wurden überprüft
   7429 Dateien wurden geprüft
      0 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      0 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
   7429 Dateien ohne Befall
    118 Archive wurden durchsucht
      0 Warnungen
      0 Hinweise
         
Log Malwarebytes:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 05.10.2016
Suchlaufzeit: 23:58
Protokolldatei: 
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.10.05.11
Rootkit-Datenbank: v2016.09.26.02
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Admin

Suchlauftyp: Benutzerdefinierter Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 2016379
Abgelaufene Zeit: 4 Std., 14 Min., 2 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 5
PUP.Optional.SearchProtect.AppFlsh, C:\Windows\System32\SearchProtect, In Quarantäne, [7e21692c4c4e69cddf7b5b693cc68f71], 
PUP.Optional.SearchProtect.AppFlsh, C:\Windows\System32\SearchProtect\SearchProtect, In Quarantäne, [7e21692c4c4e69cddf7b5b693cc68f71], 
PUP.Optional.SearchProtect.AppFlsh, C:\Windows\System32\SearchProtect\SearchProtect\Logs, In Quarantäne, [7e21692c4c4e69cddf7b5b693cc68f71], 
PUP.Optional.SearchProtect.AppFlsh, C:\Windows\SysWOW64\SearchProtect, In Quarantäne, [2679e9ac7e1ce353be9c754f7d85bf41], 
PUP.Optional.SearchProtect.AppFlsh, C:\Windows\SysWOW64\SearchProtect\Logs, In Quarantäne, [2679e9ac7e1ce353be9c754f7d85bf41], 

Dateien: 3
Adware.Vomba, F:\Setups\Spiele\BATTLEFIELD 1942\daemon410-x86  Install It After Copying The 2 Folders And Deviance Shadow.exe, In Quarantäne, [8b14d4c1c6d4d75f4eb8295462a2cd33], 
PUP.Optional.APNToolBar, C:\Users\*****\Downloads\SFInstaller_SFFZ_filezilla_8992693_.exe, In Quarantäne, [e9b60c89752564d24a75b9709c652fd1], 
PUP.Optional.ChipDigital, C:\Users\*****\Downloads\TreeSize Free - CHIP-Installer.exe, In Quarantäne, [950aa5f02f6b9a9ce54559f50ef62cd4], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
FRST Log:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 04-10-2016
durchgeführt von ***** (ACHTUNG: der Benutzer ist kein Administrator) auf STV-DESKTOP (05-10-2016 23:56:53)
Gestartet von F:\Downloads_Temp
Geladene Profile: ***** & Admin (Verfügbare Profile: ***** & Admin & nx)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

konnte nicht auf den Prozess zugreifen -> smss.exe
konnte nicht auf den Prozess zugreifen -> csrss.exe
konnte nicht auf den Prozess zugreifen -> wininit.exe
konnte nicht auf den Prozess zugreifen -> csrss.exe
konnte nicht auf den Prozess zugreifen -> services.exe
konnte nicht auf den Prozess zugreifen -> lsass.exe
konnte nicht auf den Prozess zugreifen -> lsm.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> winlogon.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> spoolsv.exe
konnte nicht auf den Prozess zugreifen -> sched.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> armsvc.exe
konnte nicht auf den Prozess zugreifen -> avguard.exe
konnte nicht auf den Prozess zugreifen -> mysqld.exe
konnte nicht auf den Prozess zugreifen -> NIHardwareService.exe
konnte nicht auf den Prozess zugreifen -> PnkBstrA.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> WLIDSVC.EXE
konnte nicht auf den Prozess zugreifen -> Avira.ServiceHost.exe
konnte nicht auf den Prozess zugreifen -> WLIDSVCM.EXE
konnte nicht auf den Prozess zugreifen -> avshadow.exe
konnte nicht auf den Prozess zugreifen -> SearchIndexer.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> WmiPrvSE.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
() C:\Users\*****\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Spotify Ltd) C:\Users\*****\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\*****\AppData\Roaming\Spotify\Spotify.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(Hammer & Chisel, Inc.) C:\Users\*****\AppData\Local\Discord\app-0.0.296\Discord.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Dropbox, Inc.) C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
(Spotify Ltd) C:\Users\*****\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\*****\AppData\Roaming\Spotify\Spotify.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Hammer & Chisel, Inc.) C:\Users\*****\AppData\Local\Discord\app-0.0.296\Discord.exe
(Spotify Ltd) C:\Users\*****\AppData\Roaming\Spotify\Spotify.exe
konnte nicht auf den Prozess zugreifen -> wmpnetwk.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
(Hammer & Chisel, Inc.) C:\Users\*****\AppData\Local\Discord\app-0.0.296\Discord.exe
konnte nicht auf den Prozess zugreifen -> dllhost.exe
(Last.fm) C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe
konnte nicht auf den Prozess zugreifen -> WmiPrvSE.exe
konnte nicht auf den Prozess zugreifen -> taskeng.exe
konnte nicht auf den Prozess zugreifen -> SDUpdate.exe
(TrueCrypt Foundation) C:\Program Files\TrueCrypt\TrueCrypt.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-14] (Logitech Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [830064 2016-09-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ContentTransferWMDetector.exe] => C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe [423200 2008-07-11] (Sony Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-08-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM-x32\...\RunOnce: [EasyTuneVI] => C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe [40960 2012-07-09] ()
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.)
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\*****\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Run: [SandboxieControl] => "C:\Program Files\Sandboxie\SbieCtrl.exe"
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2012-02-14] (AMD)
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Run: [Spotify Web Helper] => C:\Users\*****\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1529456 2016-09-21] (Spotify Ltd)
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Run: [Dropbox Update] => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Run: [Spotify] => C:\Users\*****\AppData\Roaming\Spotify\Spotify.exe [6795376 2016-09-21] (Spotify Ltd)
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Run: [Google Update] => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [152216 2016-05-10] (Google Inc.)
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Run: [Discord] => C:\Users\*****\AppData\Local\Discord\app-0.0.296\Discord.exe [62471352 2016-08-24] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\MountPoints2: J - J:\autorun.exe
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\MountPoints2: {5b8ed942-f05d-11e4-beac-94de8021e984} - I:\Startme.exe
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\MountPoints2: {cbd273f9-584d-11e6-8278-94de8021e984} - K:\Lenovo_Suite.exe
Lsa: [Authentication Packages] msv1_0 nxlsa
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-09-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-09-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-09-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll [2016-09-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll [2016-09-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll [2016-09-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt.65536.dll [2016-09-30] (Dropbox, Inc.)
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-09-30]
ShortcutTarget: Dropbox.lnk -> C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{721F4271-35C9-40A5-B9ED-398DE2D809A9}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{E65348D7-0263-4F99-A662-1B18C086C5BB}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
URLSearchHook: [S-1-5-21-2919925435-3243357412-1734966863-1003] ACHTUNG => Standard URLSearchHook fehlt
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-08-12] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-12] (Oracle Corporation)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll [2012-11-13] (Safer-Networking Ltd.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\dsx1enfl.default [2016-10-05]
FF NetworkProxy: Mozilla\Firefox\Profiles\dsx1enfl.default -> socks_remote_dns", true
FF NetworkProxy: Mozilla\Firefox\Profiles\dsx1enfl.default -> type", 0
FF Extension: (Avira Browser Safety) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\dsx1enfl.default\Extensions\abs@avira.com [2016-10-05]
FF Extension: (FoxyProxy Standard) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\dsx1enfl.default\Extensions\foxyproxy@eric.h.jung [2016-09-12]
FF Extension: (FireShot) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\dsx1enfl.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2016-08-31]
FF Extension: (NoScript) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\dsx1enfl.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-08-09]
FF Extension: (Video DownloadHelper) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\dsx1enfl.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-09-18]
FF Extension: (Adblock Plus) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\dsx1enfl.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: (PDF Architect Converter For Firefox) - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-05-29] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-20] ()
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-12] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-12] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-20] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-01] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-04-14] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2919925435-3243357412-1734966863-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\*****\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2919925435-3243357412-1734966863-1000: @talk.google.com/O1DPlugin -> C:\Users\*****\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2919925435-3243357412-1734966863-1000: @tools.google.com/Google Update;version=3 -> C:\Users\*****\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-01] (Google Inc.)
FF Plugin HKU\S-1-5-21-2919925435-3243357412-1734966863-1000: @tools.google.com/Google Update;version=9 -> C:\Users\*****\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-01] (Google Inc.)
FF Plugin HKU\S-1-5-21-2919925435-3243357412-1734966863-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\*****\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-2919925435-3243357412-1734966863-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-08-31] ()
FF Plugin ProgramFiles/Appdata: C:\Users\*****\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\*****\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\pdf.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\gcswf32.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Unity Player) - C:\Users\*****\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll => Keine Datei
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Users\*****\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
CHR Profile: C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default [2016-10-05]
CHR Extension: (Signal Private Messenger) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\bikioccmkafdpakkkcpdbppfkghcmihk [2016-10-05]
CHR Extension: (YouTube) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google-Suche) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Avira Browserschutz) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-09-21]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Google Mail) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-23]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [989696 2016-09-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [470600 2016-09-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [470600 2016-09-12] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1454720 2016-09-12] (Avira Operations GmbH & Co. KG)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S4 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [324304 2016-08-19] (Avira Operations GmbH & Co. KG)
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-06-24] () [Datei ist nicht signiert]
S4 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [218112 2013-10-07] () [Datei ist nicht signiert]
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [227104 2016-08-10] (EasyAntiCheat Ltd)
S4 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [Datei ist nicht signiert]
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 MySQL57; C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe [39209984 2015-11-30] () [Datei ist nicht signiert]
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S4 nxdeviced; C:\Program Files (x86)\NoMachine\bin\nxdeviced64.exe [861360 2014-04-17] (NoMachine)
S4 nxdisplay; C:\Program Files (x86)\NoMachine\bin\nxdisplay.exe [221872 2014-04-17] (NoMachine)
S4 nxfsd; C:\Program Files (x86)\NoMachine\bin\nxfsd.exe [181936 2014-04-17] (NoMachine)
S4 nxservice; C:\Program Files (x86)\NoMachine\bin\nxservice.exe [204464 2014-04-17] (NoMachine)
S4 nxusbd; C:\Program Files (x86)\NoMachine\bin\nxusbd64.exe [1248944 2014-04-17] (NoMachine)
S4 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S4 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-08-31] ()
S4 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
S4 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
S4 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
S4 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH) [Datei ist nicht signiert]
S4 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-03] (VIA Technologies, Inc.)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [171752 2016-08-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [145984 2016-08-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-18] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-04-19] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2015-05-02] (Sony Mobile Communications)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2016-08-29] ()
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [110744 2012-07-19] (Qualcomm Atheros Co., Ltd.)
S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-10-05] (Malwarebytes)
R3 nxaudio; C:\Windows\System32\drivers\nxaudio.sys [17920 2013-08-29] (NoMachine)
R3 nxdm; C:\Windows\System32\DRIVERS\nxdm.sys [29696 2012-12-11] (NoMachine Sarl)
R2 nxfs; C:\Program Files (x86)\NoMachine\bin\drivers\nxdisk\amd64\nxfs.sys [57008 2014-02-24] (NoMachine)
R2 nxusbf; C:\Program Files (x86)\NoMachine\bin\drivers\nxusb\NT6\amd64\nxusbf.sys [87216 2014-01-24] (NoMachine)
R3 nxusbh; C:\Windows\System32\DRIVERS\nxusbh.sys [68096 2013-11-12] (NoMachine)
R3 nxusbs; C:\Windows\System32\DRIVERS\nxusbs.sys [10240 2013-11-04] (NoMachine)
R3 SynUSB64; C:\Windows\System32\DRIVERS\SynUSB64.sys [30352 2011-12-14] (Steinberg Media Technologies GmbH)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 TASCAM_US122144; C:\Windows\System32\Drivers\tascusb2.sys [409664 2010-06-18] (TASCAM)
S3 TASCAM_US122L_WDM; C:\Windows\System32\drivers\tscusb2a.sys [50240 2010-06-18] (TASCAM)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-05 23:56 - 2016-10-05 23:56 - 00000000 ____D C:\FRST
2016-10-05 23:52 - 2016-10-05 23:52 - 00001124 _____ C:\Users\*****\Desktop\ Malwarebytes Anti-Malware .lnk
2016-10-05 23:47 - 2016-10-05 23:47 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-10-05 23:47 - 2016-10-05 23:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-10-05 23:47 - 2016-10-05 23:47 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-10-05 23:47 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-10-05 23:47 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-10-05 23:47 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-10-05 21:55 - 2016-10-05 21:55 - 00079570 _____ C:\Users\*****\Desktop\Splines.pdf
2016-09-30 23:54 - 2016-09-30 23:54 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-09-28 18:55 - 2016-09-28 18:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atlassian
2016-09-28 18:55 - 2016-09-28 18:55 - 00000000 ____D C:\Program Files (x86)\SourceTree
2016-09-28 13:54 - 2016-10-02 23:17 - 00000000 ____D C:\Users\*****\AppData\Roaming\MonoDevelop-Unity-5.0
2016-09-28 13:54 - 2016-09-28 13:54 - 00000000 ____D C:\Users\*****\AppData\Local\MonoDevelop-Unity-5.0
2016-09-28 13:45 - 2016-10-03 15:31 - 00000000 ____D C:\Users\*****\AppData\LocalLow\DefaultCompany
2016-09-27 23:24 - 2016-09-27 23:25 - 128365670 _____ C:\Users\*****\Downloads\Carbon Based Lifeforms - The Path.zip
2016-09-27 18:14 - 2016-09-27 18:14 - 00000000 ____D C:\Users\Admin\AppData\Roaming\MonoDevelop-Unity-5.0
2016-09-27 18:14 - 2016-09-27 18:14 - 00000000 ____D C:\Users\Admin\AppData\Local\MonoDevelop-Unity-5.0
2016-09-27 17:53 - 2016-09-27 17:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity
2016-09-27 17:49 - 2016-09-27 17:49 - 00000883 _____ C:\Users\Public\Desktop\Unity 5.4.1f1 (64-bit).lnk
2016-09-27 17:49 - 2016-09-27 17:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.4.1f1 (64-bit)
2016-09-27 17:49 - 2016-09-27 17:49 - 00000000 ____D C:\Program Files (x86)\GtkSharp
2016-09-26 16:40 - 2016-09-26 16:40 - 00001322 _____ C:\Users\*****\Desktop\RocketLeagueTrainer.exe - Verknüpfung.lnk
2016-09-23 13:35 - 2016-09-23 13:35 - 00000000 __HDC C:\ProgramData\{2FBE3374-BA89-48C3-B5F4-877C1D7D624D}
2016-09-21 15:03 - 2016-09-21 15:03 - 00000000 ____D C:\Users\*****\Documents\KONAMI
2016-09-21 15:03 - 2016-09-21 15:03 - 00000000 ____D C:\ProgramData\KONAMI
2016-09-21 14:00 - 2016-08-05 17:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-09-21 14:00 - 2016-08-05 17:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-09-20 13:39 - 2016-09-20 13:39 - 00000168 _____ C:\Users\*****\.gitconfig
2016-09-18 19:29 - 2016-09-18 19:29 - 00001138 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-09-16 22:00 - 2016-09-22 17:01 - 00000000 ____D C:\Windows\rescache
2016-09-16 21:32 - 2016-09-26 17:05 - 00000000 ____D C:\Users\*****\Documents\Project CARS
2016-09-16 21:32 - 2016-09-16 21:32 - 00000000 ____D C:\Users\*****\Documents\wmd_symbol_cache
2016-09-15 00:58 - 2016-09-02 17:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-09-15 00:58 - 2016-09-02 17:35 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-09-15 00:58 - 2016-09-02 17:35 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-09-15 00:58 - 2016-09-02 17:35 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-09-15 00:58 - 2016-09-02 17:35 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-09-15 00:58 - 2016-09-02 17:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-09-15 00:58 - 2016-09-02 17:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-09-15 00:58 - 2016-09-02 17:31 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-09-15 00:58 - 2016-09-02 17:31 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-09-15 00:58 - 2016-09-02 17:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-09-15 00:58 - 2016-09-02 17:31 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-09-15 00:58 - 2016-09-02 17:31 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-09-15 00:58 - 2016-09-02 17:31 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-09-15 00:58 - 2016-09-02 17:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-09-15 00:58 - 2016-09-02 17:31 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-09-15 00:58 - 2016-09-02 17:31 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:21 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-09-15 00:58 - 2016-09-02 17:21 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-09-15 00:58 - 2016-09-02 17:18 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:02 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-09-15 00:58 - 2016-09-02 17:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-09-15 00:58 - 2016-09-02 17:02 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-09-15 00:58 - 2016-09-02 17:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-09-15 00:58 - 2016-09-02 16:58 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-09-15 00:58 - 2016-09-02 16:57 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-09-15 00:58 - 2016-09-02 16:55 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-09-15 00:58 - 2016-09-02 16:54 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-09-15 00:58 - 2016-09-02 16:54 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-09-15 00:58 - 2016-09-02 16:53 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-09-15 00:58 - 2016-09-02 16:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-09-15 00:58 - 2016-09-02 16:53 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-09-15 00:58 - 2016-09-02 16:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-09-15 00:58 - 2016-09-02 16:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-09-15 00:58 - 2016-09-02 16:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-09-15 00:58 - 2016-09-02 16:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-09-15 00:58 - 2016-09-02 16:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-09-15 00:58 - 2016-09-02 16:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 16:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 16:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 16:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-09-15 00:58 - 2016-09-01 21:26 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-09-15 00:58 - 2016-09-01 20:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-09-15 00:58 - 2016-09-01 05:18 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-09-15 00:58 - 2016-09-01 05:08 - 20312064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-09-15 00:58 - 2016-09-01 04:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-09-15 00:58 - 2016-09-01 04:46 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-09-15 00:58 - 2016-09-01 04:46 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-09-15 00:58 - 2016-09-01 04:46 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-09-15 00:58 - 2016-09-01 04:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-09-15 00:58 - 2016-09-01 04:34 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-09-15 00:58 - 2016-09-01 04:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-09-15 00:58 - 2016-09-01 04:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-09-15 00:58 - 2016-09-01 04:26 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-09-15 00:58 - 2016-09-01 04:24 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-09-15 00:58 - 2016-09-01 04:24 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-09-15 00:58 - 2016-09-01 04:23 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-09-15 00:58 - 2016-09-01 04:08 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-09-15 00:58 - 2016-09-01 03:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-09-15 00:58 - 2016-09-01 03:57 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-09-15 00:58 - 2016-09-01 03:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-09-15 00:58 - 2016-09-01 03:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-09-15 00:58 - 2016-09-01 03:48 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-09-15 00:58 - 2016-09-01 03:45 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-09-15 00:58 - 2016-09-01 03:34 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-09-15 00:58 - 2016-09-01 03:30 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-09-15 00:58 - 2016-09-01 03:29 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-09-15 00:58 - 2016-09-01 03:29 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-09-15 00:58 - 2016-09-01 03:27 - 13808128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-09-15 00:58 - 2016-09-01 03:24 - 04607488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-09-15 00:58 - 2016-09-01 02:45 - 25770496 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-09-15 00:58 - 2016-09-01 02:43 - 02445824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-09-15 00:58 - 2016-09-01 02:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-09-15 00:58 - 2016-09-01 02:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-09-15 00:58 - 2016-09-01 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-09-15 00:58 - 2016-09-01 02:38 - 01316352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-09-15 00:58 - 2016-09-01 02:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-09-15 00:58 - 2016-09-01 02:24 - 02894336 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-09-15 00:58 - 2016-09-01 02:24 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-09-15 00:58 - 2016-09-01 02:24 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-09-15 00:58 - 2016-09-01 02:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-09-15 00:58 - 2016-09-01 02:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-09-15 00:58 - 2016-09-01 02:16 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-09-15 00:58 - 2016-09-01 02:15 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-09-15 00:58 - 2016-09-01 02:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-09-15 00:58 - 2016-09-01 02:11 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-09-15 00:58 - 2016-09-01 02:11 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-09-15 00:58 - 2016-09-01 02:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-09-15 00:58 - 2016-09-01 02:10 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-09-15 00:58 - 2016-09-01 02:06 - 06047232 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-09-15 00:58 - 2016-09-01 02:03 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-09-15 00:58 - 2016-09-01 01:59 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-09-15 00:58 - 2016-09-01 01:51 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-09-15 00:58 - 2016-09-01 01:50 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-09-15 00:58 - 2016-09-01 01:47 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-09-15 00:58 - 2016-09-01 01:46 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-09-15 00:58 - 2016-09-01 01:44 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-09-15 00:58 - 2016-09-01 01:42 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-09-15 00:58 - 2016-09-01 01:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-09-15 00:58 - 2016-09-01 01:29 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-09-15 00:58 - 2016-09-01 01:28 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-09-15 00:58 - 2016-09-01 01:27 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-09-15 00:58 - 2016-09-01 01:26 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-09-15 00:58 - 2016-09-01 01:15 - 15411712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-09-15 00:58 - 2016-09-01 01:10 - 02921472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-09-15 00:58 - 2016-09-01 00:58 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-09-15 00:58 - 2016-09-01 00:47 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-09-15 00:58 - 2016-08-16 19:36 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-09-15 00:58 - 2016-08-16 04:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-09-15 00:58 - 2016-08-16 04:35 - 03218432 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-09-15 00:58 - 2016-08-12 18:26 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-09-15 00:58 - 2016-08-12 18:26 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-09-15 00:58 - 2016-08-12 18:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-09-15 00:58 - 2016-08-06 17:31 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-09-15 00:58 - 2016-08-06 17:15 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-09-13 00:09 - 2016-09-13 00:09 - 00000000 ____D C:\Users\Admin\AppData\Local\Native Instruments

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-05 23:42 - 2013-04-19 20:17 - 00000000 ____D C:\Users\*****\AppData\Roaming\vlc
2016-10-05 23:33 - 2016-05-21 11:40 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2919925435-3243357412-1734966863-1000UA.job
2016-10-05 23:33 - 2013-04-13 20:37 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-05 23:28 - 2013-06-20 01:04 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-05 23:06 - 2015-06-17 07:55 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2919925435-3243357412-1734966863-1000UA.job
2016-10-05 22:02 - 2013-04-13 21:22 - 00000000 ____D C:\Users\*****\AppData\Roaming\MediaMonkey
2016-10-05 20:19 - 2013-04-21 20:48 - 00000000 ____D C:\Users\*****\AppData\Local\Last.fm
2016-10-05 19:34 - 2009-07-14 06:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-05 19:34 - 2009-07-14 06:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-05 19:32 - 2014-11-06 18:22 - 00000000 ____D C:\Users\*****\AppData\Roaming\Spotify
2016-10-05 19:27 - 2014-11-06 18:23 - 00000000 ____D C:\Users\*****\AppData\Local\Spotify
2016-10-05 19:27 - 2013-04-13 20:37 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-05 19:26 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-10-05 19:26 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-04 19:34 - 2013-04-13 20:37 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-03 19:11 - 2014-06-18 00:44 - 00000000 ____D C:\ProgramData\Unity
2016-10-02 17:13 - 2013-11-26 15:05 - 00000000 ____D C:\Users\Admin
2016-10-02 16:16 - 2013-04-13 18:07 - 00000000 ____D C:\Users\*****\AppData\Local\VirtualStore
2016-09-30 23:54 - 2015-06-17 07:55 - 00000000 ____D C:\Users\*****\AppData\Local\Dropbox
2016-09-30 23:54 - 2013-04-29 11:18 - 00000000 ____D C:\Users\*****\AppData\Roaming\Dropbox
2016-09-30 15:50 - 2013-11-14 23:32 - 00000000 ____D C:\Users\*****\Documents\Telltale Games
2016-09-28 18:53 - 2016-02-26 21:24 - 00000000 ____D C:\ProgramData\Atlassian
2016-09-28 13:53 - 2015-10-26 11:44 - 00000000 ____D C:\Users\*****\Documents\Visual Studio 2015
2016-09-28 13:45 - 2013-04-30 00:55 - 00000000 ____D C:\Users\*****\AppData\LocalLow\Unity
2016-09-28 13:44 - 2014-06-18 00:53 - 00000000 ____D C:\Users\*****\AppData\Roaming\Unity
2016-09-27 18:07 - 2015-05-02 01:09 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Unity
2016-09-27 17:53 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-27 17:49 - 2015-04-29 19:55 - 00000000 ____D C:\Program Files\Unity
2016-09-27 13:36 - 2015-01-18 03:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-27 13:36 - 2013-04-13 21:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-26 16:40 - 2016-08-29 16:28 - 00000000 ____D C:\Tools
2016-09-23 17:06 - 2011-04-12 09:43 - 00701778 _____ C:\Windows\system32\perfh007.dat
2016-09-23 17:06 - 2011-04-12 09:43 - 00150388 _____ C:\Windows\system32\perfc007.dat
2016-09-23 17:06 - 2009-07-14 07:13 - 01622158 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-23 17:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-09-23 17:01 - 2015-11-25 01:39 - 00000000 ____D C:\Users\*****\Desktop\Recording_part
2016-09-23 13:35 - 2016-08-30 18:01 - 00001014 _____ C:\Users\Public\Desktop\Kontakt 5.lnk
2016-09-23 11:06 - 2015-06-17 07:55 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2919925435-3243357412-1734966863-1000Core.job
2016-09-20 16:47 - 2013-04-13 21:22 - 00000000 ____D C:\Users\*****\AppData\Roaming\Skype
2016-09-20 14:06 - 2013-04-13 21:27 - 00000000 ____D C:\Spiele
2016-09-20 13:39 - 2013-04-13 18:07 - 00000000 ____D C:\Users\*****
2016-09-20 13:24 - 2016-01-09 22:54 - 00000000 ____D C:\Users\*****\Desktop\Temp
2016-09-20 10:52 - 2013-04-14 22:17 - 00000000 ____D C:\Users\*****\AppData\Local\Adobe
2016-09-20 10:52 - 2013-04-13 21:50 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-09-20 10:52 - 2013-04-13 21:50 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-20 10:52 - 2013-04-13 21:50 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-09-20 10:52 - 2013-04-13 21:50 - 00000000 ____D C:\Windows\system32\Macromed
2016-09-20 10:51 - 2014-01-18 19:24 - 00000000 ____D C:\Users\Admin\AppData\Local\Adobe
2016-09-18 19:29 - 2013-04-20 12:37 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-18 19:29 - 2013-04-13 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-09-15 20:44 - 2015-10-14 22:43 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-09-15 20:44 - 2013-04-13 21:22 - 00000000 ____D C:\ProgramData\Skype
2016-09-15 11:45 - 2009-07-14 06:45 - 00288544 _____ C:\Windows\system32\FNTCACHE.DAT
2016-09-15 01:21 - 2014-01-14 20:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-09-15 01:21 - 2014-01-14 20:47 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-09-15 01:21 - 2014-01-14 20:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-09-15 01:15 - 2013-08-07 03:00 - 00000000 ____D C:\Windows\system32\MRT
2016-09-15 01:15 - 2013-04-17 21:59 - 144199024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-09-13 00:09 - 2015-06-21 23:24 - 00000000 ____D C:\Users\Admin\AppData\Roaming\HOFA
2016-09-13 00:09 - 2015-03-15 17:33 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Steinberg

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-08-30 16:42 - 2013-08-11 01:35 - 0012005 _____ () C:\Users\*****\AppData\Roaming\alsoft.ini
2015-10-12 19:17 - 2015-11-10 00:33 - 0000455 _____ () C:\Users\*****\AppData\Roaming\Safer-Networking.log
2015-01-13 20:55 - 2015-01-13 20:55 - 0003584 _____ () C:\Users\*****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-05 11:48 - 2016-08-30 01:17 - 0000600 _____ () C:\Users\*****\AppData\Local\PUTTY.RND
2015-10-08 01:16 - 2015-10-08 01:16 - 0000218 _____ () C:\Users\*****\AppData\Local\recently-used.xbel

Einige Dateien in TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\avgnt.exe
C:\Users\*****\AppData\Local\Temp\avgnt.exe
C:\Users\*****\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5lcyn1.dll
C:\Users\*****\AppData\Local\Temp\i4jdel0.exe
C:\Users\*****\AppData\Local\Temp\jansi-64-git-Bukkit-1.4.7-R1.0-b2624jnks.dll
C:\Users\*****\AppData\Local\Temp\jre-8u101-windows-au.exe
C:\Users\*****\AppData\Local\Temp\SandboxieInstall.exe
C:\Users\*****\AppData\Local\Temp\sfamcc00001.dll
C:\Users\*****\AppData\Local\Temp\SIntf16.dll
C:\Users\*****\AppData\Local\Temp\SIntf32.dll
C:\Users\*****\AppData\Local\Temp\SIntfNT.dll
C:\Users\*****\AppData\Local\Temp\SkypeSetup.exe
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-017471a8-1214-486f-9b4a-6e529bb5ee14-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-01cd0e59-8904-4451-8229-c98a886174a4-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-39c97557-0fcd-4524-a96e-83a449cc35ee-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-57b36b20-ffe8-468e-ad7f-8f3b4952b002-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-5895c0e3-5d25-47b1-8cb6-5d5b7b789a4a-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-5aef941f-7615-4b58-99d1-5afa8b23370d-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-640ebc9d-babc-41ea-bcc3-9425a8eca9ba-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-7fdf69e2-65b8-4d50-9486-2bebc9f75b5c-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-887e3172-c01b-4465-8b9c-8743ca07f224-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-9dcd7c7e-f044-49ab-8fe4-4c6436ea0b35-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-adb19df7-9df5-40a1-a0b4-774d1e938e6c-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-adccf870-0580-4add-90d9-00f757647648-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-b91bc444-4e38-46d5-8519-d7d5bc30747a-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-c1d8f87b-c58b-43ce-a09b-635fd8761cba-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-c6605e17-6f6a-40a6-8eea-1ec2e775c9b3-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-cdefe8e8-c740-49c3-907b-d9d423f7526e-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-d44f120d-82e1-45fc-9306-1c0b28cf306d-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-e695e562-a52c-4c87-8b36-b1e43b16bd71-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\vlc-2.2.1-win32.exe
C:\Users\*****\AppData\Local\Temp\war3_Install.exe
C:\Users\*****\AppData\Local\Temp\_is7B47.exe


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


ACHTUNG: ==> Auf den BCD konnte nicht zugegriffen werden. der Benutzer ist kein Administrator

==================== Ende von FRST.txt ============================
         
--- --- ---
__________________

Alt 06.10.2016, 13:35   #4
Esdeh
 
Backdoor "BDS/Cycbotcfg" in Firefox Cache gefunden - Standard

Backdoor "BDS/Cycbotcfg" in Firefox Cache gefunden



Addition.txt:

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 04-10-2016
durchgeführt von ***** (05-10-2016 23:57:21)
Gestartet von F:\Downloads_Temp
Windows 7 Professional Service Pack 1 (X64) (2013-04-13 16:07:38)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Admin (S-1-5-21-2919925435-3243357412-1734966863-1003 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2919925435-3243357412-1734966863-500 - Administrator - Disabled)
Gast (S-1-5-21-2919925435-3243357412-1734966863-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2919925435-3243357412-1734966863-1002 - Limited - Enabled)
nx (S-1-5-21-2919925435-3243357412-1734966863-1004 - Administrator - Enabled) => C:\Users\nx
***** (S-1-5-21-2919925435-3243357412-1734966863-1000 - Limited - Enabled) => C:\Users\*****

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.28 - GIGABYTE)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AdiIRC (HKLM-x32\...\AdiIRC) (Version: 1.9.1 - Per Amundsen)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
AFPL Ghostscript 8.54 (HKLM-x32\...\AFPL Ghostscript 8.54) (Version:  - )
AFPL Ghostscript Fonts (HKLM-x32\...\AFPL Ghostscript Fonts) (Version:  - )
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - )
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{308051DA-0048-7A07-FE8B-9B6EC119A9E8}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Amnesia: A Machine for Pigs (HKLM-x32\...\Steam App 239200) (Version:  - The Chinese Room)
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version:  - )
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Anki (HKLM-x32\...\Anki) (Version:  - )
Anno 1404 (HKLM-x32\...\Steam App 33250) (Version:  - Blue Byte)
ANNO 1602 Königs-Edition (HKLM-x32\...\ANNO 1602 Königs-Edition) (Version:  - )
Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3 - Microsoft Corporation) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta1 - Michael Tippach)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.1.4.0 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.1.4.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Utility (x32 Version: 1.00.0000 - ASUSTek) Hidden
ASUS VGA Driver (x32 Version: 3.0.0.1 - Ihr Firmenname) Hidden
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
AutoGreen B12.0206.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B12.0206.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.20.59 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{82dc2ab6-088f-4e0a-8e27-bb829481d3bc}) (Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG) Hidden
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BIT.TRIP Presents... Runner2: Future Legend of Rhythm Alien (HKLM-x32\...\Steam App 218060) (Version:  - Gaijin Games)
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blender (HKLM\...\Blender) (Version: 2.74 - Blender Foundation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Botanicula (HKLM-x32\...\Steam App 207690) (Version:  - Amanita Design)
Braid (HKLM-x32\...\Steam App 26800) (Version:  - Number None)
Broken Sword 1 - Shadow of the Templars: Director's Cut (HKLM\...\Steam App 57640) (Version:  - Revolution Software Ltd)
Burnout Paradise: The Ultimate Box (HKLM-x32\...\Steam App 24740) (Version:  - Criterion Games)
Catan - Die erste Insel (HKLM-x32\...\Catan) (Version:  - )
Cave Story+ (HKLM-x32\...\Steam App 200900) (Version:  - Nicalis)
CCleaner (HKLM\...\CCleaner) (Version: 4.06 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Content Transfer (HKLM-x32\...\{CFADE4AF-C0CF-4A04-A776-741318F1658F}) (Version: 1.0.0.07110 - Sony Corporation)
Contraption Maker (HKLM-x32\...\Steam App 241240) (Version:  - Spotkin)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version:  - DownloadHelper)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Dark Souls: Prepare to Die Edition (HKLM\...\Steam App 211420) (Version:  - FromSoftware)
DayZ Commander (HKLM-x32\...\{5B75991B-CCBA-4908-ACFF-3FF60A624D5E}) (Version: 0.92.83 - Dotjosh Studios)
DB Browser for SQLite (HKLM-x32\...\SqliteBrowser3) (Version: 3.8.0 - oldsch00l)
Dead Space (HKLM-x32\...\Steam App 17470) (Version:  - EA Redwood Shores)
Dear Esther (HKLM-x32\...\Steam App 203810) (Version:  - thechineseroom & Robert Briscoe)
Defense Grid 2 (HKLM\...\Steam App 221540) (Version:  - Hidden Path Entertainment)
Defense Grid: The Awakening (HKLM-x32\...\Steam App 18500) (Version:  - Hidden Path Entertainment)
Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM-x32\...\Dev-C++) (Version:  - )
DiRT 3 Complete Edition (HKLM-x32\...\Steam App 321040) (Version:  - Codemasters Racing Studio)
Discord (HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
DmC Devil May Cry (HKLM\...\Steam App 220440) (Version:  - Ninja Theory)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Dropbox (HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Dropbox) (Version: 11.4.21 - Dropbox, Inc.)
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version:  - Trendy Entertainment)
Easy Tune 6 B12.1121.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B12.1121.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.8.4.2156 - Steinberg Media Technologies GmbH)
Etron USB3.0 Host Controller (x32 Version: 0.115 - Etron Technology) Hidden
Factorio (HKLM\...\Steam App 427520) (Version:  - Wube Software LTD.)
Far Cry® 3 (HKLM\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FEZ (HKLM-x32\...\Steam App 224760) (Version:  - Polytron Corporation)
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Football Manager 2016 (HKLM\...\Steam App 378120) (Version:  - SPORTS INTERACTIVE)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
Game Dev Tycoon (HKLM\...\Steam App 239820) (Version:  - Greenheart Games)
GameMaker-Studio 1.4 (HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\GameMaker-Studio14) (Version:  - YoYo Games Ltd.)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Git version 1.9.5-preview20141217 (HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Git_is1) (Version: 1.9.5-preview20141217 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Gpg4win (2.2.1) (HKLM-x32\...\GPG4Win) (Version: 2.2.1 - The Gpg4win Project)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.07) (Version: 9.07 - Artifex Software Inc.)
GRID 2 (HKLM-x32\...\Steam App 44350) (Version:  - Codemasters Racing)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
Guacamelee! Gold Edition (HKLM\...\Steam App 214770) (Version:  - DrinkBox Studios)
Hammerwatch (HKLM-x32\...\Steam App 239070) (Version:  - Crackshell)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of Might and Magic® III (HKLM-x32\...\Heroes of Might and Magic® III) (Version:  - )
HOFA-Plugins Uninstall (HKLM-x32\...\HOFA-Plugins) (Version:  - HOFA-Plugins)
Hotline Miami (HKLM-x32\...\Steam App 219150) (Version:  - )
HydraVision (x32 Version: 4.2.230.0 - Advanced Micro Devices, Inc.) Hidden
IndustrieGigant 2 (HKLM-x32\...\IndustrieGigant 2) (Version:  - )
Inkscape 0.48.5 (HKLM-x32\...\Inkscape) (Version: 0.48.5 - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
IntelliJ IDEA Community Edition 2016.2.2 (HKLM-x32\...\IntelliJ IDEA Community Edition 2016.2.2) (Version: 162.1628.40 - JetBrains s.r.o.)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java SE Development Kit 8 Update 66 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180660}) (Version: 8.0.660.18 - Oracle Corporation)
KDiff3 (remove only) (HKLM-x32\...\KDiff3) (Version:  - )
KeePass Password Safe 1.25 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.25 - Dominik Reichl)
Last.fm Scrobbler 2.1.37 (HKLM-x32\...\LastFM_is1) (Version:  - Last.fm)
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version:  - Valve)
Life Is Strange™ (HKLM-x32\...\Steam App 319630) (Version:  - DONTNOD Entertainment)
LIMBO (HKLM-x32\...\Steam App 48000) (Version:  - Playdead)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
Logitech Gaming Software 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Media Go (HKLM-x32\...\{65256C0D-3FE7-4D2E-BB3E-53F1175481C8}) (Version: 3.0.403 - Sony)
Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
Media Go Video Playback Engine 2.20.106.05220 (HKLM-x32\...\{ECAE7E40-24A6-9E8E-EA93-90D080C878B3}) (Version: 2.20.106.05220 - Sony)
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{3D3CEBE6-40EA-4C48-97FD-73828281AB4A}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50709.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{68BA34E8-9B9D-4A74-83F0-7D366B532D75}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2015 Tools for Unity (HKLM-x32\...\{5359C5C6-F83D-4E74-9170-F9A68BE1C57F}) (Version: 2.3.0.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 (HKLM-x32\...\{50b32652-69d2-4b93-9316-edcd12067b8b}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
MinGW-Get version 0.5-beta-20120426-1 (HKLM-x32\...\{AC2C1BDB-1E91-4F94-B99C-E716FE2E9C75}_is1) (Version: 0.5-beta-20120426-1 - MinGW)
Mini Metro (HKLM-x32\...\Steam App 287980) (Version:  - Dinosaur Polo Club)
Monaco (HKLM-x32\...\Steam App 113020) (Version:  - Pocketwatch Games)
Mozilla Firefox 49.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 de)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla)
Mozilla Thunderbird 31.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 de)) (Version: 31.7.0 - Mozilla)
Mp3tag v2.74a (HKLM-x32\...\Mp3tag) (Version: v2.74a - Florian Heidenreich)
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
My Game Long Name (HKLM\...\UDK-95e58597-057e-4bfc-99f2-d5d4d4008351) (Version:  - Epic Games, Inc.)
MySQL Connector C++ 1.1.6 (HKLM\...\{80EE5F65-5553-47A1-B6A9-8BF3211D21A3}) (Version: 1.1.6 - Oracle and/or its affiliates)
MySQL Connector J (HKLM-x32\...\{08BE0787-D0CE-4240-93EF-D73DA099A285}) (Version: 5.1.37 - Oracle Corporation)
MySQL Connector Net 6.9.8 (HKLM-x32\...\{D01DF7C8-6F2D-46BC-923B-418233EB1D14}) (Version: 6.9.8 - Oracle)
MySQL Connector/C 6.1 (HKLM\...\{ABC3A516-54E3-414B-B501-762E7FB2F9D5}) (Version: 6.1.6 - Oracle Corporation)
MySQL Connector/ODBC 5.3 (HKLM\...\{A1991404-2634-47E1-BC45-8F3B5014B1D1}) (Version: 5.3.4 - Oracle Corporation)
MySQL Documents 5.7 (HKLM-x32\...\{D0A57743-4C29-47AD-B0DB-237F7391315E}) (Version: 5.7.10 - Oracle Corporation)
MySQL Examples and Samples 5.7 (HKLM-x32\...\{FAA236F0-2B55-4A9F-BC36-BBB8E006DD1C}) (Version: 5.7.10 - Oracle Corporation)
MySQL Fabric 1.5.6 & MySQL Utilities 1.5.6 (HKLM-x32\...\{C914EB85-F0E6-4150-9FA0-99B716A15EAF}) (Version: 1.5.6 - Oracle Corporation)
MySQL for Visual Studio 1.2.5 (HKLM-x32\...\{78D360E3-11E9-4F7A-BBF6-18AEC6BF2C31}) (Version: 1.2.5 - Oracle)
MySQL Installer - Community (HKLM-x32\...\{F5B36509-1BB1-4722-A386-B93B689FB02A}) (Version: 1.4.13.0 - Oracle Corporation)
MySQL Notifier 1.1.6 (HKLM-x32\...\{CB76A6E9-B184-461D-A8BE-7D0D73199545}) (Version: 1.1.6 - Oracle)
MySQL Server 5.7 (HKLM\...\{A0BEAD8A-378A-4E79-8C66-CFFA27A59EFE}) (Version: 5.7.10 - Oracle Corporation)
MySQL Workbench 6.3 CE (HKLM\...\{8E6D8BF8-828A-4F7B-A332-F7CEB8CB75AA}) (Version: 6.3.5 - Oracle Corporation)
Native Instruments Abbey Road 50s Drummer (HKLM-x32\...\Native Instruments Abbey Road 50s Drummer) (Version: 1.2.0.11 - Native Instruments)
Native Instruments Abbey Road 60s Drummer (HKLM-x32\...\Native Instruments Abbey Road 60s Drummer) (Version: 1.3.0.12 - Native Instruments)
Native Instruments Abbey Road 60s Drums (HKLM-x32\...\Native Instruments Abbey Road 60s Drums) (Version:  - Native Instruments)
Native Instruments Abbey Road 70s Drummer (HKLM-x32\...\Native Instruments Abbey Road 70s Drummer) (Version: 1.3.0.8 - Native Instruments)
Native Instruments Abbey Road 80s Drummer (HKLM-x32\...\Native Instruments Abbey Road 80s Drummer) (Version: 1.3.0.5 - Native Instruments)
Native Instruments Abbey Road Modern Drummer (HKLM-x32\...\Native Instruments Abbey Road Modern Drummer) (Version: 1.3.0.3 - Native Instruments)
Native Instruments Abbey Road Vintage Drummer (HKLM-x32\...\Native Instruments Abbey Road Vintage Drummer) (Version: 1.3.0.11 - Native Instruments)
Native Instruments Absynth 5 (HKLM-x32\...\Native Instruments Absynth 5) (Version: 5.3.1.1628 - Native Instruments)
Native Instruments Action Strikes (HKLM-x32\...\Native Instruments Action Strikes) (Version: 1.2.0.2 - Native Instruments)
Native Instruments Action Strings (HKLM-x32\...\Native Instruments Action Strings) (Version: 1.5.0.1 - Native Instruments)
Native Instruments Alicias Keys (HKLM-x32\...\Native Instruments Alicias Keys) (Version: 1.5.0.2 - Native Instruments)
Native Instruments Balinese Gamelan (HKLM-x32\...\Native Instruments Balinese Gamelan) (Version: 1.2.0.5 - Native Instruments)
Native Instruments Battery 3 (HKLM-x32\...\Native Instruments Battery 3) (Version:  - Native Instruments)
Native Instruments Battery 4 (HKLM-x32\...\Native Instruments Battery 4) (Version: 4.1.5.254 - Native Instruments)
Native Instruments Battery 4 Factory Library (HKLM-x32\...\Native Instruments Battery 4 Factory Library) (Version: 1.1.0.1 - Native Instruments)
Native Instruments Battery Library Importer for Maschine (HKLM-x32\...\Native Instruments Battery Library Importer for Maschine) (Version:  - Native Instruments)
Native Instruments Berlin Concert Grand (HKLM-x32\...\Native Instruments Berlin Concert Grand) (Version:  - Native Instruments)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.11.0.465 - Native Instruments)
Native Instruments Cuba (HKLM-x32\...\Native Instruments Cuba) (Version: 1.2.0.2 - Native Instruments)
Native Instruments Damage (HKLM-x32\...\Native Instruments Damage) (Version: 1.5.0.2 - Native Instruments)
Native Instruments Driver (HKLM-x32\...\Native Instruments Driver) (Version: 1.3.1.45 - Native Instruments)
Native Instruments Drum Lab (HKLM-x32\...\Native Instruments Drum Lab) (Version: 1.2.0.6 - Native Instruments)
Native Instruments Enhanced EQ (HKLM-x32\...\Native Instruments Enhanced EQ) (Version: 1.3.1.45 - Native Instruments)
Native Instruments Evolve Mutations (HKLM-x32\...\Native Instruments Evolve Mutations) (Version: 1.2.0.1 - Native Instruments)
Native Instruments Evolve Mutations 2 (HKLM-x32\...\Native Instruments Evolve Mutations 2) (Version: 1.2.0.2 - Native Instruments)
Native Instruments Evolve R2 (HKLM-x32\...\Native Instruments Evolve R2) (Version: 1.7.0.3 - Native Instruments)
Native Instruments FM8 (HKLM-x32\...\Native Instruments FM8) (Version: 1.4.1.1599 - Native Instruments)
Native Instruments George Duke Soul Treasures (HKLM-x32\...\Native Instruments George Duke Soul Treasures) (Version: 1.3.0.15 - Native Instruments)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: 5.2.2.8 - Native Instruments)
Native Instruments Guitar Rig Mobile IO Driver (HKLM-x32\...\Native Instruments Guitar Rig Mobile IO Driver) (Version:  - Native Instruments)
Native Instruments Guitar Rig Session IO Driver (HKLM-x32\...\Native Instruments Guitar Rig Session IO Driver) (Version:  - Native Instruments)
Native Instruments Kinetic Metal (HKLM-x32\...\Native Instruments Kinetic Metal) (Version: 1.1.0.13 - Native Instruments)
Native Instruments Komplete 10 Ultimate (HKLM-x32\...\Native Instruments Komplete 10 Ultimate) (Version:  - Native Instruments)
Native Instruments Komplete 8 (HKLM-x32\...\Native Instruments Komplete 8) (Version:  - Native Instruments)
Native Instruments Komplete Kontrol Driver (HKLM-x32\...\Native Instruments Komplete Kontrol Driver) (Version:  - Native Instruments)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.6.0.46 - Native Instruments)
Native Instruments Kontakt Factory Library (HKLM-x32\...\Native Instruments Kontakt Factory Library) (Version: 1.2.0.3 - Native Instruments)
Native Instruments Kontour (HKLM-x32\...\Native Instruments Kontour) (Version: 1.0.0.4 - Native Instruments)
Native Instruments Maschine Drum Selection (HKLM-x32\...\Native Instruments Maschine Drum Selection) (Version: 1.3.0.19 - Native Instruments)
Native Instruments Molekular (HKLM-x32\...\Native Instruments Molekular) (Version: 1.0.0.3 - Native Instruments)
Native Instruments Monark (HKLM-x32\...\Native Instruments Monark) (Version: 1.3.0.2 - Native Instruments)
Native Instruments New York Concert Grand (HKLM-x32\...\Native Instruments New York Concert Grand) (Version:  - Native Instruments)
Native Instruments Passive EQ (HKLM-x32\...\Native Instruments Passive EQ) (Version: 1.3.1.45 - Native Instruments)
Native Instruments Polyplex (HKLM-x32\...\Native Instruments Polyplex) (Version: 1.1.0.3 - Native Instruments)
Native Instruments Rammfire (HKLM-x32\...\Native Instruments Rammfire) (Version: 2.0.0.4 - Native Instruments)
Native Instruments Razor (HKLM-x32\...\Native Instruments Razor) (Version: 1.7.0.4 - Native Instruments)
Native Instruments RC 24 (HKLM-x32\...\Native Instruments RC 24) (Version: 1.3.1.45 - Native Instruments)
Native Instruments RC 48 (HKLM-x32\...\Native Instruments RC 48) (Version: 1.3.1.45 - Native Instruments)
Native Instruments Reaktor 5 (HKLM-x32\...\Native Instruments Reaktor 5) (Version: 5.9.4.1512 - Native Instruments)
Native Instruments Reaktor Prism (HKLM-x32\...\Native Instruments Reaktor Prism) (Version: 1.6.0.1 - Native Instruments)
Native Instruments Reaktor Spark R2 (HKLM-x32\...\Native Instruments Reaktor Spark R2) (Version: 1.4.0.4 - Native Instruments)
Native Instruments Reflektor (HKLM-x32\...\Native Instruments Reflektor) (Version: 2.0.0.6 - Native Instruments)
Native Instruments Retro Machines Mk2 (HKLM-x32\...\Native Instruments Retro Machines Mk2) (Version: 1.3.0.4 - Native Instruments)
Native Instruments Rig Kontrol 3 Driver (HKLM-x32\...\Native Instruments Rig Kontrol 3 Driver) (Version:  - Native Instruments)
Native Instruments Rise and Hit (HKLM-x32\...\Native Instruments Rise and Hit) (Version: 1.2.0.11 - Native Instruments)
Native Instruments Rounds (HKLM-x32\...\Native Instruments Rounds) (Version: 1.2.0.3 - Native Instruments)
Native Instruments Scarbee Funk Guitarist (HKLM-x32\...\Native Instruments Scarbee Funk Guitarist) (Version: 1.2.0.1 - Native Instruments)
Native Instruments Scarbee Jay-Bass (HKLM-x32\...\Native Instruments Scarbee Jay-Bass) (Version: 1.1.0.2 - Native Instruments)
Native Instruments Scarbee MM-Bass (HKLM-x32\...\Native Instruments Scarbee MM-Bass) (Version: 1.2.0.4 - Native Instruments)
Native Instruments Scarbee MM-Bass Amped (HKLM-x32\...\Native Instruments Scarbee MM-Bass Amped) (Version: 1.1.0.3 - Native Instruments)
Native Instruments Scarbee Pre-Bass (HKLM-x32\...\Native Instruments Scarbee Pre-Bass) (Version: 1.2.0.2 - Native Instruments)
Native Instruments Scarbee Pre-Bass Amped (HKLM-x32\...\Native Instruments Scarbee Pre-Bass Amped) (Version: 1.1.0.2 - Native Instruments)
Native Instruments Scarbee Rickenbacker Bass (HKLM-x32\...\Native Instruments Scarbee Rickenbacker Bass) (Version: 1.2.0.3 - Native Instruments)
Native Instruments Scarbee Vintage Keys (HKLM-x32\...\Native Instruments Scarbee Vintage Keys) (Version: 1.3.0.6 - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.6.0.137 - Native Instruments)
Native Instruments Session Horns Pro (HKLM-x32\...\Native Instruments Session Horns Pro) (Version: 1.3.0.5 - Native Instruments)
Native Instruments Session Strings Pro (HKLM-x32\...\Native Instruments Session Strings Pro) (Version: 1.4.0.2 - Native Instruments)
Native Instruments Skanner XT (HKLM-x32\...\Native Instruments Skanner XT) (Version: 1.3.0.3 - Native Instruments)
Native Instruments Solid Bus Comp FX (HKLM-x32\...\Native Instruments Solid Bus Comp FX) (Version: 1.3.1.45 - Native Instruments)
Native Instruments Solid Dynamics FX (HKLM-x32\...\Native Instruments Solid Dynamics FX) (Version: 1.3.1.45 - Native Instruments)
Native Instruments Solid EQ FX (HKLM-x32\...\Native Instruments Solid EQ FX) (Version: 1.3.1.45 - Native Instruments)
Native Instruments Studio Drummer (HKLM-x32\...\Native Instruments Studio Drummer) (Version: 1.4.0.13 - Native Instruments)
Native Instruments Supercharger GT (HKLM-x32\...\Native Instruments Supercharger GT) (Version: 1.3.1.45 - Native Instruments)
Native Instruments The Finger R2 (HKLM-x32\...\Native Instruments The Finger R2) (Version: 1.3.0.12 - Native Instruments)
Native Instruments The Gentleman (HKLM-x32\...\Native Instruments The Gentleman) (Version: 1.2.0.3 - Native Instruments)
Native Instruments The Giant (HKLM-x32\...\Native Instruments The Giant) (Version: 1.2.0.8 - Native Instruments)
Native Instruments The Grandeur (HKLM-x32\...\Native Instruments The Grandeur) (Version: 1.2.0.3 - Native Instruments)
Native Instruments The Maverick (HKLM-x32\...\Native Instruments The Maverick) (Version: 1.2.0.3 - Native Instruments)
Native Instruments The Mouth (HKLM-x32\...\Native Instruments The Mouth) (Version: 1.3.0.4 - Native Instruments)
Native Instruments Traktors 12 (HKLM-x32\...\Native Instruments Traktors 12) (Version: 2.0.0.6 - Native Instruments)
Native Instruments Transient Master (HKLM-x32\...\Native Instruments Transient Master) (Version:  - Native Instruments)
Native Instruments Upright Piano (HKLM-x32\...\Native Instruments Upright Piano) (Version:  - Native Instruments)
Native Instruments Vari Comp (HKLM-x32\...\Native Instruments Vari Comp) (Version: 1.3.1.45 - Native Instruments)
Native Instruments VC 76 FX (HKLM-x32\...\Native Instruments VC 76 FX) (Version: 1.3.1.45 - Native Instruments)
Native Instruments Vienna Concert Grand (HKLM-x32\...\Native Instruments Vienna Concert Grand) (Version:  - Native Instruments)
Native Instruments Vintage Organs (HKLM-x32\...\Native Instruments Vintage Organs) (Version: 1.4.0.6 - Native Instruments)
Native Instruments West Africa (HKLM-x32\...\Native Instruments West Africa) (Version: 1.3.0.3 - Native Instruments)
Natural Selection 2 (HKLM-x32\...\Steam App 4920) (Version:  - Unknown Worlds Entertainment)
NetOn 2.1 (HKLM-x32\...\NetOn 2_is1) (Version:  - Rct-Net.de)
New Star Soccer 5 (HKLM-x32\...\Steam App 212780) (Version:  - )
Nidhogg (HKLM-x32\...\Steam App 94400) (Version:  - Messhof)
NoLimits 2 (remove only) (HKLM\...\NoLimits 2) (Version:  - )
NoMachine (HKLM-x32\...\NoMachine_is1) (Version: 4.2.21 - NoMachine S.a.r.l.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.2 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Octodad: Dadliest Catch (HKLM\...\Steam App 224480) (Version:  - Young Horses)
ON_OFF Charge B12.1025.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
OpenRCT2 Launcher (HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\50293b21343b05b6) (Version: 1.0.0.26 - OpenRCT2 Launcher)
Outlast (HKLM-x32\...\Steam App 238320) (Version:  - Red Barrels)
PAC-MAN Championship Edition DX+ (HKLM-x32\...\Steam App 236450) (Version:  - Mine Loader Software Co., Ltd.)
Parkitect (HKLM\...\Steam App 453090) (Version:  - Texel Raptor)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDF Blender (HKLM-x32\...\PDF Blender) (Version:  - )
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.0 - pdfforge)
Personal Backup 5.4 (HKLM\...\Personal Backup 5_is1) (Version: 5.3 - J. Rathlev)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Portal 2 Authoring Tools - Beta (HKLM-x32\...\Steam App 629) (Version:  - Valve)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
Pro Evolution Soccer 2017 Demo (HKLM\...\Steam App 499050) (Version:  - Konami Digital Entertainment)
Project CARS (HKLM\...\Steam App 234630) (Version:  - Slightly Mad Studios)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Rapture3D 2.4.8 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Rayman Origins (HKLM-x32\...\Steam App 207490) (Version:  - UBIart Montpellier)
RCT3 Soaked (HKLM-x32\...\{EA926717-CE5A-4CB4-AB21-9E6E9565A458}) (Version: 1.00.000 - )
Recettear: An Item Shop's Tale (HKLM-x32\...\Steam App 70400) (Version:  - EasyGameStation)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
RISK Factions (HKLM-x32\...\Steam App 47800) (Version:  - Stainless Games)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
Rocksmith 2014 (HKLM\...\Steam App 221680) (Version:  - Ubisoft - San Francisco)
RollerCoaster Tycoon 2 Triple Thrill Pack (HKLM-x32\...\{4C5D15D2-5351-4F05-A96E-56C20554F977}) (Version: 1.00.000 - )
RollerCoaster Tycoon 2: Triple Thrill Pack (HKLM-x32\...\Steam App 285330) (Version:  - Chris Sawyer Productions)
RollerCoaster Tycoon 3 (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - )
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
RTP 2003  (HKLM-x32\...\{19DBA2E8-F9AA-11D7-BCC2-CD62B0FB2277}) (Version: 1.1 - )
RTP for RM2K (Png, Wav, Midi, Fonts) (HKLM-x32\...\RTP for RM2K (Png, Wav, Midi, Fonts)) (Version:  - )
Rust (HKLM\...\Steam App 252490) (Version:  - Facepunch Studios)
Sanctum (HKLM-x32\...\Steam App 91600) (Version:  - Coffee Stain Studios)
Scala (HKLM-x32\...\{7606E6DA-E168-42B5-8345-B08BF774CB30}) (Version: 2.11.2.400 - LAMP/EPFL and Typesafe, Inc.)
Shockwave (HKLM-x32\...\Shockwave) (Version:  - )
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Simple Build Tool (HKLM-x32\...\{CE07BE71-510D-414A-92D4-DFF47631848A}) (Version: 0.13.6.1 - Typesafe, Inc.)
Skype™ 7.27 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.27.101 - Skype Technologies S.A.)
Softwarenetz Haushaltsbuch4 (HKLM-x32\...\Haushaltsbuch4) (Version:  - Softwarenetz)
SOMA (HKLM-x32\...\Steam App 282140) (Version:  - Frictional Games)
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
SourceTree (HKLM-x32\...\SourceTree 1.9.6.1) (Version: 1.9.6.1 - Atlassian)
SourceTree (x32 Version: 1.9.6.1 - Atlassian) Hidden
Spec Ops: The Line (HKLM-x32\...\Steam App 50300) (Version:  - Yager Development)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Spotify) (Version: 1.0.38.171.g5e1cd7b2 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.0.12 - Safer-Networking Ltd.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
StarUML 5.0.2.1570 (HKLM-x32\...\StarUML_is1) (Version:  - Plastic Software, Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steinberg Cubase 8 64bit (HKLM\...\{C806BE81-01DE-4EFA-33AC-34635B3EAB4A}) (Version: 8.0.10 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg EDM Toolbox MIDI Loops (HKLM-x32\...\{8C9B2EA8-9A30-4347-95E9-10E919C4F32E}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Allen Morgan Signature Drums (HKLM-x32\...\{611A7035-0172-4B9B-8BB6-5046F6867D8A}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE 64bit (HKLM\...\{A5AB0D21-21BD-4DB8-F097-02E8FC8C486A}) (Version: 4.1.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Acoustic Agent (HKLM-x32\...\{F34EA13C-F078-4003-AE21-43EAB2680EC5}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Content (HKLM-x32\...\{AFC9D1CE-F050-437C-35A5-62DEDB262DC7}) (Version: 1.2.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Rock Pop Toolbox Drums (HKLM-x32\...\{E9BFA009-DD72-4F2A-84CB-6DF46472B563}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 2.0.2 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content (HKLM-x32\...\{A5051ABF-A497-4C3C-85EA-F7A4D5C19B82}) (Version: 2.0.0 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 2.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content 2 (HKLM-x32\...\{88C337F0-4CF2-4098-BDC0-D94859ECA2B4}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Padshop 64bit (HKLM\...\{75F15019-C0C2-4047-AA45-97B4BD313719}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg Retrologue 64bit (HKLM\...\{4D65ECE6-131D-4B5F-8470-2750D3161619}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Bass Amp Content (HKLM-x32\...\{A2FC1750-B90F-4948-9D6E-DDDA155C6EC8}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Strawberry Perl (64-bit) (HKLM\...\{61719A5F-6C9C-1014-8F19-DDB236F7176A}) (Version: 5.18.1001 - strawberryperl.com project)
SUPER © v2013.build.59+Recorder (2013/12/18) Version v2013.buil (HKLM-x32\...\{8E2A18E2-96AF-4DF9-8459-5C06B75139A4}_is1) (Version: v2013.build.59+Recorder - eRightSoft)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - )
Super Meat Boy Editor (HKLM-x32\...\Steam App 40810) (Version:  - )
SWI-Prolog (remove only) (HKLM\...\SWI-Prolog) (Version:  - )
Table Top Racing: World Tour (HKLM\...\Steam App 450670) (Version:  - Playrise Digital Ltd.)
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
TeXstudio 2.5.2 (HKLM-x32\...\TeXstudio_is1) (Version: 2.5.2 - Benito van der Zander)
The Crew (HKLM\...\Steam App 241560) (Version:  - Ivory Tower in collaboration with Ubisoft Reflections)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Forest (HKLM\...\Steam App 242760) (Version:  - Endnight Games Ltd)
The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version:  - Galactic Cafe)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version:  - Telltale Games)
Thomas Was Alone (HKLM-x32\...\Steam App 220780) (Version:  - Mike Bithell)
Ticket to Ride (HKLM-x32\...\Steam App 108200) (Version:  - Days of Wonder)
Tiled - Tiled Map Editor (HKLM-x32\...\Tiled) (Version:  - )
To the Moon (HKLM-x32\...\Steam App 206440) (Version:  - Freebird Games)
To the Moon (HKLM-x32\...\To the Moon) (Version: 1.5 - Freebird Games)
Toki Tori (HKLM-x32\...\Steam App 38700) (Version:  - Two Tribes)
TOU (HKLM-x32\...\TOU) (Version:  - )
TowerFall Ascension (HKLM\...\Steam App 251470) (Version:  - Matt Thorson)
Train Fever (HKLM-x32\...\Steam App 304730) (Version:  - Urban Games)
TreeSize Free V3.3 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.3 - JAM Software)
Trials Evolution Gold Edition (HKLM-x32\...\Steam App 220160) (Version:  - Redlynx Ltd)
Trillian (HKLM-x32\...\Trillian) (Version:  - Cerulean Studios, LLC)
Tropico 4 (HKLM-x32\...\Steam App 57690) (Version:  - Haemimont Games)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
Twin USB Vibration Gamepad (HKLM-x32\...\{1BBDD6C0-ED6F-43C3-8A9C-84E3249A5615}) (Version: 2007.01.01 - )
Twine 2.0.11 (remove only) (HKLM-x32\...\Twine2) (Version:  - )
Unitex 3.0 (HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Unitex 3.0_is1) (Version:  - IGM Université Paris Est)
Unity (HKLM-x32\...\Unity) (Version: 5.4.1f1 - Unity Technologies ApS)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
US-122 MKII / US-144 MKII (HKLM\...\USB_AUDIO_DEusb-audio.deTascam) (Version:  - )
USB Dual Vibration Joystick (HKLM-x32\...\{402BB998-BE76-4A5A-817B-D0C6B47DF0A5}) (Version: 2005.01.20 - )
Vampires Dawn: Reign of Blood (HKLM-x32\...\{CF55095E-07AA-432E-8376-CEF71D70746A}_is1) (Version: Vampires Dawn: Reign of Blood 1.31 - Brianum)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player 2.0.6 (HKLM-x32\...\VLC media player) (Version: 2.0.6 - VideoLAN)
VVVVVV (HKLM-x32\...\Steam App 70300) (Version:  - Terry Cavanagh)
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DD}) (Version: 17.5.10562 - WinZip Computing, S.L. )
Worms Armageddon (HKLM-x32\...\Steam App 217200) (Version:  - Team17 Digital Ltd.)
Worms Reloaded (HKLM-x32\...\Steam App 22600) (Version:  - Team17 Software Ltd.)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-3 - Bitnami)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - Firaxis Games)
yEd Graph Editor 3.11.1 (HKLM-x32\...\3309-7404-0599-8908) (Version: 3.11.1 - yWorks GmbH)
Zenses2 Beta2 (HKLM-x32\...\Zenses2) (Version: 2.0.5b2 - Sixones)
Zoombinis version 1.0 (HKLM-x32\...\Zoombinis_is1) (Version: 1.0 - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => 
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2919925435-3243357412-1734966863-1000Core.job => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2919925435-3243357412-1734966863-1000UA.job => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job =>  <==== ACHTUNG
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job =>  <==== ACHTUNG
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2919925435-3243357412-1734966863-1000Core.job => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2919925435-3243357412-1734966863-1000UA.job => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_bikioccmkafdpakkkcpdbppfkghcmihk\Signal Private Messenger.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=bikioccmkafdpakkkcpdbppfkghcmihk
ShortcutWithArgument: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Signal Private Messenger.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=bikioccmkafdpakkkcpdbppfkghcmihk
ShortcutWithArgument: C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Signal Private Messenger.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=bikioccmkafdpakkkcpdbppfkghcmihk

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2015-02-07 05:51 - 2014-12-17 22:23 - 00736962 _____ () C:\Git\git-cheetah\git_shell_ext64.dll
2012-08-05 04:15 - 2012-08-05 04:15 - 00176640 _____ () C:\Program Files\KDiff3\diff_ext_for_kdiff3_64.dll
2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2014-09-18 09:23 - 2014-09-18 09:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-10-14 20:51 - 2014-10-14 20:51 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 09:23 - 2014-09-18 09:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-10-14 20:51 - 2014-10-14 20:51 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2013-05-22 20:50 - 2013-05-22 20:50 - 00400704 _____ () C:\Users\*****\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
2016-01-11 00:16 - 2015-06-10 11:13 - 00113024 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData:gs5sys [2816]
AlternateDataStreams: C:\Users\Admin:gs5sys [2560]
AlternateDataStreams: C:\Users\All Users:gs5sys [2816]
AlternateDataStreams: C:\Users\*****:gs5sys [3074]
AlternateDataStreams: C:\Users\Admin\Desktop\desktop.ini:gs5sys [2560]
AlternateDataStreams: C:\Users\Admin\AppData\Local:gs5sys [2560]
AlternateDataStreams: C:\Users\Admin\AppData\Roaming:gs5sys [2560]
AlternateDataStreams: C:\Users\Admin\AppData\Local\Anwendungsdaten:gs5sys [2560]
AlternateDataStreams: C:\Users\Admin\AppData\Local\Verlauf:gs5sys [2560]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:gs5sys [2816]
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys [2816]
AlternateDataStreams: C:\ProgramData\Templates:gs5sys [2560]
AlternateDataStreams: C:\ProgramData\Vorlagen:gs5sys [2560]
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys [2560]
AlternateDataStreams: C:\Users\*****\Anwendungsdaten:gs5sys [3074]
AlternateDataStreams: C:\Users\*****\Cookies:gs5sys [3074]
AlternateDataStreams: C:\Users\*****\Lokale Einstellungen:gs5sys [3074]
AlternateDataStreams: C:\Users\*****\Vorlagen:gs5sys [3074]
AlternateDataStreams: C:\Users\*****\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\*****\AppData\Local:gs5sys [3074]
AlternateDataStreams: C:\Users\*****\AppData\Roaming:gs5sys [3074]
AlternateDataStreams: C:\Users\*****\AppData\Local\Anwendungsdaten:gs5sys [3074]
AlternateDataStreams: C:\Users\*****\AppData\Local\Verlauf:gs5sys [3074]
AlternateDataStreams: C:\Users\*****\Documents\desktop.ini:gs5sys [3074]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2014-03-02 20:00 - 00000905 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 projektseite.local
127.0.0.1 cora.local
127.0.0.1 b2evo.local

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\*****\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: ASGT => 2
MSCONFIG\Services: Avira.OE.ServiceHost => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: DirMngr => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: ICCS => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: nxdeviced => 2
MSCONFIG\Services: nxdisplay => 2
MSCONFIG\Services: nxfsd => 2
MSCONFIG\Services: nxservice => 2
MSCONFIG\Services: nxusbd => 2
MSCONFIG\Services: PDF Architect Helper Service => 2
MSCONFIG\Services: PDF Architect Service => 2
MSCONFIG\Services: SbieSvc => 2
MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: SDWSCService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: TunngleService => 3
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: VIAKaraokeService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk => C:\Windows\pss\Adobe Gamma Loader.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: Avira Systray => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
MSCONFIG\startupreg: ContentTransferWMDetector.exe => C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe
MSCONFIG\startupreg: FreePDF Assistant => "C:\Program Files (x86)\FreePDF_XP\fpassist.exe"
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: HydraVisionDesktopManager => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
MSCONFIG\startupreg: Start WingMan Profiler => C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Spiele\Steam\steam.exe" -silent
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{913EA09F-C6B9-4036-82BC-F4AE773305DD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{52D3EFEC-C3BF-4833-B8CE-F835E60605BF}] => (Allow) C:\Spiele\StarCraft II\StarCraft II.exe
FirewallRules: [{E3812CEE-FCE1-46EA-8D44-1B808866D527}] => (Allow) C:\Spiele\StarCraft II\StarCraft II.exe
FirewallRules: [{C77A2B49-ACD8-4C50-BA2D-BCEB5B8F132F}] => (Allow) C:\Spiele\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{837F1A5E-4F5F-4CC2-9EC9-AAC42F971CB5}] => (Allow) C:\Spiele\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [TCP Query User{BC7BC1D0-AE99-48DD-ADAD-54020C24DC37}C:\program files (x86)\trillian\trillian.exe] => (Allow) C:\program files (x86)\trillian\trillian.exe
FirewallRules: [UDP Query User{21CE6A98-B864-4E95-AFF2-1C1942CE8A26}C:\program files (x86)\trillian\trillian.exe] => (Allow) C:\program files (x86)\trillian\trillian.exe
FirewallRules: [{59BDF9C2-1E9C-425F-8E6D-744694337588}] => (Allow) C:\Spiele\Steam\Steam.exe
FirewallRules: [{C2513CDE-8BFF-43F1-8C2F-1F2BEA9504B7}] => (Allow) C:\Spiele\Steam\Steam.exe
FirewallRules: [{A4D88CD0-60A6-4A45-8443-1397A5F5E083}] => (Allow) C:\Spiele\Steam\SteamApps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{93EBC2A9-9C65-4AEE-B434-F5B4BA3CB192}] => (Allow) C:\Spiele\Steam\SteamApps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [TCP Query User{5A1C2DAF-9C5E-48DE-BAF7-98463BFDF095}C:\program files (x86)\trillian\plugins\skypekit.exe] => (Allow) C:\program files (x86)\trillian\plugins\skypekit.exe
FirewallRules: [UDP Query User{C9BFCCE4-323F-402F-9C7D-ADEFDE185499}C:\program files (x86)\trillian\plugins\skypekit.exe] => (Allow) C:\program files (x86)\trillian\plugins\skypekit.exe
FirewallRules: [{D8FD1059-26CF-4745-9A14-C4AD20DFD06B}] => (Allow) C:\Spiele\Steam\SteamApps\common\Portal 2\bin\SDKLauncher.exe
FirewallRules: [{4215ACB6-AC88-4F64-9F39-E3B99A768814}] => (Allow) C:\Spiele\Steam\SteamApps\common\Portal 2\bin\SDKLauncher.exe
FirewallRules: [{3567AFDD-22A0-413A-A552-93A0235FD2DC}] => (Allow) C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{624FCCA2-091A-4946-BC82-DD5C013F2617}] => (Allow) C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{1A8330FF-83B1-4D2C-9D51-CC01A0E62437}C:\users\*****\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\*****\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{D59A1CA8-A8D7-4B5B-A918-0714B934B88F}C:\users\*****\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\*****\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{27A309AD-B143-4D34-B48C-CE876F26B8F5}E:\spiele\steamlibrary\steamapps\common\portal 2\portal2.exe] => (Allow) E:\spiele\steamlibrary\steamapps\common\portal 2\portal2.exe
FirewallRules: [UDP Query User{C601371B-0CAD-4482-8BD4-0B395E91082D}E:\spiele\steamlibrary\steamapps\common\portal 2\portal2.exe] => (Allow) E:\spiele\steamlibrary\steamapps\common\portal 2\portal2.exe
FirewallRules: [TCP Query User{78F9B3A1-5C2D-490F-9BA4-F2F446FD2AD6}C:\spiele\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe] => (Allow) C:\spiele\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe
FirewallRules: [UDP Query User{CF28949B-DB30-4133-A523-56C4818A670F}C:\spiele\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe] => (Allow) C:\spiele\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe
FirewallRules: [TCP Query User{90B4267E-112F-40C0-B8C0-A49AB69E0CBE}C:\program files (x86)\trillian\plugins\skypekit.exe] => (Block) C:\program files (x86)\trillian\plugins\skypekit.exe
FirewallRules: [UDP Query User{87694C74-AE23-4E4B-9B27-3F51CC03B86A}C:\program files (x86)\trillian\plugins\skypekit.exe] => (Block) C:\program files (x86)\trillian\plugins\skypekit.exe
FirewallRules: [TCP Query User{6B90051D-FF7F-4D46-90C8-C5F8C25C5005}E:\spiele\steamlibrary\steamapps\common\valvetestapp207490\rayman origins.exe] => (Allow) E:\spiele\steamlibrary\steamapps\common\valvetestapp207490\rayman origins.exe
FirewallRules: [UDP Query User{BFDEA3DC-E70E-4684-A47F-D9660F861C52}E:\spiele\steamlibrary\steamapps\common\valvetestapp207490\rayman origins.exe] => (Allow) E:\spiele\steamlibrary\steamapps\common\valvetestapp207490\rayman origins.exe
FirewallRules: [TCP Query User{BA0C2C05-A5EF-4780-A1D8-C0ACE8D511E0}E:\spiele\steamlibrary\steamapps\common\antichamber\binaries\win32\udk.exe] => (Allow) E:\spiele\steamlibrary\steamapps\common\antichamber\binaries\win32\udk.exe
FirewallRules: [UDP Query User{455A2657-F8F4-423E-B312-9D7A3F926525}E:\spiele\steamlibrary\steamapps\common\antichamber\binaries\win32\udk.exe] => (Allow) E:\spiele\steamlibrary\steamapps\common\antichamber\binaries\win32\udk.exe
FirewallRules: [TCP Query User{F882F4E6-F494-4560-B03D-2F48BD65FE42}E:\spiele\steamlibrary\steamapps\common\dear esther\dearesther.exe] => (Allow) E:\spiele\steamlibrary\steamapps\common\dear esther\dearesther.exe
FirewallRules: [UDP Query User{D2DC151B-8A4B-46AC-B8E7-AD9C8C7101C6}E:\spiele\steamlibrary\steamapps\common\dear esther\dearesther.exe] => (Allow) E:\spiele\steamlibrary\steamapps\common\dear esther\dearesther.exe
FirewallRules: [TCP Query User{4B1B60C0-BC15-44D9-9F83-E88F6A111512}E:\spiele\steamlibrary\steamapps\common\burnout(tm) paradise the ultimate box\burnoutparadise.exe] => (Allow) E:\spiele\steamlibrary\steamapps\common\burnout(tm) paradise the ultimate box\burnoutparadise.exe
FirewallRules: [UDP Query User{3C1D642A-2796-413D-852C-5463A5C9AF89}E:\spiele\steamlibrary\steamapps\common\burnout(tm) paradise the ultimate box\burnoutparadise.exe] => (Allow) E:\spiele\steamlibrary\steamapps\common\burnout(tm) paradise the ultimate box\burnoutparadise.exe
FirewallRules: [TCP Query User{1B54DD88-C118-43D1-A0AD-F1ED39141FA7}C:\program files (x86)\hydrairc\hydrairc.exe] => (Allow) C:\program files (x86)\hydrairc\hydrairc.exe
FirewallRules: [UDP Query User{CB66F927-4EA1-4426-95EC-31652F981DD4}C:\program files (x86)\hydrairc\hydrairc.exe] => (Allow) C:\program files (x86)\hydrairc\hydrairc.exe
FirewallRules: [{FAF5183B-115E-4E12-9849-82A1C29F0C8A}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\thomaswasalone\ThomasWasAlone.exe
FirewallRules: [{646CE85F-E838-4321-8A2E-EE41DFEBA6E4}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\thomaswasalone\ThomasWasAlone.exe
FirewallRules: [{9F25B983-F854-4231-AA10-FE17F18FBF72}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{92CB288F-A39E-4B0A-86D4-E95E138E11CC}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{CE942D33-993C-4057-855B-FA7A545B7E90}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Natural Selection 2\NS2.exe
FirewallRules: [{3AAB6EFD-127B-4FD8-8636-36611EBCD338}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Natural Selection 2\NS2.exe
FirewallRules: [{2CC65AD1-F124-4B1A-8686-8485AE1B35A7}] => (Allow) C:\Spiele\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{4A47387B-2D26-4BFC-8189-529DAC152C31}] => (Allow) C:\Spiele\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{A142EE0F-F4C5-4F86-B2B6-C130BF42CEF1}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{03EEF162-7678-4CD9-BDB5-832618E73D2A}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{F7685AD5-74CF-45EF-A272-5C4FE2433642}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Machine for Pigs\aamfp.exe
FirewallRules: [{2F8CD9D6-1798-4D6F-9EF9-BBB611973D47}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Machine for Pigs\aamfp.exe
FirewallRules: [{3A569029-D481-46D3-8028-5D375EA1B8E4}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Machine for Pigs\Launcher.exe
FirewallRules: [{6F0A9D97-5472-404D-A325-1D1980A803E9}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Machine for Pigs\Launcher.exe
FirewallRules: [TCP Query User{C1BD52CF-6313-4B1B-A886-546E626B619A}C:\program files\adiirc\adiirc.exe] => (Allow) C:\program files\adiirc\adiirc.exe
FirewallRules: [UDP Query User{6B1EB537-A0C0-494F-B56C-51E9443BD977}C:\program files\adiirc\adiirc.exe] => (Allow) C:\program files\adiirc\adiirc.exe
FirewallRules: [{4BD346BF-7898-45AA-AE43-38898D7A32B6}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{22E6E482-7267-46D5-8391-51157A2C17B4}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{CF7AB021-BE79-40AF-A2ED-F637B15AAB53}] => (Allow) C:\Spiele\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{CF00B8CD-B2C4-4F8D-898C-EDFE90AC5417}] => (Allow) C:\Spiele\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{70BAE63B-A2B7-4010-9049-32ED5BC4B8C2}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{BF27871B-0980-4AD4-B1A3-CF783D2B0846}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{729151E5-445A-4AB6-B961-CF5B3B93E3E6}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{87505833-592A-416C-8BB1-641D769C8DB7}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{F73004CC-D25A-4719-9380-BCD9FFF056DA}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Natural Selection 2\NS2.exe
FirewallRules: [{7BFCADE5-BD70-4874-B6E7-E826838CB08D}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Natural Selection 2\NS2.exe
FirewallRules: [TCP Query User{95DBA6E8-90A9-4C3A-AB4D-3598EE2FAEFD}C:\program files (x86)\yworks\yed\yed.exe] => (Allow) C:\program files (x86)\yworks\yed\yed.exe
FirewallRules: [UDP Query User{478AF601-49CF-43F2-B3CA-7C75C37BCD6F}C:\program files (x86)\yworks\yed\yed.exe] => (Allow) C:\program files (x86)\yworks\yed\yed.exe
FirewallRules: [{BA025453-6F4F-43A9-8F18-EFDF65F5FA4C}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{4A7BFB5B-B99E-4672-A614-A6380906FCA7}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{8741E88E-6258-4E00-B183-4EEEDD868D7A}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{CEE0B207-C8A2-4C77-87C5-F28B68E57C74}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D56B4A18-503A-4530-8AEA-A62F2388597D}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{62F73F16-5787-45EC-91D6-2FA612AB0C1E}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{C1063AE7-1C02-48D6-A39E-602E95A35B6D}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{3805D972-BF06-459C-88CB-BF83BBD05B09}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{136751A1-8487-45A7-8018-9ED42C4E56CB}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Monaco\MONACO.exe
FirewallRules: [{54AD0F2C-349C-45AE-99B1-17E9F24BFA14}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Monaco\MONACO.exe
FirewallRules: [{013094E7-E1FA-43B1-A2B2-D742F1B71105}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{C2A861ED-1FA2-48D4-8FF5-A94B52369C83}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{15C48D5A-4610-476A-9057-83FA24D783C4}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\TrialsPC\datapack\trialsFMX.exe
FirewallRules: [{D9679C64-F9B7-45A2-981C-90A376D732D8}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\TrialsPC\datapack\trialsFMX.exe
FirewallRules: [{481C13F1-F009-4CAB-AD9E-6BFB3B043E84}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{0ABA4838-CC6A-4D4A-A963-A6AE0FFCECF3}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{5A1C1792-6AF7-43D5-9B9E-4FBDB54B6083}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{DBD7E0F1-43EA-4953-A9DE-F0AB0AF2AEE1}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{994F9B24-919A-49A6-9BE6-B9543B918B4D}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{DB57BE9B-76B4-4578-82A5-9092D390837C}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [TCP Query User{AC6C8BCA-0B99-4D98-8E68-2E133B1512AE}E:\spiele\blobfoot_win_beta5_062\blobfoot_win_beta5_062.exe] => (Allow) E:\spiele\blobfoot_win_beta5_062\blobfoot_win_beta5_062.exe
FirewallRules: [UDP Query User{F9D23EFF-BE73-4FB4-90BF-116641E807A4}E:\spiele\blobfoot_win_beta5_062\blobfoot_win_beta5_062.exe] => (Allow) E:\spiele\blobfoot_win_beta5_062\blobfoot_win_beta5_062.exe
FirewallRules: [{AA42FEF5-F79C-4663-89B4-1E564B8D91F5}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{E33D8219-CC6C-4CFB-A3C0-E789647AB966}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [TCP Query User{F56181CE-4733-4862-B374-73D0DFE71874}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{2627938C-A7E0-44F0-9944-61E4B3D6549F}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{C7E880B6-F8F5-4E03-ADDB-443A1F08ADAA}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{B013AAB1-BAAE-4C1F-90A9-0D1AAC2794B8}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{0534BE8D-8263-48D4-A823-A5895598E90E}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{34DA5641-320E-4A15-8365-200BA025CE7C}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [{8999B39C-FBEF-4876-AC71-1A8806A0E511}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{93AFDD18-2C28-4873-82EE-E91A359D9C6B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{99E07D64-64CC-486B-93F4-CADCDC2D74BF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{0E87591F-F032-4E99-8089-C9C1D40D7BD7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{6752D8D1-9A32-4AAB-9208-5792FC701BF6}] => (Allow) F:\SteamLibrary\SteamApps\common\To the Moon\To the Moon\To the Moon.exe
FirewallRules: [{69ADA91C-EB59-460E-8E4D-095CD5657BA5}] => (Allow) F:\SteamLibrary\SteamApps\common\To the Moon\To the Moon\To the Moon.exe
FirewallRules: [{39CF318D-3EE5-4794-873A-2E26008B3D91}] => (Allow) C:\Program Files (x86)\NoMachine\bin\nxplayer.bin
FirewallRules: [{E517F2A4-5F34-4F8D-94DD-A340501C00DD}] => (Allow) C:\Program Files (x86)\NoMachine\bin\nxplayer.bin
FirewallRules: [{0386E8A1-A43F-4699-B64E-8A3A26BCC3D7}] => (Allow) C:\Program Files (x86)\NoMachine\bin\nxd.exe
FirewallRules: [{C1BA06CF-A93A-41A6-A7BE-247983C6E607}] => (Allow) C:\Program Files (x86)\NoMachine\bin\nxd.exe
FirewallRules: [{8C0DF878-9414-4A6F-A7BE-F45BBDB8941C}] => (Allow) C:\Program Files (x86)\NoMachine\bin\nxserver.bin
FirewallRules: [{6A272E32-F202-4F60-8142-DF9F848DD8A3}] => (Allow) C:\Program Files (x86)\NoMachine\bin\nxserver.bin
FirewallRules: [{26757D79-F38F-4B25-BA11-017AB7D2C4CC}] => (Allow) C:\Program Files (x86)\NoMachine\bin\nxclient.bin
FirewallRules: [{08D4449C-901B-48C6-9462-F7AAB0B1FE90}] => (Allow) C:\Program Files (x86)\NoMachine\bin\nxclient.bin
FirewallRules: [{795A9F61-589B-4892-9D9B-2F9072E92212}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\FEZ\FEZ.exe
FirewallRules: [{0C857779-42D2-4A47-AFB8-BDE82E61F652}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\FEZ\FEZ.exe
FirewallRules: [{D25A4447-81F4-4D8C-8546-795F0242C078}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\FEZ\FEZ_LaunchOptions.exe
FirewallRules: [{7BA6AA77-A1F8-48CD-9DCF-62A7E29CDC31}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\FEZ\FEZ_LaunchOptions.exe
FirewallRules: [{2E5994DF-8766-4708-B3C9-6A5B7DEA4616}] => (Allow) F:\SteamLibrary\SteamApps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{440FF3AA-9717-4A73-A49A-E481346E4545}] => (Allow) F:\SteamLibrary\SteamApps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{4A8C4A51-F292-4E6B-8C8E-1D987529068D}] => (Allow) F:\SteamLibrary\SteamApps\common\Cave Story+\CaveStory+.exe
FirewallRules: [{A983A977-2689-42A0-9F00-D4045FF6066D}] => (Allow) F:\SteamLibrary\SteamApps\common\Cave Story+\CaveStory+.exe
FirewallRules: [{C4C903C1-9983-466B-AF69-82E8388DAF52}] => (Allow) F:\SteamLibrary\SteamApps\common\Worms Armageddon\WA.exe
FirewallRules: [{EE484040-4604-451A-BFBE-49E66469D215}] => (Allow) F:\SteamLibrary\SteamApps\common\Worms Armageddon\WA.exe
FirewallRules: [TCP Query User{BDF37AD9-76BC-4E83-AEB8-E4FD798CB5E6}F:\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) F:\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe
FirewallRules: [UDP Query User{392CEBD0-AFB7-4291-9265-F5FE4A36A77A}F:\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) F:\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe
FirewallRules: [{B1360897-6ABD-46C2-88C1-C05223F4698A}] => (Allow) C:\Spiele\Steam\bin\steamwebhelper.exe
FirewallRules: [{243ECBA7-D523-4632-A0F1-3C1726BA2FDD}] => (Allow) C:\Spiele\Steam\bin\steamwebhelper.exe
FirewallRules: [{1CFF0BB9-657E-40D2-A200-25863BBBD988}] => (Allow) F:\SteamLibrary\SteamApps\common\Hammerwatch\Hammerwatch.exe
FirewallRules: [{5C48A613-8F3B-428B-AC4B-955E31C09BFB}] => (Allow) F:\SteamLibrary\SteamApps\common\Hammerwatch\Hammerwatch.exe
FirewallRules: [{F291F40E-D3BD-406A-AD1A-1C88305A9643}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{DDA9364F-8EE8-4DEB-A312-0C4833D43E34}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [TCP Query User{57A8927C-AF16-4B1D-8F43-67B95DDC5E03}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\*****\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{162F8149-1632-4758-A08F-DAFAA400982E}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\*****\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{3E59B22D-9FCC-42CF-80B3-E81C783EEC26}C:\program files (x86)\intellij idea community edition 14.0\bin\idea.exe] => (Allow) C:\program files (x86)\intellij idea community edition 14.0\bin\idea.exe
FirewallRules: [UDP Query User{D3516378-C852-486F-864D-E44604287F43}C:\program files (x86)\intellij idea community edition 14.0\bin\idea.exe] => (Allow) C:\program files (x86)\intellij idea community edition 14.0\bin\idea.exe
FirewallRules: [TCP Query User{A500C0F2-9CA7-488E-B4CC-024D6C178A32}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\*****\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{F1679260-2759-4469-90A2-CA16BA9066E9}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\*****\appdata\roaming\spotify\spotify.exe
FirewallRules: [{329FD1BF-38D6-49C7-94E3-FC68DCF2283D}] => (Allow) C:\Spiele\Steam\SteamApps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{046F0309-A1B6-4B20-AC4F-B432220A82CF}] => (Allow) C:\Spiele\Steam\SteamApps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{02359FED-BDAC-4F87-951B-AFE6824063BF}] => (Allow) X:\SteamLibrary\SteamApps\common\Botanicula\Botanicula.exe
FirewallRules: [{C063AAC6-89B4-40D5-8384-9D1B61AA1B62}] => (Allow) X:\SteamLibrary\SteamApps\common\Botanicula\Botanicula.exe
FirewallRules: [{23D18C1E-51BD-40C7-B2BE-795CA203ACE8}] => (Allow) F:\SteamLibrary\SteamApps\common\ContraptionMaker\ContraptionMaker.exe
FirewallRules: [{57D61D74-F03E-4AA1-8F47-0C681283C546}] => (Allow) F:\SteamLibrary\SteamApps\common\ContraptionMaker\ContraptionMaker.exe
FirewallRules: [{907D1932-C309-486A-AAF1-2A17485F8DAE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{25AAD803-93DF-4126-814E-FAAFFFBD1A1E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F89EA41B-F629-46B6-923B-55CA96155CE5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8E524B29-E6F8-430A-8D2D-60531FDA7C1E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{267F1AED-CE90-4EF9-8950-5E590343C0A2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C0FA8D5D-6AB6-4E55-9127-4EB344BDEDEE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{706BB41C-36F0-4B48-8C32-87C68D761347}C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [UDP Query User{54B79181-DCED-45A4-BA5D-11E2B38CF0DD}C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [TCP Query User{82E15A94-99B5-40A6-9892-1D47BC2D93C6}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{E6D07A11-1AD0-4DD9-821B-3713064661A2}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{6271E855-CD0A-4D25-B2B3-AE320709388A}C:\program files (x86)\intellij idea 14.0.3\bin\idea.exe] => (Allow) C:\program files (x86)\intellij idea 14.0.3\bin\idea.exe
FirewallRules: [UDP Query User{A4790E8C-31EF-405C-B776-78F583C3C300}C:\program files (x86)\intellij idea 14.0.3\bin\idea.exe] => (Allow) C:\program files (x86)\intellij idea 14.0.3\bin\idea.exe
FirewallRules: [TCP Query User{20923AF4-95AA-4CB3-82C3-391D1BAC6D0A}C:\program files (x86)\intellij idea 14.0.3\jre\jre\bin\java.exe] => (Allow) C:\program files (x86)\intellij idea 14.0.3\jre\jre\bin\java.exe
FirewallRules: [UDP Query User{F5F35E7F-4643-4991-A0CD-1C6DEBFD57B9}C:\program files (x86)\intellij idea 14.0.3\jre\jre\bin\java.exe] => (Allow) C:\program files (x86)\intellij idea 14.0.3\jre\jre\bin\java.exe
FirewallRules: [{E931D63F-700D-401A-BF75-80E31B5110F2}] => (Allow) F:\SteamLibrary\SteamApps\common\Anno 1404\Anno4.exe
FirewallRules: [{568805CB-C091-40DB-B7C7-740CE882DE44}] => (Allow) F:\SteamLibrary\SteamApps\common\Anno 1404\Anno4.exe
FirewallRules: [{4953A5EC-28B6-414C-A5EE-48AA2E59D8A3}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{1FB92DDD-1A17-4092-9791-51A0148E5AFC}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [TCP Query User{52079336-B953-46FA-8009-F449F92FE754}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{CB51D4C0-E746-42AC-AE8A-64CDC71B0293}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{AAE8DBD3-20D3-4F80-9432-936FC4B51886}] => (Allow) C:\Spiele\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{47C815B0-38CE-48D1-BDAE-B3F8098857EF}] => (Allow) C:\Spiele\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{CB90669A-3E8C-4460-818D-B450E9D9239C}] => (Allow) LPort=51111
FirewallRules: [{3A43AB23-54D8-4585-A615-14E5812FF550}] => (Allow) LPort=51112
FirewallRules: [{7ED31D5F-980C-4B5C-BA44-35A698B5BD78}] => (Allow) LPort=51113
FirewallRules: [{370C4CCC-7C94-4711-BE77-6E42E439FF4A}] => (Allow) C:\Program Files\Steinberg\Cubase 8\Cubase8.exe
FirewallRules: [TCP Query User{218FF7BA-A9FC-4F74-9D15-C74FC35ECA8D}C:\program files\steinberg\cubase 8\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase 8\components\vstbridgeapp.exe
FirewallRules: [UDP Query User{C1AF5D81-4B32-48E2-8DAD-47E8BB377E65}C:\program files\steinberg\cubase 8\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase 8\components\vstbridgeapp.exe
FirewallRules: [TCP Query User{8A0F709D-BBFE-4CBA-B427-EB67C018DD5B}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [UDP Query User{2E89761E-11AB-4AD3-BAF7-1C8E8469A0B6}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [TCP Query User{3BA572C3-D480-4567-A6B4-78AF74E31066}C:\program files (x86)\spybot - search & destroy 2\sdfiles.exe] => (Allow) C:\program files (x86)\spybot - search & destroy 2\sdfiles.exe
FirewallRules: [UDP Query User{7E0CA21E-FEF8-492F-904B-32492C48AE95}C:\program files (x86)\spybot - search & destroy 2\sdfiles.exe] => (Allow) C:\program files (x86)\spybot - search & destroy 2\sdfiles.exe
FirewallRules: [TCP Query User{4763A6D3-7BC9-4E51-A20A-3FC07AA73BF2}C:\program files\unity\editor\unity.exe] => (Block) C:\program files\unity\editor\unity.exe
FirewallRules: [UDP Query User{2ADFC50E-B165-4CC7-ACE2-22FC021B73DE}C:\program files\unity\editor\unity.exe] => (Block) C:\program files\unity\editor\unity.exe
FirewallRules: [TCP Query User{ECE15888-B211-4338-98B2-147FE6DB1692}C:\program files\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [UDP Query User{E6F847B9-5A23-43E2-A4D3-702043E5004D}C:\program files\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [{F0EB94B5-0BA8-4FB1-BFDB-5C85719CB196}] => (Allow) F:\SteamLibrary\SteamApps\common\Train Fever\TrainFever.exe
FirewallRules: [{D79B0D0A-E056-4782-B898-FCF3D11CBD91}] => (Allow) F:\SteamLibrary\SteamApps\common\Train Fever\TrainFever.exe
FirewallRules: [{154A2C36-0D88-44E1-9C5C-39DB3E258B77}] => (Allow) F:\SteamLibrary\SteamApps\common\Nidhogg\Nidhogg.exe
FirewallRules: [{6D5CF0FE-DB7C-4E89-9C4F-419DEEBBCE4B}] => (Allow) F:\SteamLibrary\SteamApps\common\Nidhogg\Nidhogg.exe
FirewallRules: [{97BDFA50-5C60-47F8-B583-B6A363BAC053}] => (Allow) F:\SteamLibrary\SteamApps\common\Braid\braid.exe
FirewallRules: [{B7075708-6AB5-4948-BB08-32B8328A0614}] => (Allow) F:\SteamLibrary\SteamApps\common\Braid\braid.exe
FirewallRules: [{1C7568D5-6AC2-4101-8A40-4AC3A029D280}] => (Allow) F:\SteamLibrary\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{B1EF5BBA-97D8-4426-869A-5DC9899DAFDA}] => (Allow) F:\SteamLibrary\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{5389A560-1AEB-43D0-A1F1-62645155D6E2}] => (Allow) F:\SteamLibrary\SteamApps\common\DefenseGridTheAwakening\DefenseGrid.exe
FirewallRules: [{877C223B-6E06-4035-9EBF-636BC4715FAD}] => (Allow) F:\SteamLibrary\SteamApps\common\DefenseGridTheAwakening\DefenseGrid.exe
FirewallRules: [{18A2A84C-1375-410F-A175-D78822811FB6}] => (Allow) F:\SteamLibrary\SteamApps\common\Rollercoaster Tycoon 2\rct2.exe
FirewallRules: [{089AE974-EBCA-488C-8206-BC1A93A32988}] => (Allow) F:\SteamLibrary\SteamApps\common\Rollercoaster Tycoon 2\rct2.exe
FirewallRules: [{0AB08A57-B217-40F1-81C8-D3B35FC031E3}] => (Allow) F:\SteamLibrary\SteamApps\common\bittriprunner2\runner2.exe
FirewallRules: [{A9FDDA4A-EDC5-4D67-97B7-DD7F66B9A8D2}] => (Allow) F:\SteamLibrary\SteamApps\common\bittriprunner2\runner2.exe
FirewallRules: [{7926EB1B-F4B1-4F16-B69C-97C61B0949A7}] => (Allow) F:\SteamLibrary\SteamApps\common\Sanctum\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{4626021F-F716-4C23-ADF7-2AE930A57190}] => (Allow) F:\SteamLibrary\SteamApps\common\Sanctum\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{8F478A4A-1830-494E-A5A7-10B546307DF8}] => (Allow) F:\SteamLibrary\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{54DD7409-E943-4E0E-BCBB-7714CD829644}] => (Allow) F:\SteamLibrary\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{6056A799-00A4-4B32-874E-78805D9F1073}] => (Allow) F:\SteamLibrary\SteamApps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{06AE9CA2-D70C-4F6D-9DA0-BAB1B9BFD048}] => (Allow) F:\SteamLibrary\SteamApps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{B8D601F3-8119-4F62-8BAE-408C4E400E31}] => (Allow) F:\SteamLibrary\SteamApps\common\Worms Reloaded\WormsReloaded.exe
FirewallRules: [{0073F1D4-5C3F-4359-8AE7-39D5E02C3D44}] => (Allow) F:\SteamLibrary\SteamApps\common\Worms Reloaded\WormsReloaded.exe
FirewallRules: [{F613555C-2B96-4588-90B3-A1C8A6BD48B5}] => (Allow) F:\SteamLibrary\SteamApps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe
FirewallRules: [{14501F36-BFAD-4BC9-A581-0403D833F8D2}] => (Allow) F:\SteamLibrary\SteamApps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe
FirewallRules: [TCP Query User{D6C858DE-D7D7-404F-A156-8896EF989F7D}F:\steamlibrary\steamapps\common\anno 1404\tools\anno4web.exe] => (Allow) F:\steamlibrary\steamapps\common\anno 1404\tools\anno4web.exe
FirewallRules: [UDP Query User{52032D73-986A-4129-A689-274F4BB28893}F:\steamlibrary\steamapps\common\anno 1404\tools\anno4web.exe] => (Allow) F:\steamlibrary\steamapps\common\anno 1404\tools\anno4web.exe
FirewallRules: [{258A6AC4-753D-4500-ADD8-64ADF8C0041E}] => (Allow) F:\SteamLibrary\SteamApps\common\SpecOps_TheLine\Binaries\Win32\SpecOpsTheLine.exe
FirewallRules: [{22678424-3BA7-4074-B309-8AE62D3E8A88}] => (Allow) F:\SteamLibrary\SteamApps\common\SpecOps_TheLine\Binaries\Win32\SpecOpsTheLine.exe
FirewallRules: [TCP Query User{F31BBA51-F4C7-4F4F-82CA-6B623495DBDC}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{E6FD1C07-A317-456A-A53D-A38D8AF9BD92}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{BD3C07F9-DA96-4811-9F4C-6C37BE335486}] => (Allow) F:\SteamLibrary\SteamApps\common\vvvvvv\VVVVVV.exe
FirewallRules: [{A86AC72E-5745-4A32-9697-9BD4AD2FFAE7}] => (Allow) F:\SteamLibrary\SteamApps\common\vvvvvv\VVVVVV.exe
FirewallRules: [TCP Query User{597E66CD-B470-4490-8DB5-3B4056C2606D}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [UDP Query User{5CDBEA7F-A276-48A0-80B9-A5FE2BADEFF2}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [TCP Query User{DEBD08D1-55D8-4726-A0A2-5C8E6AEA30BC}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Block) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [UDP Query User{A090CD29-F2C9-4C60-9D1F-1D485C2EF8C8}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Block) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [{195813BB-A7BB-42F3-B73E-C0FBAB4C90D0}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [TCP Query User{6AE0B17F-EDDB-4F11-8660-5FDFBB3491FA}C:\spiele\starcraft ii\versions\base38749\sc2_x64.exe] => (Allow) C:\spiele\starcraft ii\versions\base38749\sc2_x64.exe
FirewallRules: [UDP Query User{8F26B647-FC28-4B98-BECA-DD50116CF087}C:\spiele\starcraft ii\versions\base38749\sc2_x64.exe] => (Allow) C:\spiele\starcraft ii\versions\base38749\sc2_x64.exe
FirewallRules: [{57D04A1E-5B80-4883-8C10-FD6AA1C7ABB4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E3002787-D632-4194-898F-7923209B31B0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B904509D-594E-4A28-BBB6-0B39014E0262}] => (Allow) F:\SteamLibrary\SteamApps\common\Dead Space\Dead Space.exe
FirewallRules: [{67762113-DC1D-47B0-8117-38DBECDAE920}] => (Allow) F:\SteamLibrary\SteamApps\common\Dead Space\Dead Space.exe
FirewallRules: [TCP Query User{85D4392C-B210-4CDE-899A-135870E855C9}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [UDP Query User{FE16BA46-2421-4A5E-BB36-F1591FA6BFE9}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [TCP Query User{F33AE8C6-7DA1-4E6F-BFA9-9AE8472CFD7F}C:\program files\java\jdk1.8.0_66\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_66\bin\java.exe
FirewallRules: [UDP Query User{1A70AD41-5BE6-4E13-AE0C-175D1470BAC4}C:\program files\java\jdk1.8.0_66\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_66\bin\java.exe
FirewallRules: [{3F4BA33B-3149-429B-AA5C-D8E050EC0D8A}] => (Allow) F:\SteamLibrary\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{8F48A799-ED60-409D-B9A1-034A44A8203F}] => (Allow) F:\SteamLibrary\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{4F9277AD-87DF-4B0A-B16E-183A181D2814}] => (Allow) F:\SteamLibrary\SteamApps\common\MiniMetro\MiniMetro.exe
FirewallRules: [{815CCF6B-B6E4-40A7-9685-68DFE4CB5A95}] => (Allow) F:\SteamLibrary\SteamApps\common\MiniMetro\MiniMetro.exe
FirewallRules: [{2A294525-E104-4CA4-80D3-086F890EC6E8}] => (Allow) F:\SteamLibrary\SteamApps\common\Recettear\recettear.exe
FirewallRules: [{F956C50D-8879-4B4F-A9CE-3DC6DEBC9938}] => (Allow) F:\SteamLibrary\SteamApps\common\Recettear\recettear.exe
FirewallRules: [{48D1266F-A3B0-49FD-B44A-46D6527B776C}] => (Allow) F:\SteamLibrary\SteamApps\common\Recettear\custom.exe
FirewallRules: [{0717B3BE-8B7A-4019-B566-D73E631DDC23}] => (Allow) F:\SteamLibrary\SteamApps\common\Recettear\custom.exe
FirewallRules: [TCP Query User{0CC31510-3119-436F-9F21-170B5B9FD3EA}C:\eclipse\eclipse.exe] => (Allow) C:\eclipse\eclipse.exe
FirewallRules: [UDP Query User{73FBCBCF-6925-48D2-A025-01852325F2C3}C:\eclipse\eclipse.exe] => (Allow) C:\eclipse\eclipse.exe
FirewallRules: [TCP Query User{07666A3F-200B-42FB-8FDB-0C4223BEA7A9}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [UDP Query User{650B0860-D53E-4E05-B9BB-BB3EE58F7977}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [{A26C3F07-642D-4B5E-AB66-7E4D79C93B96}] => (Allow) F:\SteamLibrary\SteamApps\common\Ticket to Ride\Ticket to Ride.exe
FirewallRules: [{076486F1-590D-4466-A91F-7D362CCBA66D}] => (Allow) F:\SteamLibrary\SteamApps\common\Ticket to Ride\Ticket to Ride.exe
FirewallRules: [{F50E48A3-566E-45B0-93B2-E35F57CFEFA5}] => (Allow) LPort=80
FirewallRules: [TCP Query User{3325E59B-A1D6-4DF5-AF06-AB96A690F29B}C:\program files\java\jdk1.8.0_66\jre\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_66\jre\bin\java.exe
FirewallRules: [UDP Query User{139F7BAC-571D-477C-B969-725623D63DD1}C:\program files\java\jdk1.8.0_66\jre\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_66\jre\bin\java.exe
FirewallRules: [TCP Query User{A1A7B5F7-4537-4D5C-A802-683B08592ABB}C:\program files (x86)\intellij idea community edition 14.0\jre\jre\bin\java.exe] => (Allow) C:\program files (x86)\intellij idea community edition 14.0\jre\jre\bin\java.exe
FirewallRules: [UDP Query User{352B2487-67FF-4234-B862-28C872F4184F}C:\program files (x86)\intellij idea community edition 14.0\jre\jre\bin\java.exe] => (Allow) C:\program files (x86)\intellij idea community edition 14.0\jre\jre\bin\java.exe
FirewallRules: [{4234AB85-DD17-4463-8CDF-D30A73F83D20}] => (Allow) LPort=3306
FirewallRules: [{CA1FD9B0-CC2C-4E76-AFB7-9B0299A5776F}] => (Allow) LPort=3306
FirewallRules: [TCP Query User{DEF64EE1-A119-4940-AD21-9ECDC3492712}C:\program files\java\jdk1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.8.0_66\bin\javaw.exe
FirewallRules: [UDP Query User{8B52A385-FD77-4333-999D-6FA9CFC97C79}C:\program files\java\jdk1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.8.0_66\bin\javaw.exe
FirewallRules: [{1E2F7EF2-9064-44F8-83FA-554FF4184B54}] => (Allow) F:\SteamLibrary\SteamApps\common\SOMA\Soma.exe
FirewallRules: [{8530F152-4038-4276-B319-93C203136A77}] => (Allow) F:\SteamLibrary\SteamApps\common\SOMA\Soma.exe
FirewallRules: [{1A1C179D-3741-48AA-82B7-999DABAD2B7B}] => (Allow) F:\SteamLibrary\SteamApps\common\SOMA\ModLauncher.exe
FirewallRules: [{BB031907-0016-4902-96D2-F6DE244F9D15}] => (Allow) F:\SteamLibrary\SteamApps\common\SOMA\ModLauncher.exe
FirewallRules: [{017C3265-B432-4F03-B409-828E77ADB710}] => (Allow) F:\SteamLibrary\SteamApps\common\grid 2\grid2.exe
FirewallRules: [{AF647D69-61E7-4B9F-8B41-AF215343EE9C}] => (Allow) F:\SteamLibrary\SteamApps\common\grid 2\grid2.exe
FirewallRules: [TCP Query User{2FE1947D-955B-4D71-923C-19B4C20D1C6B}C:\program files (x86)\intellij idea 14.0.3\bin\idea.exe] => (Block) C:\program files (x86)\intellij idea 14.0.3\bin\idea.exe
FirewallRules: [UDP Query User{4D4B3991-0DD9-4919-850C-05721B91E5DE}C:\program files (x86)\intellij idea 14.0.3\bin\idea.exe] => (Block) C:\program files (x86)\intellij idea 14.0.3\bin\idea.exe
FirewallRules: [TCP Query User{B61115D8-FA02-4CB8-9820-91056A4A11F3}C:\program files (x86)\jetbrains\intellij idea community edition 15.0.4\jre\jre\bin\java.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 15.0.4\jre\jre\bin\java.exe
FirewallRules: [UDP Query User{2CE04704-D6C3-4E44-B262-01DF63F1151E}C:\program files (x86)\jetbrains\intellij idea community edition 15.0.4\jre\jre\bin\java.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 15.0.4\jre\jre\bin\java.exe
FirewallRules: [TCP Query User{44F8D3E7-68F9-4072-8D2D-C385E5397712}C:\program files (x86)\jetbrains\intellij idea community edition 15.0.4\bin\idea.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 15.0.4\bin\idea.exe
FirewallRules: [UDP Query User{79ADB7D7-4833-48CB-9CEE-2A628378F62F}C:\program files (x86)\jetbrains\intellij idea community edition 15.0.4\bin\idea.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 15.0.4\bin\idea.exe
FirewallRules: [{A9D14FBF-7F60-4561-A5B9-BBBDE907EA9D}] => (Allow) F:\SteamLibrary\SteamApps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{07103AE6-C3B9-4AC9-95FA-56B38C6077D8}] => (Allow) F:\SteamLibrary\SteamApps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{A4BEC57E-F037-4726-AB8A-9DF4BB50D095}] => (Allow) F:\SteamLibrary\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{118D49D8-3CC2-483B-B0EC-48850A2932A5}] => (Allow) F:\SteamLibrary\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [TCP Query User{39A50C85-DC71-4B5B-9330-A4C11437AA62}C:\spiele\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) C:\spiele\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [UDP Query User{0BC26DD4-8390-46F3-B785-78CAD1210B3B}C:\spiele\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) C:\spiele\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [TCP Query User{D8937320-307D-4ACF-A04A-2FE1E579AD57}E:\spiele\steamlibrary\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) E:\spiele\steamlibrary\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [UDP Query User{43D36CA6-FBF9-4726-84F9-00A1E55D2AF2}E:\spiele\steamlibrary\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) E:\spiele\steamlibrary\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [{FA5947C6-8AF0-48D1-98C9-ABBB59A2C1F2}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Risk Factions\Risk Factions.exe
FirewallRules: [{4AACDCD3-4318-4EEC-A570-3C5F3DE31BF7}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Risk Factions\Risk Factions.exe
FirewallRules: [{CB09CAC4-3EBF-4F7A-AAF5-055A1CDF43B5}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{3D505FC0-1CE4-437F-9C34-38D7757ED90D}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{7FC35523-AAA6-4F75-A8E5-40F0563B8F77}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{0AB3D4B6-430E-47D2-BF45-6BE766155C5B}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{F2839F5C-8158-4554-AE41-5FFE5215CB9C}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\The Crew\TheCrew.exe
FirewallRules: [{F51EFC3B-E23A-47C1-A62F-8DDE27369618}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\The Crew\TheCrew.exe
FirewallRules: [{822E5BED-2992-49D7-A8BE-D77D9F25131D}] => (Allow) F:\SteamLibrary\SteamApps\common\Hammerwatch\editor\HammerEditor.exe
FirewallRules: [{52056B39-4299-4AB5-8B5F-CB94602ABF6A}] => (Allow) F:\SteamLibrary\SteamApps\common\Hammerwatch\editor\HammerEditor.exe
FirewallRules: [{42DAC985-9D34-4335-804E-4214D30E8AD2}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Broken Sword Shadow of the Templars\bs1dc.exe
FirewallRules: [{57293408-06A2-4EB6-89E5-B8FB16042D19}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Broken Sword Shadow of the Templars\bs1dc.exe
FirewallRules: [{E48A77E3-B6D6-4A0B-8826-C5A619682FBF}] => (Allow) F:\SteamLibrary\SteamApps\common\Football Manager 2016\fm.exe
FirewallRules: [{21DA0E81-372E-4927-992F-99497232924B}] => (Allow) F:\SteamLibrary\SteamApps\common\Football Manager 2016\fm.exe
FirewallRules: [{0CC8DCA7-94F6-4DB8-B75D-4942A37B08DF}] => (Allow) F:\SteamLibrary\SteamApps\common\TowerFall\TowerFall.exe
FirewallRules: [{5DBA402A-9174-486A-8DD4-5EB135649CDC}] => (Allow) F:\SteamLibrary\SteamApps\common\TowerFall\TowerFall.exe
FirewallRules: [TCP Query User{4539EC60-3F2C-4647-A36A-26A96A235ACE}C:\spiele\starcraft ii\versions\base42932\sc2_x64.exe] => (Allow) C:\spiele\starcraft ii\versions\base42932\sc2_x64.exe
FirewallRules: [UDP Query User{69A14C14-E07E-4D5C-806C-C83C86E48C2C}C:\spiele\starcraft ii\versions\base42932\sc2_x64.exe] => (Allow) C:\spiele\starcraft ii\versions\base42932\sc2_x64.exe
FirewallRules: [{A7F75C4D-3D5D-405F-A73D-D05AF7118A37}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{161F2093-4E45-415C-A4C5-FFC97E842C59}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{178CD577-8A24-41B1-B033-585CAE32E6DC}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\TTR World Tour\TTRWorldTour.exe
FirewallRules: [{72157719-2726-484C-BF4E-01FE226174F7}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\TTR World Tour\TTRWorldTour.exe
FirewallRules: [{34A055E3-70D2-440E-9278-5B0A63D996E4}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\DefenseGrid2\DefenseGrid2_Release.exe
FirewallRules: [{3E420153-E622-4A0C-912C-ECA9616562EC}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\DefenseGrid2\DefenseGrid2_Release.exe
FirewallRules: [{998CF2A3-C1D1-4BE0-837C-F86E00A4128F}] => (Allow) F:\SteamLibrary\SteamApps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{01C8BE94-A884-4F2E-843C-88A4A7AE7D25}] => (Allow) F:\SteamLibrary\SteamApps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{8BD1AE6C-8FEF-4A1C-BFBF-1E3D08230FD8}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Rust\Rust.exe
FirewallRules: [{A5F4FE2F-492E-4432-B81D-4146DC6B4737}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Rust\Rust.exe
FirewallRules: [{2A9C0F1A-BDDC-48D2-98B5-2C5F46FE028F}] => (Allow) F:\SteamLibrary\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{9F9EF967-AF0F-4B03-BAFF-178AA9FA0732}] => (Allow) F:\SteamLibrary\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{C88674DC-0FFF-4E35-A593-40B5A3732CCD}] => (Allow) C:\Spiele\Steam\SteamApps\common\Octodad Dadliest Catch\OctodadDadliestCatch.exe
FirewallRules: [{1536C4F1-4452-44B3-9ABE-85EE087CE25A}] => (Allow) C:\Spiele\Steam\SteamApps\common\Octodad Dadliest Catch\OctodadDadliestCatch.exe
FirewallRules: [{AE89047B-273E-433E-B30A-3D8602E32279}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Factorio\bin\x64\factorio.exe
FirewallRules: [{2C6570A9-9B8D-483A-98B3-EF36D127A820}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Factorio\bin\x64\factorio.exe
FirewallRules: [TCP Query User{FBD14A0F-FA9D-423F-A50B-9D5C89EF9699}C:\program files\java\jre1.8.0_101\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\java.exe
FirewallRules: [UDP Query User{3A88C660-D9B1-4FC7-8A63-82D082B0A8C5}C:\program files\java\jre1.8.0_101\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\java.exe
FirewallRules: [TCP Query User{72B673DE-7501-4ACE-B306-F8A44BD1A57D}C:\program files (x86)\jetbrains\intellij idea community edition 2016.2.2\jre\jre\bin\java.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 2016.2.2\jre\jre\bin\java.exe
FirewallRules: [UDP Query User{A9397B70-92DC-4622-A933-2FBB29801EA7}C:\program files (x86)\jetbrains\intellij idea community edition 2016.2.2\jre\jre\bin\java.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 2016.2.2\jre\jre\bin\java.exe
FirewallRules: [TCP Query User{6FBE4641-6387-4E31-ADD9-D52BE49845E7}C:\program files (x86)\jetbrains\intellij idea community edition 2016.2.2\bin\idea.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 2016.2.2\bin\idea.exe
FirewallRules: [UDP Query User{EB5758CB-4A16-4880-98A3-CE992EDC57B2}C:\program files (x86)\jetbrains\intellij idea community edition 2016.2.2\bin\idea.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 2016.2.2\bin\idea.exe
FirewallRules: [{E0D967FA-B3E8-4EB9-B783-CCE068466BF0}] => (Allow) H:\Spiele\SteamLibrary\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{77B08F48-E247-401F-83E7-317375DF3253}] => (Allow) H:\Spiele\SteamLibrary\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{1F6FC122-3CEB-43B5-8132-EED9D952C84C}] => (Allow) H:\Spiele\SteamLibrary\steamapps\common\Factorio\bin\x64\factorio.exe
FirewallRules: [{4D2C529A-ABAB-4C92-8EB8-A5C9678B527E}] => (Allow) H:\Spiele\SteamLibrary\steamapps\common\Factorio\bin\x64\factorio.exe
FirewallRules: [{AB45CB48-733A-4133-B3FD-2CD444986FBC}] => (Allow) H:\Spiele\SteamLibrary\steamapps\common\Guacamelee\Guac.exe
FirewallRules: [{533453D8-7D00-48CE-A26F-127F50D0D47C}] => (Allow) H:\Spiele\SteamLibrary\steamapps\common\Guacamelee\Guac.exe
FirewallRules: [{2015F1F3-AFDA-4076-B6DC-D01775126A88}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{613A814B-1D8A-4F0C-9959-AAFA8B21EC50}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{28D3A69F-089E-4394-BF2F-17B3926E5D19}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{AD1422A5-288A-4D95-9FF1-9894622BF11F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{5DD2D3EC-DD96-49DB-B0A3-AFEFB4471E08}] => (Allow) H:\Spiele\SteamLibrary\steamapps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{4E41A708-1BDF-41A4-905F-75795748F175}] => (Allow) H:\Spiele\SteamLibrary\steamapps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{768D5456-4330-41EB-8DCC-98CB4BD7B9D9}] => (Allow) H:\Spiele\SteamLibrary\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{C2058895-58DF-430D-8A59-BA8B2AF78650}] => (Allow) H:\Spiele\SteamLibrary\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [TCP Query User{47E23CC6-991A-4B36-9578-AD0E5851A97F}H:\spiele\steamlibrary\steamapps\common\portal 2\portal2.exe] => (Allow) H:\spiele\steamlibrary\steamapps\common\portal 2\portal2.exe
FirewallRules: [UDP Query User{BFF0D594-4C54-4C4E-BC59-A823F41AE41C}H:\spiele\steamlibrary\steamapps\common\portal 2\portal2.exe] => (Allow) H:\spiele\steamlibrary\steamapps\common\portal 2\portal2.exe
FirewallRules: [{E6DC424F-05EE-484A-8BC3-5ECA846F2E9D}] => (Allow) H:\Spiele\SteamLibrary\steamapps\common\Rocksmith2014\Rocksmith2014.exe
FirewallRules: [{13486099-DF8F-4FEC-B5C0-9AFD88510963}] => (Allow) H:\Spiele\SteamLibrary\steamapps\common\Rocksmith2014\Rocksmith2014.exe
FirewallRules: [{3DEAC2F4-7731-44AE-AB0E-7DEC9F0E40AE}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\pCars\pCARS64.exe
FirewallRules: [{627742C2-E558-4C90-8313-3E9B431BE93E}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\pCars\pCARS64.exe
FirewallRules: [TCP Query User{5D3E8616-DD9E-466C-96A6-99F50C6994FB}C:\program files (x86)\jetbrains\intellij idea community edition 2016.2.2\bin\idea64.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 2016.2.2\bin\idea64.exe
FirewallRules: [UDP Query User{55957212-E064-43DF-AB1A-28048A0FD195}C:\program files (x86)\jetbrains\intellij idea community edition 2016.2.2\bin\idea64.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 2016.2.2\bin\idea64.exe
FirewallRules: [{1B1705E2-E02E-46B2-842A-40CBAC287A89}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Pro Evolution Soccer 2017 Demo\PES2017.exe
FirewallRules: [{C0E65387-0D6E-434C-99CC-A633A2372351}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Pro Evolution Soccer 2017 Demo\PES2017.exe
FirewallRules: [{0E6C290E-4A31-4869-9E96-CDBF85AE9B2D}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity\2015\UnityVS.OpenFile.exe
FirewallRules: [{F3597AEB-573C-40A1-95CD-A27E64F6C6A1}] => (Allow) C:\PROGRA~1\Unity\Editor\Unity.exe
FirewallRules: [{8434CAA0-32B7-4986-97C9-A623E2710748}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [TCP Query User{F3B00430-C5D3-4514-95AD-D00302583536}H:\spiele\steamlibrary\steamapps\common\team fortress 2\hl2.exe] => (Allow) H:\spiele\steamlibrary\steamapps\common\team fortress 2\hl2.exe
FirewallRules: [UDP Query User{50ADD2E0-A58A-4224-AA5A-A9A42C1BF724}H:\spiele\steamlibrary\steamapps\common\team fortress 2\hl2.exe] => (Allow) H:\spiele\steamlibrary\steamapps\common\team fortress 2\hl2.exe
FirewallRules: [{4D45604D-64E7-4083-8B85-0AEFBCF005D1}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Parkitect\Parkitect.exe
FirewallRules: [{E7C99D4A-13C8-4060-A200-20F161308972}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Parkitect\Parkitect.exe
FirewallRules: [TCP Query User{4A6329A3-4781-4DDA-99C4-724FB245B2D8}H:\spiele\steamlibrary\steamapps\common\anno 1404\tools\anno4web.exe] => (Allow) H:\spiele\steamlibrary\steamapps\common\anno 1404\tools\anno4web.exe
FirewallRules: [UDP Query User{CEBF3A6C-DAF6-4E2D-AAAC-035D29B1DAB5}H:\spiele\steamlibrary\steamapps\common\anno 1404\tools\anno4web.exe] => (Allow) H:\spiele\steamlibrary\steamapps\common\anno 1404\tools\anno4web.exe
FirewallRules: [{CD923910-C114-4C5F-9CCD-665A813B03D1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{13D1015E-9882-4340-AC54-AF40190ABC5E}] => (Allow) F:\SteamLibrary\SteamApps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{D782A19C-7BCD-4A59-9FEB-8E6557562B3E}] => (Allow) F:\SteamLibrary\SteamApps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{C8D9D6D1-578D-471A-A628-7E1BF0F5F08B}] => (Allow) F:\SteamLibrary\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{77100F5D-C54F-4F95-B635-58DA07F4B898}] => (Allow) F:\SteamLibrary\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert
Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.


==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/05/2016 07:26:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (10/05/2016 07:18:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (10/04/2016 07:07:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (10/03/2016 06:02:54 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\WinZip\adxloader.dll.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files\WinZip\adxloader.dll.Manifest" in Zeile 2.
Das Stammelement der Manifestdatei muss assembliert sein.

Error: (10/03/2016 12:15:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (10/02/2016 12:39:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (10/02/2016 12:41:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (10/01/2016 08:11:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (10/01/2016 12:33:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (09/30/2016 10:32:21 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\WinZip\adxloader.dll.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files\WinZip\adxloader.dll.Manifest" in Zeile 2.
Das Stammelement der Manifestdatei muss assembliert sein.


Systemfehler:
=============
Error: (10/04/2016 07:07:19 PM) (Source: volsnap) (EventID: 25) (User: )
Description: Die Schattenkopien von Volume "C:" wurden gelöscht, weil der Schattenkopiespeicher nicht rechtzeitig vergrößert wurde. Sie sollten die E/A-Last auf dem System verringern oder ein Schattenkopie-Speichervolume, von dem keine Schattenkopie erstellt wird, auswählen.

Error: (09/30/2016 10:39:42 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (09/28/2016 08:48:54 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (09/28/2016 06:54:13 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (09/28/2016 01:14:27 PM) (Source: volsnap) (EventID: 25) (User: )
Description: Die Schattenkopien von Volume "C:" wurden gelöscht, weil der Schattenkopiespeicher nicht rechtzeitig vergrößert wurde. Sie sollten die E/A-Last auf dem System verringern oder ein Schattenkopie-Speichervolume, von dem keine Schattenkopie erstellt wird, auswählen.

Error: (09/27/2016 08:24:40 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.

Error: (09/27/2016 08:24:40 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.

Error: (09/27/2016 08:10:25 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.

Error: (09/27/2016 08:10:25 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.

Error: (09/27/2016 07:54:04 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Xeon(R) CPU E3-1230 V2 @ 3.30GHz
Prozentuale Nutzung des RAM: 26%
Installierter physikalischer RAM: 16342.18 MB
Verfügbarer physikalischer RAM: 12085.08 MB
Summe virtueller Speicher: 32682.55 MB
Verfügbarer virtueller Speicher: 28304.41 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:185.45 GB) (Free:19.06 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (Medien) (Fixed) (Total:390.62 GB) (Free:46.63 GB) NTFS
Drive f: (Daten) (Fixed) (Total:390.62 GB) (Free:22.56 GB) NTFS
Drive g: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive h: (Solid State) (Fixed) (Total:465.76 GB) (Free:19.68 GB) NTFS

==================== MBR & Partitionstabelle ==================

==================== Ende von Addition.txt ============================
         

Alt 06.10.2016, 18:34   #5
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Backdoor "BDS/Cycbotcfg" in Firefox Cache gefunden - Standard

Backdoor "BDS/Cycbotcfg" in Firefox Cache gefunden



FRST bitte vom Desktop und mit Admin-Rechten ausführen.

__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 06.10.2016, 21:00   #6
Esdeh
 
Backdoor "BDS/Cycbotcfg" in Firefox Cache gefunden - Standard

Backdoor "BDS/Cycbotcfg" in Firefox Cache gefunden



Sorry. Hier nochmal richtig:

FRST Log:

FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 04-10-2016
durchgeführt von Admin (Administrator) auf STV-DESKTOP (06-10-2016 20:53:21)
Gestartet von C:\Users\*****\Desktop
Geladene Profile: ***** & Admin (Verfügbare Profile: ***** & Admin & nx)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
() C:\Users\*****\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Spotify Ltd) C:\Users\*****\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\*****\AppData\Roaming\Spotify\Spotify.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Hammer & Chisel, Inc.) C:\Users\*****\AppData\Local\Discord\app-0.0.296\Discord.exe
(Dropbox, Inc.) C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Spotify Ltd) C:\Users\*****\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Spotify Ltd) C:\Users\*****\AppData\Roaming\Spotify\Spotify.exe
(Hammer & Chisel, Inc.) C:\Users\*****\AppData\Local\Discord\app-0.0.296\Discord.exe
(Spotify Ltd) C:\Users\*****\AppData\Roaming\Spotify\Spotify.exe
(Hammer & Chisel, Inc.) C:\Users\*****\AppData\Local\Discord\app-0.0.296\Discord.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-14] (Logitech Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [830064 2016-09-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ContentTransferWMDetector.exe] => C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe [423200 2008-07-11] (Sony Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-08-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM-x32\...\RunOnce: [EasyTuneVI] => C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe [40960 2012-07-09] ()
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe [55264 2016-03-10] (Malwarebytes)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.)
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\*****\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Run: [SandboxieControl] => "C:\Program Files\Sandboxie\SbieCtrl.exe"
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2012-02-14] (AMD)
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Run: [Spotify Web Helper] => C:\Users\*****\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1529456 2016-09-21] (Spotify Ltd)
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Run: [Dropbox Update] => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Run: [Spotify] => C:\Users\*****\AppData\Roaming\Spotify\Spotify.exe [6795376 2016-09-21] (Spotify Ltd)
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Run: [Google Update] => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [152216 2016-05-10] (Google Inc.)
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Run: [Discord] => C:\Users\*****\AppData\Local\Discord\app-0.0.296\Discord.exe [62471352 2016-08-24] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\MountPoints2: J - J:\autorun.exe
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\MountPoints2: {5b8ed942-f05d-11e4-beac-94de8021e984} - I:\Startme.exe
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\MountPoints2: {cbd273f9-584d-11e6-8278-94de8021e984} - K:\Lenovo_Suite.exe
HKU\S-1-5-21-2919925435-3243357412-1734966863-1003\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.)
HKU\S-1-5-21-2919925435-3243357412-1734966863-1003\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-2919925435-3243357412-1734966863-1003\...\Run: [MySQL Notifier] => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySqlNotifier.exe [773120 2014-09-03] (Oracle Corporation)
Lsa: [Authentication Packages] msv1_0 nxlsa
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-09-30]
ShortcutTarget: Dropbox.lnk -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Keine Datei)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{721F4271-35C9-40A5-B9ED-398DE2D809A9}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{E65348D7-0263-4F99-A662-1B18C086C5BB}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-08-12] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-12] (Oracle Corporation)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll [2012-11-13] (Safer-Networking Ltd.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: areovegl.default
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\areovegl.default [2016-01-11]
FF Extension: (Avira Browser Safety) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\areovegl.default\Extensions\abs@avira.com [2015-03-16] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: (PDF Architect Converter For Firefox) - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-05-29] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-20] ()
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-12] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-12] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-20] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-01] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-04-14] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2919925435-3243357412-1734966863-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\*****\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2919925435-3243357412-1734966863-1000: @talk.google.com/O1DPlugin -> C:\Users\*****\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2919925435-3243357412-1734966863-1000: @tools.google.com/Google Update;version=3 -> C:\Users\*****\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-01] (Google Inc.)
FF Plugin HKU\S-1-5-21-2919925435-3243357412-1734966863-1000: @tools.google.com/Google Update;version=9 -> C:\Users\*****\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-01] (Google Inc.)
FF Plugin HKU\S-1-5-21-2919925435-3243357412-1734966863-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\*****\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-2919925435-3243357412-1734966863-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-08-31] ()
FF Plugin HKU\S-1-5-21-2919925435-3243357412-1734966863-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-10-20] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2919925435-3243357412-1734966863-1003: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-11-20] (Sony Network Entertainment International LLC)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com" 
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2016-01-11]
CHR Extension: (Google Präsentationen) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-16]
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-16]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-16]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-16]
CHR Extension: (Google-Suche) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-16]
CHR Extension: (Google Tabellen) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-16]
CHR Extension: (Avira Browserschutz) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-03-16]
CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-16]
CHR Extension: (Google Mail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-16]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ACHTUNG: => Signaturenvergleich konnte nicht durchgeführt werden. Kryptografischer Dienst läuft nicht.

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [989696 2016-09-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [470600 2016-09-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [470600 2016-09-12] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1454720 2016-09-12] (Avira Operations GmbH & Co. KG)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S4 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] ()
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [324304 2016-08-19] (Avira Operations GmbH & Co. KG)
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-06-24] ()
S4 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [218112 2013-10-07] ()
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [227104 2016-08-10] (EasyAntiCheat Ltd)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MySQL57; C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe [39209984 2015-11-30] ()
S4 nxdeviced; C:\Program Files (x86)\NoMachine\bin\nxdeviced64.exe [861360 2014-04-17] (NoMachine)
S4 nxdisplay; C:\Program Files (x86)\NoMachine\bin\nxdisplay.exe [221872 2014-04-17] (NoMachine)
S4 nxfsd; C:\Program Files (x86)\NoMachine\bin\nxfsd.exe [181936 2014-04-17] (NoMachine)
S4 nxservice; C:\Program Files (x86)\NoMachine\bin\nxservice.exe [204464 2014-04-17] (NoMachine)
S4 nxusbd; C:\Program Files (x86)\NoMachine\bin\nxusbd64.exe [1248944 2014-04-17] (NoMachine)
S4 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S4 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-08-31] ()
S4 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
S4 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
S4 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
S4 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
S4 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-03] (VIA Technologies, Inc.)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [171752 2016-08-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [145984 2016-08-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-18] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-04-19] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2015-05-02] (Sony Mobile Communications)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2016-08-29] ()
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [110744 2012-07-19] (Qualcomm Atheros Co., Ltd.)
S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 nxaudio; C:\Windows\System32\drivers\nxaudio.sys [17920 2013-08-29] (NoMachine)
R3 nxdm; C:\Windows\System32\DRIVERS\nxdm.sys [29696 2012-12-11] (NoMachine Sarl)
R2 nxfs; C:\Program Files (x86)\NoMachine\bin\drivers\nxdisk\amd64\nxfs.sys [57008 2014-02-24] (NoMachine)
R2 nxusbf; C:\Program Files (x86)\NoMachine\bin\drivers\nxusb\NT6\amd64\nxusbf.sys [87216 2014-01-24] (NoMachine)
R3 nxusbh; C:\Windows\System32\DRIVERS\nxusbh.sys [68096 2013-11-12] (NoMachine)
R3 nxusbs; C:\Windows\System32\DRIVERS\nxusbs.sys [10240 2013-11-04] (NoMachine)
R3 SynUSB64; C:\Windows\System32\DRIVERS\SynUSB64.sys [30352 2011-12-14] (Steinberg Media Technologies GmbH)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 TASCAM_US122144; C:\Windows\System32\Drivers\tascusb2.sys [409664 2010-06-18] (TASCAM)
S3 TASCAM_US122L_WDM; C:\Windows\System32\drivers\tscusb2a.sys [50240 2010-06-18] (TASCAM)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-06 20:53 - 2016-10-06 20:53 - 00021796 _____ C:\Users\*****\Desktop\FRST.txt
2016-10-06 07:39 - 2016-10-06 07:39 - 00050685 _____ C:\Users\*****\Desktop\Logfiles_Esdeh.zip
2016-10-06 07:29 - 2016-10-06 07:30 - 00002282 _____ C:\Users\*****\Desktop\Malwarebytes.txt
2016-10-06 07:27 - 2016-10-06 07:27 - 00000265 _____ C:\Users\Admin\Desktop\malwarebytes.txt
2016-10-06 00:01 - 2016-10-06 07:34 - 00055400 _____ C:\Users\*****\Desktop\Avira.txt
2016-10-05 23:56 - 2016-10-06 20:53 - 00000000 ____D C:\FRST
2016-10-05 23:56 - 2016-10-05 23:56 - 02405376 _____ (Farbar) C:\Users\*****\Desktop\FRST64.exe
2016-10-05 23:52 - 2016-10-05 23:52 - 00001124 _____ C:\Users\*****\Desktop\ Malwarebytes Anti-Malware .lnk
2016-10-05 23:47 - 2016-10-05 23:58 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-10-05 23:47 - 2016-10-05 23:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-10-05 23:47 - 2016-10-05 23:47 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-10-05 23:47 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-10-05 23:47 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-10-05 23:47 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-10-05 21:55 - 2016-10-05 21:55 - 00079570 _____ C:\Users\*****\Desktop\Splines.pdf
2016-09-30 23:54 - 2016-09-30 23:54 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-09-28 18:55 - 2016-09-28 18:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atlassian
2016-09-28 18:55 - 2016-09-28 18:55 - 00000000 ____D C:\Program Files (x86)\SourceTree
2016-09-28 13:54 - 2016-10-02 23:17 - 00000000 ____D C:\Users\*****\AppData\Roaming\MonoDevelop-Unity-5.0
2016-09-28 13:54 - 2016-09-28 13:54 - 00000000 ____D C:\Users\*****\AppData\Local\MonoDevelop-Unity-5.0
2016-09-28 13:45 - 2016-10-03 15:31 - 00000000 ____D C:\Users\*****\AppData\LocalLow\DefaultCompany
2016-09-27 23:24 - 2016-09-27 23:25 - 128365670 _____ C:\Users\*****\Downloads\Carbon Based Lifeforms - The Path.zip
2016-09-27 18:14 - 2016-09-27 18:14 - 00000000 ____D C:\Users\Admin\AppData\Roaming\MonoDevelop-Unity-5.0
2016-09-27 18:14 - 2016-09-27 18:14 - 00000000 ____D C:\Users\Admin\AppData\Local\MonoDevelop-Unity-5.0
2016-09-27 18:10 - 2016-09-27 18:10 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\DefaultCompany
2016-09-27 17:53 - 2016-09-27 17:53 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2015 Tools for Unity
2016-09-27 17:53 - 2016-09-27 17:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity
2016-09-27 17:49 - 2016-09-27 17:49 - 00000883 _____ C:\Users\Public\Desktop\Unity 5.4.1f1 (64-bit).lnk
2016-09-27 17:49 - 2016-09-27 17:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.4.1f1 (64-bit)
2016-09-27 17:49 - 2016-09-27 17:49 - 00000000 ____D C:\Program Files (x86)\GtkSharp
2016-09-26 16:40 - 2016-09-26 16:40 - 00001322 _____ C:\Users\*****\Desktop\RocketLeagueTrainer.exe - Verknüpfung.lnk
2016-09-23 13:35 - 2016-09-23 13:35 - 00000000 __HDC C:\ProgramData\{2FBE3374-BA89-48C3-B5F4-877C1D7D624D}
2016-09-21 15:03 - 2016-09-21 15:03 - 00000000 ____D C:\Users\*****\Documents\KONAMI
2016-09-21 15:03 - 2016-09-21 15:03 - 00000000 ____D C:\Users\Admin\Documents\KONAMI
2016-09-21 15:03 - 2016-09-21 15:03 - 00000000 ____D C:\ProgramData\KONAMI
2016-09-21 14:00 - 2016-08-05 17:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-09-21 14:00 - 2016-08-05 17:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-09-20 13:39 - 2016-09-20 13:39 - 00000168 _____ C:\Users\*****\.gitconfig
2016-09-18 19:29 - 2016-09-18 19:29 - 00001138 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-09-16 22:00 - 2016-09-22 17:01 - 00000000 ____D C:\Windows\rescache
2016-09-16 21:32 - 2016-09-26 17:05 - 00000000 ____D C:\Users\*****\Documents\Project CARS
2016-09-16 21:32 - 2016-09-16 21:32 - 00000000 ____D C:\Users\*****\Documents\wmd_symbol_cache
2016-09-15 00:58 - 2016-09-02 17:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-09-15 00:58 - 2016-09-02 17:35 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-09-15 00:58 - 2016-09-02 17:35 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-09-15 00:58 - 2016-09-02 17:35 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-09-15 00:58 - 2016-09-02 17:35 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-09-15 00:58 - 2016-09-02 17:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-09-15 00:58 - 2016-09-02 17:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-09-15 00:58 - 2016-09-02 17:31 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-09-15 00:58 - 2016-09-02 17:31 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-09-15 00:58 - 2016-09-02 17:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-09-15 00:58 - 2016-09-02 17:31 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-09-15 00:58 - 2016-09-02 17:31 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-09-15 00:58 - 2016-09-02 17:31 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-09-15 00:58 - 2016-09-02 17:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-09-15 00:58 - 2016-09-02 17:31 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-09-15 00:58 - 2016-09-02 17:31 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:21 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-09-15 00:58 - 2016-09-02 17:21 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-09-15 00:58 - 2016-09-02 17:18 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:02 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-09-15 00:58 - 2016-09-02 17:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-09-15 00:58 - 2016-09-02 17:02 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-09-15 00:58 - 2016-09-02 17:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-09-15 00:58 - 2016-09-02 16:58 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-09-15 00:58 - 2016-09-02 16:57 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-09-15 00:58 - 2016-09-02 16:55 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-09-15 00:58 - 2016-09-02 16:54 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-09-15 00:58 - 2016-09-02 16:54 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-09-15 00:58 - 2016-09-02 16:53 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-09-15 00:58 - 2016-09-02 16:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-09-15 00:58 - 2016-09-02 16:53 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-09-15 00:58 - 2016-09-02 16:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-09-15 00:58 - 2016-09-02 16:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-09-15 00:58 - 2016-09-02 16:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-09-15 00:58 - 2016-09-02 16:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-09-15 00:58 - 2016-09-02 16:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-09-15 00:58 - 2016-09-02 16:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 16:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 16:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 16:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-09-15 00:58 - 2016-09-01 21:26 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-09-15 00:58 - 2016-09-01 20:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-09-15 00:58 - 2016-09-01 05:18 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-09-15 00:58 - 2016-09-01 05:08 - 20312064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-09-15 00:58 - 2016-09-01 04:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-09-15 00:58 - 2016-09-01 04:46 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-09-15 00:58 - 2016-09-01 04:46 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-09-15 00:58 - 2016-09-01 04:46 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-09-15 00:58 - 2016-09-01 04:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-09-15 00:58 - 2016-09-01 04:34 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-09-15 00:58 - 2016-09-01 04:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-09-15 00:58 - 2016-09-01 04:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-09-15 00:58 - 2016-09-01 04:26 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-09-15 00:58 - 2016-09-01 04:24 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-09-15 00:58 - 2016-09-01 04:24 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-09-15 00:58 - 2016-09-01 04:23 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-09-15 00:58 - 2016-09-01 04:08 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-09-15 00:58 - 2016-09-01 03:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-09-15 00:58 - 2016-09-01 03:57 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-09-15 00:58 - 2016-09-01 03:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-09-15 00:58 - 2016-09-01 03:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-09-15 00:58 - 2016-09-01 03:48 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-09-15 00:58 - 2016-09-01 03:45 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-09-15 00:58 - 2016-09-01 03:34 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-09-15 00:58 - 2016-09-01 03:30 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-09-15 00:58 - 2016-09-01 03:29 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-09-15 00:58 - 2016-09-01 03:29 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-09-15 00:58 - 2016-09-01 03:27 - 13808128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-09-15 00:58 - 2016-09-01 03:24 - 04607488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-09-15 00:58 - 2016-09-01 02:45 - 25770496 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-09-15 00:58 - 2016-09-01 02:43 - 02445824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-09-15 00:58 - 2016-09-01 02:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-09-15 00:58 - 2016-09-01 02:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-09-15 00:58 - 2016-09-01 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-09-15 00:58 - 2016-09-01 02:38 - 01316352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-09-15 00:58 - 2016-09-01 02:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-09-15 00:58 - 2016-09-01 02:24 - 02894336 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-09-15 00:58 - 2016-09-01 02:24 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-09-15 00:58 - 2016-09-01 02:24 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-09-15 00:58 - 2016-09-01 02:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-09-15 00:58 - 2016-09-01 02:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-09-15 00:58 - 2016-09-01 02:16 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-09-15 00:58 - 2016-09-01 02:15 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-09-15 00:58 - 2016-09-01 02:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-09-15 00:58 - 2016-09-01 02:11 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-09-15 00:58 - 2016-09-01 02:11 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-09-15 00:58 - 2016-09-01 02:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-09-15 00:58 - 2016-09-01 02:10 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-09-15 00:58 - 2016-09-01 02:06 - 06047232 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-09-15 00:58 - 2016-09-01 02:03 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-09-15 00:58 - 2016-09-01 01:59 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-09-15 00:58 - 2016-09-01 01:51 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-09-15 00:58 - 2016-09-01 01:50 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-09-15 00:58 - 2016-09-01 01:47 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-09-15 00:58 - 2016-09-01 01:46 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-09-15 00:58 - 2016-09-01 01:44 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-09-15 00:58 - 2016-09-01 01:42 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-09-15 00:58 - 2016-09-01 01:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-09-15 00:58 - 2016-09-01 01:29 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-09-15 00:58 - 2016-09-01 01:28 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-09-15 00:58 - 2016-09-01 01:27 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-09-15 00:58 - 2016-09-01 01:26 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-09-15 00:58 - 2016-09-01 01:15 - 15411712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-09-15 00:58 - 2016-09-01 01:10 - 02921472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-09-15 00:58 - 2016-09-01 00:58 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-09-15 00:58 - 2016-09-01 00:47 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-09-15 00:58 - 2016-08-16 19:36 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-09-15 00:58 - 2016-08-16 04:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-09-15 00:58 - 2016-08-16 04:35 - 03218432 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-09-15 00:58 - 2016-08-12 18:26 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-09-15 00:58 - 2016-08-12 18:26 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-09-15 00:58 - 2016-08-12 18:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-09-15 00:58 - 2016-08-06 17:31 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-09-15 00:58 - 2016-08-06 17:15 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-09-13 00:09 - 2016-09-13 00:09 - 00000000 ____D C:\Users\Admin\Documents\Steinberg
2016-09-13 00:09 - 2016-09-13 00:09 - 00000000 ____D C:\Users\Admin\AppData\Local\Native Instruments
2016-09-13 00:08 - 2016-09-13 00:08 - 00000000 ____D C:\Users\Admin\Documents\VST3 Presets

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-06 20:52 - 2014-11-06 18:23 - 00000000 ____D C:\Users\*****\AppData\Local\Spotify
2016-10-06 20:52 - 2013-04-13 20:37 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-06 20:50 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-06 20:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Vss
2016-10-06 07:33 - 2016-05-21 11:40 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2919925435-3243357412-1734966863-1000UA.job
2016-10-06 07:33 - 2013-04-13 20:37 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-06 07:28 - 2013-06-20 01:04 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-06 07:06 - 2015-06-17 07:55 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2919925435-3243357412-1734966863-1000UA.job
2016-10-06 04:33 - 2016-05-21 11:40 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2919925435-3243357412-1734966863-1000Core.job
2016-10-06 01:07 - 2014-11-06 18:22 - 00000000 ____D C:\Users\*****\AppData\Roaming\Spotify
2016-10-05 23:42 - 2013-04-19 20:17 - 00000000 ____D C:\Users\*****\AppData\Roaming\vlc
2016-10-05 22:02 - 2013-04-13 21:22 - 00000000 ____D C:\Users\*****\AppData\Roaming\MediaMonkey
2016-10-05 20:19 - 2013-04-21 20:48 - 00000000 ____D C:\Users\*****\AppData\Local\Last.fm
2016-10-05 19:34 - 2009-07-14 06:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-05 19:34 - 2009-07-14 06:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-05 19:26 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-10-04 19:34 - 2013-04-13 20:37 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-03 19:11 - 2014-06-18 00:44 - 00000000 ____D C:\ProgramData\Unity
2016-10-02 17:13 - 2013-11-26 15:05 - 00000000 ____D C:\Users\Admin
2016-10-02 16:16 - 2013-04-13 18:07 - 00000000 ____D C:\Users\*****\AppData\Local\VirtualStore
2016-09-30 23:54 - 2015-06-17 07:55 - 00000000 ____D C:\Users\*****\AppData\Local\Dropbox
2016-09-30 23:54 - 2013-04-29 11:18 - 00000000 ____D C:\Users\*****\AppData\Roaming\Dropbox
2016-09-30 15:50 - 2013-11-14 23:32 - 00000000 ____D C:\Users\*****\Documents\Telltale Games
2016-09-28 20:30 - 2016-02-02 00:21 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-09-28 18:53 - 2016-02-26 21:24 - 00000000 ____D C:\ProgramData\Atlassian
2016-09-28 13:53 - 2015-10-26 11:44 - 00000000 ____D C:\Users\*****\Documents\Visual Studio 2015
2016-09-28 13:45 - 2013-04-30 00:55 - 00000000 ____D C:\Users\*****\AppData\LocalLow\Unity
2016-09-28 13:44 - 2014-06-18 00:53 - 00000000 ____D C:\Users\*****\AppData\Roaming\Unity
2016-09-27 18:12 - 2015-10-26 10:56 - 00000000 ____D C:\Users\Admin\Documents\Visual Studio 2015
2016-09-27 18:10 - 2014-06-18 00:42 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\Unity
2016-09-27 18:07 - 2015-05-02 01:09 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Unity
2016-09-27 17:53 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-27 17:49 - 2015-04-29 19:55 - 00000000 ____D C:\Program Files\Unity
2016-09-27 13:36 - 2015-01-18 03:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-27 13:36 - 2013-04-13 21:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-26 16:40 - 2016-08-29 16:28 - 00000000 ____D C:\Tools
2016-09-23 17:06 - 2011-04-12 09:43 - 00701778 _____ C:\Windows\system32\perfh007.dat
2016-09-23 17:06 - 2011-04-12 09:43 - 00150388 _____ C:\Windows\system32\perfc007.dat
2016-09-23 17:06 - 2009-07-14 07:13 - 01622158 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-23 17:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-09-23 17:01 - 2015-11-25 01:39 - 00000000 ____D C:\Users\*****\Desktop\Recording_part
2016-09-23 13:35 - 2016-08-30 18:01 - 00001014 _____ C:\Users\Public\Desktop\Kontakt 5.lnk
2016-09-23 11:06 - 2015-06-17 07:55 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2919925435-3243357412-1734966863-1000Core.job
2016-09-20 16:47 - 2013-04-13 21:22 - 00000000 ____D C:\Users\*****\AppData\Roaming\Skype
2016-09-20 14:06 - 2013-04-13 21:27 - 00000000 ____D C:\Spiele
2016-09-20 13:39 - 2013-04-13 18:07 - 00000000 ____D C:\Users\*****
2016-09-20 13:24 - 2016-01-09 22:54 - 00000000 ____D C:\Users\*****\Desktop\Temp
2016-09-20 10:52 - 2013-06-20 01:04 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-09-20 10:52 - 2013-04-14 22:17 - 00000000 ____D C:\Users\*****\AppData\Local\Adobe
2016-09-20 10:52 - 2013-04-13 21:50 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-09-20 10:52 - 2013-04-13 21:50 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-20 10:52 - 2013-04-13 21:50 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-09-20 10:52 - 2013-04-13 21:50 - 00000000 ____D C:\Windows\system32\Macromed
2016-09-20 10:51 - 2014-01-18 19:24 - 00000000 ____D C:\Users\Admin\AppData\Local\Adobe
2016-09-18 19:29 - 2013-04-20 12:37 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-18 19:29 - 2013-04-13 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-09-15 20:44 - 2015-10-14 22:43 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-09-15 20:44 - 2013-04-13 21:22 - 00000000 ____D C:\ProgramData\Skype
2016-09-15 11:45 - 2009-07-14 06:45 - 00288544 _____ C:\Windows\system32\FNTCACHE.DAT
2016-09-15 01:21 - 2014-01-14 20:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-09-15 01:21 - 2014-01-14 20:47 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-09-15 01:21 - 2014-01-14 20:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-09-15 01:15 - 2013-08-07 03:00 - 00000000 ____D C:\Windows\system32\MRT
2016-09-15 01:15 - 2013-04-17 21:59 - 144199024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-09-13 00:09 - 2016-08-30 04:23 - 00000000 ____D C:\Users\Admin\Documents\Native Instruments
2016-09-13 00:09 - 2015-06-21 23:24 - 00000000 ____D C:\Users\Admin\AppData\Roaming\HOFA
2016-09-13 00:09 - 2015-03-15 17:33 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Steinberg

Einige Dateien in TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\avgnt.exe
C:\Users\*****\AppData\Local\Temp\avgnt.exe
C:\Users\*****\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5lcyn1.dll
C:\Users\*****\AppData\Local\Temp\i4jdel0.exe
C:\Users\*****\AppData\Local\Temp\jansi-64-git-Bukkit-1.4.7-R1.0-b2624jnks.dll
C:\Users\*****\AppData\Local\Temp\jre-8u101-windows-au.exe
C:\Users\*****\AppData\Local\Temp\SandboxieInstall.exe
C:\Users\*****\AppData\Local\Temp\sfamcc00001.dll
C:\Users\*****\AppData\Local\Temp\SIntf16.dll
C:\Users\*****\AppData\Local\Temp\SIntf32.dll
C:\Users\*****\AppData\Local\Temp\SIntfNT.dll
C:\Users\*****\AppData\Local\Temp\SkypeSetup.exe
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-017471a8-1214-486f-9b4a-6e529bb5ee14-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-01cd0e59-8904-4451-8229-c98a886174a4-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-39c97557-0fcd-4524-a96e-83a449cc35ee-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-57b36b20-ffe8-468e-ad7f-8f3b4952b002-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-5895c0e3-5d25-47b1-8cb6-5d5b7b789a4a-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-5aef941f-7615-4b58-99d1-5afa8b23370d-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-640ebc9d-babc-41ea-bcc3-9425a8eca9ba-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-7fdf69e2-65b8-4d50-9486-2bebc9f75b5c-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-887e3172-c01b-4465-8b9c-8743ca07f224-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-9dcd7c7e-f044-49ab-8fe4-4c6436ea0b35-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-adb19df7-9df5-40a1-a0b4-774d1e938e6c-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-adccf870-0580-4add-90d9-00f757647648-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-b91bc444-4e38-46d5-8519-d7d5bc30747a-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-c1d8f87b-c58b-43ce-a09b-635fd8761cba-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-c6605e17-6f6a-40a6-8eea-1ec2e775c9b3-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-cdefe8e8-c740-49c3-907b-d9d423f7526e-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-d44f120d-82e1-45fc-9306-1c0b28cf306d-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-e695e562-a52c-4c87-8b36-b1e43b16bd71-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\vlc-2.2.1-win32.exe
C:\Users\*****\AppData\Local\Temp\war3_Install.exe
C:\Users\*****\AppData\Local\Temp\_is7B47.exe


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => MD5 ist legitim
C:\Windows\system32\wininit.exe => MD5 ist legitim
C:\Windows\SysWOW64\wininit.exe => MD5 ist legitim
C:\Windows\explorer.exe => MD5 ist legitim
C:\Windows\SysWOW64\explorer.exe => MD5 ist legitim
C:\Windows\system32\svchost.exe => MD5 ist legitim
C:\Windows\SysWOW64\svchost.exe => MD5 ist legitim
C:\Windows\system32\services.exe => MD5 ist legitim
C:\Windows\system32\User32.dll
[2016-09-15 00:58] - [2016-08-16 19:36] - 1009152 ____A (Microsoft Corporation) 8F4B991E7837E8E0F90C856659456652

C:\Windows\SysWOW64\User32.dll
[2016-09-15 00:58] - [2016-08-16 04:48] - 0833024 ____A (Microsoft Corporation) 0FBC0E335B65EE5A0175631237817510

C:\Windows\system32\userinit.exe => MD5 ist legitim
C:\Windows\SysWOW64\userinit.exe => MD5 ist legitim
C:\Windows\system32\rpcss.dll => MD5 ist legitim
C:\Windows\system32\dnsapi.dll => MD5 ist legitim
C:\Windows\SysWOW64\dnsapi.dll => MD5 ist legitim
C:\Windows\system32\Drivers\volsnap.sys => MD5 ist legitim


LastRegBack: 2016-10-06 04:36

==================== Ende von FRST.txt ============================
         
--- --- ---

Alt 06.10.2016, 21:02   #7
Esdeh
 
Backdoor "BDS/Cycbotcfg" in Firefox Cache gefunden - Standard

Backdoor "BDS/Cycbotcfg" in Firefox Cache gefunden



Addition.txt:

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 04-10-2016
durchgeführt von Admin (06-10-2016 20:53:44)
Gestartet von C:\Users\*****\Desktop
Windows 7 Professional Service Pack 1 (X64) (2013-04-13 16:07:38)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Admin (S-1-5-21-2919925435-3243357412-1734966863-1003 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2919925435-3243357412-1734966863-500 - Administrator - Disabled)
Gast (S-1-5-21-2919925435-3243357412-1734966863-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2919925435-3243357412-1734966863-1002 - Limited - Enabled)
nx (S-1-5-21-2919925435-3243357412-1734966863-1004 - Administrator - Enabled) => C:\Users\nx
***** (S-1-5-21-2919925435-3243357412-1734966863-1000 - Limited - Enabled) => C:\Users\*****

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.28 - GIGABYTE)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AdiIRC (HKLM-x32\...\AdiIRC) (Version: 1.9.1 - Per Amundsen)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
AFPL Ghostscript 8.54 (HKLM-x32\...\AFPL Ghostscript 8.54) (Version:  - )
AFPL Ghostscript Fonts (HKLM-x32\...\AFPL Ghostscript Fonts) (Version:  - )
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - )
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
AMD Catalyst Install Manager (HKLM\...\{308051DA-0048-7A07-FE8B-9B6EC119A9E8}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Amnesia: A Machine for Pigs (HKLM-x32\...\Steam App 239200) (Version:  - The Chinese Room)
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version:  - )
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Anki (HKLM-x32\...\Anki) (Version:  - )
Anno 1404 (HKLM-x32\...\Steam App 33250) (Version:  - Blue Byte)
ANNO 1602 Königs-Edition (HKLM-x32\...\ANNO 1602 Königs-Edition) (Version:  - )
Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3 - Microsoft Corporation) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta1 - Michael Tippach)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.1.4.0 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.1.4.0 - ASUSTek COMPUTER INC.) Hidden
ASUS Utility (x32 Version: 1.00.0000 - ASUSTek) Hidden
ASUS VGA Driver (x32 Version: 3.0.0.1 - Ihr Firmenname) Hidden
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
AutoGreen B12.0206.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B12.0206.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.20.59 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{82dc2ab6-088f-4e0a-8e27-bb829481d3bc}) (Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG) Hidden
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BIT.TRIP Presents... Runner2: Future Legend of Rhythm Alien (HKLM-x32\...\Steam App 218060) (Version:  - Gaijin Games)
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blender (HKLM\...\Blender) (Version: 2.74 - Blender Foundation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Botanicula (HKLM-x32\...\Steam App 207690) (Version:  - Amanita Design)
Braid (HKLM-x32\...\Steam App 26800) (Version:  - Number None)
Broken Sword 1 - Shadow of the Templars: Director's Cut (HKLM\...\Steam App 57640) (Version:  - Revolution Software Ltd)
Burnout Paradise: The Ultimate Box (HKLM-x32\...\Steam App 24740) (Version:  - Criterion Games)
Catan - Die erste Insel (HKLM-x32\...\Catan) (Version:  - )
Cave Story+ (HKLM-x32\...\Steam App 200900) (Version:  - Nicalis)
CCleaner (HKLM\...\CCleaner) (Version: 4.06 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Content Transfer (HKLM-x32\...\{CFADE4AF-C0CF-4A04-A776-741318F1658F}) (Version: 1.0.0.07110 - Sony Corporation)
Contraption Maker (HKLM-x32\...\Steam App 241240) (Version:  - Spotkin)
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version:  - DownloadHelper)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Dark Souls: Prepare to Die Edition (HKLM\...\Steam App 211420) (Version:  - FromSoftware)
DayZ Commander (HKLM-x32\...\{5B75991B-CCBA-4908-ACFF-3FF60A624D5E}) (Version: 0.92.83 - Dotjosh Studios)
DB Browser for SQLite (HKLM-x32\...\SqliteBrowser3) (Version: 3.8.0 - oldsch00l)
Dead Space (HKLM-x32\...\Steam App 17470) (Version:  - EA Redwood Shores)
Dear Esther (HKLM-x32\...\Steam App 203810) (Version:  - thechineseroom & Robert Briscoe)
Defense Grid 2 (HKLM\...\Steam App 221540) (Version:  - Hidden Path Entertainment)
Defense Grid: The Awakening (HKLM-x32\...\Steam App 18500) (Version:  - Hidden Path Entertainment)
Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM-x32\...\Dev-C++) (Version:  - )
DiRT 3 Complete Edition (HKLM-x32\...\Steam App 321040) (Version:  - Codemasters Racing Studio)
Discord (HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
DmC Devil May Cry (HKLM\...\Steam App 220440) (Version:  - Ninja Theory)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Dropbox (HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Dropbox) (Version: 11.4.21 - Dropbox, Inc.)
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version:  - Trendy Entertainment)
Easy Tune 6 B12.1121.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B12.1121.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.8.4.2156 - Steinberg Media Technologies GmbH)
Etron USB3.0 Host Controller (x32 Version: 0.115 - Etron Technology) Hidden
Factorio (HKLM\...\Steam App 427520) (Version:  - Wube Software LTD.)
Far Cry® 3 (HKLM\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FEZ (HKLM-x32\...\Steam App 224760) (Version:  - Polytron Corporation)
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Football Manager 2016 (HKLM\...\Steam App 378120) (Version:  - SPORTS INTERACTIVE)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
Game Dev Tycoon (HKLM\...\Steam App 239820) (Version:  - Greenheart Games)
GameMaker-Studio 1.4 (HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\GameMaker-Studio14) (Version:  - YoYo Games Ltd.)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Git version 1.9.5-preview20141217 (HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Git_is1) (Version: 1.9.5-preview20141217 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Gpg4win (2.2.1) (HKLM-x32\...\GPG4Win) (Version: 2.2.1 - The Gpg4win Project)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.07) (Version: 9.07 - Artifex Software Inc.)
GRID 2 (HKLM-x32\...\Steam App 44350) (Version:  - Codemasters Racing)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
Guacamelee! Gold Edition (HKLM\...\Steam App 214770) (Version:  - DrinkBox Studios)
Hammerwatch (HKLM-x32\...\Steam App 239070) (Version:  - Crackshell)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of Might and Magic® III (HKLM-x32\...\Heroes of Might and Magic® III) (Version:  - )
HOFA-Plugins Uninstall (HKLM-x32\...\HOFA-Plugins) (Version:  - HOFA-Plugins)
Hotline Miami (HKLM-x32\...\Steam App 219150) (Version:  - )
HydraVision (x32 Version: 4.2.230.0 - Advanced Micro Devices, Inc.) Hidden
IndustrieGigant 2 (HKLM-x32\...\IndustrieGigant 2) (Version:  - )
Inkscape 0.48.5 (HKLM-x32\...\Inkscape) (Version: 0.48.5 - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
IntelliJ IDEA Community Edition 2016.2.2 (HKLM-x32\...\IntelliJ IDEA Community Edition 2016.2.2) (Version: 162.1628.40 - JetBrains s.r.o.)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java SE Development Kit 8 Update 66 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180660}) (Version: 8.0.660.18 - Oracle Corporation)
KDiff3 (remove only) (HKLM-x32\...\KDiff3) (Version:  - )
KeePass Password Safe 1.25 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.25 - Dominik Reichl)
Last.fm Scrobbler 2.1.37 (HKLM-x32\...\LastFM_is1) (Version:  - Last.fm)
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version:  - Valve)
Life Is Strange™ (HKLM-x32\...\Steam App 319630) (Version:  - DONTNOD Entertainment)
LIMBO (HKLM-x32\...\Steam App 48000) (Version:  - Playdead)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
Logitech Gaming Software 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Media Go (HKLM-x32\...\{65256C0D-3FE7-4D2E-BB3E-53F1175481C8}) (Version: 3.0.403 - Sony)
Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
Media Go Video Playback Engine 2.20.106.05220 (HKLM-x32\...\{ECAE7E40-24A6-9E8E-EA93-90D080C878B3}) (Version: 2.20.106.05220 - Sony)
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{3D3CEBE6-40EA-4C48-97FD-73828281AB4A}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50709.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{68BA34E8-9B9D-4A74-83F0-7D366B532D75}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{718FFB65-F6E4-4D62-861F-ED10ED32C936}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2015 Tools for Unity (HKLM-x32\...\{5359C5C6-F83D-4E74-9170-F9A68BE1C57F}) (Version: 2.3.0.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 (HKLM-x32\...\{50b32652-69d2-4b93-9316-edcd12067b8b}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
MinGW-Get version 0.5-beta-20120426-1 (HKLM-x32\...\{AC2C1BDB-1E91-4F94-B99C-E716FE2E9C75}_is1) (Version: 0.5-beta-20120426-1 - MinGW)
Mini Metro (HKLM-x32\...\Steam App 287980) (Version:  - Dinosaur Polo Club)
Monaco (HKLM-x32\...\Steam App 113020) (Version:  - Pocketwatch Games)
Mozilla Firefox 49.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 de)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla)
Mozilla Thunderbird 31.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 de)) (Version: 31.7.0 - Mozilla)
Mp3tag v2.74a (HKLM-x32\...\Mp3tag) (Version: v2.74a - Florian Heidenreich)
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
My Game Long Name (HKLM\...\UDK-95e58597-057e-4bfc-99f2-d5d4d4008351) (Version:  - Epic Games, Inc.)
MySQL Connector C++ 1.1.6 (HKLM\...\{80EE5F65-5553-47A1-B6A9-8BF3211D21A3}) (Version: 1.1.6 - Oracle and/or its affiliates)
MySQL Connector J (HKLM-x32\...\{08BE0787-D0CE-4240-93EF-D73DA099A285}) (Version: 5.1.37 - Oracle Corporation)
MySQL Connector Net 6.9.8 (HKLM-x32\...\{D01DF7C8-6F2D-46BC-923B-418233EB1D14}) (Version: 6.9.8 - Oracle)
MySQL Connector/C 6.1 (HKLM\...\{ABC3A516-54E3-414B-B501-762E7FB2F9D5}) (Version: 6.1.6 - Oracle Corporation)
MySQL Connector/ODBC 5.3 (HKLM\...\{A1991404-2634-47E1-BC45-8F3B5014B1D1}) (Version: 5.3.4 - Oracle Corporation)
MySQL Documents 5.7 (HKLM-x32\...\{D0A57743-4C29-47AD-B0DB-237F7391315E}) (Version: 5.7.10 - Oracle Corporation)
MySQL Examples and Samples 5.7 (HKLM-x32\...\{FAA236F0-2B55-4A9F-BC36-BBB8E006DD1C}) (Version: 5.7.10 - Oracle Corporation)
MySQL Fabric 1.5.6 & MySQL Utilities 1.5.6 (HKLM-x32\...\{C914EB85-F0E6-4150-9FA0-99B716A15EAF}) (Version: 1.5.6 - Oracle Corporation)
MySQL for Visual Studio 1.2.5 (HKLM-x32\...\{78D360E3-11E9-4F7A-BBF6-18AEC6BF2C31}) (Version: 1.2.5 - Oracle)
MySQL Installer - Community (HKLM-x32\...\{F5B36509-1BB1-4722-A386-B93B689FB02A}) (Version: 1.4.13.0 - Oracle Corporation)
MySQL Notifier 1.1.6 (HKLM-x32\...\{CB76A6E9-B184-461D-A8BE-7D0D73199545}) (Version: 1.1.6 - Oracle)
MySQL Server 5.7 (HKLM\...\{A0BEAD8A-378A-4E79-8C66-CFFA27A59EFE}) (Version: 5.7.10 - Oracle Corporation)
MySQL Workbench 6.3 CE (HKLM\...\{8E6D8BF8-828A-4F7B-A332-F7CEB8CB75AA}) (Version: 6.3.5 - Oracle Corporation)
Native Instruments Abbey Road 50s Drummer (HKLM-x32\...\Native Instruments Abbey Road 50s Drummer) (Version: 1.2.0.11 - Native Instruments)
Native Instruments Abbey Road 60s Drummer (HKLM-x32\...\Native Instruments Abbey Road 60s Drummer) (Version: 1.3.0.12 - Native Instruments)
Native Instruments Abbey Road 60s Drums (HKLM-x32\...\Native Instruments Abbey Road 60s Drums) (Version:  - Native Instruments)
Native Instruments Abbey Road 70s Drummer (HKLM-x32\...\Native Instruments Abbey Road 70s Drummer) (Version: 1.3.0.8 - Native Instruments)
Native Instruments Abbey Road 80s Drummer (HKLM-x32\...\Native Instruments Abbey Road 80s Drummer) (Version: 1.3.0.5 - Native Instruments)
Native Instruments Abbey Road Modern Drummer (HKLM-x32\...\Native Instruments Abbey Road Modern Drummer) (Version: 1.3.0.3 - Native Instruments)
Native Instruments Abbey Road Vintage Drummer (HKLM-x32\...\Native Instruments Abbey Road Vintage Drummer) (Version: 1.3.0.11 - Native Instruments)
Native Instruments Absynth 5 (HKLM-x32\...\Native Instruments Absynth 5) (Version: 5.3.1.1628 - Native Instruments)
Native Instruments Action Strikes (HKLM-x32\...\Native Instruments Action Strikes) (Version: 1.2.0.2 - Native Instruments)
Native Instruments Action Strings (HKLM-x32\...\Native Instruments Action Strings) (Version: 1.5.0.1 - Native Instruments)
Native Instruments Alicias Keys (HKLM-x32\...\Native Instruments Alicias Keys) (Version: 1.5.0.2 - Native Instruments)
Native Instruments Balinese Gamelan (HKLM-x32\...\Native Instruments Balinese Gamelan) (Version: 1.2.0.5 - Native Instruments)
Native Instruments Battery 3 (HKLM-x32\...\Native Instruments Battery 3) (Version:  - Native Instruments)
Native Instruments Battery 4 (HKLM-x32\...\Native Instruments Battery 4) (Version: 4.1.5.254 - Native Instruments)
Native Instruments Battery 4 Factory Library (HKLM-x32\...\Native Instruments Battery 4 Factory Library) (Version: 1.1.0.1 - Native Instruments)
Native Instruments Battery Library Importer for Maschine (HKLM-x32\...\Native Instruments Battery Library Importer for Maschine) (Version:  - Native Instruments)
Native Instruments Berlin Concert Grand (HKLM-x32\...\Native Instruments Berlin Concert Grand) (Version:  - Native Instruments)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.11.0.465 - Native Instruments)
Native Instruments Cuba (HKLM-x32\...\Native Instruments Cuba) (Version: 1.2.0.2 - Native Instruments)
Native Instruments Damage (HKLM-x32\...\Native Instruments Damage) (Version: 1.5.0.2 - Native Instruments)
Native Instruments Driver (HKLM-x32\...\Native Instruments Driver) (Version: 1.3.1.45 - Native Instruments)
Native Instruments Drum Lab (HKLM-x32\...\Native Instruments Drum Lab) (Version: 1.2.0.6 - Native Instruments)
Native Instruments Enhanced EQ (HKLM-x32\...\Native Instruments Enhanced EQ) (Version: 1.3.1.45 - Native Instruments)
Native Instruments Evolve Mutations (HKLM-x32\...\Native Instruments Evolve Mutations) (Version: 1.2.0.1 - Native Instruments)
Native Instruments Evolve Mutations 2 (HKLM-x32\...\Native Instruments Evolve Mutations 2) (Version: 1.2.0.2 - Native Instruments)
Native Instruments Evolve R2 (HKLM-x32\...\Native Instruments Evolve R2) (Version: 1.7.0.3 - Native Instruments)
Native Instruments FM8 (HKLM-x32\...\Native Instruments FM8) (Version: 1.4.1.1599 - Native Instruments)
Native Instruments George Duke Soul Treasures (HKLM-x32\...\Native Instruments George Duke Soul Treasures) (Version: 1.3.0.15 - Native Instruments)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: 5.2.2.8 - Native Instruments)
Native Instruments Guitar Rig Mobile IO Driver (HKLM-x32\...\Native Instruments Guitar Rig Mobile IO Driver) (Version:  - Native Instruments)
Native Instruments Guitar Rig Session IO Driver (HKLM-x32\...\Native Instruments Guitar Rig Session IO Driver) (Version:  - Native Instruments)
Native Instruments Kinetic Metal (HKLM-x32\...\Native Instruments Kinetic Metal) (Version: 1.1.0.13 - Native Instruments)
Native Instruments Komplete 10 Ultimate (HKLM-x32\...\Native Instruments Komplete 10 Ultimate) (Version:  - Native Instruments)
Native Instruments Komplete 8 (HKLM-x32\...\Native Instruments Komplete 8) (Version:  - Native Instruments)
Native Instruments Komplete Kontrol Driver (HKLM-x32\...\Native Instruments Komplete Kontrol Driver) (Version:  - Native Instruments)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.6.0.46 - Native Instruments)
Native Instruments Kontakt Factory Library (HKLM-x32\...\Native Instruments Kontakt Factory Library) (Version: 1.2.0.3 - Native Instruments)
Native Instruments Kontour (HKLM-x32\...\Native Instruments Kontour) (Version: 1.0.0.4 - Native Instruments)
Native Instruments Maschine Drum Selection (HKLM-x32\...\Native Instruments Maschine Drum Selection) (Version: 1.3.0.19 - Native Instruments)
Native Instruments Molekular (HKLM-x32\...\Native Instruments Molekular) (Version: 1.0.0.3 - Native Instruments)
Native Instruments Monark (HKLM-x32\...\Native Instruments Monark) (Version: 1.3.0.2 - Native Instruments)
Native Instruments New York Concert Grand (HKLM-x32\...\Native Instruments New York Concert Grand) (Version:  - Native Instruments)
Native Instruments Passive EQ (HKLM-x32\...\Native Instruments Passive EQ) (Version: 1.3.1.45 - Native Instruments)
Native Instruments Polyplex (HKLM-x32\...\Native Instruments Polyplex) (Version: 1.1.0.3 - Native Instruments)
Native Instruments Rammfire (HKLM-x32\...\Native Instruments Rammfire) (Version: 2.0.0.4 - Native Instruments)
Native Instruments Razor (HKLM-x32\...\Native Instruments Razor) (Version: 1.7.0.4 - Native Instruments)
Native Instruments RC 24 (HKLM-x32\...\Native Instruments RC 24) (Version: 1.3.1.45 - Native Instruments)
Native Instruments RC 48 (HKLM-x32\...\Native Instruments RC 48) (Version: 1.3.1.45 - Native Instruments)
Native Instruments Reaktor 5 (HKLM-x32\...\Native Instruments Reaktor 5) (Version: 5.9.4.1512 - Native Instruments)
Native Instruments Reaktor Prism (HKLM-x32\...\Native Instruments Reaktor Prism) (Version: 1.6.0.1 - Native Instruments)
Native Instruments Reaktor Spark R2 (HKLM-x32\...\Native Instruments Reaktor Spark R2) (Version: 1.4.0.4 - Native Instruments)
Native Instruments Reflektor (HKLM-x32\...\Native Instruments Reflektor) (Version: 2.0.0.6 - Native Instruments)
Native Instruments Retro Machines Mk2 (HKLM-x32\...\Native Instruments Retro Machines Mk2) (Version: 1.3.0.4 - Native Instruments)
Native Instruments Rig Kontrol 3 Driver (HKLM-x32\...\Native Instruments Rig Kontrol 3 Driver) (Version:  - Native Instruments)
Native Instruments Rise and Hit (HKLM-x32\...\Native Instruments Rise and Hit) (Version: 1.2.0.11 - Native Instruments)
Native Instruments Rounds (HKLM-x32\...\Native Instruments Rounds) (Version: 1.2.0.3 - Native Instruments)
Native Instruments Scarbee Funk Guitarist (HKLM-x32\...\Native Instruments Scarbee Funk Guitarist) (Version: 1.2.0.1 - Native Instruments)
Native Instruments Scarbee Jay-Bass (HKLM-x32\...\Native Instruments Scarbee Jay-Bass) (Version: 1.1.0.2 - Native Instruments)
Native Instruments Scarbee MM-Bass (HKLM-x32\...\Native Instruments Scarbee MM-Bass) (Version: 1.2.0.4 - Native Instruments)
Native Instruments Scarbee MM-Bass Amped (HKLM-x32\...\Native Instruments Scarbee MM-Bass Amped) (Version: 1.1.0.3 - Native Instruments)
Native Instruments Scarbee Pre-Bass (HKLM-x32\...\Native Instruments Scarbee Pre-Bass) (Version: 1.2.0.2 - Native Instruments)
Native Instruments Scarbee Pre-Bass Amped (HKLM-x32\...\Native Instruments Scarbee Pre-Bass Amped) (Version: 1.1.0.2 - Native Instruments)
Native Instruments Scarbee Rickenbacker Bass (HKLM-x32\...\Native Instruments Scarbee Rickenbacker Bass) (Version: 1.2.0.3 - Native Instruments)
Native Instruments Scarbee Vintage Keys (HKLM-x32\...\Native Instruments Scarbee Vintage Keys) (Version: 1.3.0.6 - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.6.0.137 - Native Instruments)
Native Instruments Session Horns Pro (HKLM-x32\...\Native Instruments Session Horns Pro) (Version: 1.3.0.5 - Native Instruments)
Native Instruments Session Strings Pro (HKLM-x32\...\Native Instruments Session Strings Pro) (Version: 1.4.0.2 - Native Instruments)
Native Instruments Skanner XT (HKLM-x32\...\Native Instruments Skanner XT) (Version: 1.3.0.3 - Native Instruments)
Native Instruments Solid Bus Comp FX (HKLM-x32\...\Native Instruments Solid Bus Comp FX) (Version: 1.3.1.45 - Native Instruments)
Native Instruments Solid Dynamics FX (HKLM-x32\...\Native Instruments Solid Dynamics FX) (Version: 1.3.1.45 - Native Instruments)
Native Instruments Solid EQ FX (HKLM-x32\...\Native Instruments Solid EQ FX) (Version: 1.3.1.45 - Native Instruments)
Native Instruments Studio Drummer (HKLM-x32\...\Native Instruments Studio Drummer) (Version: 1.4.0.13 - Native Instruments)
Native Instruments Supercharger GT (HKLM-x32\...\Native Instruments Supercharger GT) (Version: 1.3.1.45 - Native Instruments)
Native Instruments The Finger R2 (HKLM-x32\...\Native Instruments The Finger R2) (Version: 1.3.0.12 - Native Instruments)
Native Instruments The Gentleman (HKLM-x32\...\Native Instruments The Gentleman) (Version: 1.2.0.3 - Native Instruments)
Native Instruments The Giant (HKLM-x32\...\Native Instruments The Giant) (Version: 1.2.0.8 - Native Instruments)
Native Instruments The Grandeur (HKLM-x32\...\Native Instruments The Grandeur) (Version: 1.2.0.3 - Native Instruments)
Native Instruments The Maverick (HKLM-x32\...\Native Instruments The Maverick) (Version: 1.2.0.3 - Native Instruments)
Native Instruments The Mouth (HKLM-x32\...\Native Instruments The Mouth) (Version: 1.3.0.4 - Native Instruments)
Native Instruments Traktors 12 (HKLM-x32\...\Native Instruments Traktors 12) (Version: 2.0.0.6 - Native Instruments)
Native Instruments Transient Master (HKLM-x32\...\Native Instruments Transient Master) (Version:  - Native Instruments)
Native Instruments Upright Piano (HKLM-x32\...\Native Instruments Upright Piano) (Version:  - Native Instruments)
Native Instruments Vari Comp (HKLM-x32\...\Native Instruments Vari Comp) (Version: 1.3.1.45 - Native Instruments)
Native Instruments VC 76 FX (HKLM-x32\...\Native Instruments VC 76 FX) (Version: 1.3.1.45 - Native Instruments)
Native Instruments Vienna Concert Grand (HKLM-x32\...\Native Instruments Vienna Concert Grand) (Version:  - Native Instruments)
Native Instruments Vintage Organs (HKLM-x32\...\Native Instruments Vintage Organs) (Version: 1.4.0.6 - Native Instruments)
Native Instruments West Africa (HKLM-x32\...\Native Instruments West Africa) (Version: 1.3.0.3 - Native Instruments)
Natural Selection 2 (HKLM-x32\...\Steam App 4920) (Version:  - Unknown Worlds Entertainment)
NetOn 2.1 (HKLM-x32\...\NetOn 2_is1) (Version:  - Rct-Net.de)
New Star Soccer 5 (HKLM-x32\...\Steam App 212780) (Version:  - )
Nidhogg (HKLM-x32\...\Steam App 94400) (Version:  - Messhof)
NoLimits 2 (remove only) (HKLM\...\NoLimits 2) (Version:  - )
NoMachine (HKLM-x32\...\NoMachine_is1) (Version: 4.2.21 - NoMachine S.a.r.l.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.2 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Octodad: Dadliest Catch (HKLM\...\Steam App 224480) (Version:  - Young Horses)
ON_OFF Charge B12.1025.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
OpenRCT2 Launcher (HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\50293b21343b05b6) (Version: 1.0.0.26 - OpenRCT2 Launcher)
Outlast (HKLM-x32\...\Steam App 238320) (Version:  - Red Barrels)
PAC-MAN Championship Edition DX+ (HKLM-x32\...\Steam App 236450) (Version:  - Mine Loader Software Co., Ltd.)
Parkitect (HKLM\...\Steam App 453090) (Version:  - Texel Raptor)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDF Blender (HKLM-x32\...\PDF Blender) (Version:  - )
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.0 - pdfforge)
Personal Backup 5.4 (HKLM\...\Personal Backup 5_is1) (Version: 5.3 - J. Rathlev)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Portal 2 Authoring Tools - Beta (HKLM-x32\...\Steam App 629) (Version:  - Valve)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
Pro Evolution Soccer 2017 Demo (HKLM\...\Steam App 499050) (Version:  - Konami Digital Entertainment)
Project CARS (HKLM\...\Steam App 234630) (Version:  - Slightly Mad Studios)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Rapture3D 2.4.8 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Rayman Origins (HKLM-x32\...\Steam App 207490) (Version:  - UBIart Montpellier)
RCT3 Soaked (HKLM-x32\...\{EA926717-CE5A-4CB4-AB21-9E6E9565A458}) (Version: 1.00.000 - )
Recettear: An Item Shop's Tale (HKLM-x32\...\Steam App 70400) (Version:  - EasyGameStation)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
RISK Factions (HKLM-x32\...\Steam App 47800) (Version:  - Stainless Games)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
Rocksmith 2014 (HKLM\...\Steam App 221680) (Version:  - Ubisoft - San Francisco)
RollerCoaster Tycoon 2 Triple Thrill Pack (HKLM-x32\...\{4C5D15D2-5351-4F05-A96E-56C20554F977}) (Version: 1.00.000 - )
RollerCoaster Tycoon 2: Triple Thrill Pack (HKLM-x32\...\Steam App 285330) (Version:  - Chris Sawyer Productions)
RollerCoaster Tycoon 3 (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - )
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
RTP 2003  (HKLM-x32\...\{19DBA2E8-F9AA-11D7-BCC2-CD62B0FB2277}) (Version: 1.1 - )
RTP for RM2K (Png, Wav, Midi, Fonts) (HKLM-x32\...\RTP for RM2K (Png, Wav, Midi, Fonts)) (Version:  - )
Rust (HKLM\...\Steam App 252490) (Version:  - Facepunch Studios)
Sanctum (HKLM-x32\...\Steam App 91600) (Version:  - Coffee Stain Studios)
Scala (HKLM-x32\...\{7606E6DA-E168-42B5-8345-B08BF774CB30}) (Version: 2.11.2.400 - LAMP/EPFL and Typesafe, Inc.)
Shockwave (HKLM-x32\...\Shockwave) (Version:  - )
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Simple Build Tool (HKLM-x32\...\{CE07BE71-510D-414A-92D4-DFF47631848A}) (Version: 0.13.6.1 - Typesafe, Inc.)
Skype™ 7.27 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.27.101 - Skype Technologies S.A.)
Softwarenetz Haushaltsbuch4 (HKLM-x32\...\Haushaltsbuch4) (Version:  - Softwarenetz)
SOMA (HKLM-x32\...\Steam App 282140) (Version:  - Frictional Games)
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
SourceTree (HKLM-x32\...\SourceTree 1.9.6.1) (Version: 1.9.6.1 - Atlassian)
SourceTree (x32 Version: 1.9.6.1 - Atlassian) Hidden
Spec Ops: The Line (HKLM-x32\...\Steam App 50300) (Version:  - Yager Development)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Spotify) (Version: 1.0.38.171.g5e1cd7b2 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.0.12 - Safer-Networking Ltd.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
StarUML 5.0.2.1570 (HKLM-x32\...\StarUML_is1) (Version:  - Plastic Software, Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steinberg Cubase 8 64bit (HKLM\...\{C806BE81-01DE-4EFA-33AC-34635B3EAB4A}) (Version: 8.0.10 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg EDM Toolbox MIDI Loops (HKLM-x32\...\{8C9B2EA8-9A30-4347-95E9-10E919C4F32E}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Allen Morgan Signature Drums (HKLM-x32\...\{611A7035-0172-4B9B-8BB6-5046F6867D8A}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE 64bit (HKLM\...\{A5AB0D21-21BD-4DB8-F097-02E8FC8C486A}) (Version: 4.1.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Acoustic Agent (HKLM-x32\...\{F34EA13C-F078-4003-AE21-43EAB2680EC5}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Content (HKLM-x32\...\{AFC9D1CE-F050-437C-35A5-62DEDB262DC7}) (Version: 1.2.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Rock Pop Toolbox Drums (HKLM-x32\...\{E9BFA009-DD72-4F2A-84CB-6DF46472B563}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 2.0.2 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content (HKLM-x32\...\{A5051ABF-A497-4C3C-85EA-F7A4D5C19B82}) (Version: 2.0.0 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 2.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content 2 (HKLM-x32\...\{88C337F0-4CF2-4098-BDC0-D94859ECA2B4}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Padshop 64bit (HKLM\...\{75F15019-C0C2-4047-AA45-97B4BD313719}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg Retrologue 64bit (HKLM\...\{4D65ECE6-131D-4B5F-8470-2750D3161619}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Bass Amp Content (HKLM-x32\...\{A2FC1750-B90F-4948-9D6E-DDDA155C6EC8}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Strawberry Perl (64-bit) (HKLM\...\{61719A5F-6C9C-1014-8F19-DDB236F7176A}) (Version: 5.18.1001 - strawberryperl.com project)
SUPER © v2013.build.59+Recorder (2013/12/18) Version v2013.buil (HKLM-x32\...\{8E2A18E2-96AF-4DF9-8459-5C06B75139A4}_is1) (Version: v2013.build.59+Recorder - eRightSoft)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - )
Super Meat Boy Editor (HKLM-x32\...\Steam App 40810) (Version:  - )
SWI-Prolog (remove only) (HKLM\...\SWI-Prolog) (Version:  - )
Table Top Racing: World Tour (HKLM\...\Steam App 450670) (Version:  - Playrise Digital Ltd.)
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
TeXstudio 2.5.2 (HKLM-x32\...\TeXstudio_is1) (Version: 2.5.2 - Benito van der Zander)
The Crew (HKLM\...\Steam App 241560) (Version:  - Ivory Tower in collaboration with Ubisoft Reflections)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Forest (HKLM\...\Steam App 242760) (Version:  - Endnight Games Ltd)
The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version:  - Galactic Cafe)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version:  - Telltale Games)
Thomas Was Alone (HKLM-x32\...\Steam App 220780) (Version:  - Mike Bithell)
Ticket to Ride (HKLM-x32\...\Steam App 108200) (Version:  - Days of Wonder)
Tiled - Tiled Map Editor (HKLM-x32\...\Tiled) (Version:  - )
To the Moon (HKLM-x32\...\Steam App 206440) (Version:  - Freebird Games)
To the Moon (HKLM-x32\...\To the Moon) (Version: 1.5 - Freebird Games)
Toki Tori (HKLM-x32\...\Steam App 38700) (Version:  - Two Tribes)
TOU (HKLM-x32\...\TOU) (Version:  - )
TowerFall Ascension (HKLM\...\Steam App 251470) (Version:  - Matt Thorson)
Train Fever (HKLM-x32\...\Steam App 304730) (Version:  - Urban Games)
TreeSize Free V3.3 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.3 - JAM Software)
Trials Evolution Gold Edition (HKLM-x32\...\Steam App 220160) (Version:  - Redlynx Ltd)
Trillian (HKLM-x32\...\Trillian) (Version:  - Cerulean Studios, LLC)
Tropico 4 (HKLM-x32\...\Steam App 57690) (Version:  - Haemimont Games)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
Twin USB Vibration Gamepad (HKLM-x32\...\{1BBDD6C0-ED6F-43C3-8A9C-84E3249A5615}) (Version: 2007.01.01 - )
Twine 2.0.11 (remove only) (HKLM-x32\...\Twine2) (Version:  - )
Unitex 3.0 (HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Unitex 3.0_is1) (Version:  - IGM Université Paris Est)
Unity (HKLM-x32\...\Unity) (Version: 5.4.1f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-2919925435-3243357412-1734966863-1003\...\UnityWebPlayer) (Version: 5.2.2f1 - Unity Technologies ApS)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
US-122 MKII / US-144 MKII (HKLM\...\USB_AUDIO_DEusb-audio.deTascam) (Version:  - )
USB Dual Vibration Joystick (HKLM-x32\...\{402BB998-BE76-4A5A-817B-D0C6B47DF0A5}) (Version: 2005.01.20 - )
Vampires Dawn: Reign of Blood (HKLM-x32\...\{CF55095E-07AA-432E-8376-CEF71D70746A}_is1) (Version: Vampires Dawn: Reign of Blood 1.31 - Brianum)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player 2.0.6 (HKLM-x32\...\VLC media player) (Version: 2.0.6 - VideoLAN)
VVVVVV (HKLM-x32\...\Steam App 70300) (Version:  - Terry Cavanagh)
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DD}) (Version: 17.5.10562 - WinZip Computing, S.L. )
Worms Armageddon (HKLM-x32\...\Steam App 217200) (Version:  - Team17 Digital Ltd.)
Worms Reloaded (HKLM-x32\...\Steam App 22600) (Version:  - Team17 Software Ltd.)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-3 - Bitnami)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - Firaxis Games)
yEd Graph Editor 3.11.1 (HKLM-x32\...\3309-7404-0599-8908) (Version: 3.11.1 - yWorks GmbH)
Zenses2 Beta2 (HKLM-x32\...\Zenses2) (Version: 2.0.5b2 - Sixones)
Zoombinis version 1.0 (HKLM-x32\...\Zoombinis_is1) (Version: 1.0 - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2919925435-3243357412-1734966863-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2919925435-3243357412-1734966863-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\*****\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2919925435-3243357412-1734966863-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\*****\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2919925435-3243357412-1734966863-1000_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Git\git-cheetah\git_shell_ext64.dll ()
CustomCLSID: HKU\S-1-5-21-2919925435-3243357412-1734966863-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\*****\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2919925435-3243357412-1734966863-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2919925435-3243357412-1734966863-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2919925435-3243357412-1734966863-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2919925435-3243357412-1734966863-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2919925435-3243357412-1734966863-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2919925435-3243357412-1734966863-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2919925435-3243357412-1734966863-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2919925435-3243357412-1734966863-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2919925435-3243357412-1734966863-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2919925435-3243357412-1734966863-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2919925435-3243357412-1734966863-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2919925435-3243357412-1734966863-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\*****\AppData\Roaming\Dropbox\bin\DropboxExt64.65536.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2919925435-3243357412-1734966863-1003_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender\BlendThumb64.dll ()

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {1398510C-0FD2-49F0-954A-1A8D9DB7F499} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2919925435-3243357412-1734966863-1000UA => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2016-05-10] (Google Inc.)
Task: {143450CE-C709-422D-80E0-015E96571C76} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-20] (Google Inc.)
Task: {1CAE897A-9A2F-449C-893C-39F95069633D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2012-11-13] (Safer-Networking Ltd.)
Task: {1D6CE518-50A9-43D9-A3C6-8A34BB1335BD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd)
Task: {27706846-46BC-4988-B2B9-6B43F7893B6F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2012-11-13] (Safer-Networking Ltd.)
Task: {2A115F80-CBB7-436D-9DC5-81B0B3A86CEA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-20] (Google Inc.)
Task: {659360C3-B867-45BA-BCC3-8C4C6D52E54E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2919925435-3243357412-1734966863-1000Core => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [2016-05-10] (Google Inc.)
Task: {9D02C86A-0883-4E73-876B-4ADE4E9CB2D9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-20] (Adobe Systems Incorporated)
Task: {AFF255C1-73F0-4B4D-9E3E-CB7ECC7951F5} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe [2015-11-28] (Oracle Corporation)
Task: {B546AB77-6D8B-4B3C-ABB9-42CE1C352D01} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2012-11-13] (Safer-Networking Ltd.)
Task: {BA9AEAFC-190B-4026-8F7E-A3999BE88241} - System32\Tasks\MySQLNotifierTask => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySQLNotifier.exe [2014-09-03] (Oracle Corporation)
Task: {BBB31F92-1339-4462-9460-25D5A89641E7} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2919925435-3243357412-1734966863-1000UA => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {C89AA67C-CDD6-4494-9B69-3BE5365F4860} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)
Task: {F7AA8FFE-5A0D-4557-B306-7952B4D89861} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2919925435-3243357412-1734966863-1000Core => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2919925435-3243357412-1734966863-1000Core.job => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2919925435-3243357412-1734966863-1000UA.job => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2919925435-3243357412-1734966863-1000Core.job => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2919925435-3243357412-1734966863-1000UA.job => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-04-22 21:45 - 2014-03-11 17:15 - 02021376 _____ () C:\Windows\system32\nxlsa.DLL
2014-04-22 21:45 - 2014-04-17 22:56 - 00842928 _____ () C:\Program Files (x86)\NoMachine\bin\libnxlp64.dll
2014-01-19 00:25 - 2011-03-01 00:37 - 00095008 _____ () C:\Windows\System32\Primomonnt.dll
2013-07-11 20:57 - 2010-06-17 20:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2015-11-30 11:00 - 2015-11-30 11:00 - 39209984 _____ () C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe
2016-08-31 09:19 - 2016-08-31 09:19 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-08-05 04:15 - 2012-08-05 04:15 - 00176640 _____ () C:\Program Files\KDiff3\diff_ext_for_kdiff3_64.dll
2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2014-09-18 09:23 - 2014-09-18 09:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-10-14 20:51 - 2014-10-14 20:51 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 09:23 - 2014-09-18 09:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-10-14 20:51 - 2014-10-14 20:51 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2013-05-22 20:50 - 2013-05-22 20:50 - 00400704 _____ () C:\Users\*****\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
2016-01-11 00:16 - 2015-06-10 11:13 - 00113024 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2015-03-25 00:17 - 2016-09-21 09:40 - 51272816 _____ () C:\Users\*****\AppData\Roaming\Spotify\libcef.dll
2016-01-11 00:16 - 2012-04-30 11:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2016-01-11 00:16 - 2015-10-20 18:44 - 00242176 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2015-09-07 17:00 - 2015-09-07 17:00 - 00093568 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CalEngine.dll
2015-09-07 17:00 - 2015-09-07 17:00 - 00143232 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdLNotes.dll
2015-09-07 17:00 - 2015-09-07 17:00 - 00167296 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdOutlook.dll
2015-09-07 17:02 - 2015-09-07 17:02 - 00212352 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VistaCalendar.dll
2016-01-11 00:16 - 2015-04-21 13:22 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
2015-09-07 17:01 - 2015-09-07 17:01 - 00056704 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PimNotes.dll
2015-09-07 17:01 - 2015-09-07 17:01 - 00237440 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
2015-11-06 12:46 - 2015-11-06 12:46 - 02385280 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\libxt.dll
2015-12-22 13:12 - 2015-12-22 13:12 - 00463744 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Calendar.dll
2016-08-25 11:36 - 2016-08-24 17:49 - 01950392 _____ () C:\Users\*****\AppData\Local\Discord\app-0.0.296\ffmpeg.dll
2016-08-25 11:36 - 2016-08-25 11:36 - 01050296 _____ () \\?\C:\Users\*****\AppData\Roaming\discord\0.0.296\modules\discord_voice\discord_voice.node
2016-08-25 11:36 - 2016-08-25 11:36 - 03793080 _____ () \\?\C:\Users\*****\AppData\Roaming\discord\0.0.296\modules\discord_voice\libdiscord.dll
2016-08-25 11:36 - 2016-08-25 11:36 - 00894136 _____ () \\?\C:\Users\*****\AppData\Roaming\discord\0.0.296\modules\discord_utils\discord_utils.node
2015-12-13 20:07 - 2016-09-09 02:53 - 00035792 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-09-30 23:54 - 2016-09-09 02:53 - 00145864 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-09-30 23:54 - 2016-09-09 02:54 - 00019408 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-09-30 23:54 - 2016-09-09 02:53 - 00116688 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-13 20:07 - 2016-09-09 02:53 - 00100296 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-02-19 09:30 - 2016-09-09 02:53 - 00018888 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-13 20:07 - 2016-09-30 19:44 - 00019760 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-13 20:07 - 2016-09-09 02:53 - 00694224 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-09-30 23:54 - 2016-09-30 19:43 - 00020816 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-13 20:07 - 2016-09-09 02:54 - 00123856 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-09-30 23:54 - 2016-09-30 19:43 - 01682760 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-09-30 23:54 - 2016-09-30 19:43 - 00020808 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-13 20:07 - 2016-09-09 02:55 - 00105928 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-08-05 23:51 - 2016-09-30 19:44 - 00021312 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2016-09-30 23:54 - 2016-09-30 19:43 - 00052024 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-09-30 23:54 - 2016-09-30 19:43 - 00038696 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-09-30 23:54 - 2016-09-09 02:53 - 00392144 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-09-30 23:54 - 2016-09-09 02:55 - 00020936 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-13 20:07 - 2016-09-09 02:55 - 00024528 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-13 20:07 - 2016-09-09 02:55 - 00116176 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-13 20:07 - 2016-09-30 19:44 - 00381752 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-13 20:07 - 2016-09-09 02:55 - 00124880 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-08-05 23:51 - 2016-09-30 19:44 - 00025424 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2015-12-13 20:07 - 2016-09-09 02:55 - 00024016 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-13 20:07 - 2016-09-09 02:55 - 00175560 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-13 20:07 - 2016-09-09 02:55 - 00030160 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-13 20:07 - 2016-09-09 02:55 - 00043472 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-13 20:07 - 2016-09-09 02:55 - 00048592 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\win32service.pyd
2015-12-13 20:07 - 2016-09-09 02:55 - 00057808 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2015-12-13 20:07 - 2016-09-09 02:55 - 00024016 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-09-30 23:54 - 2016-09-30 19:43 - 00246592 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-09-30 23:54 - 2016-09-30 19:43 - 00026456 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-12-13 20:07 - 2016-09-09 02:55 - 00028616 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-08-05 23:51 - 2016-09-09 02:54 - 00241104 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2015-12-13 20:07 - 2016-09-30 19:44 - 00023376 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-02-19 09:30 - 2016-09-30 19:44 - 00020800 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-19 09:30 - 2016-09-30 19:44 - 00019776 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-02-19 09:30 - 2016-09-30 19:44 - 00020800 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-09-30 23:54 - 2016-09-30 19:43 - 00020280 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-13 20:07 - 2016-09-09 02:55 - 00350152 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-02-19 09:30 - 2016-09-30 19:44 - 00022352 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-09-30 23:54 - 2016-09-30 19:43 - 00024392 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-09-30 23:54 - 2016-09-09 02:51 - 00036296 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\librsync.dll
2016-09-30 23:54 - 2016-09-30 19:43 - 00084280 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-09-30 23:54 - 2016-09-30 19:43 - 01826096 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-13 20:07 - 2016-09-09 02:54 - 00083912 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\sip.pyd
2016-09-30 23:54 - 2016-09-30 19:43 - 00531248 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-09-30 23:54 - 2016-09-30 19:44 - 03928880 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-09-30 23:54 - 2016-09-30 19:43 - 01972528 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-09-30 23:54 - 2016-09-30 19:43 - 00133424 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-09-30 23:54 - 2016-09-30 19:43 - 00224056 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-09-30 23:54 - 2016-09-30 19:43 - 00207672 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-08-05 23:51 - 2016-09-30 19:44 - 00020288 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\winffi.user32._winffi_user32.pyd
2016-09-30 23:54 - 2016-09-09 02:58 - 00017864 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-09-30 23:54 - 2016-09-09 02:58 - 01631184 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-12-13 20:07 - 2016-09-09 02:55 - 00060880 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-08-05 23:51 - 2016-09-30 19:44 - 00024904 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-09-30 23:54 - 2016-09-30 19:43 - 00546096 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-09-30 23:54 - 2016-09-30 19:43 - 00357680 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-09-30 23:54 - 2016-09-30 19:43 - 00042808 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-09-30 23:54 - 2016-09-30 19:43 - 00168760 _____ () C:\Users\*****\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2015-03-25 00:17 - 2016-09-21 09:40 - 01765488 _____ () C:\Users\*****\AppData\Roaming\Spotify\libglesv2.dll
2015-03-25 00:17 - 2016-09-21 09:40 - 00088176 _____ () C:\Users\*****\AppData\Roaming\Spotify\libegl.dll
2016-08-25 11:36 - 2016-08-24 17:49 - 02230456 _____ () C:\Users\*****\AppData\Local\Discord\app-0.0.296\libglesv2.dll
2016-08-25 11:36 - 2016-08-24 17:49 - 00088760 _____ () C:\Users\*****\AppData\Local\Discord\app-0.0.296\libegl.dll
2016-10-06 20:52 - 2016-10-06 20:52 - 00170496 _____ () \\?\C:\Users\*****\AppData\Local\Temp\D854.tmp.node
2016-09-12 00:30 - 2016-09-12 00:30 - 02022072 _____ () \\?\C:\Users\*****\AppData\Roaming\discord\0.0.296\modules\discord_contact_import\discord_contact_import.node

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData:gs5sys [2816]
AlternateDataStreams: C:\Users\Admin:gs5sys [2560]
AlternateDataStreams: C:\Users\All Users:gs5sys [2816]
AlternateDataStreams: C:\Users\*****:gs5sys [3074]
AlternateDataStreams: C:\Users\Admin\Anwendungsdaten:gs5sys [2560]
AlternateDataStreams: C:\Users\Admin\Cookies:gs5sys [10242]
AlternateDataStreams: C:\Users\Admin\Lokale Einstellungen:gs5sys [2560]
AlternateDataStreams: C:\Users\Admin\Vorlagen:gs5sys [2560]
AlternateDataStreams: C:\Users\Admin\Desktop\desktop.ini:gs5sys [2560]
AlternateDataStreams: C:\Users\Admin\AppData\Local:gs5sys [2560]
AlternateDataStreams: C:\Users\Admin\AppData\Roaming:gs5sys [2560]
AlternateDataStreams: C:\Users\Admin\AppData\Local\Anwendungsdaten:gs5sys [2560]
AlternateDataStreams: C:\Users\Admin\AppData\Local\Verlauf:gs5sys [2560]
AlternateDataStreams: C:\Users\Admin\Documents\desktop.ini:gs5sys [2560]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:gs5sys [2816]
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys [2816]
AlternateDataStreams: C:\ProgramData\Templates:gs5sys [2560]
AlternateDataStreams: C:\ProgramData\Vorlagen:gs5sys [2560]
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys [2560]
AlternateDataStreams: C:\Users\*****\Anwendungsdaten:gs5sys [3074]
AlternateDataStreams: C:\Users\*****\Cookies:gs5sys [3074]
AlternateDataStreams: C:\Users\*****\Lokale Einstellungen:gs5sys [3074]
AlternateDataStreams: C:\Users\*****\Vorlagen:gs5sys [3074]
AlternateDataStreams: C:\Users\*****\Desktop\desktop.ini:gs5sys [3074]
AlternateDataStreams: C:\Users\*****\AppData\Local:gs5sys [3074]
AlternateDataStreams: C:\Users\*****\AppData\Roaming:gs5sys [3074]
AlternateDataStreams: C:\Users\*****\AppData\Local\Anwendungsdaten:gs5sys [3074]
AlternateDataStreams: C:\Users\*****\AppData\Local\Verlauf:gs5sys [3074]
AlternateDataStreams: C:\Users\*****\Documents\desktop.ini:gs5sys [3074]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2014-03-02 20:00 - 00000905 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 projektseite.local
127.0.0.1 cora.local
127.0.0.1 b2evo.local

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\*****\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2919925435-3243357412-1734966863-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: ASGT => 2
MSCONFIG\Services: Avira.OE.ServiceHost => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: DirMngr => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: ICCS => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: nxdeviced => 2
MSCONFIG\Services: nxdisplay => 2
MSCONFIG\Services: nxfsd => 2
MSCONFIG\Services: nxservice => 2
MSCONFIG\Services: nxusbd => 2
MSCONFIG\Services: PDF Architect Helper Service => 2
MSCONFIG\Services: PDF Architect Service => 2
MSCONFIG\Services: SbieSvc => 2
MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: SDWSCService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: TunngleService => 3
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: VIAKaraokeService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk => C:\Windows\pss\Adobe Gamma Loader.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: Avira Systray => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
MSCONFIG\startupreg: ContentTransferWMDetector.exe => C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe
MSCONFIG\startupreg: FreePDF Assistant => "C:\Program Files (x86)\FreePDF_XP\fpassist.exe"
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: HydraVisionDesktopManager => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
MSCONFIG\startupreg: Start WingMan Profiler => C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Spiele\Steam\steam.exe" -silent
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
         

Alt 07.10.2016, 07:57   #8
Esdeh
 
Backdoor "BDS/Cycbotcfg" in Firefox Cache gefunden - Standard

Backdoor "BDS/Cycbotcfg" in Firefox Cache gefunden



Addition.txt Teil 2:

Code:
ATTFilter
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{913EA09F-C6B9-4036-82BC-F4AE773305DD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{52D3EFEC-C3BF-4833-B8CE-F835E60605BF}] => (Allow) C:\Spiele\StarCraft II\StarCraft II.exe
FirewallRules: [{E3812CEE-FCE1-46EA-8D44-1B808866D527}] => (Allow) C:\Spiele\StarCraft II\StarCraft II.exe
FirewallRules: [{C77A2B49-ACD8-4C50-BA2D-BCEB5B8F132F}] => (Allow) C:\Spiele\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{837F1A5E-4F5F-4CC2-9EC9-AAC42F971CB5}] => (Allow) C:\Spiele\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [TCP Query User{BC7BC1D0-AE99-48DD-ADAD-54020C24DC37}C:\program files (x86)\trillian\trillian.exe] => (Allow) C:\program files (x86)\trillian\trillian.exe
FirewallRules: [UDP Query User{21CE6A98-B864-4E95-AFF2-1C1942CE8A26}C:\program files (x86)\trillian\trillian.exe] => (Allow) C:\program files (x86)\trillian\trillian.exe
FirewallRules: [{59BDF9C2-1E9C-425F-8E6D-744694337588}] => (Allow) C:\Spiele\Steam\Steam.exe
FirewallRules: [{C2513CDE-8BFF-43F1-8C2F-1F2BEA9504B7}] => (Allow) C:\Spiele\Steam\Steam.exe
FirewallRules: [{A4D88CD0-60A6-4A45-8443-1397A5F5E083}] => (Allow) C:\Spiele\Steam\SteamApps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [{93EBC2A9-9C65-4AEE-B434-F5B4BA3CB192}] => (Allow) C:\Spiele\Steam\SteamApps\common\Amnesia The Dark Descent\Launcher.exe
FirewallRules: [TCP Query User{5A1C2DAF-9C5E-48DE-BAF7-98463BFDF095}C:\program files (x86)\trillian\plugins\skypekit.exe] => (Allow) C:\program files (x86)\trillian\plugins\skypekit.exe
FirewallRules: [UDP Query User{C9BFCCE4-323F-402F-9C7D-ADEFDE185499}C:\program files (x86)\trillian\plugins\skypekit.exe] => (Allow) C:\program files (x86)\trillian\plugins\skypekit.exe
FirewallRules: [{D8FD1059-26CF-4745-9A14-C4AD20DFD06B}] => (Allow) C:\Spiele\Steam\SteamApps\common\Portal 2\bin\SDKLauncher.exe
FirewallRules: [{4215ACB6-AC88-4F64-9F39-E3B99A768814}] => (Allow) C:\Spiele\Steam\SteamApps\common\Portal 2\bin\SDKLauncher.exe
FirewallRules: [{3567AFDD-22A0-413A-A552-93A0235FD2DC}] => (Allow) C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{624FCCA2-091A-4946-BC82-DD5C013F2617}] => (Allow) C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{1A8330FF-83B1-4D2C-9D51-CC01A0E62437}C:\users\*****\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\*****\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{D59A1CA8-A8D7-4B5B-A918-0714B934B88F}C:\users\*****\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\*****\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{27A309AD-B143-4D34-B48C-CE876F26B8F5}E:\spiele\steamlibrary\steamapps\common\portal 2\portal2.exe] => (Allow) E:\spiele\steamlibrary\steamapps\common\portal 2\portal2.exe
FirewallRules: [UDP Query User{C601371B-0CAD-4482-8BD4-0B395E91082D}E:\spiele\steamlibrary\steamapps\common\portal 2\portal2.exe] => (Allow) E:\spiele\steamlibrary\steamapps\common\portal 2\portal2.exe
FirewallRules: [TCP Query User{78F9B3A1-5C2D-490F-9BA4-F2F446FD2AD6}C:\spiele\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe] => (Allow) C:\spiele\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe
FirewallRules: [UDP Query User{CF28949B-DB30-4133-A523-56C4818A670F}C:\spiele\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe] => (Allow) C:\spiele\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe
FirewallRules: [TCP Query User{90B4267E-112F-40C0-B8C0-A49AB69E0CBE}C:\program files (x86)\trillian\plugins\skypekit.exe] => (Block) C:\program files (x86)\trillian\plugins\skypekit.exe
FirewallRules: [UDP Query User{87694C74-AE23-4E4B-9B27-3F51CC03B86A}C:\program files (x86)\trillian\plugins\skypekit.exe] => (Block) C:\program files (x86)\trillian\plugins\skypekit.exe
FirewallRules: [TCP Query User{6B90051D-FF7F-4D46-90C8-C5F8C25C5005}E:\spiele\steamlibrary\steamapps\common\valvetestapp207490\rayman origins.exe] => (Allow) E:\spiele\steamlibrary\steamapps\common\valvetestapp207490\rayman origins.exe
FirewallRules: [UDP Query User{BFDEA3DC-E70E-4684-A47F-D9660F861C52}E:\spiele\steamlibrary\steamapps\common\valvetestapp207490\rayman origins.exe] => (Allow) E:\spiele\steamlibrary\steamapps\common\valvetestapp207490\rayman origins.exe
FirewallRules: [TCP Query User{BA0C2C05-A5EF-4780-A1D8-C0ACE8D511E0}E:\spiele\steamlibrary\steamapps\common\antichamber\binaries\win32\udk.exe] => (Allow) E:\spiele\steamlibrary\steamapps\common\antichamber\binaries\win32\udk.exe
FirewallRules: [UDP Query User{455A2657-F8F4-423E-B312-9D7A3F926525}E:\spiele\steamlibrary\steamapps\common\antichamber\binaries\win32\udk.exe] => (Allow) E:\spiele\steamlibrary\steamapps\common\antichamber\binaries\win32\udk.exe
FirewallRules: [TCP Query User{F882F4E6-F494-4560-B03D-2F48BD65FE42}E:\spiele\steamlibrary\steamapps\common\dear esther\dearesther.exe] => (Allow) E:\spiele\steamlibrary\steamapps\common\dear esther\dearesther.exe
FirewallRules: [UDP Query User{D2DC151B-8A4B-46AC-B8E7-AD9C8C7101C6}E:\spiele\steamlibrary\steamapps\common\dear esther\dearesther.exe] => (Allow) E:\spiele\steamlibrary\steamapps\common\dear esther\dearesther.exe
FirewallRules: [TCP Query User{4B1B60C0-BC15-44D9-9F83-E88F6A111512}E:\spiele\steamlibrary\steamapps\common\burnout(tm) paradise the ultimate box\burnoutparadise.exe] => (Allow) E:\spiele\steamlibrary\steamapps\common\burnout(tm) paradise the ultimate box\burnoutparadise.exe
FirewallRules: [UDP Query User{3C1D642A-2796-413D-852C-5463A5C9AF89}E:\spiele\steamlibrary\steamapps\common\burnout(tm) paradise the ultimate box\burnoutparadise.exe] => (Allow) E:\spiele\steamlibrary\steamapps\common\burnout(tm) paradise the ultimate box\burnoutparadise.exe
FirewallRules: [TCP Query User{1B54DD88-C118-43D1-A0AD-F1ED39141FA7}C:\program files (x86)\hydrairc\hydrairc.exe] => (Allow) C:\program files (x86)\hydrairc\hydrairc.exe
FirewallRules: [UDP Query User{CB66F927-4EA1-4426-95EC-31652F981DD4}C:\program files (x86)\hydrairc\hydrairc.exe] => (Allow) C:\program files (x86)\hydrairc\hydrairc.exe
FirewallRules: [{FAF5183B-115E-4E12-9849-82A1C29F0C8A}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\thomaswasalone\ThomasWasAlone.exe
FirewallRules: [{646CE85F-E838-4321-8A2E-EE41DFEBA6E4}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\thomaswasalone\ThomasWasAlone.exe
FirewallRules: [{9F25B983-F854-4231-AA10-FE17F18FBF72}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{92CB288F-A39E-4B0A-86D4-E95E138E11CC}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{CE942D33-993C-4057-855B-FA7A545B7E90}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Natural Selection 2\NS2.exe
FirewallRules: [{3AAB6EFD-127B-4FD8-8636-36611EBCD338}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Natural Selection 2\NS2.exe
FirewallRules: [{2CC65AD1-F124-4B1A-8686-8485AE1B35A7}] => (Allow) C:\Spiele\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{4A47387B-2D26-4BFC-8189-529DAC152C31}] => (Allow) C:\Spiele\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{A142EE0F-F4C5-4F86-B2B6-C130BF42CEF1}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{03EEF162-7678-4CD9-BDB5-832618E73D2A}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{F7685AD5-74CF-45EF-A272-5C4FE2433642}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Machine for Pigs\aamfp.exe
FirewallRules: [{2F8CD9D6-1798-4D6F-9EF9-BBB611973D47}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Machine for Pigs\aamfp.exe
FirewallRules: [{3A569029-D481-46D3-8028-5D375EA1B8E4}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Machine for Pigs\Launcher.exe
FirewallRules: [{6F0A9D97-5472-404D-A325-1D1980A803E9}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Machine for Pigs\Launcher.exe
FirewallRules: [TCP Query User{C1BD52CF-6313-4B1B-A886-546E626B619A}C:\program files\adiirc\adiirc.exe] => (Allow) C:\program files\adiirc\adiirc.exe
FirewallRules: [UDP Query User{6B1EB537-A0C0-494F-B56C-51E9443BD977}C:\program files\adiirc\adiirc.exe] => (Allow) C:\program files\adiirc\adiirc.exe
FirewallRules: [{4BD346BF-7898-45AA-AE43-38898D7A32B6}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{22E6E482-7267-46D5-8391-51157A2C17B4}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{CF7AB021-BE79-40AF-A2ED-F637B15AAB53}] => (Allow) C:\Spiele\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{CF00B8CD-B2C4-4F8D-898C-EDFE90AC5417}] => (Allow) C:\Spiele\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{70BAE63B-A2B7-4010-9049-32ED5BC4B8C2}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{BF27871B-0980-4AD4-B1A3-CF783D2B0846}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{729151E5-445A-4AB6-B961-CF5B3B93E3E6}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{87505833-592A-416C-8BB1-641D769C8DB7}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{F73004CC-D25A-4719-9380-BCD9FFF056DA}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Natural Selection 2\NS2.exe
FirewallRules: [{7BFCADE5-BD70-4874-B6E7-E826838CB08D}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Natural Selection 2\NS2.exe
FirewallRules: [TCP Query User{95DBA6E8-90A9-4C3A-AB4D-3598EE2FAEFD}C:\program files (x86)\yworks\yed\yed.exe] => (Allow) C:\program files (x86)\yworks\yed\yed.exe
FirewallRules: [UDP Query User{478AF601-49CF-43F2-B3CA-7C75C37BCD6F}C:\program files (x86)\yworks\yed\yed.exe] => (Allow) C:\program files (x86)\yworks\yed\yed.exe
FirewallRules: [{BA025453-6F4F-43A9-8F18-EFDF65F5FA4C}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{4A7BFB5B-B99E-4672-A614-A6380906FCA7}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{8741E88E-6258-4E00-B183-4EEEDD868D7A}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{CEE0B207-C8A2-4C77-87C5-F28B68E57C74}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D56B4A18-503A-4530-8AEA-A62F2388597D}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{62F73F16-5787-45EC-91D6-2FA612AB0C1E}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{C1063AE7-1C02-48D6-A39E-602E95A35B6D}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{3805D972-BF06-459C-88CB-BF83BBD05B09}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{136751A1-8487-45A7-8018-9ED42C4E56CB}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Monaco\MONACO.exe
FirewallRules: [{54AD0F2C-349C-45AE-99B1-17E9F24BFA14}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Monaco\MONACO.exe
FirewallRules: [{013094E7-E1FA-43B1-A2B2-D742F1B71105}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{C2A861ED-1FA2-48D4-8FF5-A94B52369C83}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{15C48D5A-4610-476A-9057-83FA24D783C4}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\TrialsPC\datapack\trialsFMX.exe
FirewallRules: [{D9679C64-F9B7-45A2-981C-90A376D732D8}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\TrialsPC\datapack\trialsFMX.exe
FirewallRules: [{481C13F1-F009-4CAB-AD9E-6BFB3B043E84}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{0ABA4838-CC6A-4D4A-A963-A6AE0FFCECF3}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{5A1C1792-6AF7-43D5-9B9E-4FBDB54B6083}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{DBD7E0F1-43EA-4953-A9DE-F0AB0AF2AEE1}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{994F9B24-919A-49A6-9BE6-B9543B918B4D}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{DB57BE9B-76B4-4578-82A5-9092D390837C}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [TCP Query User{AC6C8BCA-0B99-4D98-8E68-2E133B1512AE}E:\spiele\blobfoot_win_beta5_062\blobfoot_win_beta5_062.exe] => (Allow) E:\spiele\blobfoot_win_beta5_062\blobfoot_win_beta5_062.exe
FirewallRules: [UDP Query User{F9D23EFF-BE73-4FB4-90BF-116641E807A4}E:\spiele\blobfoot_win_beta5_062\blobfoot_win_beta5_062.exe] => (Allow) E:\spiele\blobfoot_win_beta5_062\blobfoot_win_beta5_062.exe
FirewallRules: [{AA42FEF5-F79C-4663-89B4-1E564B8D91F5}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{E33D8219-CC6C-4CFB-A3C0-E789647AB966}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [TCP Query User{F56181CE-4733-4862-B374-73D0DFE71874}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{2627938C-A7E0-44F0-9944-61E4B3D6549F}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{C7E880B6-F8F5-4E03-ADDB-443A1F08ADAA}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{B013AAB1-BAAE-4C1F-90A9-0D1AAC2794B8}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{0534BE8D-8263-48D4-A823-A5895598E90E}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{34DA5641-320E-4A15-8365-200BA025CE7C}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [{8999B39C-FBEF-4876-AC71-1A8806A0E511}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{93AFDD18-2C28-4873-82EE-E91A359D9C6B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{99E07D64-64CC-486B-93F4-CADCDC2D74BF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{0E87591F-F032-4E99-8089-C9C1D40D7BD7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{6752D8D1-9A32-4AAB-9208-5792FC701BF6}] => (Allow) F:\SteamLibrary\SteamApps\common\To the Moon\To the Moon\To the Moon.exe
FirewallRules: [{69ADA91C-EB59-460E-8E4D-095CD5657BA5}] => (Allow) F:\SteamLibrary\SteamApps\common\To the Moon\To the Moon\To the Moon.exe
FirewallRules: [{39CF318D-3EE5-4794-873A-2E26008B3D91}] => (Allow) C:\Program Files (x86)\NoMachine\bin\nxplayer.bin
FirewallRules: [{E517F2A4-5F34-4F8D-94DD-A340501C00DD}] => (Allow) C:\Program Files (x86)\NoMachine\bin\nxplayer.bin
FirewallRules: [{0386E8A1-A43F-4699-B64E-8A3A26BCC3D7}] => (Allow) C:\Program Files (x86)\NoMachine\bin\nxd.exe
FirewallRules: [{C1BA06CF-A93A-41A6-A7BE-247983C6E607}] => (Allow) C:\Program Files (x86)\NoMachine\bin\nxd.exe
FirewallRules: [{8C0DF878-9414-4A6F-A7BE-F45BBDB8941C}] => (Allow) C:\Program Files (x86)\NoMachine\bin\nxserver.bin
FirewallRules: [{6A272E32-F202-4F60-8142-DF9F848DD8A3}] => (Allow) C:\Program Files (x86)\NoMachine\bin\nxserver.bin
FirewallRules: [{26757D79-F38F-4B25-BA11-017AB7D2C4CC}] => (Allow) C:\Program Files (x86)\NoMachine\bin\nxclient.bin
FirewallRules: [{08D4449C-901B-48C6-9462-F7AAB0B1FE90}] => (Allow) C:\Program Files (x86)\NoMachine\bin\nxclient.bin
FirewallRules: [{795A9F61-589B-4892-9D9B-2F9072E92212}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\FEZ\FEZ.exe
FirewallRules: [{0C857779-42D2-4A47-AFB8-BDE82E61F652}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\FEZ\FEZ.exe
FirewallRules: [{D25A4447-81F4-4D8C-8546-795F0242C078}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\FEZ\FEZ_LaunchOptions.exe
FirewallRules: [{7BA6AA77-A1F8-48CD-9DCF-62A7E29CDC31}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\FEZ\FEZ_LaunchOptions.exe
FirewallRules: [{2E5994DF-8766-4708-B3C9-6A5B7DEA4616}] => (Allow) F:\SteamLibrary\SteamApps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{440FF3AA-9717-4A73-A49A-E481346E4545}] => (Allow) F:\SteamLibrary\SteamApps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{4A8C4A51-F292-4E6B-8C8E-1D987529068D}] => (Allow) F:\SteamLibrary\SteamApps\common\Cave Story+\CaveStory+.exe
FirewallRules: [{A983A977-2689-42A0-9F00-D4045FF6066D}] => (Allow) F:\SteamLibrary\SteamApps\common\Cave Story+\CaveStory+.exe
FirewallRules: [{C4C903C1-9983-466B-AF69-82E8388DAF52}] => (Allow) F:\SteamLibrary\SteamApps\common\Worms Armageddon\WA.exe
FirewallRules: [{EE484040-4604-451A-BFBE-49E66469D215}] => (Allow) F:\SteamLibrary\SteamApps\common\Worms Armageddon\WA.exe
FirewallRules: [TCP Query User{BDF37AD9-76BC-4E83-AEB8-E4FD798CB5E6}F:\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) F:\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe
FirewallRules: [UDP Query User{392CEBD0-AFB7-4291-9265-F5FE4A36A77A}F:\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) F:\steamlibrary\steamapps\common\outlast\binaries\win64\olgame.exe
FirewallRules: [{B1360897-6ABD-46C2-88C1-C05223F4698A}] => (Allow) C:\Spiele\Steam\bin\steamwebhelper.exe
FirewallRules: [{243ECBA7-D523-4632-A0F1-3C1726BA2FDD}] => (Allow) C:\Spiele\Steam\bin\steamwebhelper.exe
FirewallRules: [{1CFF0BB9-657E-40D2-A200-25863BBBD988}] => (Allow) F:\SteamLibrary\SteamApps\common\Hammerwatch\Hammerwatch.exe
FirewallRules: [{5C48A613-8F3B-428B-AC4B-955E31C09BFB}] => (Allow) F:\SteamLibrary\SteamApps\common\Hammerwatch\Hammerwatch.exe
FirewallRules: [{F291F40E-D3BD-406A-AD1A-1C88305A9643}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{DDA9364F-8EE8-4DEB-A312-0C4833D43E34}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [TCP Query User{57A8927C-AF16-4B1D-8F43-67B95DDC5E03}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\*****\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{162F8149-1632-4758-A08F-DAFAA400982E}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\*****\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{3E59B22D-9FCC-42CF-80B3-E81C783EEC26}C:\program files (x86)\intellij idea community edition 14.0\bin\idea.exe] => (Allow) C:\program files (x86)\intellij idea community edition 14.0\bin\idea.exe
FirewallRules: [UDP Query User{D3516378-C852-486F-864D-E44604287F43}C:\program files (x86)\intellij idea community edition 14.0\bin\idea.exe] => (Allow) C:\program files (x86)\intellij idea community edition 14.0\bin\idea.exe
FirewallRules: [TCP Query User{A500C0F2-9CA7-488E-B4CC-024D6C178A32}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\*****\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{F1679260-2759-4469-90A2-CA16BA9066E9}C:\users\*****\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\*****\appdata\roaming\spotify\spotify.exe
FirewallRules: [{329FD1BF-38D6-49C7-94E3-FC68DCF2283D}] => (Allow) C:\Spiele\Steam\SteamApps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{046F0309-A1B6-4B20-AC4F-B432220A82CF}] => (Allow) C:\Spiele\Steam\SteamApps\common\Amnesia The Dark Descent\Amnesia.exe
FirewallRules: [{02359FED-BDAC-4F87-951B-AFE6824063BF}] => (Allow) X:\SteamLibrary\SteamApps\common\Botanicula\Botanicula.exe
FirewallRules: [{C063AAC6-89B4-40D5-8384-9D1B61AA1B62}] => (Allow) X:\SteamLibrary\SteamApps\common\Botanicula\Botanicula.exe
FirewallRules: [{23D18C1E-51BD-40C7-B2BE-795CA203ACE8}] => (Allow) F:\SteamLibrary\SteamApps\common\ContraptionMaker\ContraptionMaker.exe
FirewallRules: [{57D61D74-F03E-4AA1-8F47-0C681283C546}] => (Allow) F:\SteamLibrary\SteamApps\common\ContraptionMaker\ContraptionMaker.exe
FirewallRules: [{907D1932-C309-486A-AAF1-2A17485F8DAE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{25AAD803-93DF-4126-814E-FAAFFFBD1A1E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F89EA41B-F629-46B6-923B-55CA96155CE5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8E524B29-E6F8-430A-8D2D-60531FDA7C1E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{267F1AED-CE90-4EF9-8950-5E590343C0A2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C0FA8D5D-6AB6-4E55-9127-4EB344BDEDEE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{706BB41C-36F0-4B48-8C32-87C68D761347}C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [UDP Query User{54B79181-DCED-45A4-BA5D-11E2B38CF0DD}C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [TCP Query User{82E15A94-99B5-40A6-9892-1D47BC2D93C6}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{E6D07A11-1AD0-4DD9-821B-3713064661A2}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{6271E855-CD0A-4D25-B2B3-AE320709388A}C:\program files (x86)\intellij idea 14.0.3\bin\idea.exe] => (Allow) C:\program files (x86)\intellij idea 14.0.3\bin\idea.exe
FirewallRules: [UDP Query User{A4790E8C-31EF-405C-B776-78F583C3C300}C:\program files (x86)\intellij idea 14.0.3\bin\idea.exe] => (Allow) C:\program files (x86)\intellij idea 14.0.3\bin\idea.exe
FirewallRules: [TCP Query User{20923AF4-95AA-4CB3-82C3-391D1BAC6D0A}C:\program files (x86)\intellij idea 14.0.3\jre\jre\bin\java.exe] => (Allow) C:\program files (x86)\intellij idea 14.0.3\jre\jre\bin\java.exe
FirewallRules: [UDP Query User{F5F35E7F-4643-4991-A0CD-1C6DEBFD57B9}C:\program files (x86)\intellij idea 14.0.3\jre\jre\bin\java.exe] => (Allow) C:\program files (x86)\intellij idea 14.0.3\jre\jre\bin\java.exe
FirewallRules: [{E931D63F-700D-401A-BF75-80E31B5110F2}] => (Allow) F:\SteamLibrary\SteamApps\common\Anno 1404\Anno4.exe
FirewallRules: [{568805CB-C091-40DB-B7C7-740CE882DE44}] => (Allow) F:\SteamLibrary\SteamApps\common\Anno 1404\Anno4.exe
FirewallRules: [{4953A5EC-28B6-414C-A5EE-48AA2E59D8A3}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{1FB92DDD-1A17-4092-9791-51A0148E5AFC}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [TCP Query User{52079336-B953-46FA-8009-F449F92FE754}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{CB51D4C0-E746-42AC-AE8A-64CDC71B0293}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{AAE8DBD3-20D3-4F80-9432-936FC4B51886}] => (Allow) C:\Spiele\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{47C815B0-38CE-48D1-BDAE-B3F8098857EF}] => (Allow) C:\Spiele\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{CB90669A-3E8C-4460-818D-B450E9D9239C}] => (Allow) LPort=51111
FirewallRules: [{3A43AB23-54D8-4585-A615-14E5812FF550}] => (Allow) LPort=51112
FirewallRules: [{7ED31D5F-980C-4B5C-BA44-35A698B5BD78}] => (Allow) LPort=51113
FirewallRules: [{370C4CCC-7C94-4711-BE77-6E42E439FF4A}] => (Allow) C:\Program Files\Steinberg\Cubase 8\Cubase8.exe
FirewallRules: [TCP Query User{218FF7BA-A9FC-4F74-9D15-C74FC35ECA8D}C:\program files\steinberg\cubase 8\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase 8\components\vstbridgeapp.exe
FirewallRules: [UDP Query User{C1AF5D81-4B32-48E2-8DAD-47E8BB377E65}C:\program files\steinberg\cubase 8\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase 8\components\vstbridgeapp.exe
FirewallRules: [TCP Query User{8A0F709D-BBFE-4CBA-B427-EB67C018DD5B}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [UDP Query User{2E89761E-11AB-4AD3-BAF7-1C8E8469A0B6}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [TCP Query User{3BA572C3-D480-4567-A6B4-78AF74E31066}C:\program files (x86)\spybot - search & destroy 2\sdfiles.exe] => (Allow) C:\program files (x86)\spybot - search & destroy 2\sdfiles.exe
FirewallRules: [UDP Query User{7E0CA21E-FEF8-492F-904B-32492C48AE95}C:\program files (x86)\spybot - search & destroy 2\sdfiles.exe] => (Allow) C:\program files (x86)\spybot - search & destroy 2\sdfiles.exe
FirewallRules: [TCP Query User{4763A6D3-7BC9-4E51-A20A-3FC07AA73BF2}C:\program files\unity\editor\unity.exe] => (Block) C:\program files\unity\editor\unity.exe
FirewallRules: [UDP Query User{2ADFC50E-B165-4CC7-ACE2-22FC021B73DE}C:\program files\unity\editor\unity.exe] => (Block) C:\program files\unity\editor\unity.exe
FirewallRules: [TCP Query User{ECE15888-B211-4338-98B2-147FE6DB1692}C:\program files\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [UDP Query User{E6F847B9-5A23-43E2-A4D3-702043E5004D}C:\program files\unity\monodevelop\bin\monodevelop.exe] => (Allow) C:\program files\unity\monodevelop\bin\monodevelop.exe
FirewallRules: [{F0EB94B5-0BA8-4FB1-BFDB-5C85719CB196}] => (Allow) F:\SteamLibrary\SteamApps\common\Train Fever\TrainFever.exe
FirewallRules: [{D79B0D0A-E056-4782-B898-FCF3D11CBD91}] => (Allow) F:\SteamLibrary\SteamApps\common\Train Fever\TrainFever.exe
FirewallRules: [{154A2C36-0D88-44E1-9C5C-39DB3E258B77}] => (Allow) F:\SteamLibrary\SteamApps\common\Nidhogg\Nidhogg.exe
FirewallRules: [{6D5CF0FE-DB7C-4E89-9C4F-419DEEBBCE4B}] => (Allow) F:\SteamLibrary\SteamApps\common\Nidhogg\Nidhogg.exe
FirewallRules: [{97BDFA50-5C60-47F8-B583-B6A363BAC053}] => (Allow) F:\SteamLibrary\SteamApps\common\Braid\braid.exe
FirewallRules: [{B7075708-6AB5-4948-BB08-32B8328A0614}] => (Allow) F:\SteamLibrary\SteamApps\common\Braid\braid.exe
FirewallRules: [{1C7568D5-6AC2-4101-8A40-4AC3A029D280}] => (Allow) F:\SteamLibrary\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{B1EF5BBA-97D8-4426-869A-5DC9899DAFDA}] => (Allow) F:\SteamLibrary\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{5389A560-1AEB-43D0-A1F1-62645155D6E2}] => (Allow) F:\SteamLibrary\SteamApps\common\DefenseGridTheAwakening\DefenseGrid.exe
FirewallRules: [{877C223B-6E06-4035-9EBF-636BC4715FAD}] => (Allow) F:\SteamLibrary\SteamApps\common\DefenseGridTheAwakening\DefenseGrid.exe
FirewallRules: [{18A2A84C-1375-410F-A175-D78822811FB6}] => (Allow) F:\SteamLibrary\SteamApps\common\Rollercoaster Tycoon 2\rct2.exe
FirewallRules: [{089AE974-EBCA-488C-8206-BC1A93A32988}] => (Allow) F:\SteamLibrary\SteamApps\common\Rollercoaster Tycoon 2\rct2.exe
FirewallRules: [{0AB08A57-B217-40F1-81C8-D3B35FC031E3}] => (Allow) F:\SteamLibrary\SteamApps\common\bittriprunner2\runner2.exe
FirewallRules: [{A9FDDA4A-EDC5-4D67-97B7-DD7F66B9A8D2}] => (Allow) F:\SteamLibrary\SteamApps\common\bittriprunner2\runner2.exe
FirewallRules: [{7926EB1B-F4B1-4F16-B69C-97C61B0949A7}] => (Allow) F:\SteamLibrary\SteamApps\common\Sanctum\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{4626021F-F716-4C23-ADF7-2AE930A57190}] => (Allow) F:\SteamLibrary\SteamApps\common\Sanctum\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{8F478A4A-1830-494E-A5A7-10B546307DF8}] => (Allow) F:\SteamLibrary\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{54DD7409-E943-4E0E-BCBB-7714CD829644}] => (Allow) F:\SteamLibrary\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{6056A799-00A4-4B32-874E-78805D9F1073}] => (Allow) F:\SteamLibrary\SteamApps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{06AE9CA2-D70C-4F6D-9DA0-BAB1B9BFD048}] => (Allow) F:\SteamLibrary\SteamApps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{B8D601F3-8119-4F62-8BAE-408C4E400E31}] => (Allow) F:\SteamLibrary\SteamApps\common\Worms Reloaded\WormsReloaded.exe
FirewallRules: [{0073F1D4-5C3F-4359-8AE7-39D5E02C3D44}] => (Allow) F:\SteamLibrary\SteamApps\common\Worms Reloaded\WormsReloaded.exe
FirewallRules: [{F613555C-2B96-4588-90B3-A1C8A6BD48B5}] => (Allow) F:\SteamLibrary\SteamApps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe
FirewallRules: [{14501F36-BFAD-4BC9-A581-0403D833F8D2}] => (Allow) F:\SteamLibrary\SteamApps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe
FirewallRules: [TCP Query User{D6C858DE-D7D7-404F-A156-8896EF989F7D}F:\steamlibrary\steamapps\common\anno 1404\tools\anno4web.exe] => (Allow) F:\steamlibrary\steamapps\common\anno 1404\tools\anno4web.exe
FirewallRules: [UDP Query User{52032D73-986A-4129-A689-274F4BB28893}F:\steamlibrary\steamapps\common\anno 1404\tools\anno4web.exe] => (Allow) F:\steamlibrary\steamapps\common\anno 1404\tools\anno4web.exe
FirewallRules: [{258A6AC4-753D-4500-ADD8-64ADF8C0041E}] => (Allow) F:\SteamLibrary\SteamApps\common\SpecOps_TheLine\Binaries\Win32\SpecOpsTheLine.exe
FirewallRules: [{22678424-3BA7-4074-B309-8AE62D3E8A88}] => (Allow) F:\SteamLibrary\SteamApps\common\SpecOps_TheLine\Binaries\Win32\SpecOpsTheLine.exe
FirewallRules: [TCP Query User{F31BBA51-F4C7-4F4F-82CA-6B623495DBDC}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{E6FD1C07-A317-456A-A53D-A38D8AF9BD92}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{BD3C07F9-DA96-4811-9F4C-6C37BE335486}] => (Allow) F:\SteamLibrary\SteamApps\common\vvvvvv\VVVVVV.exe
FirewallRules: [{A86AC72E-5745-4A32-9697-9BD4AD2FFAE7}] => (Allow) F:\SteamLibrary\SteamApps\common\vvvvvv\VVVVVV.exe
FirewallRules: [TCP Query User{597E66CD-B470-4490-8DB5-3B4056C2606D}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [UDP Query User{5CDBEA7F-A276-48A0-80B9-A5FE2BADEFF2}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [TCP Query User{DEBD08D1-55D8-4726-A0A2-5C8E6AEA30BC}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Block) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [UDP Query User{A090CD29-F2C9-4C60-9D1F-1D485C2EF8C8}C:\program files (x86)\mediamonkey\mediamonkey.exe] => (Block) C:\program files (x86)\mediamonkey\mediamonkey.exe
FirewallRules: [{195813BB-A7BB-42F3-B73E-C0FBAB4C90D0}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [TCP Query User{6AE0B17F-EDDB-4F11-8660-5FDFBB3491FA}C:\spiele\starcraft ii\versions\base38749\sc2_x64.exe] => (Allow) C:\spiele\starcraft ii\versions\base38749\sc2_x64.exe
FirewallRules: [UDP Query User{8F26B647-FC28-4B98-BECA-DD50116CF087}C:\spiele\starcraft ii\versions\base38749\sc2_x64.exe] => (Allow) C:\spiele\starcraft ii\versions\base38749\sc2_x64.exe
FirewallRules: [{57D04A1E-5B80-4883-8C10-FD6AA1C7ABB4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E3002787-D632-4194-898F-7923209B31B0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B904509D-594E-4A28-BBB6-0B39014E0262}] => (Allow) F:\SteamLibrary\SteamApps\common\Dead Space\Dead Space.exe
FirewallRules: [{67762113-DC1D-47B0-8117-38DBECDAE920}] => (Allow) F:\SteamLibrary\SteamApps\common\Dead Space\Dead Space.exe
FirewallRules: [TCP Query User{85D4392C-B210-4CDE-899A-135870E855C9}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [UDP Query User{FE16BA46-2421-4A5E-BB36-F1591FA6BFE9}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe
FirewallRules: [TCP Query User{F33AE8C6-7DA1-4E6F-BFA9-9AE8472CFD7F}C:\program files\java\jdk1.8.0_66\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_66\bin\java.exe
FirewallRules: [UDP Query User{1A70AD41-5BE6-4E13-AE0C-175D1470BAC4}C:\program files\java\jdk1.8.0_66\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_66\bin\java.exe
FirewallRules: [{3F4BA33B-3149-429B-AA5C-D8E050EC0D8A}] => (Allow) F:\SteamLibrary\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{8F48A799-ED60-409D-B9A1-034A44A8203F}] => (Allow) F:\SteamLibrary\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{4F9277AD-87DF-4B0A-B16E-183A181D2814}] => (Allow) F:\SteamLibrary\SteamApps\common\MiniMetro\MiniMetro.exe
FirewallRules: [{815CCF6B-B6E4-40A7-9685-68DFE4CB5A95}] => (Allow) F:\SteamLibrary\SteamApps\common\MiniMetro\MiniMetro.exe
FirewallRules: [{2A294525-E104-4CA4-80D3-086F890EC6E8}] => (Allow) F:\SteamLibrary\SteamApps\common\Recettear\recettear.exe
FirewallRules: [{F956C50D-8879-4B4F-A9CE-3DC6DEBC9938}] => (Allow) F:\SteamLibrary\SteamApps\common\Recettear\recettear.exe
FirewallRules: [{48D1266F-A3B0-49FD-B44A-46D6527B776C}] => (Allow) F:\SteamLibrary\SteamApps\common\Recettear\custom.exe
FirewallRules: [{0717B3BE-8B7A-4019-B566-D73E631DDC23}] => (Allow) F:\SteamLibrary\SteamApps\common\Recettear\custom.exe
FirewallRules: [TCP Query User{0CC31510-3119-436F-9F21-170B5B9FD3EA}C:\eclipse\eclipse.exe] => (Allow) C:\eclipse\eclipse.exe
FirewallRules: [UDP Query User{73FBCBCF-6925-48D2-A025-01852325F2C3}C:\eclipse\eclipse.exe] => (Allow) C:\eclipse\eclipse.exe
FirewallRules: [TCP Query User{07666A3F-200B-42FB-8FDB-0C4223BEA7A9}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [UDP Query User{650B0860-D53E-4E05-B9BB-BB3EE58F7977}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [{A26C3F07-642D-4B5E-AB66-7E4D79C93B96}] => (Allow) F:\SteamLibrary\SteamApps\common\Ticket to Ride\Ticket to Ride.exe
FirewallRules: [{076486F1-590D-4466-A91F-7D362CCBA66D}] => (Allow) F:\SteamLibrary\SteamApps\common\Ticket to Ride\Ticket to Ride.exe
FirewallRules: [{F50E48A3-566E-45B0-93B2-E35F57CFEFA5}] => (Allow) LPort=80
FirewallRules: [TCP Query User{3325E59B-A1D6-4DF5-AF06-AB96A690F29B}C:\program files\java\jdk1.8.0_66\jre\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_66\jre\bin\java.exe
FirewallRules: [UDP Query User{139F7BAC-571D-477C-B969-725623D63DD1}C:\program files\java\jdk1.8.0_66\jre\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_66\jre\bin\java.exe
FirewallRules: [TCP Query User{A1A7B5F7-4537-4D5C-A802-683B08592ABB}C:\program files (x86)\intellij idea community edition 14.0\jre\jre\bin\java.exe] => (Allow) C:\program files (x86)\intellij idea community edition 14.0\jre\jre\bin\java.exe
FirewallRules: [UDP Query User{352B2487-67FF-4234-B862-28C872F4184F}C:\program files (x86)\intellij idea community edition 14.0\jre\jre\bin\java.exe] => (Allow) C:\program files (x86)\intellij idea community edition 14.0\jre\jre\bin\java.exe
FirewallRules: [{4234AB85-DD17-4463-8CDF-D30A73F83D20}] => (Allow) LPort=3306
FirewallRules: [{CA1FD9B0-CC2C-4E76-AFB7-9B0299A5776F}] => (Allow) LPort=3306
FirewallRules: [TCP Query User{DEF64EE1-A119-4940-AD21-9ECDC3492712}C:\program files\java\jdk1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.8.0_66\bin\javaw.exe
FirewallRules: [UDP Query User{8B52A385-FD77-4333-999D-6FA9CFC97C79}C:\program files\java\jdk1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.8.0_66\bin\javaw.exe
FirewallRules: [{1E2F7EF2-9064-44F8-83FA-554FF4184B54}] => (Allow) F:\SteamLibrary\SteamApps\common\SOMA\Soma.exe
FirewallRules: [{8530F152-4038-4276-B319-93C203136A77}] => (Allow) F:\SteamLibrary\SteamApps\common\SOMA\Soma.exe
FirewallRules: [{1A1C179D-3741-48AA-82B7-999DABAD2B7B}] => (Allow) F:\SteamLibrary\SteamApps\common\SOMA\ModLauncher.exe
FirewallRules: [{BB031907-0016-4902-96D2-F6DE244F9D15}] => (Allow) F:\SteamLibrary\SteamApps\common\SOMA\ModLauncher.exe
FirewallRules: [{017C3265-B432-4F03-B409-828E77ADB710}] => (Allow) F:\SteamLibrary\SteamApps\common\grid 2\grid2.exe
FirewallRules: [{AF647D69-61E7-4B9F-8B41-AF215343EE9C}] => (Allow) F:\SteamLibrary\SteamApps\common\grid 2\grid2.exe
FirewallRules: [TCP Query User{2FE1947D-955B-4D71-923C-19B4C20D1C6B}C:\program files (x86)\intellij idea 14.0.3\bin\idea.exe] => (Block) C:\program files (x86)\intellij idea 14.0.3\bin\idea.exe
FirewallRules: [UDP Query User{4D4B3991-0DD9-4919-850C-05721B91E5DE}C:\program files (x86)\intellij idea 14.0.3\bin\idea.exe] => (Block) C:\program files (x86)\intellij idea 14.0.3\bin\idea.exe
FirewallRules: [TCP Query User{B61115D8-FA02-4CB8-9820-91056A4A11F3}C:\program files (x86)\jetbrains\intellij idea community edition 15.0.4\jre\jre\bin\java.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 15.0.4\jre\jre\bin\java.exe
FirewallRules: [UDP Query User{2CE04704-D6C3-4E44-B262-01DF63F1151E}C:\program files (x86)\jetbrains\intellij idea community edition 15.0.4\jre\jre\bin\java.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 15.0.4\jre\jre\bin\java.exe
FirewallRules: [TCP Query User{44F8D3E7-68F9-4072-8D2D-C385E5397712}C:\program files (x86)\jetbrains\intellij idea community edition 15.0.4\bin\idea.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 15.0.4\bin\idea.exe
FirewallRules: [UDP Query User{79ADB7D7-4833-48CB-9CEE-2A628378F62F}C:\program files (x86)\jetbrains\intellij idea community edition 15.0.4\bin\idea.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 15.0.4\bin\idea.exe
FirewallRules: [{A9D14FBF-7F60-4561-A5B9-BBBDE907EA9D}] => (Allow) F:\SteamLibrary\SteamApps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{07103AE6-C3B9-4AC9-95FA-56B38C6077D8}] => (Allow) F:\SteamLibrary\SteamApps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{A4BEC57E-F037-4726-AB8A-9DF4BB50D095}] => (Allow) F:\SteamLibrary\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{118D49D8-3CC2-483B-B0EC-48850A2932A5}] => (Allow) F:\SteamLibrary\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [TCP Query User{39A50C85-DC71-4B5B-9330-A4C11437AA62}C:\spiele\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) C:\spiele\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [UDP Query User{0BC26DD4-8390-46F3-B785-78CAD1210B3B}C:\spiele\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) C:\spiele\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [TCP Query User{D8937320-307D-4ACF-A04A-2FE1E579AD57}E:\spiele\steamlibrary\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) E:\spiele\steamlibrary\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [UDP Query User{43D36CA6-FBF9-4726-84F9-00A1E55D2AF2}E:\spiele\steamlibrary\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) E:\spiele\steamlibrary\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [{FA5947C6-8AF0-48D1-98C9-ABBB59A2C1F2}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Risk Factions\Risk Factions.exe
FirewallRules: [{4AACDCD3-4318-4EEC-A570-3C5F3DE31BF7}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Risk Factions\Risk Factions.exe
FirewallRules: [{CB09CAC4-3EBF-4F7A-AAF5-055A1CDF43B5}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{3D505FC0-1CE4-437F-9C34-38D7757ED90D}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{7FC35523-AAA6-4F75-A8E5-40F0563B8F77}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{0AB3D4B6-430E-47D2-BF45-6BE766155C5B}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{F2839F5C-8158-4554-AE41-5FFE5215CB9C}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\The Crew\TheCrew.exe
FirewallRules: [{F51EFC3B-E23A-47C1-A62F-8DDE27369618}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\The Crew\TheCrew.exe
FirewallRules: [{822E5BED-2992-49D7-A8BE-D77D9F25131D}] => (Allow) F:\SteamLibrary\SteamApps\common\Hammerwatch\editor\HammerEditor.exe
FirewallRules: [{52056B39-4299-4AB5-8B5F-CB94602ABF6A}] => (Allow) F:\SteamLibrary\SteamApps\common\Hammerwatch\editor\HammerEditor.exe
FirewallRules: [{42DAC985-9D34-4335-804E-4214D30E8AD2}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Broken Sword Shadow of the Templars\bs1dc.exe
FirewallRules: [{57293408-06A2-4EB6-89E5-B8FB16042D19}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Broken Sword Shadow of the Templars\bs1dc.exe
FirewallRules: [{E48A77E3-B6D6-4A0B-8826-C5A619682FBF}] => (Allow) F:\SteamLibrary\SteamApps\common\Football Manager 2016\fm.exe
FirewallRules: [{21DA0E81-372E-4927-992F-99497232924B}] => (Allow) F:\SteamLibrary\SteamApps\common\Football Manager 2016\fm.exe
FirewallRules: [{0CC8DCA7-94F6-4DB8-B75D-4942A37B08DF}] => (Allow) F:\SteamLibrary\SteamApps\common\TowerFall\TowerFall.exe
FirewallRules: [{5DBA402A-9174-486A-8DD4-5EB135649CDC}] => (Allow) F:\SteamLibrary\SteamApps\common\TowerFall\TowerFall.exe
FirewallRules: [TCP Query User{4539EC60-3F2C-4647-A36A-26A96A235ACE}C:\spiele\starcraft ii\versions\base42932\sc2_x64.exe] => (Allow) C:\spiele\starcraft ii\versions\base42932\sc2_x64.exe
FirewallRules: [UDP Query User{69A14C14-E07E-4D5C-806C-C83C86E48C2C}C:\spiele\starcraft ii\versions\base42932\sc2_x64.exe] => (Allow) C:\spiele\starcraft ii\versions\base42932\sc2_x64.exe
FirewallRules: [{A7F75C4D-3D5D-405F-A73D-D05AF7118A37}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{161F2093-4E45-415C-A4C5-FFC97E842C59}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{178CD577-8A24-41B1-B033-585CAE32E6DC}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\TTR World Tour\TTRWorldTour.exe
FirewallRules: [{72157719-2726-484C-BF4E-01FE226174F7}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\TTR World Tour\TTRWorldTour.exe
FirewallRules: [{34A055E3-70D2-440E-9278-5B0A63D996E4}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\DefenseGrid2\DefenseGrid2_Release.exe
FirewallRules: [{3E420153-E622-4A0C-912C-ECA9616562EC}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\DefenseGrid2\DefenseGrid2_Release.exe
FirewallRules: [{998CF2A3-C1D1-4BE0-837C-F86E00A4128F}] => (Allow) F:\SteamLibrary\SteamApps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{01C8BE94-A884-4F2E-843C-88A4A7AE7D25}] => (Allow) F:\SteamLibrary\SteamApps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe
FirewallRules: [{8BD1AE6C-8FEF-4A1C-BFBF-1E3D08230FD8}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Rust\Rust.exe
FirewallRules: [{A5F4FE2F-492E-4432-B81D-4146DC6B4737}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Rust\Rust.exe
FirewallRules: [{2A9C0F1A-BDDC-48D2-98B5-2C5F46FE028F}] => (Allow) F:\SteamLibrary\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{9F9EF967-AF0F-4B03-BAFF-178AA9FA0732}] => (Allow) F:\SteamLibrary\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{C88674DC-0FFF-4E35-A593-40B5A3732CCD}] => (Allow) C:\Spiele\Steam\SteamApps\common\Octodad Dadliest Catch\OctodadDadliestCatch.exe
FirewallRules: [{1536C4F1-4452-44B3-9ABE-85EE087CE25A}] => (Allow) C:\Spiele\Steam\SteamApps\common\Octodad Dadliest Catch\OctodadDadliestCatch.exe
FirewallRules: [{AE89047B-273E-433E-B30A-3D8602E32279}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Factorio\bin\x64\factorio.exe
FirewallRules: [{2C6570A9-9B8D-483A-98B3-EF36D127A820}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Factorio\bin\x64\factorio.exe
FirewallRules: [TCP Query User{FBD14A0F-FA9D-423F-A50B-9D5C89EF9699}C:\program files\java\jre1.8.0_101\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\java.exe
FirewallRules: [UDP Query User{3A88C660-D9B1-4FC7-8A63-82D082B0A8C5}C:\program files\java\jre1.8.0_101\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\java.exe
FirewallRules: [TCP Query User{72B673DE-7501-4ACE-B306-F8A44BD1A57D}C:\program files (x86)\jetbrains\intellij idea community edition 2016.2.2\jre\jre\bin\java.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 2016.2.2\jre\jre\bin\java.exe
FirewallRules: [UDP Query User{A9397B70-92DC-4622-A933-2FBB29801EA7}C:\program files (x86)\jetbrains\intellij idea community edition 2016.2.2\jre\jre\bin\java.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 2016.2.2\jre\jre\bin\java.exe
FirewallRules: [TCP Query User{6FBE4641-6387-4E31-ADD9-D52BE49845E7}C:\program files (x86)\jetbrains\intellij idea community edition 2016.2.2\bin\idea.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 2016.2.2\bin\idea.exe
FirewallRules: [UDP Query User{EB5758CB-4A16-4880-98A3-CE992EDC57B2}C:\program files (x86)\jetbrains\intellij idea community edition 2016.2.2\bin\idea.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 2016.2.2\bin\idea.exe
FirewallRules: [{E0D967FA-B3E8-4EB9-B783-CCE068466BF0}] => (Allow) H:\Spiele\SteamLibrary\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{77B08F48-E247-401F-83E7-317375DF3253}] => (Allow) H:\Spiele\SteamLibrary\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{1F6FC122-3CEB-43B5-8132-EED9D952C84C}] => (Allow) H:\Spiele\SteamLibrary\steamapps\common\Factorio\bin\x64\factorio.exe
FirewallRules: [{4D2C529A-ABAB-4C92-8EB8-A5C9678B527E}] => (Allow) H:\Spiele\SteamLibrary\steamapps\common\Factorio\bin\x64\factorio.exe
FirewallRules: [{AB45CB48-733A-4133-B3FD-2CD444986FBC}] => (Allow) H:\Spiele\SteamLibrary\steamapps\common\Guacamelee\Guac.exe
FirewallRules: [{533453D8-7D00-48CE-A26F-127F50D0D47C}] => (Allow) H:\Spiele\SteamLibrary\steamapps\common\Guacamelee\Guac.exe
FirewallRules: [{2015F1F3-AFDA-4076-B6DC-D01775126A88}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{613A814B-1D8A-4F0C-9959-AAFA8B21EC50}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{28D3A69F-089E-4394-BF2F-17B3926E5D19}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{AD1422A5-288A-4D95-9FF1-9894622BF11F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{5DD2D3EC-DD96-49DB-B0A3-AFEFB4471E08}] => (Allow) H:\Spiele\SteamLibrary\steamapps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{4E41A708-1BDF-41A4-905F-75795748F175}] => (Allow) H:\Spiele\SteamLibrary\steamapps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{768D5456-4330-41EB-8DCC-98CB4BD7B9D9}] => (Allow) H:\Spiele\SteamLibrary\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{C2058895-58DF-430D-8A59-BA8B2AF78650}] => (Allow) H:\Spiele\SteamLibrary\steamapps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [TCP Query User{47E23CC6-991A-4B36-9578-AD0E5851A97F}H:\spiele\steamlibrary\steamapps\common\portal 2\portal2.exe] => (Allow) H:\spiele\steamlibrary\steamapps\common\portal 2\portal2.exe
FirewallRules: [UDP Query User{BFF0D594-4C54-4C4E-BC59-A823F41AE41C}H:\spiele\steamlibrary\steamapps\common\portal 2\portal2.exe] => (Allow) H:\spiele\steamlibrary\steamapps\common\portal 2\portal2.exe
FirewallRules: [{E6DC424F-05EE-484A-8BC3-5ECA846F2E9D}] => (Allow) H:\Spiele\SteamLibrary\steamapps\common\Rocksmith2014\Rocksmith2014.exe
FirewallRules: [{13486099-DF8F-4FEC-B5C0-9AFD88510963}] => (Allow) H:\Spiele\SteamLibrary\steamapps\common\Rocksmith2014\Rocksmith2014.exe
FirewallRules: [{3DEAC2F4-7731-44AE-AB0E-7DEC9F0E40AE}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\pCars\pCARS64.exe
FirewallRules: [{627742C2-E558-4C90-8313-3E9B431BE93E}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\pCars\pCARS64.exe
FirewallRules: [TCP Query User{5D3E8616-DD9E-466C-96A6-99F50C6994FB}C:\program files (x86)\jetbrains\intellij idea community edition 2016.2.2\bin\idea64.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 2016.2.2\bin\idea64.exe
FirewallRules: [UDP Query User{55957212-E064-43DF-AB1A-28048A0FD195}C:\program files (x86)\jetbrains\intellij idea community edition 2016.2.2\bin\idea64.exe] => (Allow) C:\program files (x86)\jetbrains\intellij idea community edition 2016.2.2\bin\idea64.exe
FirewallRules: [{1B1705E2-E02E-46B2-842A-40CBAC287A89}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Pro Evolution Soccer 2017 Demo\PES2017.exe
FirewallRules: [{C0E65387-0D6E-434C-99CC-A633A2372351}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Pro Evolution Soccer 2017 Demo\PES2017.exe
FirewallRules: [{0E6C290E-4A31-4869-9E96-CDBF85AE9B2D}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity\2015\UnityVS.OpenFile.exe
FirewallRules: [{F3597AEB-573C-40A1-95CD-A27E64F6C6A1}] => (Allow) C:\PROGRA~1\Unity\Editor\Unity.exe
FirewallRules: [{8434CAA0-32B7-4986-97C9-A623E2710748}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [TCP Query User{F3B00430-C5D3-4514-95AD-D00302583536}H:\spiele\steamlibrary\steamapps\common\team fortress 2\hl2.exe] => (Allow) H:\spiele\steamlibrary\steamapps\common\team fortress 2\hl2.exe
FirewallRules: [UDP Query User{50ADD2E0-A58A-4224-AA5A-A9A42C1BF724}H:\spiele\steamlibrary\steamapps\common\team fortress 2\hl2.exe] => (Allow) H:\spiele\steamlibrary\steamapps\common\team fortress 2\hl2.exe
FirewallRules: [{4D45604D-64E7-4083-8B85-0AEFBCF005D1}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Parkitect\Parkitect.exe
FirewallRules: [{E7C99D4A-13C8-4060-A200-20F161308972}] => (Allow) E:\Spiele\SteamLibrary\SteamApps\common\Parkitect\Parkitect.exe
FirewallRules: [TCP Query User{4A6329A3-4781-4DDA-99C4-724FB245B2D8}H:\spiele\steamlibrary\steamapps\common\anno 1404\tools\anno4web.exe] => (Allow) H:\spiele\steamlibrary\steamapps\common\anno 1404\tools\anno4web.exe
FirewallRules: [UDP Query User{CEBF3A6C-DAF6-4E2D-AAAC-035D29B1DAB5}H:\spiele\steamlibrary\steamapps\common\anno 1404\tools\anno4web.exe] => (Allow) H:\spiele\steamlibrary\steamapps\common\anno 1404\tools\anno4web.exe
FirewallRules: [{CD923910-C114-4C5F-9CCD-665A813B03D1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{13D1015E-9882-4340-AC54-AF40190ABC5E}] => (Allow) F:\SteamLibrary\SteamApps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{D782A19C-7BCD-4A59-9FEB-8E6557562B3E}] => (Allow) F:\SteamLibrary\SteamApps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{C8D9D6D1-578D-471A-A628-7E1BF0F5F08B}] => (Allow) F:\SteamLibrary\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{77100F5D-C54F-4F95-B635-58DA07F4B898}] => (Allow) F:\SteamLibrary\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/06/2016 08:51:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (10/06/2016 04:37:00 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\WinZip\adxloader.dll.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files\WinZip\adxloader.dll.Manifest" in Zeile 2.
Das Stammelement der Manifestdatei muss assembliert sein.

Error: (10/05/2016 07:26:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (10/05/2016 07:18:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (10/04/2016 07:07:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (10/03/2016 06:02:54 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\WinZip\adxloader.dll.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files\WinZip\adxloader.dll.Manifest" in Zeile 2.
Das Stammelement der Manifestdatei muss assembliert sein.

Error: (10/03/2016 12:15:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (10/02/2016 12:39:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (10/02/2016 12:41:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (10/01/2016 08:11:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.


Systemfehler:
=============
Error: (10/06/2016 08:51:46 PM) (Source: volsnap) (EventID: 25) (User: )
Description: Die Schattenkopien von Volume "C:" wurden gelöscht, weil der Schattenkopiespeicher nicht rechtzeitig vergrößert wurde. Sie sollten die E/A-Last auf dem System verringern oder ein Schattenkopie-Speichervolume, von dem keine Schattenkopie erstellt wird, auswählen.

Error: (10/04/2016 07:07:19 PM) (Source: volsnap) (EventID: 25) (User: )
Description: Die Schattenkopien von Volume "C:" wurden gelöscht, weil der Schattenkopiespeicher nicht rechtzeitig vergrößert wurde. Sie sollten die E/A-Last auf dem System verringern oder ein Schattenkopie-Speichervolume, von dem keine Schattenkopie erstellt wird, auswählen.

Error: (09/30/2016 10:39:42 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (09/28/2016 08:48:54 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (09/28/2016 06:54:13 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (09/28/2016 01:14:27 PM) (Source: volsnap) (EventID: 25) (User: )
Description: Die Schattenkopien von Volume "C:" wurden gelöscht, weil der Schattenkopiespeicher nicht rechtzeitig vergrößert wurde. Sie sollten die E/A-Last auf dem System verringern oder ein Schattenkopie-Speichervolume, von dem keine Schattenkopie erstellt wird, auswählen.

Error: (09/27/2016 08:24:40 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.

Error: (09/27/2016 08:24:40 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.

Error: (09/27/2016 08:10:25 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.

Error: (09/27/2016 08:10:25 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Xeon(R) CPU E3-1230 V2 @ 3.30GHz
Prozentuale Nutzung des RAM: 24%
Installierter physikalischer RAM: 16342.18 MB
Verfügbarer physikalischer RAM: 12324.86 MB
Summe virtueller Speicher: 32682.55 MB
Verfügbarer virtueller Speicher: 28583.59 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:185.45 GB) (Free:2.92 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (Medien) (Fixed) (Total:390.62 GB) (Free:62.59 GB) NTFS
Drive f: (Daten) (Fixed) (Total:390.62 GB) (Free:22.56 GB) NTFS
Drive g: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive h: (Solid State) (Fixed) (Total:465.76 GB) (Free:19.68 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E6F1DA76)
Partition 1: (Not Active) - (Size=390.6 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=390.6 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 01F12452)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 232.9 GB) (Disk ID: 542104B6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=185.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=47.3 GB) - (Type=05)

==================== Ende von Addition.txt ============================
         
Habe nochmal einen Komplettscan mit Avira gemacht und hatte dabei 3 Funde von HEUR/APC. Gehe aber eher davon aus, dass es sich dabei um Fehlalarme handelt.

Log Avira Systemprüfung:

Code:
ATTFilter

Free Antivirus
Erstellungsdatum der Reportdatei: Donnerstag, 6. Oktober 2016  21:07


Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer   : Free
Seriennummer   : 0000149996-AVHOE-0000001
Plattform      : Windows 7 Professional
Windowsversion : (Service Pack 1)  [6.1.7601]
Boot Modus     : Normal gebootet
Benutzername   : Admin
Computername   : STV-DESKTOP

Versionsinformationen:
build.dat      : 15.0.20.59     91997 Bytes  25.08.2016 16:12:00
AVSCAN.EXE     : 15.0.20.59   1272416 Bytes  11.09.2016 22:39:30
AVSCANRC.DLL   : 15.0.20.47     66256 Bytes  11.09.2016 22:39:30
LUKE.DLL       : 15.0.20.47     70376 Bytes  11.09.2016 22:39:36
AVSCPLR.DLL    : 15.0.20.59    134272 Bytes  11.09.2016 22:39:31
REPAIR.DLL     : 15.0.20.58    686352 Bytes  11.09.2016 22:39:30
repair.rdf     : 1.0.20.56    1783604 Bytes  04.10.2016 17:16:34
AVREG.DLL      : 15.0.20.47    352656 Bytes  11.09.2016 22:39:30
avlode.dll     : 15.0.20.55    735304 Bytes  11.09.2016 22:39:29
avlode.rdf     : 14.0.5.44     101841 Bytes  01.08.2016 02:36:50
XBV00005.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:15
XBV00006.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:15
XBV00007.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:15
XBV00008.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:15
XBV00009.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:15
XBV00010.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:15
XBV00011.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:15
XBV00012.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:15
XBV00013.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:15
XBV00014.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00015.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00016.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00017.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00018.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00019.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00020.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00021.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00022.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00023.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00024.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00025.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00026.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00027.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00028.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00029.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00030.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00031.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00032.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00033.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00034.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00035.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00036.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00037.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00038.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00039.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00040.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00041.VDF   : 8.12.107.34     2048 Bytes  27.07.2016 02:37:16
XBV00216.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00217.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00218.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00219.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00220.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00221.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00222.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00223.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00224.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00225.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00226.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00227.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00228.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00229.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00230.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00231.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00232.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00233.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00234.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00235.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00236.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00237.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00238.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00239.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00240.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00241.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00242.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00243.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:02
XBV00244.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:03
XBV00245.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:03
XBV00246.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:03
XBV00247.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:03
XBV00248.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:03
XBV00249.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:03
XBV00250.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:03
XBV00251.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:03
XBV00252.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:03
XBV00253.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:03
XBV00254.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:03
XBV00255.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:40:03
XBV00000.VDF   : 7.11.70.0   66736640 Bytes  04.04.2013 19:00:29
XBV00001.VDF   : 7.11.237.0  48041984 Bytes  02.06.2015 22:57:35
XBV00002.VDF   : 7.12.106.228 44941312 Bytes  27.07.2016 02:37:15
XBV00003.VDF   : 8.12.113.174  5299200 Bytes  22.08.2016 10:33:52
XBV00004.VDF   : 8.12.118.140  3998720 Bytes  15.09.2016 18:53:17
XBV00042.VDF   : 8.12.118.152    15872 Bytes  15.09.2016 20:53:15
XBV00043.VDF   : 8.12.118.154    16384 Bytes  15.09.2016 22:53:14
XBV00044.VDF   : 8.12.118.156    15360 Bytes  15.09.2016 22:53:14
XBV00045.VDF   : 8.12.118.160    56832 Bytes  16.09.2016 08:57:34
XBV00046.VDF   : 8.12.118.162     9728 Bytes  16.09.2016 08:57:34
XBV00047.VDF   : 8.12.118.164     5632 Bytes  16.09.2016 08:57:34
XBV00048.VDF   : 8.12.118.166    10752 Bytes  16.09.2016 10:57:33
XBV00049.VDF   : 8.12.118.168     2048 Bytes  16.09.2016 10:57:33
XBV00050.VDF   : 8.12.118.174    51712 Bytes  16.09.2016 16:57:39
XBV00051.VDF   : 8.12.118.176    18432 Bytes  16.09.2016 18:57:36
XBV00052.VDF   : 8.12.118.178    15360 Bytes  16.09.2016 18:57:36
XBV00053.VDF   : 8.12.118.180    12288 Bytes  16.09.2016 22:06:17
XBV00054.VDF   : 8.12.118.182    12800 Bytes  16.09.2016 09:35:08
XBV00055.VDF   : 8.12.118.190    60416 Bytes  17.09.2016 09:35:08
XBV00056.VDF   : 8.12.118.192     2048 Bytes  17.09.2016 09:35:08
XBV00057.VDF   : 8.12.118.194   152064 Bytes  17.09.2016 17:28:57
XBV00058.VDF   : 8.12.118.206     2048 Bytes  17.09.2016 17:28:57
XBV00059.VDF   : 8.12.118.218   109056 Bytes  17.09.2016 17:28:57
XBV00060.VDF   : 8.12.118.230    92672 Bytes  17.09.2016 17:39:01
XBV00061.VDF   : 8.12.118.242   127488 Bytes  18.09.2016 17:39:01
XBV00062.VDF   : 8.12.119.56   113664 Bytes  18.09.2016 17:39:02
XBV00063.VDF   : 8.12.119.68    19456 Bytes  18.09.2016 17:39:02
XBV00064.VDF   : 8.12.119.78    11776 Bytes  18.09.2016 17:39:02
XBV00065.VDF   : 8.12.119.88    10240 Bytes  18.09.2016 17:39:02
XBV00066.VDF   : 8.12.119.90     5632 Bytes  18.09.2016 17:39:02
XBV00067.VDF   : 8.12.119.92    83968 Bytes  19.09.2016 10:05:04
XBV00068.VDF   : 8.12.119.102    21504 Bytes  19.09.2016 10:05:04
XBV00069.VDF   : 8.12.119.104     9216 Bytes  19.09.2016 10:05:04
XBV00070.VDF   : 8.12.119.106    15360 Bytes  19.09.2016 10:05:04
XBV00071.VDF   : 8.12.119.110    22528 Bytes  19.09.2016 12:05:02
XBV00072.VDF   : 8.12.119.122    31744 Bytes  19.09.2016 20:05:02
XBV00073.VDF   : 8.12.119.146    66560 Bytes  19.09.2016 20:05:02
XBV00074.VDF   : 8.12.119.158   109568 Bytes  19.09.2016 20:05:02
XBV00075.VDF   : 8.12.119.168     2048 Bytes  19.09.2016 20:05:02
XBV00076.VDF   : 8.12.119.178    14848 Bytes  19.09.2016 22:05:02
XBV00077.VDF   : 8.12.119.188    11776 Bytes  19.09.2016 08:31:56
XBV00078.VDF   : 8.12.119.200    57344 Bytes  20.09.2016 08:31:56
XBV00079.VDF   : 8.12.119.202    23040 Bytes  20.09.2016 08:31:56
XBV00080.VDF   : 8.12.119.204    28672 Bytes  20.09.2016 08:31:56
XBV00081.VDF   : 8.12.119.206     2048 Bytes  20.09.2016 08:31:56
XBV00082.VDF   : 8.12.119.208    58368 Bytes  20.09.2016 08:31:56
XBV00083.VDF   : 8.12.119.210    25088 Bytes  20.09.2016 10:31:53
XBV00084.VDF   : 8.12.119.214    35328 Bytes  20.09.2016 07:49:47
XBV00085.VDF   : 8.12.119.226   135680 Bytes  20.09.2016 07:49:47
XBV00086.VDF   : 8.12.119.234    22016 Bytes  20.09.2016 07:49:47
XBV00087.VDF   : 8.12.119.242    30720 Bytes  20.09.2016 07:49:47
XBV00088.VDF   : 8.12.119.252    86528 Bytes  21.09.2016 07:49:47
XBV00089.VDF   : 8.12.119.254    11776 Bytes  21.09.2016 07:49:47
XBV00090.VDF   : 8.12.120.0     19456 Bytes  21.09.2016 07:49:47
XBV00091.VDF   : 8.12.120.2     34304 Bytes  21.09.2016 07:49:47
XBV00092.VDF   : 8.12.120.4     18944 Bytes  21.09.2016 12:06:38
XBV00093.VDF   : 8.12.120.6     15360 Bytes  21.09.2016 12:09:06
XBV00094.VDF   : 8.12.120.10   101376 Bytes  21.09.2016 12:09:06
XBV00095.VDF   : 8.12.120.12     2048 Bytes  21.09.2016 12:09:06
XBV00096.VDF   : 8.12.120.16    41472 Bytes  21.09.2016 12:09:06
XBV00097.VDF   : 8.12.120.18    18944 Bytes  21.09.2016 12:09:06
XBV00098.VDF   : 8.12.120.20    17920 Bytes  21.09.2016 12:09:06
XBV00099.VDF   : 8.12.120.24   101376 Bytes  22.09.2016 12:09:06
XBV00100.VDF   : 8.12.120.32    20480 Bytes  22.09.2016 12:09:06
XBV00101.VDF   : 8.12.120.40    24064 Bytes  22.09.2016 12:09:06
XBV00102.VDF   : 8.12.120.48    15872 Bytes  22.09.2016 12:09:07
XBV00103.VDF   : 8.12.120.56     2048 Bytes  22.09.2016 12:09:07
XBV00104.VDF   : 8.12.120.66    98304 Bytes  22.09.2016 16:09:03
XBV00105.VDF   : 8.12.120.68    19968 Bytes  22.09.2016 08:42:25
XBV00106.VDF   : 8.12.120.70    11264 Bytes  22.09.2016 08:42:25
XBV00107.VDF   : 8.12.120.72    15360 Bytes  22.09.2016 08:42:25
XBV00108.VDF   : 8.12.120.74    15872 Bytes  22.09.2016 08:42:25
XBV00109.VDF   : 8.12.120.76    14848 Bytes  22.09.2016 08:42:25
XBV00110.VDF   : 8.12.120.80   118784 Bytes  23.09.2016 08:42:25
XBV00111.VDF   : 8.12.120.88     9216 Bytes  23.09.2016 08:42:25
XBV00112.VDF   : 8.12.120.94    14336 Bytes  23.09.2016 10:42:23
XBV00113.VDF   : 8.12.120.100     3584 Bytes  23.09.2016 10:42:23
XBV00114.VDF   : 8.12.120.106    35840 Bytes  23.09.2016 12:42:22
XBV00115.VDF   : 8.12.120.140     2048 Bytes  23.09.2016 16:55:34
XBV00116.VDF   : 8.12.121.12   615424 Bytes  26.09.2016 09:40:01
XBV00117.VDF   : 8.12.121.30     2048 Bytes  26.09.2016 09:40:01
XBV00118.VDF   : 8.12.121.48    30208 Bytes  26.09.2016 09:40:01
XBV00119.VDF   : 8.12.121.62    33280 Bytes  26.09.2016 09:40:01
XBV00120.VDF   : 8.12.121.74    11264 Bytes  26.09.2016 09:40:01
XBV00121.VDF   : 8.12.121.76     2048 Bytes  26.09.2016 11:39:58
XBV00122.VDF   : 8.12.121.88   114176 Bytes  26.09.2016 11:47:07
XBV00123.VDF   : 8.12.121.98    15360 Bytes  26.09.2016 11:47:07
XBV00124.VDF   : 8.12.121.108     9216 Bytes  26.09.2016 11:47:07
XBV00125.VDF   : 8.12.121.118    11776 Bytes  26.09.2016 11:47:07
XBV00126.VDF   : 8.12.121.122    69120 Bytes  27.09.2016 11:47:07
XBV00127.VDF   : 8.12.121.124    15360 Bytes  27.09.2016 11:47:07
XBV00128.VDF   : 8.12.121.126    17920 Bytes  27.09.2016 11:47:07
XBV00129.VDF   : 8.12.121.128    15872 Bytes  27.09.2016 11:47:07
XBV00130.VDF   : 8.12.121.132   120832 Bytes  27.09.2016 15:47:05
XBV00131.VDF   : 8.12.121.134    34816 Bytes  27.09.2016 19:47:05
XBV00132.VDF   : 8.12.121.144    23040 Bytes  27.09.2016 21:47:05
XBV00133.VDF   : 8.12.121.152    16896 Bytes  27.09.2016 23:47:05
XBV00134.VDF   : 8.12.121.162    54272 Bytes  28.09.2016 11:25:39
XBV00135.VDF   : 8.12.121.170     7680 Bytes  28.09.2016 11:25:39
XBV00136.VDF   : 8.12.121.172    13824 Bytes  28.09.2016 11:25:39
XBV00137.VDF   : 8.12.121.174     2560 Bytes  28.09.2016 11:25:39
XBV00138.VDF   : 8.12.121.178   133120 Bytes  28.09.2016 17:25:37
XBV00139.VDF   : 8.12.121.180    17920 Bytes  28.09.2016 17:25:37
XBV00140.VDF   : 8.12.121.182     9728 Bytes  28.09.2016 21:01:43
XBV00141.VDF   : 8.12.121.184    10240 Bytes  28.09.2016 21:01:43
XBV00142.VDF   : 8.12.121.186    14336 Bytes  28.09.2016 21:01:43
XBV00143.VDF   : 8.12.121.196    56320 Bytes  29.09.2016 09:18:11
XBV00144.VDF   : 8.12.121.204    23040 Bytes  29.09.2016 09:18:11
XBV00145.VDF   : 8.12.121.212    47104 Bytes  29.09.2016 09:18:11
XBV00146.VDF   : 8.12.121.220    20992 Bytes  29.09.2016 11:18:08
XBV00147.VDF   : 8.12.121.224    73216 Bytes  29.09.2016 13:09:31
XBV00148.VDF   : 8.12.121.226    29184 Bytes  29.09.2016 13:09:31
XBV00149.VDF   : 8.12.121.228    11264 Bytes  29.09.2016 13:09:31
XBV00150.VDF   : 8.12.121.230    12288 Bytes  29.09.2016 13:09:31
XBV00151.VDF   : 8.12.121.232    13824 Bytes  29.09.2016 13:09:31
XBV00152.VDF   : 8.12.121.234    10240 Bytes  29.09.2016 13:09:31
XBV00153.VDF   : 8.12.121.238    81920 Bytes  30.09.2016 13:09:31
XBV00154.VDF   : 8.12.121.242     9216 Bytes  30.09.2016 13:09:31
XBV00155.VDF   : 8.12.121.250    10752 Bytes  30.09.2016 13:09:31
XBV00156.VDF   : 8.12.122.2      7168 Bytes  30.09.2016 13:09:31
XBV00157.VDF   : 8.12.122.12    18432 Bytes  30.09.2016 20:10:42
XBV00158.VDF   : 8.12.122.14    45056 Bytes  30.09.2016 20:10:42
XBV00159.VDF   : 8.12.122.20    21504 Bytes  30.09.2016 20:10:42
XBV00160.VDF   : 8.12.122.22    19968 Bytes  30.09.2016 20:10:42
XBV00161.VDF   : 8.12.122.24    11264 Bytes  30.09.2016 10:43:34
XBV00162.VDF   : 8.12.122.26    11264 Bytes  30.09.2016 10:43:34
XBV00163.VDF   : 8.12.122.30   107520 Bytes  01.10.2016 18:20:40
XBV00164.VDF   : 8.12.122.32     2048 Bytes  01.10.2016 18:20:40
XBV00165.VDF   : 8.12.122.34    30720 Bytes  01.10.2016 18:20:40
XBV00166.VDF   : 8.12.122.40    13824 Bytes  01.10.2016 18:20:40
XBV00167.VDF   : 8.12.122.46   125440 Bytes  02.10.2016 10:49:24
XBV00168.VDF   : 8.12.122.54    22016 Bytes  02.10.2016 12:49:22
XBV00169.VDF   : 8.12.122.68     2048 Bytes  02.10.2016 12:49:22
XBV00170.VDF   : 8.12.122.74    18944 Bytes  02.10.2016 14:49:22
XBV00171.VDF   : 8.12.122.76   132096 Bytes  03.10.2016 10:24:56
XBV00172.VDF   : 8.12.122.82    11264 Bytes  03.10.2016 10:24:56
XBV00173.VDF   : 8.12.122.86     7680 Bytes  03.10.2016 10:24:56
XBV00174.VDF   : 8.12.122.90    27136 Bytes  03.10.2016 10:24:56
XBV00175.VDF   : 8.12.122.94     8192 Bytes  03.10.2016 12:24:55
XBV00176.VDF   : 8.12.122.96     2048 Bytes  03.10.2016 12:24:55
XBV00177.VDF   : 8.12.122.98    32768 Bytes  03.10.2016 14:24:55
XBV00178.VDF   : 8.12.122.100    22016 Bytes  03.10.2016 16:24:55
XBV00179.VDF   : 8.12.122.102    11264 Bytes  03.10.2016 16:24:55
XBV00180.VDF   : 8.12.122.104     6144 Bytes  03.10.2016 18:24:55
XBV00181.VDF   : 8.12.122.106     7680 Bytes  03.10.2016 17:16:34
XBV00182.VDF   : 8.12.122.108     5632 Bytes  03.10.2016 17:16:34
XBV00183.VDF   : 8.12.122.110     5632 Bytes  03.10.2016 17:16:34
XBV00184.VDF   : 8.12.122.112     5120 Bytes  03.10.2016 17:16:34
XBV00185.VDF   : 8.12.122.114     7168 Bytes  03.10.2016 17:16:34
XBV00186.VDF   : 8.12.122.116    44032 Bytes  04.10.2016 17:16:34
XBV00187.VDF   : 8.12.122.118    25088 Bytes  04.10.2016 17:16:34
XBV00188.VDF   : 8.12.122.120    13312 Bytes  04.10.2016 17:16:34
XBV00189.VDF   : 8.12.122.122    11776 Bytes  04.10.2016 17:16:34
XBV00190.VDF   : 8.12.122.126    66560 Bytes  04.10.2016 17:16:34
XBV00191.VDF   : 8.12.122.128    54784 Bytes  04.10.2016 17:16:34
XBV00192.VDF   : 8.12.122.130    10752 Bytes  04.10.2016 19:16:33
XBV00193.VDF   : 8.12.122.132     9216 Bytes  04.10.2016 19:16:33
XBV00194.VDF   : 8.12.122.134    10240 Bytes  04.10.2016 05:27:49
XBV00195.VDF   : 8.12.122.136    11264 Bytes  04.10.2016 05:27:50
XBV00196.VDF   : 8.12.122.138     9216 Bytes  04.10.2016 05:27:50
XBV00197.VDF   : 8.12.122.142    97792 Bytes  05.10.2016 17:36:22
XBV00198.VDF   : 8.12.122.144     2048 Bytes  05.10.2016 17:36:22
XBV00199.VDF   : 8.12.122.146     2048 Bytes  05.10.2016 17:36:22
XBV00200.VDF   : 8.12.122.150    21504 Bytes  05.10.2016 17:36:22
XBV00201.VDF   : 8.12.122.154    11776 Bytes  05.10.2016 17:36:22
XBV00202.VDF   : 8.12.122.158    12288 Bytes  05.10.2016 17:36:22
XBV00203.VDF   : 8.12.122.164    69632 Bytes  05.10.2016 17:36:22
XBV00204.VDF   : 8.12.122.166    20992 Bytes  05.10.2016 17:36:22
XBV00205.VDF   : 8.12.122.172    51712 Bytes  05.10.2016 19:36:20
XBV00206.VDF   : 8.12.122.174    27648 Bytes  05.10.2016 21:36:20
XBV00207.VDF   : 8.12.122.176    11264 Bytes  05.10.2016 23:36:22
XBV00208.VDF   : 8.12.122.180    94208 Bytes  06.10.2016 05:36:23
XBV00209.VDF   : 8.12.122.182    11264 Bytes  06.10.2016 19:00:57
XBV00210.VDF   : 8.12.122.184    17408 Bytes  06.10.2016 19:00:57
XBV00211.VDF   : 8.12.122.214   171520 Bytes  06.10.2016 19:00:57
XBV00212.VDF   : 8.12.122.244     2048 Bytes  06.10.2016 19:00:57
XBV00213.VDF   : 8.12.123.52   110080 Bytes  06.10.2016 19:00:57
XBV00214.VDF   : 8.12.123.54     2048 Bytes  06.10.2016 19:00:57
XBV00215.VDF   : 8.12.123.84    36864 Bytes  06.10.2016 19:00:57
LOCAL001.VDF   : 8.12.123.84 177829376 Bytes  06.10.2016 19:01:11
Engineversion  : 8.3.40.202
AEBB.DLL       : 8.1.3.0        59296 Bytes  19.11.2015 13:51:00
AECORE.DLL     : 8.3.12.4      247720 Bytes  21.03.2016 11:57:35
AECRYPTO.DLL   : 8.2.0.2       128936 Bytes  15.05.2016 21:16:04
AEDROID.DLL    : 8.4.3.380    2726768 Bytes  27.09.2016 11:47:07
AEEMU.DLL      : 8.1.3.8       404328 Bytes  18.03.2016 13:00:40
AEEXP.DLL      : 8.4.2.202     309160 Bytes  05.08.2016 15:17:00
AEGEN.DLL      : 8.1.8.198     595880 Bytes  04.10.2016 17:16:34
AEHELP.DLL     : 8.3.2.10      284584 Bytes  15.02.2016 18:08:15
AEHEUR.DLL     : 8.1.4.2512  10565544 Bytes  30.09.2016 13:09:33
AELIBINF.DLL   : 8.2.1.4        68464 Bytes  15.05.2016 21:16:04
AEMOBILE.DLL   : 8.1.15.0      338800 Bytes  17.08.2016 14:35:54
AEOFFICE.DLL   : 8.3.6.28      518056 Bytes  05.10.2016 17:36:22
AEPACK.DLL     : 8.4.2.22      805744 Bytes  22.08.2016 12:33:48
AERDL.DLL      : 8.2.1.46      812960 Bytes  18.08.2016 14:33:30
AESBX.DLL      : 8.2.22.4     1633128 Bytes  20.06.2016 15:32:24
AESCN.DLL      : 8.3.4.6       141216 Bytes  04.05.2016 13:39:35
AESCRIPT.DLL   : 8.3.0.268     698280 Bytes  05.10.2016 17:36:22
AEVDF.DLL      : 8.3.3.4       142184 Bytes  21.03.2016 11:57:35
AVWINLL.DLL    : 15.0.20.47     27680 Bytes  11.09.2016 22:39:28
AVPREF.DLL     : 15.0.20.47     53944 Bytes  11.09.2016 22:39:30
AVREP.DLL      : 15.0.20.47    223400 Bytes  11.09.2016 22:39:30
AVARKT.DLL     : 15.0.20.47    229032 Bytes  11.09.2016 22:39:29
SQLITE3.DLL    : 15.0.20.47    459752 Bytes  11.09.2016 22:39:37
AVSMTP.DLL     : 15.0.20.47     81712 Bytes  11.09.2016 22:39:31
NETNT.DLL      : 15.0.20.47     16880 Bytes  11.09.2016 22:39:36
CommonImageRc.dll: 15.0.20.47   4307808 Bytes  11.09.2016 22:39:28
CommonTextRc.dll: 15.0.20.47     71400 Bytes  11.09.2016 22:39:28

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Prüfung
Konfigurationsdatei...................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, E:, F:, G:, H:, 
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Auszulassende Dateien.................: 

Beginn des Suchlaufs: Donnerstag, 6. Oktober 2016  21:07

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'HDD2(C:, G:)'
    [INFO]      Es wurde kein Virus gefunden!
Bootsektor 'HDD0(E:, F:)'
    [INFO]      Es wurde kein Virus gefunden!
Bootsektor 'HDD1(H:)'
    [INFO]      Es wurde kein Virus gefunden!

Der Suchlauf nach versteckten Objekten wird begonnen.

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '101' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '108' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '83' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '155' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '78' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '89' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '78' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '121' Modul(e) wurden durchsucht
Durchsuche Prozess 'mysqld.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'NIHardwareService.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'PnkBstrA.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSVC.EXE' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.ServiceHost.exe' - '127' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSvcM.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhost.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '205' Modul(e) wurden durchsucht
Durchsuche Prozess 'LCore.exe' - '72' Modul(e) wurden durchsucht
Durchsuche Prozess 'AmazonMP3DownloaderHelper.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'HydraDM.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'SpotifyWebHelper.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'Spotify.exe' - '116' Modul(e) wurden durchsucht
Durchsuche Prozess 'PCCompanion.exe' - '171' Modul(e) wurden durchsucht
Durchsuche Prozess 'HydraDM64.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'Discord.exe' - '121' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dropbox.exe' - '198' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'PCCompanionInfo.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '95' Modul(e) wurden durchsucht
Durchsuche Prozess 'ContentTransferWMDetector.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '81' Modul(e) wurden durchsucht
Durchsuche Prozess 'SpotifyCrashService.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.Systray.exe' - '149' Modul(e) wurden durchsucht
Durchsuche Prozess 'Spotify.exe' - '84' Modul(e) wurden durchsucht
Durchsuche Prozess 'Discord.exe' - '84' Modul(e) wurden durchsucht
Durchsuche Prozess 'Spotify.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '121' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'Discord.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'firefox.exe' - '153' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '94' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'notepad++.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '155' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '88' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '128' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchFilterHost.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '31' Modul(e) wurden durchsucht

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Datei wurde im Zwischenspeicher in 'C:\Windows\SysWow64\MatroskaDX.ax' gefunden; der Scan Cloud-Sicherheit wurde übersprungen. SHA256 = 439DD90BA746175DCE7CF3E50393CB79D340DD1B6031E9361CAFA0A4844CB658
Die Datei wurde im Zwischenspeicher in 'E:\Spiele\IndustrieGigant2\UNWISE.EXE' gefunden; der Scan Cloud-Sicherheit wurde übersprungen. SHA256 = F1B7A623B1C9CBA5A48D331DCD5742D471C8FFCE17689C62D73C023A696CD6E6
Die Registry wurde durchsucht ( '6208' Dateien ).


Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\'
Die Datei 'C:\Dev-Cpp\Examples\CoreMediaLibrary\basic\cml_animation\cml_animation.exe' wurde zur Cloud-Sicherheit hochgeladen und analysiert. SHA256 = 1F5B5F1EB35A4C5364958E6903BC0A9C7D0BA05FD432B7BD600B990D0EB37C43
C:\Dev-Cpp\Examples\CoreMediaLibrary\basic\cml_animation\cml_animation.exe (SHA-256: 1f5b5f1eb35a4c5364958e6903bc0a9c7d0ba05fd432b7bd600b990d0eb37c43)
  [INFO]      Die Datei 'C:\Dev-Cpp\Examples\CoreMediaLibrary\basic\cml_animation\cml_animation.exe' wurde zur Cloud-Sicherheit hochgeladen und analysiert.
Die Datei 'C:\Dev-Cpp\Examples\CoreMediaLibrary\basic\cml_minimal\cml_minimal.exe' wurde zur Cloud-Sicherheit hochgeladen und analysiert. SHA256 = AE62B1E1E23781BA2BE291DB754C7974B962CC8A14F90C1CD56C88EF565292EA
C:\Dev-Cpp\Examples\CoreMediaLibrary\basic\cml_minimal\cml_minimal.exe (SHA-256: ae62b1e1e23781ba2be291db754c7974b962cc8a14f90c1cd56c88ef565292ea)
  [INFO]      Die Datei 'C:\Dev-Cpp\Examples\CoreMediaLibrary\basic\cml_minimal\cml_minimal.exe' wurde zur Cloud-Sicherheit hochgeladen und analysiert.
Die Datei 'C:\Dev-Cpp\Examples\CoreMediaLibrary\games\cml_spaceshooter\cml_spaceshooter.exe' wurde zur Cloud-Sicherheit hochgeladen und analysiert. SHA256 = 0DA513CC47E45591BFFAD35CCF833F1D08A79862BEF56977899DC16CFBE267AF
C:\Dev-Cpp\Examples\CoreMediaLibrary\games\cml_spaceshooter\cml_spaceshooter.exe (SHA-256: 0da513cc47e45591bffad35ccf833f1d08a79862bef56977899dc16cfbe267af)
  [INFO]      Die Datei 'C:\Dev-Cpp\Examples\CoreMediaLibrary\games\cml_spaceshooter\cml_spaceshooter.exe' wurde zur Cloud-Sicherheit hochgeladen und analysiert.
Die Datei 'C:\Dev-Cpp\Examples\CoreMediaLibrary\network\cml_networkracer\cml_racegame.exe' wurde zur Cloud-Sicherheit hochgeladen und analysiert. SHA256 = F2B1965C3C475378F7B24CF44957057E553C49F0621F14E77033F0F393044E4B
C:\Dev-Cpp\Examples\CoreMediaLibrary\network\cml_networkracer\cml_racegame.exe (SHA-256: f2b1965c3c475378f7b24cf44957057e553c49f0621f14e77033f0f393044e4b)
  [INFO]      Die Datei 'C:\Dev-Cpp\Examples\CoreMediaLibrary\network\cml_networkracer\cml_racegame.exe' wurde zur Cloud-Sicherheit hochgeladen und analysiert.
Die Datei 'C:\Program Files\Steinberg\Cubase 8\Components\videopreload.exe' wurde durch Cloud-Sicherheit geprüft. SHA256 = 8EC012DD66244B4399B80389D259ECEABDFA8065FC0CD41225982BFD262D1718
Die Datei 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\pi_brokers\64BitMAPIBroker.exe' wurde durch Cloud-Sicherheit geprüft. SHA256 = 52B6C49EC60FB6C3A9CC6458234D45E9DE0C7D0C4986309CFB8F9E17F2150937
    [0] Archivtyp: RSRC
    --> C:\Program Files (x86)\Android\android-sdk\extras\google\usb_driver\amd64\WUDFUpdate_01009.dll
        [1] Archivtyp: RSRC
      --> C:\Program Files (x86)\Android\android-sdk\extras\google\usb_driver\i386\winusbcoinstaller2.dll
          [2] Archivtyp: RSRC
        --> C:\Program Files (x86)\Android\android-sdk\extras\google\usb_driver\i386\WUDFUpdate_01009.dll
            [3] Archivtyp: RSRC
          --> C:\Program Files (x86)\Android\android-sdk\system-images\android-24\default\arm64-v8a\ramdisk.img
              [4] Archivtyp: GZ
                [WARNUNG]   Die Datei konnte nicht gelesen werden!
C:\Program Files (x86)\Android\android-sdk\system-images\android-24\default\arm64-v8a\ramdisk.img
  [WARNUNG]   Die Datei konnte nicht gelesen werden!
C:\Program Files (x86)\Android\android-sdk\temp\x86-24_r07.zip
  [WARNUNG]   Mögliche Archivbombe: die maximale Komprimierungsrate wurde überschritten.
Die Datei 'C:\Program Files (x86)\Battle.net\Battle.net.7939\battle.net.dll' wurde durch Cloud-Sicherheit geprüft. SHA256 = FB78F65624EB41A8D00120739E4D22F3D9510D3E5179C3CD2CADE9989D4B47B3
Die Datei 'C:\Program Files (x86)\eRightSoft\SUPER\ffmpeg.exe' wurde durch Cloud-Sicherheit geprüft. SHA256 = AB20A1C23EF788C7D3FAD918326C85B4BAC037E283386122766C4F6528951ACF
Die Datei 'C:\Program Files (x86)\eRightSoft\SUPER\s2m5.exe' wurde durch Cloud-Sicherheit geprüft. SHA256 = 61D8842A6D2DABAE102E8F964A02A553266AEDBE828EC540B412871821CF15D7
Die Datei 'C:\Program Files (x86)\eRightSoft\SUPER\mencoder\IMPlayer.exe' wurde durch Cloud-Sicherheit geprüft. SHA256 = BA1ACCDEA789B9EF972B194711619289CE36B88BA8FF6011341D17C6DB8D14F0
Die Datei 'C:\Program Files (x86)\GIGABYTE\ET6\SetupICCS.exe' wurde durch Cloud-Sicherheit geprüft. SHA256 = 8DE3C440547C96609EC6C2BC1E8CEBED48F984F6CFC646C017C3F9BA3A3A6E04
Die Datei 'C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\uninstall\Setup.exe' wurde durch Cloud-Sicherheit geprüft. SHA256 = 8DE3C440547C96609EC6C2BC1E8CEBED48F984F6CFC646C017C3F9BA3A3A6E04
Die Datei 'C:\Program Files (x86)\LinuxLive USB Creator\tools\VirtualBox\VirtualBox.exe' wurde durch Cloud-Sicherheit geprüft. SHA256 = 16B31BAF531C50A2C8D4AB7556E3F167866A9F97C77E46F5A8576653616F8BE3
Die Datei 'C:\Program Files (x86)\Sony\Sony PC Companion\Statistics.dll' wurde durch Cloud-Sicherheit geprüft. SHA256 = 0972F460A80D03B401A21801C5B17993A8878F3CD09160CCFC2CCA1C43609DCF
Die Datei 'C:\Users\Steve\Desktop\FRST64.exe' wurde durch Cloud-Sicherheit geprüft. SHA256 = 74A30ABB1EDB9EF68C38FD39E5DE9707B2B52BDC0B614B3F9AFC2602D3A718E5
Die Datei 'C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA71301B744CAF070E41400\15.7.20033\_4bitmapibroker.exe' wurde durch Cloud-Sicherheit geprüft. SHA256 = F14190DF90852C53D420BBC42C301730710BD11F4E7E5EFAF0FF88CDC473C6A7
Die Datei wurde im Zwischenspeicher in 'C:\Windows\SysWOW64\MatroskaDX.ax' gefunden; der Scan Cloud-Sicherheit wurde übersprungen. SHA256 = 439DD90BA746175DCE7CF3E50393CB79D340DD1B6031E9361CAFA0A4844CB658
Die Datei 'C:\Windows\SysWOW64\Macromed\Shockwave 8\UNWISE.EXE' wurde durch Cloud-Sicherheit geprüft. SHA256 = 49EF36BD01B8EBF38C7B807A5FB44CBAF47C9D4EFA883B01C41494C61AE4A2E2
Die Datei 'C:\Windows\Temp\3B3E.tmp' wurde durch Cloud-Sicherheit geprüft. SHA256 = ACC95D1143AF8F7E318C6C6E44D9D774466D2900A51E92A088B941818D03ECBA
C:\Windows\Temp\3B3E.tmp (SHA-256: acc95d1143af8f7e318c6c6e44d9d774466d2900a51e92a088b941818d03ecba)
  [FUND]      Enthält verdächtigen Code HEUR/APC (Cloud)
Die Datei 'C:\Windows\Temp\64CD.tmp' wurde durch Cloud-Sicherheit geprüft. SHA256 = 494431EE9F7AC299B3BF1418C1B789C7BF36BD4A83C2435BFC02BE7825E086F7
Die Datei 'C:\Windows\Temp\718E.tmp' wurde durch Cloud-Sicherheit geprüft. SHA256 = 494431EE9F7AC299B3BF1418C1B789C7BF36BD4A83C2435BFC02BE7825E086F7
Die Datei 'C:\Windows\Temp\A3B3.tmp' wurde durch Cloud-Sicherheit geprüft. SHA256 = ACC95D1143AF8F7E318C6C6E44D9D774466D2900A51E92A088B941818D03ECBA
C:\Windows\Temp\A3B3.tmp (SHA-256: acc95d1143af8f7e318c6c6e44d9d774466d2900a51e92a088b941818d03ecba)
  [FUND]      Enthält verdächtigen Code HEUR/APC (Cloud)
Beginne mit der Suche in 'E:\' <Medien>
Die Datei 'E:\Spiele\Emulatoren\Super Nintendo\ZSNES\zsnesw.exe' wurde durch Cloud-Sicherheit geprüft. SHA256 = 9E5D23F86A4B7D07B6942224CA54E2BE0FE5575CCC4B00305315280356792774
Die Datei 'E:\Spiele\Emulatoren\Super Nintendo\ZSNES1337\ZSNESW.EXE' wurde durch Cloud-Sicherheit geprüft. SHA256 = 3D8D4E83973C533787B4B3DEC6BA8919B97C2758790E98E82B80F1AE4B3B8071
Die Datei wurde im Zwischenspeicher in 'E:\Spiele\IndustrieGigant2\UNWISE.EXE' gefunden; der Scan Cloud-Sicherheit wurde übersprungen. SHA256 = F1B7A623B1C9CBA5A48D331DCD5742D471C8FFCE17689C62D73C023A696CD6E6
Beginne mit der Suche in 'F:\' <Daten>
Die Datei 'F:\CPP\CML_Examples\aeroassault\aeroassault.exe' wurde durch Cloud-Sicherheit geprüft. SHA256 = 67E0C59F7DDAFC428E58E5A993DD2973B9140DED6881A4B03FE7D6BE6779D2BF
Die Datei 'F:\CPP\CML_Examples\prime\prime.exe' wurde durch Cloud-Sicherheit geprüft. SHA256 = D69871F87F1A09D15C2CF997C71337353C3E72D8043150E3EE54700D35052489
Die Datei 'F:\CPP\CML_Examples\reload\reload.exe' wurde durch Cloud-Sicherheit geprüft. SHA256 = 53D840527A979313C86E88C1DB2A869CC96C0C82C2D89316E0BA491051359A62
Die Datei 'F:\CPP\CML_Tutorials\cml_animation\cml_animation.exe' wurde zur Cloud-Sicherheit hochgeladen und analysiert. SHA256 = CB1CD9483CD54F4BDD87DA5B69F61AFFE34F821C69A2ECA76170A61B0DD8CA3A
F:\CPP\CML_Tutorials\cml_animation\cml_animation.exe (SHA-256: cb1cd9483cd54f4bdd87da5b69f61affe34f821c69a2eca76170a61b0dd8ca3a)
  [INFO]      Die Datei 'F:\CPP\CML_Tutorials\cml_animation\cml_animation.exe' wurde zur Cloud-Sicherheit hochgeladen und analysiert.
Die Datei 'F:\Setups\Grundausstattung\FileZilla_3.3.5.1_win32-setup.exe' wurde durch Cloud-Sicherheit geprüft. SHA256 = 203134866169093BD61A0F51C17A452C370CCDCA50A87B22D5C86EFCAE47E3E9
Die Datei 'F:\Setups\Grundausstattung\Firefox Setup 3.6.10.exe' wurde durch Cloud-Sicherheit geprüft. SHA256 = B9EA08A9E5200F04A74992C8E88DD232330011A888DB2685B51700FD12773961
Die Datei 'F:\Setups\Grundausstattung\Firefox Setup 4.0.exe' wurde durch Cloud-Sicherheit geprüft. SHA256 = 0DF609501D5A7BBAA37DF4D761B810AD86CFA14B9AFE269BE2A4D458251D7AFB
Die Datei 'F:\Setups\Musik Video\Setup_FreeFlvConverter.exe' wurde durch Cloud-Sicherheit geprüft. SHA256 = FEAD933B5582D5051EA9CA6BF6647D61C712597B88066E3A8A5C0600C6FE78AA
Die Datei 'F:\Setups\Programmierung\Delphi\dglsdk_2005_1.exe' wurde durch Cloud-Sicherheit geprüft. SHA256 = 48BF41C6D96FC6F636C1FDDF891898A8468A30A1CC8CB7173298A7D66618E21F
Die Datei 'F:\Setups\Programmierung\Delphi\abc\dotNETJSharp\vjredist-LP.exe' wurde durch Cloud-Sicherheit geprüft. SHA256 = 3D309743D3DDFFDEE473485C81ACA4888950324EE9DA208093D2FA94F0C411AC
Die Datei 'F:\Setups\Programmierung\Delphi\Delphi 2005\dotNETJSharp\vjredist-LP.exe' wurde durch Cloud-Sicherheit geprüft. SHA256 = 3D309743D3DDFFDEE473485C81ACA4888950324EE9DA208093D2FA94F0C411AC
Die Datei 'F:\Setups\RPG Maker\Tools\KeyPatch-Zeug\PatchUpdate.exe' wurde durch Cloud-Sicherheit geprüft. SHA256 = 1789111EF4B7ED07BFA80635A6B8A4A8F3220D644EC2573733E71948CEB3953C
F:\Setups\RPG Maker\Tools\KeyPatch-Zeug\PatchUpdate.exe (SHA-256: 1789111ef4b7ed07bfa80635a6b8a4a8f3220d644ec2573733e71948ceb3953c)
  [FUND]      Enthält verdächtigen Code HEUR/APC (Cloud)
Die Datei 'F:\Setups\Spiele\Patches\giants_patch14.exe' wurde durch Cloud-Sicherheit geprüft. SHA256 = B54159B3F27C98C882D3A51EE2D8DFEEB9E7649E798BBEFEE4BD480E52D9F092
Die Datei 'F:\Setups\Wartung & Optimierung\everesthome220.exe' wurde durch Cloud-Sicherheit geprüft. SHA256 = 0C67AFCE028AD17C83DA5EA3D335898AB7AF4D7B2E5425A7458C20623B339481
Die Datei 'F:\Sicherung\Handy\manuelle Sicherung\Download\eduroam-mwn-win8.exe' wurde durch Cloud-Sicherheit geprüft. SHA256 = E396F828203BD9737D70E26D3D36ADF4A7DAFC1BB60BDE4AE3442F5DE63D243C
Die Datei 'F:\SteamLibrary\SteamApps\common\Banished\Application-steam-x32.exe' wurde durch Cloud-Sicherheit geprüft. SHA256 = 554C9686F0487E4192304F89431E94B9B6A0DB0C191F28B71505120FBDD79C09
Die Datei 'F:\SteamLibrary\SteamApps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe' wurde durch Cloud-Sicherheit geprüft. SHA256 = B96AAB05C2A3E767FDE271A14A0052915D89418F000F5BDE75B74777608721F1
Die Datei 'F:\SteamLibrary\SteamApps\common\Ticket to Ride\Ticket to Ride.exe' wurde durch Cloud-Sicherheit geprüft. SHA256 = 913E06B7998F2484AC72DC01270B8A792BAB2EC6826DA16C8B36D05293A59210
Die Datei 'F:\SteamLibrary\SteamApps\common\To the Moon\To the Moon\To the Moon.exe' wurde durch Cloud-Sicherheit geprüft. SHA256 = F1039DF2A25D1C2EE5D1F97CA2C16C15D7F507FD71D193BDE997EF7AB9B4EA53
Die Datei 'F:\Stick\Grundausstattung\FileZilla_3.3.4.1_win32-setup.exe' wurde durch Cloud-Sicherheit geprüft. SHA256 = 33D9722E0F5F1E709005EA2FB151E4B229D41FE75385C9D945B07D62A76B3DDC
Die Datei 'F:\Stick\Grundausstattung\Firefox Setup 3.6.10.exe' wurde durch Cloud-Sicherheit geprüft. SHA256 = B9EA08A9E5200F04A74992C8E88DD232330011A888DB2685B51700FD12773961
Beginne mit der Suche in 'G:\' <System-reserviert>
Beginne mit der Suche in 'H:\' <Solid State>
Die Datei 'H:\Spiele\SteamLibrary\steamapps\common\Dear Esther\bin\vguimatsurface.dll' wurde durch Cloud-Sicherheit geprüft. SHA256 = 6906347277DFE98E3E4E5721D6BCEFCBE51C67724B1796A28081C9E5F15CF96C
Die Datei 'H:\Spiele\SteamLibrary\steamapps\common\Guacamelee\Guac.exe' wurde durch Cloud-Sicherheit geprüft. SHA256 = D8C8FBBD2C6370A83209F655B0868BBF2ADA48809F5180840995D87C3EDEBC7B

Beginne mit der Desinfektion:
F:\Setups\RPG Maker\Tools\KeyPatch-Zeug\PatchUpdate.exe (SHA-256: 1789111ef4b7ed07bfa80635a6b8a4a8f3220d644ec2573733e71948ceb3953c)
  [FUND]      Enthält verdächtigen Code HEUR/APC (Cloud)
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5f6b9aa6.qua' verschoben!
C:\Windows\Temp\A3B3.tmp (SHA-256: acc95d1143af8f7e318c6c6e44d9d774466d2900a51e92a088b941818d03ecba)
  [FUND]      Enthält verdächtigen Code HEUR/APC (Cloud)
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '47aeb53d.qua' verschoben!
C:\Windows\Temp\3B3E.tmp (SHA-256: acc95d1143af8f7e318c6c6e44d9d774466d2900a51e92a088b941818d03ecba)
  [FUND]      Enthält verdächtigen Code HEUR/APC (Cloud)
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '15e2efc7.qua' verschoben!


Ende des Suchlaufs: Freitag, 7. Oktober 2016  07:52
Benötigte Zeit:  5:57:16 Stunde(n)

Der Suchlauf wurde vollständig durchgeführt.

 184100 Verzeichnisse wurden überprüft
 8415489 Dateien wurden geprüft
      3 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      3 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
 8415486 Dateien ohne Befall
  77422 Archive wurden durchsucht
      2 Warnungen
      3 Hinweise
 1982833 Objekte wurden beim Rootkitscan durchsucht
      0 Versteckte Objekte wurden gefunden
         

Alt 07.10.2016, 15:48   #9
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Backdoor "BDS/Cycbotcfg" in Firefox Cache gefunden - Standard

Backdoor "BDS/Cycbotcfg" in Firefox Cache gefunden



Spybot bitte deinstallieren.

Schritt 1
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 07.10.2016, 18:16   #10
Esdeh
 
Backdoor "BDS/Cycbotcfg" in Firefox Cache gefunden - Standard

Backdoor "BDS/Cycbotcfg" in Firefox Cache gefunden



Log TDSSKiller:

Code:
ATTFilter
18:11:28.0476 0x19b0  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
18:11:39.0895 0x19b0  ============================================================
18:11:39.0896 0x19b0  Current date / time: 2016/10/07 18:11:39.0895
18:11:39.0896 0x19b0  SystemInfo:
18:11:39.0896 0x19b0  
18:11:39.0896 0x19b0  OS Version: 6.1.7601 ServicePack: 1.0
18:11:39.0896 0x19b0  Product type: Workstation
18:11:39.0896 0x19b0  ComputerName: STV-DESKTOP
18:11:39.0896 0x19b0  UserName: Admin
18:11:39.0896 0x19b0  Windows directory: C:\Windows
18:11:39.0896 0x19b0  System windows directory: C:\Windows
18:11:39.0896 0x19b0  Running under WOW64
18:11:39.0896 0x19b0  Processor architecture: Intel x64
18:11:39.0896 0x19b0  Number of processors: 8
18:11:39.0896 0x19b0  Page size: 0x1000
18:11:39.0896 0x19b0  Boot type: Normal boot
18:11:39.0896 0x19b0  CodeIntegrityOptions = 0x00000001
18:11:39.0896 0x19b0  ============================================================
18:11:41.0087 0x19b0  KLMD registered as C:\Windows\system32\drivers\60555713.sys
18:11:41.0087 0x19b0  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23539, osProperties = 0x1
18:11:41.0164 0x19b0  System UUID: {6BC52909-7BF5-476F-9585-6B54B4D797B3}
18:11:41.0396 0x19b0  Drive \Device\Harddisk2\DR2 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:11:41.0412 0x19b0  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:11:41.0415 0x19b0  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:11:41.0418 0x19b0  ============================================================
18:11:41.0418 0x19b0  \Device\Harddisk2\DR2:
18:11:41.0418 0x19b0  MBR partitions:
18:11:41.0418 0x19b0  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:11:41.0418 0x19b0  \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x172E6000
18:11:41.0419 0x19b0  \Device\Harddisk0\DR0:
18:11:41.0419 0x19b0  MBR partitions:
18:11:41.0419 0x19b0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x30D40000
18:11:41.0419 0x19b0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x30D40800, BlocksNum 0x30D40000
18:11:41.0419 0x19b0  \Device\Harddisk1\DR1:
18:11:41.0419 0x19b0  MBR partitions:
18:11:41.0419 0x19b0  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
18:11:41.0419 0x19b0  ============================================================
18:11:41.0420 0x19b0  C: <-> \Device\Harddisk2\DR2\Partition2
18:11:41.0438 0x19b0  E: <-> \Device\Harddisk0\DR0\Partition1
18:11:41.0439 0x19b0  G: <-> \Device\Harddisk2\DR2\Partition1
18:11:41.0478 0x19b0  F: <-> \Device\Harddisk0\DR0\Partition2
18:11:41.0479 0x19b0  H: <-> \Device\Harddisk1\DR1\Partition1
18:11:41.0479 0x19b0  ============================================================
18:11:41.0479 0x19b0  Initialize success
18:11:41.0479 0x19b0  ============================================================
18:12:16.0291 0x14f0  ============================================================
18:12:16.0291 0x14f0  Scan started
18:12:16.0291 0x14f0  Mode: Manual; SigCheck; TDLFS; 
18:12:16.0291 0x14f0  ============================================================
18:12:16.0291 0x14f0  KSN ping started
18:12:16.0396 0x14f0  KSN ping finished: true
18:12:20.0572 0x14f0  ================ Scan system memory ========================
18:12:20.0572 0x14f0  System memory - ok
18:12:20.0572 0x14f0  ================ Scan services =============================
18:12:20.0645 0x14f0  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:12:20.0702 0x14f0  1394ohci - ok
18:12:20.0714 0x14f0  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:12:20.0725 0x14f0  ACPI - ok
18:12:20.0728 0x14f0  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:12:20.0763 0x14f0  AcpiPmi - ok
18:12:20.0775 0x14f0  [ DC00FD73505DAEDD99CAF4533B0C05BD, 2863D1F0587B79254FBE093C191C73892768CF2AC59BEF97745EE66CEE3473AF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:12:20.0788 0x14f0  AdobeARMservice - ok
18:12:20.0822 0x14f0  [ 8FC33A20D54FB5CC7FBBA814B4E42A22, 707F61F0CEB9467D9BD1782868403BD53DB46EAB0342772661F370E5174AAD8C ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:12:20.0841 0x14f0  AdobeFlashPlayerUpdateSvc - ok
18:12:20.0852 0x14f0  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
18:12:20.0872 0x14f0  adp94xx - ok
18:12:20.0879 0x14f0  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
18:12:20.0897 0x14f0  adpahci - ok
18:12:20.0902 0x14f0  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
18:12:20.0916 0x14f0  adpu320 - ok
18:12:20.0920 0x14f0  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:12:20.0960 0x14f0  AeLookupSvc - ok
18:12:20.0970 0x14f0  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
18:12:20.0986 0x14f0  AFD - ok
18:12:20.0990 0x14f0  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
18:12:21.0001 0x14f0  agp440 - ok
18:12:21.0004 0x14f0  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
18:12:21.0014 0x14f0  ALG - ok
18:12:21.0017 0x14f0  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:12:21.0026 0x14f0  aliide - ok
18:12:21.0032 0x14f0  [ 66B54471B5856E314947881E28263A6D, 2D60706B52A2CE98FF806337D62CD010C1DEB2AEDDF899C7B67173928B2D7C4C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:12:21.0056 0x14f0  AMD External Events Utility - ok
18:12:21.0058 0x14f0  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
18:12:21.0067 0x14f0  amdide - ok
18:12:21.0070 0x14f0  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
18:12:21.0083 0x14f0  AmdK8 - ok
18:12:21.0278 0x14f0  [ FBB35875FEFE53D4280259842069ED72, B1A1B5799A6C50C244182CD201A1E9FCB7BE3B5ED4BB2E2E6BCF8E1BF53B75DB ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
18:12:21.0494 0x14f0  amdkmdag - ok
18:12:21.0515 0x14f0  [ A32BCAD9377E3B75D034CAFBA463A0AE, F504895D9C9CD1B4607806BCAF15A1CBFBAC2E5824903277A1350C9F35045602 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
18:12:21.0537 0x14f0  amdkmdap - ok
18:12:21.0540 0x14f0  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
18:12:21.0553 0x14f0  AmdPPM - ok
18:12:21.0557 0x14f0  [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:12:21.0569 0x14f0  amdsata - ok
18:12:21.0574 0x14f0  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
18:12:21.0588 0x14f0  amdsbs - ok
18:12:21.0590 0x14f0  [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:12:21.0600 0x14f0  amdxata - ok
18:12:21.0623 0x14f0  [ 70EE2EA42E9F20B794C4804454F1A37A, 49B615BF138E2C5AFF04EFDF7928D49117DF41DCD48922683E4D3D3FD0DF9A04 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
18:12:21.0648 0x14f0  AntiVirMailService - ok
18:12:21.0658 0x14f0  [ 9E6642340CC7C685E07981F0B43B661A, A6CC970817B616CB4BBF37089DC687567EABC2DC326CBACBF1E370AC98E5D65A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
18:12:21.0677 0x14f0  AntiVirSchedulerService - ok
18:12:21.0688 0x14f0  [ 9E6642340CC7C685E07981F0B43B661A, A6CC970817B616CB4BBF37089DC687567EABC2DC326CBACBF1E370AC98E5D65A ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
18:12:21.0705 0x14f0  AntiVirService - ok
18:12:21.0730 0x14f0  [ 96812A05A4C39CC55CF0CD286C3D6B8F, 18F38ACB3E87EFFD9B3A1126B0C4FF6CE3A6F327E01A6FC8AB2DCFFE9BF58953 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
18:12:21.0758 0x14f0  AntiVirWebService - ok
18:12:21.0762 0x14f0  [ 52F8C264D3BF90D2726FDE6642A381D4, 3780CCB0E4B89CAD818C887D65677EAB30F5ACC91FC1E6D0818F792A8D731137 ] AppID           C:\Windows\system32\drivers\appid.sys
18:12:21.0772 0x14f0  AppID - ok
18:12:21.0774 0x14f0  [ 2C49C5C911D1BE2A815BC183C0B2FED1, DDF299E05626E40417C135571F7ED78FB8BC4DD78907980316A6A277D0096074 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:12:21.0781 0x14f0  AppIDSvc - ok
18:12:21.0785 0x14f0  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll
18:12:21.0793 0x14f0  Appinfo - ok
18:12:21.0797 0x14f0  [ CC19A6452BA688EA32D14D8DBEC190F4, 6D52B63926E1766DB8BD00CC5CC0AD9EA3B68FC1E6C66FAF4E899606437468A3 ] AppleCharger    C:\Windows\system32\DRIVERS\AppleCharger.sys
18:12:21.0807 0x14f0  AppleCharger - ok
18:12:21.0810 0x14f0  [ 95EF7247C50C7241FDAE39A9B3AFF4AE, 6E08FB095C04B2E217B139D6431336C0F24C128A2A83082A3085DC8C44AA247D ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
18:12:21.0821 0x14f0  AppleChargerSrv - ok
18:12:21.0826 0x14f0  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
18:12:21.0837 0x14f0  AppMgmt - ok
18:12:21.0840 0x14f0  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
18:12:21.0853 0x14f0  arc - ok
18:12:21.0857 0x14f0  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
18:12:21.0869 0x14f0  arcsas - ok
18:12:21.0872 0x14f0  [ E536856E96A7605EBF580D62A868E5FE, 70D0F6ECB05E923C1B274605CB3320091D35D7622003FF7E4806645519C70F01 ] ASGT            C:\Windows\SysWOW64\ASGT.exe
18:12:21.0880 0x14f0  ASGT - detected UnsignedFile.Multi.Generic ( 1 )
18:12:21.0963 0x14f0  Detect skipped due to KSN trusted
18:12:21.0963 0x14f0  ASGT - ok
18:12:21.0975 0x14f0  [ 2AC1E04A3542137F5C28C509FE0EB430, 66E507AB2905505080E32B83693690EA232B7E68204874861FA1C932DA61F0C6 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:12:21.0983 0x14f0  aspnet_state - ok
18:12:21.0986 0x14f0  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:12:22.0006 0x14f0  AsyncMac - ok
18:12:22.0009 0x14f0  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
18:12:22.0015 0x14f0  atapi - ok
18:12:22.0019 0x14f0  [ 770A3B0D78232B0C1054495392A1FBA3, 733BB08BAFE42E848F3A3CDFD80A2C37DB829CAD2E18B3D6299FDEE6EF30C9CD ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
18:12:22.0033 0x14f0  AtiHDAudioService - ok
18:12:22.0045 0x14f0  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:12:22.0066 0x14f0  AudioEndpointBuilder - ok
18:12:22.0078 0x14f0  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:12:22.0094 0x14f0  AudioSrv - ok
18:12:22.0099 0x14f0  [ E0304A40460FFFB14F3B067660518B9E, 68885E98ABBE72DC5EA9EEA30D1499B8E97E0963A0F19830C1F2D22689288AD4 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
18:12:22.0113 0x14f0  avgntflt - ok
18:12:22.0117 0x14f0  [ DBEFDCF8A5258A483B672EB9825E5F7F, B36CFC6FD723F43622EDB97157A0CA00494EF0C47D345DF7356B5C17B3D83513 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
18:12:22.0132 0x14f0  avipbb - ok
18:12:22.0140 0x14f0  [ A177265C1777ABE56B22D921F91DDC38, D4E9C5BFC65063EDA015723058805B03C51F5B7456B404A4548CEC8DF6A3F7B7 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
18:12:22.0152 0x14f0  Avira.ServiceHost - ok
18:12:22.0155 0x14f0  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
18:12:22.0164 0x14f0  avkmgr - ok
18:12:22.0168 0x14f0  [ 138A53D17B040F5A3A307D44A89D0905, AD212E430F2DE43F037BECF6A46FCD53270A5EE11427030C7D5CBC3EAAAAA029 ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
18:12:22.0179 0x14f0  avnetflt - ok
18:12:22.0184 0x14f0  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:12:22.0202 0x14f0  AxInstSV - ok
18:12:22.0211 0x14f0  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
18:12:22.0232 0x14f0  b06bdrv - ok
18:12:22.0238 0x14f0  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:12:22.0255 0x14f0  b57nd60a - ok
18:12:22.0259 0x14f0  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:12:22.0268 0x14f0  BDESVC - ok
18:12:22.0271 0x14f0  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:12:22.0291 0x14f0  Beep - ok
18:12:22.0294 0x14f0  [ B1359701847FF1FF415FA083F1610F48, 991F995B9CF614549F5F7EB5C5B2D47F34EFF0F47B35C4BF4CE716666B9DA1D3 ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
18:12:22.0303 0x14f0  BEService - detected UnsignedFile.Multi.Generic ( 1 )
18:12:22.0424 0x14f0  BEService ( UnsignedFile.Multi.Generic ) - warning
18:12:22.0555 0x14f0  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
18:12:22.0576 0x14f0  BFE - ok
18:12:22.0591 0x14f0  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
18:12:22.0625 0x14f0  BITS - ok
18:12:22.0629 0x14f0  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:12:22.0642 0x14f0  blbdrive - ok
18:12:22.0652 0x14f0  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:12:22.0671 0x14f0  Bonjour Service - ok
18:12:22.0675 0x14f0  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:12:22.0684 0x14f0  bowser - ok
18:12:22.0686 0x14f0  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
18:12:22.0698 0x14f0  BrFiltLo - ok
18:12:22.0700 0x14f0  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
18:12:22.0710 0x14f0  BrFiltUp - ok
18:12:22.0715 0x14f0  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
18:12:22.0724 0x14f0  Browser - ok
18:12:22.0730 0x14f0  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:12:22.0748 0x14f0  Brserid - ok
18:12:22.0751 0x14f0  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:12:22.0765 0x14f0  BrSerWdm - ok
18:12:22.0767 0x14f0  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:12:22.0778 0x14f0  BrUsbMdm - ok
18:12:22.0781 0x14f0  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:12:22.0791 0x14f0  BrUsbSer - ok
18:12:22.0794 0x14f0  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
18:12:22.0807 0x14f0  BTHMODEM - ok
18:12:22.0812 0x14f0  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
18:12:22.0832 0x14f0  bthserv - ok
18:12:22.0836 0x14f0  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:12:22.0857 0x14f0  cdfs - ok
18:12:22.0861 0x14f0  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:12:22.0876 0x14f0  cdrom - ok
18:12:22.0879 0x14f0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:12:22.0899 0x14f0  CertPropSvc - ok
18:12:22.0902 0x14f0  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
18:12:22.0916 0x14f0  circlass - ok
18:12:22.0923 0x14f0  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
18:12:22.0935 0x14f0  CLFS - ok
18:12:22.0941 0x14f0  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:12:22.0949 0x14f0  clr_optimization_v2.0.50727_32 - ok
18:12:22.0954 0x14f0  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:12:22.0962 0x14f0  clr_optimization_v2.0.50727_64 - ok
18:12:22.0973 0x14f0  [ 19E11CACD01FCB8C63DED05319074420, 7A5972525CC20679A682C738475D968A89E1453BBBF070A18E6216ED7801A3C2 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:12:22.0984 0x14f0  clr_optimization_v4.0.30319_32 - ok
18:12:22.0987 0x14f0  [ F71413E276F4EDA3BFD1B51C1FDBAD5E, 29A1B39F8DB96612442016439D3AC968678298CB46EE95CF2D11C71881353F65 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:12:22.0996 0x14f0  clr_optimization_v4.0.30319_64 - ok
18:12:22.0998 0x14f0  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
18:12:23.0009 0x14f0  CmBatt - ok
18:12:23.0011 0x14f0  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:12:23.0021 0x14f0  cmdide - ok
18:12:23.0030 0x14f0  [ 3323F76352B0AF14B2CDC4DFBF3E980A, F8E3C3508C37E647497B6889F26819B1DB30275F48A994D1BBFBAA9454E5FD70 ] CNG             C:\Windows\system32\Drivers\cng.sys
18:12:23.0047 0x14f0  CNG - ok
18:12:23.0050 0x14f0  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
18:12:23.0060 0x14f0  Compbatt - ok
18:12:23.0063 0x14f0  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
18:12:23.0076 0x14f0  CompositeBus - ok
18:12:23.0078 0x14f0  COMSysApp - ok
18:12:23.0080 0x14f0  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
18:12:23.0090 0x14f0  crcdisk - ok
18:12:23.0096 0x14f0  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:12:23.0107 0x14f0  CryptSvc - ok
18:12:23.0119 0x14f0  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
18:12:23.0136 0x14f0  CSC - ok
18:12:23.0166 0x14f0  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
18:12:23.0208 0x14f0  CscService - ok
18:12:23.0312 0x14f0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:12:23.0380 0x14f0  DcomLaunch - ok
18:12:23.0426 0x14f0  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
18:12:23.0485 0x14f0  defragsvc - ok
18:12:23.0523 0x14f0  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:12:23.0583 0x14f0  DfsC - ok
18:12:23.0689 0x14f0  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:12:23.0744 0x14f0  Dhcp - ok
18:12:23.0758 0x14f0  [ 05F99DFF3A8D705F9AA6B87224F7BEB1, DDE133A44A330A07A0EB961559C840BBFC9D9E0CCA27DE0B4284C76BCAD31EDE ] DirMngr         C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
18:12:23.0780 0x14f0  DirMngr - detected UnsignedFile.Multi.Generic ( 1 )
18:12:23.0859 0x14f0  Detect skipped due to KSN trusted
18:12:23.0859 0x14f0  DirMngr - ok
18:12:23.0866 0x14f0  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
18:12:23.0887 0x14f0  discache - ok
18:12:23.0893 0x14f0  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
18:12:23.0907 0x14f0  Disk - ok
18:12:23.0915 0x14f0  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
18:12:23.0929 0x14f0  dmvsc - ok
18:12:23.0935 0x14f0  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:12:23.0946 0x14f0  Dnscache - ok
18:12:23.0952 0x14f0  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:12:23.0976 0x14f0  dot3svc - ok
18:12:23.0981 0x14f0  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
18:12:24.0003 0x14f0  DPS - ok
18:12:24.0006 0x14f0  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:12:24.0016 0x14f0  drmkaud - ok
18:12:24.0023 0x14f0  [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
18:12:24.0032 0x14f0  dtsoftbus01 - ok
18:12:24.0049 0x14f0  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:12:24.0069 0x14f0  DXGKrnl - ok
18:12:24.0074 0x14f0  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
18:12:24.0096 0x14f0  EapHost - ok
18:12:24.0098 0x14f0  EasyAntiCheat - ok
18:12:24.0151 0x14f0  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
18:12:24.0271 0x14f0  ebdrv - ok
18:12:24.0276 0x14f0  [ 07932D7BA536B0BB58306A156A9AFC31, 315AA4503A9C69E476D796C8DC6D4800A623B942C8707A15A94A892E94D123D9 ] EFS             C:\Windows\System32\lsass.exe
18:12:24.0284 0x14f0  EFS - ok
18:12:24.0298 0x14f0  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:12:24.0320 0x14f0  ehRecvr - ok
18:12:24.0325 0x14f0  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
18:12:24.0335 0x14f0  ehSched - ok
18:12:24.0347 0x14f0  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
18:12:24.0382 0x14f0  elxstor - ok
18:12:24.0384 0x14f0  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:12:24.0396 0x14f0  ErrDev - ok
18:12:24.0404 0x14f0  [ 84486624268E078255BC7AA47F0960BC, EC2540698B974572F0AC4A93D57C63295BAF66BF50F7416B9DFF5DE790EBDBE7 ] etdrv           C:\Windows\etdrv.sys
18:12:24.0415 0x14f0  etdrv - ok
18:12:24.0421 0x14f0  [ 3DBC10CBC436288801FAEE66DE91AE47, CE50732C43AEB8ACF977DF7CF609C88CB022E596EBE0C0AA9DDBC4D6BB25B804 ] EtronHub3       C:\Windows\system32\Drivers\EtronHub3.sys
18:12:24.0447 0x14f0  EtronHub3 - ok
18:12:24.0457 0x14f0  [ DE261095A2220D400D9603E1E42D4185, F5C4493EDCE92EC46BC7940764F719131FE27AE695201EDF143D678881CD239D ] EtronXHCI       C:\Windows\system32\Drivers\EtronXHCI.sys
18:12:24.0469 0x14f0  EtronXHCI - ok
18:12:24.0478 0x14f0  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
18:12:24.0504 0x14f0  EventSystem - ok
18:12:24.0509 0x14f0  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
18:12:24.0532 0x14f0  exfat - ok
18:12:24.0538 0x14f0  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:12:24.0561 0x14f0  fastfat - ok
18:12:24.0574 0x14f0  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
18:12:24.0594 0x14f0  Fax - ok
18:12:24.0597 0x14f0  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
18:12:24.0607 0x14f0  fdc - ok
18:12:24.0610 0x14f0  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
18:12:24.0629 0x14f0  fdPHost - ok
18:12:24.0632 0x14f0  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:12:24.0652 0x14f0  FDResPub - ok
18:12:24.0655 0x14f0  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:12:24.0662 0x14f0  FileInfo - ok
18:12:24.0664 0x14f0  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:12:24.0685 0x14f0  Filetrace - ok
18:12:24.0688 0x14f0  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
18:12:24.0699 0x14f0  flpydisk - ok
18:12:24.0706 0x14f0  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:12:24.0717 0x14f0  FltMgr - ok
18:12:24.0737 0x14f0  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
18:12:24.0765 0x14f0  FontCache - ok
18:12:24.0769 0x14f0  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:12:24.0775 0x14f0  FontCache3.0.0.0 - ok
18:12:24.0778 0x14f0  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:12:24.0785 0x14f0  FsDepends - ok
18:12:24.0788 0x14f0  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:12:24.0794 0x14f0  Fs_Rec - ok
18:12:24.0800 0x14f0  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:12:24.0810 0x14f0  fvevol - ok
18:12:24.0814 0x14f0  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
18:12:24.0825 0x14f0  gagp30kx - ok
18:12:24.0827 0x14f0  [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv            C:\Windows\gdrv.sys
18:12:24.0836 0x14f0  gdrv - ok
18:12:24.0839 0x14f0  [ A1F556318931B9EA276F4E2DA2C1791C, 1E5564A9B213689C56BFBBEC1A7BBFAD78DF1FB55422171C0680935338C5DE57 ] ggflt           C:\Windows\system32\DRIVERS\ggflt.sys
18:12:24.0848 0x14f0  ggflt - ok
18:12:24.0851 0x14f0  [ 7F56A3E09A6AD40B07E4EFAD34A40A18, E0EC4293035162E9EFA89A45FFF26B5BC829F7BB7F4D2D5A2CAA5E88AC6DC0C9 ] ggsomc          C:\Windows\system32\DRIVERS\ggsomc.sys
18:12:24.0861 0x14f0  ggsomc - ok
18:12:24.0875 0x14f0  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
18:12:24.0897 0x14f0  gpsvc - ok
18:12:24.0901 0x14f0  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:12:24.0908 0x14f0  gupdate - ok
18:12:24.0912 0x14f0  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:12:24.0919 0x14f0  gupdatem - ok
18:12:24.0922 0x14f0  [ 8126331FBD4ED29EB3B356F9C905064D, A58BCE904591DD762410E99960FD956FB579C2CE78FA7BF1406075D29537EF82 ] GVTDrv64        C:\Windows\GVTDrv64.sys
18:12:24.0932 0x14f0  GVTDrv64 - ok
18:12:24.0935 0x14f0  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:12:24.0947 0x14f0  hcw85cir - ok
18:12:24.0955 0x14f0  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:12:24.0975 0x14f0  HdAudAddService - ok
18:12:24.0979 0x14f0  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
18:12:24.0989 0x14f0  HDAudBus - ok
18:12:24.0992 0x14f0  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
18:12:25.0003 0x14f0  HidBatt - ok
18:12:25.0007 0x14f0  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
18:12:25.0021 0x14f0  HidBth - ok
18:12:25.0023 0x14f0  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
18:12:25.0036 0x14f0  HidIr - ok
18:12:25.0039 0x14f0  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
18:12:25.0060 0x14f0  hidserv - ok
18:12:25.0062 0x14f0  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:12:25.0073 0x14f0  HidUsb - ok
18:12:25.0076 0x14f0  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:12:25.0097 0x14f0  hkmsvc - ok
18:12:25.0103 0x14f0  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:12:25.0114 0x14f0  HomeGroupListener - ok
18:12:25.0119 0x14f0  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:12:25.0129 0x14f0  HomeGroupProvider - ok
18:12:25.0133 0x14f0  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:12:25.0145 0x14f0  HpSAMD - ok
18:12:25.0232 0x14f0  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:12:25.0285 0x14f0  HTTP - ok
18:12:25.0298 0x14f0  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:12:25.0305 0x14f0  hwpolicy - ok
18:12:25.0318 0x14f0  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
18:12:25.0352 0x14f0  i8042prt - ok
18:12:25.0402 0x14f0  [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:12:25.0456 0x14f0  iaStorV - ok
18:12:25.0462 0x14f0  [ 33D4D4A24791587E83F7EE05A446FB7E, 081E48AF76D7D3A71850A4C910EFBB0B280235E2A5303178B0338230F4BA2DE2 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
18:12:25.0475 0x14f0  ICCS - detected UnsignedFile.Multi.Generic ( 1 )
18:12:25.0563 0x14f0  Detect skipped due to KSN trusted
18:12:25.0563 0x14f0  ICCS - ok
18:12:25.0566 0x14f0  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
18:12:25.0579 0x14f0  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
18:12:25.0659 0x14f0  Detect skipped due to KSN trusted
18:12:25.0659 0x14f0  IDriverT - ok
18:12:25.0674 0x14f0  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:12:25.0697 0x14f0  idsvc - ok
18:12:25.0700 0x14f0  IEEtwCollectorService - ok
18:12:25.0703 0x14f0  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
18:12:25.0713 0x14f0  iirsp - ok
18:12:25.0729 0x14f0  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
18:12:25.0752 0x14f0  IKEEXT - ok
18:12:25.0765 0x14f0  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
18:12:25.0789 0x14f0  Intel(R) Capability Licensing Service Interface - ok
18:12:25.0792 0x14f0  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
18:12:25.0802 0x14f0  intelide - ok
18:12:25.0805 0x14f0  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:12:25.0813 0x14f0  intelppm - ok
18:12:25.0816 0x14f0  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:12:25.0838 0x14f0  IPBusEnum - ok
18:12:25.0841 0x14f0  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:12:25.0861 0x14f0  IpFilterDriver - ok
18:12:25.0873 0x14f0  [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:12:25.0910 0x14f0  iphlpsvc - ok
18:12:25.0914 0x14f0  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:12:25.0929 0x14f0  IPMIDRV - ok
18:12:25.0936 0x14f0  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:12:26.0692 0x14f0  IPNAT - ok
18:12:26.0694 0x14f0  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:12:26.0706 0x14f0  IRENUM - ok
18:12:26.0708 0x14f0  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:12:26.0718 0x14f0  isapnp - ok
18:12:26.0725 0x14f0  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:12:26.0741 0x14f0  iScsiPrt - ok
18:12:26.0744 0x14f0  [ D596D915CF091DA1F8CE4BD38BB5D509, 9B4D246B6886FFD9BE329F3543B819FC010661B0F70206F16ECBF25A7B12AA6F ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
18:12:26.0752 0x14f0  iusb3hcs - ok
18:12:26.0761 0x14f0  [ 023896E23B61543A15A230EED996D911, 2F8D15B67AB2C1E87EA46F2CB9DBA564865D89DEA93A83B44A9B148883B96731 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
18:12:26.0776 0x14f0  iusb3hub - ok
18:12:26.0792 0x14f0  [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E, E7ED64DD26FD4EA04C2C32C33BDA16FB985F3C6F1F8451480A0D24375B7F57AC ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
18:12:26.0814 0x14f0  iusb3xhc - ok
18:12:26.0819 0x14f0  [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
18:12:26.0833 0x14f0  jhi_service - ok
18:12:26.0836 0x14f0  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:12:26.0846 0x14f0  kbdclass - ok
18:12:26.0849 0x14f0  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:12:26.0860 0x14f0  kbdhid - ok
18:12:26.0862 0x14f0  [ 07932D7BA536B0BB58306A156A9AFC31, 315AA4503A9C69E476D796C8DC6D4800A623B942C8707A15A94A892E94D123D9 ] KeyIso          C:\Windows\system32\lsass.exe
18:12:26.0869 0x14f0  KeyIso - ok
18:12:26.0873 0x14f0  [ EB7BB4F58971F4FE099B3CE127346563, 6CE7BF43B5775ABF954508B4B02E441C169990FDFDF35FFE3137C85C1231695B ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:12:26.0880 0x14f0  KSecDD - ok
18:12:26.0885 0x14f0  [ 6EBBA531A455E8F1092FD530A8682A97, 658F9ACADD422A2F1D48120FB4FCBB2E8F0CF245C07D439A2611878E82C61A01 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:12:26.0893 0x14f0  KSecPkg - ok
18:12:26.0896 0x14f0  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:12:26.0916 0x14f0  ksthunk - ok
18:12:26.0923 0x14f0  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:12:26.0950 0x14f0  KtmRm - ok
18:12:26.0954 0x14f0  [ A43A9920D2409BB9DA747D2FD20A2E61, 6D48897F3B9F0D04FC0C09017A34F1614C708476829F275682963F162BCBE8A0 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
18:12:26.0965 0x14f0  L1C - ok
18:12:26.0971 0x14f0  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:12:26.0995 0x14f0  LanmanServer - ok
18:12:26.0999 0x14f0  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:12:27.0022 0x14f0  LanmanWorkstation - ok
18:12:27.0025 0x14f0  [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
18:12:27.0034 0x14f0  LGBusEnum - ok
18:12:27.0037 0x14f0  [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt      C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
18:12:27.0048 0x14f0  LGSHidFilt - ok
18:12:27.0050 0x14f0  [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
18:12:27.0058 0x14f0  LGVirHid - ok
18:12:27.0061 0x14f0  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:12:27.0082 0x14f0  lltdio - ok
18:12:27.0089 0x14f0  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:12:27.0113 0x14f0  lltdsvc - ok
18:12:27.0116 0x14f0  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:12:27.0136 0x14f0  lmhosts - ok
18:12:27.0141 0x14f0  [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:12:27.0254 0x14f0  LMS - ok
18:12:27.0329 0x14f0  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
18:12:27.0421 0x14f0  LSI_FC - ok
18:12:27.0455 0x14f0  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
18:12:27.0516 0x14f0  LSI_SAS - ok
18:12:27.0599 0x14f0  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
18:12:27.0611 0x14f0  LSI_SAS2 - ok
18:12:27.0617 0x14f0  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
18:12:27.0635 0x14f0  LSI_SCSI - ok
18:12:27.0644 0x14f0  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
18:12:27.0671 0x14f0  luafv - ok
18:12:27.0676 0x14f0  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:12:27.0691 0x14f0  Mcx2Svc - ok
18:12:27.0696 0x14f0  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
18:12:27.0709 0x14f0  megasas - ok
18:12:27.0726 0x14f0  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
18:12:27.0755 0x14f0  MegaSR - ok
18:12:27.0759 0x14f0  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
18:12:27.0768 0x14f0  MEIx64 - ok
18:12:27.0775 0x14f0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
18:12:27.0800 0x14f0  MMCSS - ok
18:12:27.0803 0x14f0  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
18:12:27.0824 0x14f0  Modem - ok
18:12:27.0826 0x14f0  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:12:27.0835 0x14f0  monitor - ok
18:12:27.0838 0x14f0  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:12:27.0848 0x14f0  mouclass - ok
18:12:27.0851 0x14f0  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:12:27.0862 0x14f0  mouhid - ok
18:12:27.0866 0x14f0  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:12:27.0873 0x14f0  mountmgr - ok
18:12:27.0878 0x14f0  [ CBCC3A1E47A664CCCBC7A25081C4D88B, BDE4510CED8EF3BB091118FEA8AEB61F0DB402C9B53615A4824896DF9DE3030E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:12:27.0893 0x14f0  MozillaMaintenance - ok
18:12:27.0898 0x14f0  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:12:27.0912 0x14f0  mpio - ok
18:12:27.0915 0x14f0  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:12:27.0936 0x14f0  mpsdrv - ok
18:12:27.0951 0x14f0  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:12:27.0985 0x14f0  MpsSvc - ok
18:12:27.0990 0x14f0  [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:12:28.0000 0x14f0  MRxDAV - ok
18:12:28.0005 0x14f0  [ 341C65D6D4E9AB705258AC83511F7ADD, EE3F0874DA79C95DE5E5CEC94B1545C049DE21D8F05F63184F9F5DE9553C96A0 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:12:28.0015 0x14f0  mrxsmb - ok
18:12:28.0022 0x14f0  [ F93EDDF0B69760456C6E0D73405AC078, 9EE64BAA6449A053C152783AD102DE88C3DBC79F8BEF25E5914DC736D495E9F3 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:12:28.0039 0x14f0  mrxsmb10 - ok
18:12:28.0043 0x14f0  [ A558D659B722FE5FB8C6E1BF288F7316, 3E57FF595E9EA9D53881955E7652793888A4E55743190D653A9239FF07653D7B ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:12:28.0056 0x14f0  mrxsmb20 - ok
18:12:28.0060 0x14f0  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:12:28.0071 0x14f0  msahci - ok
18:12:28.0077 0x14f0  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:12:28.0091 0x14f0  msdsm - ok
18:12:28.0099 0x14f0  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
18:12:28.0117 0x14f0  MSDTC - ok
18:12:28.0123 0x14f0  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:12:28.0145 0x14f0  Msfs - ok
18:12:28.0148 0x14f0  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:12:28.0168 0x14f0  mshidkmdf - ok
18:12:28.0171 0x14f0  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:12:28.0179 0x14f0  msisadrv - ok
18:12:28.0185 0x14f0  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:12:28.0207 0x14f0  MSiSCSI - ok
18:12:28.0209 0x14f0  msiserver - ok
18:12:28.0211 0x14f0  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:12:28.0231 0x14f0  MSKSSRV - ok
18:12:28.0234 0x14f0  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:12:28.0253 0x14f0  MSPCLOCK - ok
18:12:28.0256 0x14f0  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:12:28.0275 0x14f0  MSPQM - ok
18:12:28.0283 0x14f0  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:12:28.0296 0x14f0  MsRPC - ok
18:12:28.0299 0x14f0  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
18:12:28.0305 0x14f0  mssmbios - ok
18:12:28.0308 0x14f0  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:12:28.0328 0x14f0  MSTEE - ok
18:12:28.0330 0x14f0  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
18:12:28.0340 0x14f0  MTConfig - ok
18:12:28.0343 0x14f0  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
18:12:28.0350 0x14f0  Mup - ok
18:12:28.0353 0x14f0  MySQL57 - ok
18:12:28.0362 0x14f0  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
18:12:28.0390 0x14f0  napagent - ok
18:12:28.0397 0x14f0  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:12:28.0412 0x14f0  NativeWifiP - ok
18:12:28.0429 0x14f0  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:12:28.0451 0x14f0  NDIS - ok
18:12:28.0454 0x14f0  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:12:28.0474 0x14f0  NdisCap - ok
18:12:28.0477 0x14f0  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:12:28.0497 0x14f0  NdisTapi - ok
18:12:28.0500 0x14f0  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:12:28.0519 0x14f0  Ndisuio - ok
18:12:28.0524 0x14f0  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:12:28.0546 0x14f0  NdisWan - ok
18:12:28.0549 0x14f0  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:12:28.0568 0x14f0  NDProxy - ok
18:12:28.0571 0x14f0  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:12:28.0591 0x14f0  NetBIOS - ok
18:12:28.0598 0x14f0  [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:12:28.0609 0x14f0  NetBT - ok
18:12:28.0612 0x14f0  [ 07932D7BA536B0BB58306A156A9AFC31, 315AA4503A9C69E476D796C8DC6D4800A623B942C8707A15A94A892E94D123D9 ] Netlogon        C:\Windows\system32\lsass.exe
18:12:28.0619 0x14f0  Netlogon - ok
18:12:28.0626 0x14f0  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
18:12:28.0652 0x14f0  Netman - ok
18:12:28.0657 0x14f0  [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:12:28.0666 0x14f0  NetMsmqActivator - ok
18:12:28.0669 0x14f0  [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:12:28.0677 0x14f0  NetPipeActivator - ok
18:12:28.0686 0x14f0  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
18:12:28.0722 0x14f0  netprofm - ok
18:12:28.0726 0x14f0  [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:12:28.0735 0x14f0  NetTcpActivator - ok
18:12:28.0738 0x14f0  [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:12:28.0746 0x14f0  NetTcpPortSharing - ok
18:12:28.0749 0x14f0  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
18:12:28.0761 0x14f0  nfrd960 - ok
18:12:28.0967 0x14f0  [ 51863664507D84D42DCDA30EE6F284FB, 655DFB2E019E3E5EEF69C90B796F40D74986951BA4A6EA7CDDAE73DAE420FCE9 ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
18:12:29.0227 0x14f0  NIHardwareService - ok
18:12:29.0364 0x14f0  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:12:29.0394 0x14f0  NlaSvc - ok
18:12:29.0400 0x14f0  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:12:29.0429 0x14f0  Npfs - ok
18:12:29.0432 0x14f0  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
18:12:29.0456 0x14f0  nsi - ok
18:12:29.0460 0x14f0  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:12:29.0480 0x14f0  nsiproxy - ok
18:12:29.0508 0x14f0  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:12:29.0543 0x14f0  Ntfs - ok
18:12:29.0547 0x14f0  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
18:12:29.0567 0x14f0  Null - ok
18:12:29.0572 0x14f0  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:12:29.0586 0x14f0  nvraid - ok
18:12:29.0590 0x14f0  [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:12:29.0604 0x14f0  nvstor - ok
18:12:29.0609 0x14f0  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:12:29.0622 0x14f0  nv_agp - ok
18:12:29.0625 0x14f0  [ EF90AFE5F2E710E7D3ADA0C773D293DB, 6C25352B464513EF72FB818F557DBDFE55BDBB9F4C2BE324FAC88DC26BB74E17 ] nxaudio         C:\Windows\system32\drivers\nxaudio.sys
18:12:29.0634 0x14f0  nxaudio - ok
18:12:29.0638 0x14f0  nxdeviced - ok
18:12:29.0640 0x14f0  nxdisplay - ok
18:12:29.0643 0x14f0  [ F539EEF012A5CF40C4925ECA82306577, 1BEBB6C48D43F92D1C8C7F356CE9530B3B4D0622AFE803BB2C9A1ABFC3F064EB ] nxdm            C:\Windows\system32\DRIVERS\nxdm.sys
18:12:29.0653 0x14f0  nxdm - ok
18:12:29.0656 0x14f0  [ 6A2E10A6043F73A8309779CB4A530DC1, 9841C6CA9BB2CF6E1CB00664F13D35E7D244C104968A517277CE9F9B4F1AE405 ] nxfs            C:\Program Files (x86)\NoMachine\bin\drivers\nxdisk\amd64\nxfs.sys
18:12:29.0666 0x14f0  nxfs - ok
18:12:29.0671 0x14f0  [ 0966CDAC2C8B7F864BCEAE90685506F1, 8972EEB06DF78EA0AF41FCA0A0F9EEDC2C5947BB1542F6D349FF936C55D8FA9A ] nxfsd           C:\Program Files (x86)\NoMachine\bin\nxfsd.exe
18:12:29.0686 0x14f0  nxfsd - ok
18:12:29.0691 0x14f0  [ 36FE13CC3D200D414C3AF29FEBFA08E7, FB1C2028AE79AE2AA1D55A1922DE7EDB55ABE108C04865E4D7A2322F3928567D ] nxservice       C:\Program Files (x86)\NoMachine\bin\nxservice.exe
18:12:29.0708 0x14f0  nxservice - ok
18:12:29.0732 0x14f0  [ CBA6C68F8CC7059C96089229B75245D4, C19FEE6CCCA11B9822418C0D1796A91E6BBEF51DEE33FEF04B474F26CCE8B1EA ] nxusbd          C:\Program Files (x86)\NoMachine\bin\nxusbd64.exe
18:12:29.0770 0x14f0  nxusbd - ok
18:12:29.0775 0x14f0  [ 45DE6DACF90B1666D351673B18DCF0D1, D88CBB27AF2614DAAE59E6BC0573B156DE4E206D0BA7DB66C8FF5BE95D0A5E11 ] nxusbf          C:\Program Files (x86)\NoMachine\bin\drivers\nxusb\NT6\amd64\nxusbf.sys
18:12:29.0785 0x14f0  nxusbf - ok
18:12:29.0788 0x14f0  [ FCDC4636F5C44D5A481A6245C7EA2CB7, FC3C94343FCDAA1D02DEFE5D0A17257B76A3AE0F410FEA0AAAD4EF39135BFA45 ] nxusbh          C:\Windows\system32\DRIVERS\nxusbh.sys
18:12:29.0799 0x14f0  nxusbh - ok
18:12:29.0802 0x14f0  [ 4D1F5FE87C61D593FA5E6EAFB0C11C06, F23AF84B112FA8655943021C3F2E9D21BF2EB3BF243881C0E7EB74980AE927FA ] nxusbs          C:\Windows\system32\DRIVERS\nxusbs.sys
18:12:29.0810 0x14f0  nxusbs - ok
18:12:29.0813 0x14f0  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:12:29.0825 0x14f0  ohci1394 - ok
18:12:29.0833 0x14f0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:12:29.0845 0x14f0  p2pimsvc - ok
18:12:29.0854 0x14f0  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
18:12:29.0868 0x14f0  p2psvc - ok
18:12:29.0871 0x14f0  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
18:12:29.0885 0x14f0  Parport - ok
18:12:29.0888 0x14f0  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:12:29.0895 0x14f0  partmgr - ok
18:12:29.0900 0x14f0  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:12:29.0911 0x14f0  PcaSvc - ok
18:12:29.0916 0x14f0  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
18:12:29.0925 0x14f0  pci - ok
18:12:29.0927 0x14f0  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
18:12:29.0936 0x14f0  pciide - ok
18:12:29.0942 0x14f0  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
18:12:29.0957 0x14f0  pcmcia - ok
18:12:29.0960 0x14f0  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:12:29.0967 0x14f0  pcw - ok
18:12:29.0990 0x14f0  [ 20372BE109FEE1C37E2D5216680DB9EB, 2C3737FB3C6BCF81D0A7293667412DDEA649A8AEA40B7ADCFCB9893E8B3C4AF3 ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
18:12:30.0072 0x14f0  PDF Architect Helper Service - ok
18:12:30.0105 0x14f0  [ B90A279073A815A4AA2C45A09EE004FA, 9EA27630C47F5FF99CBBE513C113F3ED01FABA0D59B9D9637764027BCC6EA24A ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
18:12:30.0137 0x14f0  PDF Architect Service - ok
18:12:30.0159 0x14f0  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:12:30.0178 0x14f0  PEAUTH - ok
18:12:30.0201 0x14f0  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
18:12:30.0233 0x14f0  PeerDistSvc - ok
18:12:30.0258 0x14f0  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:12:30.0270 0x14f0  PerfHost - ok
18:12:30.0315 0x14f0  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
18:12:30.0384 0x14f0  pla - ok
18:12:30.0401 0x14f0  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:12:30.0419 0x14f0  PlugPlay - ok
18:12:30.0425 0x14f0  PnkBstrA - ok
18:12:30.0427 0x14f0  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:12:30.0436 0x14f0  PNRPAutoReg - ok
18:12:30.0444 0x14f0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:12:30.0455 0x14f0  PNRPsvc - ok
18:12:30.0477 0x14f0  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:12:30.0493 0x14f0  PolicyAgent - ok
18:12:30.0499 0x14f0  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
18:12:30.0522 0x14f0  Power - ok
18:12:30.0526 0x14f0  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:12:30.0546 0x14f0  PptpMiniport - ok
18:12:30.0549 0x14f0  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
18:12:30.0562 0x14f0  Processor - ok
18:12:30.0568 0x14f0  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:12:30.0580 0x14f0  ProfSvc - ok
18:12:30.0582 0x14f0  [ 07932D7BA536B0BB58306A156A9AFC31, 315AA4503A9C69E476D796C8DC6D4800A623B942C8707A15A94A892E94D123D9 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:12:30.0589 0x14f0  ProtectedStorage - ok
18:12:30.0594 0x14f0  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:12:30.0615 0x14f0  Psched - ok
18:12:30.0641 0x14f0  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
18:12:30.0682 0x14f0  ql2300 - ok
18:12:30.0687 0x14f0  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
18:12:30.0700 0x14f0  ql40xx - ok
18:12:30.0706 0x14f0  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
18:12:30.0721 0x14f0  QWAVE - ok
18:12:30.0724 0x14f0  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:12:30.0735 0x14f0  QWAVEdrv - ok
18:12:30.0738 0x14f0  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:12:30.0759 0x14f0  RasAcd - ok
18:12:30.0762 0x14f0  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:12:30.0783 0x14f0  RasAgileVpn - ok
18:12:30.0787 0x14f0  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
18:12:30.0810 0x14f0  RasAuto - ok
18:12:30.0814 0x14f0  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:12:30.0835 0x14f0  Rasl2tp - ok
18:12:30.0843 0x14f0  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
18:12:30.0869 0x14f0  RasMan - ok
18:12:30.0872 0x14f0  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:12:30.0894 0x14f0  RasPppoe - ok
18:12:30.0897 0x14f0  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:12:30.0919 0x14f0  RasSstp - ok
18:12:30.0927 0x14f0  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:12:30.0951 0x14f0  rdbss - ok
18:12:30.0954 0x14f0  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:12:30.0967 0x14f0  rdpbus - ok
18:12:30.0970 0x14f0  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:12:30.0990 0x14f0  RDPCDD - ok
18:12:30.0996 0x14f0  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
18:12:31.0008 0x14f0  RDPDR - ok
18:12:31.0010 0x14f0  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:12:31.0031 0x14f0  RDPENCDD - ok
18:12:31.0035 0x14f0  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:12:31.0056 0x14f0  RDPREFMP - ok
18:12:31.0062 0x14f0  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:12:31.0074 0x14f0  RDPWD - ok
18:12:31.0079 0x14f0  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:12:31.0089 0x14f0  rdyboost - ok
18:12:31.0093 0x14f0  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:12:31.0116 0x14f0  RemoteAccess - ok
18:12:31.0121 0x14f0  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:12:31.0146 0x14f0  RemoteRegistry - ok
18:12:31.0160 0x14f0  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:12:31.0230 0x14f0  RpcEptMapper - ok
18:12:31.0239 0x14f0  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
18:12:31.0258 0x14f0  RpcLocator - ok
18:12:31.0328 0x14f0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
18:12:31.0355 0x14f0  RpcSs - ok
18:12:31.0374 0x14f0  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:12:31.0401 0x14f0  rspndr - ok
18:12:31.0414 0x14f0  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
18:12:31.0433 0x14f0  s3cap - ok
18:12:31.0445 0x14f0  [ 07932D7BA536B0BB58306A156A9AFC31, 315AA4503A9C69E476D796C8DC6D4800A623B942C8707A15A94A892E94D123D9 ] SamSs           C:\Windows\system32\lsass.exe
18:12:31.0453 0x14f0  SamSs - ok
18:12:31.0467 0x14f0  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:12:31.0490 0x14f0  sbp2port - ok
18:12:31.0509 0x14f0  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:12:31.0546 0x14f0  SCardSvr - ok
18:12:31.0557 0x14f0  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:12:31.0580 0x14f0  scfilter - ok
18:12:31.0654 0x14f0  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
18:12:31.0712 0x14f0  Schedule - ok
18:12:31.0716 0x14f0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:12:31.0736 0x14f0  SCPolicySvc - ok
18:12:31.0741 0x14f0  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:12:31.0752 0x14f0  SDRSVC - ok
18:12:31.0755 0x14f0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:12:31.0766 0x14f0  secdrv - ok
18:12:31.0768 0x14f0  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
18:12:31.0776 0x14f0  seclogon - ok
18:12:31.0779 0x14f0  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
18:12:31.0800 0x14f0  SENS - ok
18:12:31.0803 0x14f0  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:12:31.0812 0x14f0  SensrSvc - ok
18:12:31.0814 0x14f0  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:12:31.0825 0x14f0  Serenum - ok
18:12:31.0828 0x14f0  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
18:12:31.0841 0x14f0  Serial - ok
18:12:31.0844 0x14f0  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
18:12:31.0855 0x14f0  sermouse - ok
18:12:31.0862 0x14f0  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
18:12:31.0884 0x14f0  SessionEnv - ok
18:12:31.0886 0x14f0  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:12:31.0898 0x14f0  sffdisk - ok
18:12:31.0900 0x14f0  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:12:31.0912 0x14f0  sffp_mmc - ok
18:12:31.0915 0x14f0  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:12:31.0926 0x14f0  sffp_sd - ok
18:12:31.0929 0x14f0  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
18:12:31.0939 0x14f0  sfloppy - ok
18:12:31.0946 0x14f0  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:12:31.0972 0x14f0  SharedAccess - ok
18:12:31.0980 0x14f0  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:12:32.0006 0x14f0  ShellHWDetection - ok
18:12:32.0009 0x14f0  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
18:12:32.0020 0x14f0  SiSRaid2 - ok
18:12:32.0025 0x14f0  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
18:12:32.0037 0x14f0  SiSRaid4 - ok
18:12:32.0050 0x14f0  [ 4E6FAEE3F259DAC82213D935785991FB, ADA019AD261BBEAE78495B508B4D375BEC1005DF119F20897D29C3C613A0CA46 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:12:32.0068 0x14f0  SkypeUpdate - ok
18:12:32.0074 0x14f0  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:12:32.0098 0x14f0  Smb - ok
18:12:32.0103 0x14f0  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:12:32.0111 0x14f0  SNMPTRAP - ok
18:12:32.0118 0x14f0  [ 21FF393512F51F5A98620C794B4488A3, 8A35923D3D6993FC014D86F0F7BD5C106586824DB8D26C04DC2AD0B8ED13ED20 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
18:12:32.0132 0x14f0  Sony PC Companion - ok
18:12:32.0135 0x14f0  [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan        C:\Windows\syswow64\speedfan.sys
18:12:32.0145 0x14f0  speedfan - ok
18:12:32.0148 0x14f0  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:12:32.0154 0x14f0  spldr - ok
18:12:32.0171 0x14f0  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
18:12:32.0198 0x14f0  Spooler - ok
18:12:32.0280 0x14f0  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
18:12:32.0366 0x14f0  sppsvc - ok
18:12:32.0373 0x14f0  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:12:32.0397 0x14f0  sppuinotify - ok
18:12:32.0406 0x14f0  [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:12:32.0427 0x14f0  srv - ok
18:12:32.0435 0x14f0  [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:12:32.0455 0x14f0  srv2 - ok
18:12:32.0460 0x14f0  [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:12:32.0473 0x14f0  srvnet - ok
18:12:32.0479 0x14f0  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:12:32.0501 0x14f0  SSDPSRV - ok
18:12:32.0505 0x14f0  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:12:32.0526 0x14f0  SstpSvc - ok
18:12:32.0549 0x14f0  [ 04F9B53224689BB3638CC2D3DA721E5C, D073C8D5CEFD59CC3D4834A6B92EA8FE113A73C400C27BB6B3D215522FAE17C3 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
18:12:32.0591 0x14f0  Steam Client Service - ok
18:12:32.0595 0x14f0  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
18:12:32.0607 0x14f0  stexstor - ok
18:12:32.0623 0x14f0  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
18:12:32.0644 0x14f0  stisvc - ok
18:12:32.0647 0x14f0  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
18:12:32.0657 0x14f0  storflt - ok
18:12:32.0660 0x14f0  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
18:12:32.0668 0x14f0  StorSvc - ok
18:12:32.0670 0x14f0  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
18:12:32.0680 0x14f0  storvsc - ok
18:12:32.0683 0x14f0  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
18:12:32.0691 0x14f0  swenum - ok
18:12:32.0702 0x14f0  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
18:12:32.0736 0x14f0  swprv - ok
18:12:32.0741 0x14f0  [ BCB6AA197267D3506BE2535342FC40E0, 562154EEFEB433680C19CE07A1D0E1058977A25367775061544F2A66439F4400 ] SynUSB64        C:\Windows\system32\DRIVERS\SynUSB64.sys
18:12:32.0747 0x14f0  SynUSB64 - ok
18:12:32.0796 0x14f0  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
18:12:32.0857 0x14f0  SysMain - ok
18:12:32.0864 0x14f0  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:12:32.0878 0x14f0  TabletInputService - ok
18:12:32.0882 0x14f0  [ B08740047145B9BCE15BF75CA0F9718A, 3E2A8A5A2A4DC4D0F05E22EA2C0EBD85AA5C7C6854E873D53538D1F54B8F7C63 ] tap0901t        C:\Windows\system32\DRIVERS\tap0901t.sys
18:12:32.0893 0x14f0  tap0901t - detected UnsignedFile.Multi.Generic ( 1 )
18:12:32.0972 0x14f0  Detect skipped due to KSN trusted
18:12:32.0972 0x14f0  tap0901t - ok
18:12:32.0980 0x14f0  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:12:33.0006 0x14f0  TapiSrv - ok
18:12:33.0015 0x14f0  [ 40AEF344E856C4FC7DF9A9F3793B2CBE, 0F2C7A7DFE97BA6221096809CA98E8B8C6DEC12A0C600A28415F0B7AE4C7BC47 ] TASCAM_US122144 C:\Windows\system32\Drivers\tascusb2.sys
18:12:33.0032 0x14f0  TASCAM_US122144 - ok
18:12:33.0036 0x14f0  [ 2D7944EF798E9276AFFA3A896B97AA11, 679AB9FB568B495264FB0FC0DB7D47F7C8BBA13BDA072B89C7D4411D47070C1E ] TASCAM_US122L_WDM C:\Windows\system32\drivers\tscusb2a.sys
18:12:33.0045 0x14f0  TASCAM_US122L_WDM - ok
18:12:33.0049 0x14f0  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
18:12:33.0070 0x14f0  TBS - ok
18:12:33.0100 0x14f0  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:12:33.0139 0x14f0  Tcpip - ok
18:12:33.0253 0x14f0  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:12:33.0286 0x14f0  TCPIP6 - ok
18:12:33.0296 0x14f0  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:12:33.0332 0x14f0  tcpipreg - ok
18:12:33.0341 0x14f0  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:12:33.0357 0x14f0  TDPIPE - ok
18:12:33.0370 0x14f0  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:12:33.0393 0x14f0  TDTCP - ok
18:12:33.0407 0x14f0  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:12:33.0427 0x14f0  tdx - ok
18:12:33.0440 0x14f0  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
18:12:33.0451 0x14f0  TermDD - ok
18:12:33.0502 0x14f0  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
18:12:33.0544 0x14f0  TermService - ok
18:12:33.0551 0x14f0  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
18:12:33.0567 0x14f0  Themes - ok
18:12:33.0577 0x14f0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
18:12:33.0598 0x14f0  THREADORDER - ok
18:12:33.0605 0x14f0  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
18:12:33.0629 0x14f0  TrkWks - ok
18:12:33.0649 0x14f0  [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt       C:\Windows\system32\drivers\truecrypt.sys
18:12:33.0663 0x14f0  truecrypt - ok
18:12:33.0670 0x14f0  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:12:33.0692 0x14f0  TrustedInstaller - ok
18:12:33.0696 0x14f0  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:12:33.0703 0x14f0  tssecsrv - ok
18:12:33.0706 0x14f0  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:12:33.0714 0x14f0  TsUsbFlt - ok
18:12:33.0716 0x14f0  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
18:12:33.0728 0x14f0  TsUsbGD - ok
18:12:33.0732 0x14f0  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:12:33.0753 0x14f0  tunnel - ok
18:12:33.0766 0x14f0  [ 9B67EEB5ECCA7E7A57942D967DD59089, 6CD1575BB52A936875DB6E2EA541C7630CF1B0BC4947A5B12356F7C493316324 ] TunngleService  C:\Program Files (x86)\Tunngle\TnglCtrl.exe
18:12:33.0821 0x14f0  TunngleService - detected UnsignedFile.Multi.Generic ( 1 )
18:12:33.0900 0x14f0  Detect skipped due to KSN trusted
18:12:33.0900 0x14f0  TunngleService - ok
18:12:33.0904 0x14f0  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
18:12:33.0916 0x14f0  uagp35 - ok
18:12:33.0931 0x14f0  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:12:33.0964 0x14f0  udfs - ok
18:12:33.0970 0x14f0  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:12:33.0987 0x14f0  UI0Detect - ok
18:12:33.0993 0x14f0  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:12:34.0009 0x14f0  uliagpkx - ok
18:12:34.0012 0x14f0  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
18:12:34.0025 0x14f0  umbus - ok
18:12:34.0027 0x14f0  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
18:12:34.0037 0x14f0  UmPass - ok
18:12:34.0043 0x14f0  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
18:12:34.0054 0x14f0  UmRdpService - ok
18:12:34.0062 0x14f0  [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:12:34.0085 0x14f0  UNS - ok
18:12:34.0093 0x14f0  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
18:12:34.0118 0x14f0  upnphost - ok
18:12:34.0123 0x14f0  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
18:12:34.0137 0x14f0  usbaudio - ok
18:12:34.0140 0x14f0  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:12:34.0155 0x14f0  usbccgp - ok
18:12:34.0158 0x14f0  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:12:34.0172 0x14f0  usbcir - ok
18:12:34.0175 0x14f0  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
18:12:34.0186 0x14f0  usbehci - ok
18:12:34.0193 0x14f0  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:12:34.0212 0x14f0  usbhub - ok
18:12:34.0214 0x14f0  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:12:34.0225 0x14f0  usbohci - ok
18:12:34.0227 0x14f0  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
18:12:34.0240 0x14f0  usbprint - ok
18:12:34.0243 0x14f0  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:12:34.0256 0x14f0  USBSTOR - ok
18:12:34.0258 0x14f0  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
18:12:34.0269 0x14f0  usbuhci - ok
18:12:34.0272 0x14f0  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
18:12:34.0282 0x14f0  usb_rndisx - ok
18:12:34.0285 0x14f0  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
18:12:34.0306 0x14f0  UxSms - ok
18:12:34.0309 0x14f0  [ 07932D7BA536B0BB58306A156A9AFC31, 315AA4503A9C69E476D796C8DC6D4800A623B942C8707A15A94A892E94D123D9 ] VaultSvc        C:\Windows\system32\lsass.exe
18:12:34.0316 0x14f0  VaultSvc - ok
18:12:34.0319 0x14f0  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:12:34.0330 0x14f0  vdrvroot - ok
18:12:34.0341 0x14f0  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
18:12:34.0371 0x14f0  vds - ok
18:12:34.0374 0x14f0  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:12:34.0386 0x14f0  vga - ok
18:12:34.0389 0x14f0  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:12:34.0409 0x14f0  VgaSave - ok
18:12:34.0414 0x14f0  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:12:34.0430 0x14f0  vhdmp - ok
18:12:34.0466 0x14f0  [ 3CCC0D9607419AC28B4216C18F6FA5E9, D51049B48EAC426C78C0651630BE6995E78E3E0E045AA4A8C7285A9941BF22A3 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
18:12:34.0508 0x14f0  VIAHdAudAddService - ok
18:12:34.0512 0x14f0  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:12:34.0522 0x14f0  viaide - ok
18:12:34.0525 0x14f0  [ 888450E821E7A66CB8A4E5B7A01BA5C5, 9D78E82F533D045CB47E4BF452C1BF3F5451A71171D7D11E744CFA03C154D242 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
18:12:34.0535 0x14f0  VIAKaraokeService - ok
18:12:34.0541 0x14f0  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
18:12:34.0557 0x14f0  vmbus - ok
18:12:34.0560 0x14f0  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
18:12:34.0570 0x14f0  VMBusHID - ok
18:12:34.0573 0x14f0  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:12:34.0585 0x14f0  volmgr - ok
18:12:34.0592 0x14f0  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:12:34.0605 0x14f0  volmgrx - ok
18:12:34.0611 0x14f0  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:12:34.0628 0x14f0  volsnap - ok
18:12:34.0635 0x14f0  [ B4A73CA4EF9A02B9738CEA9AD5FE5917, B6A8086189FE2F1C3FE5B3F484FBA3DB2E5E1836F3154D30090F136C27D16166 ] vpcbus          C:\Windows\system32\DRIVERS\vpchbus.sys
18:12:34.0648 0x14f0  vpcbus - ok
18:12:34.0651 0x14f0  [ E675FB2B48C54F09895482E2253B289C, 68BBFBF2356C849722E429CA753CC309A3CCE8CF00EBDBBD2695ECD292324DF2 ] vpcnfltr        C:\Windows\system32\DRIVERS\vpcnfltr.sys
18:12:34.0660 0x14f0  vpcnfltr - ok
18:12:34.0664 0x14f0  [ 5FB42082B0D19A0268705F1DD343DF20, 62F8EEE6A507CE6A8BD638020118D71B78332F79BA82654AB702AE46B04767D9 ] vpcusb          C:\Windows\system32\DRIVERS\vpcusb.sys
18:12:34.0676 0x14f0  vpcusb - ok
18:12:34.0685 0x14f0  [ 207B6539799CC1C112661A9B620DD233, 6B915CC7F77C867516D94865D7BF2E5C815402EF0A4488C3EB2FEF7CFA6C98F6 ] vpcvmm          C:\Windows\system32\drivers\vpcvmm.sys
18:12:34.0696 0x14f0  vpcvmm - ok
18:12:34.0701 0x14f0  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
18:12:34.0714 0x14f0  vsmraid - ok
18:12:34.0740 0x14f0  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
18:12:34.0788 0x14f0  VSS - ok
18:12:34.0793 0x14f0  [ 19D2D8B9F506193A191A8CFD14435ED1, 3359D167B314E14D6E99CA5C79BB5A1C2CEE88823346DD96C4F1B7CD4A2A5D2E ] VSStandardCollectorService140 C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe
18:12:34.0806 0x14f0  VSStandardCollectorService140 - ok
18:12:34.0809 0x14f0  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
18:12:34.0819 0x14f0  vwifibus - ok
18:12:34.0827 0x14f0  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
18:12:34.0854 0x14f0  W32Time - ok
18:12:34.0858 0x14f0  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
18:12:34.0869 0x14f0  WacomPen - ok
18:12:34.0872 0x14f0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:12:34.0892 0x14f0  WANARP - ok
18:12:34.0895 0x14f0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:12:34.0915 0x14f0  Wanarpv6 - ok
18:12:34.0951 0x14f0  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
18:12:35.0013 0x14f0  wbengine - ok
18:12:35.0028 0x14f0  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:12:35.0051 0x14f0  WbioSrvc - ok
18:12:35.0059 0x14f0  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:12:35.0076 0x14f0  wcncsvc - ok
18:12:35.0079 0x14f0  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:12:35.0088 0x14f0  WcsPlugInService - ok
18:12:35.0091 0x14f0  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
18:12:35.0102 0x14f0  Wd - ok
18:12:35.0116 0x14f0  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:12:35.0137 0x14f0  Wdf01000 - ok
18:12:35.0141 0x14f0  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:12:35.0356 0x14f0  WdiServiceHost - ok
18:12:35.0364 0x14f0  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:12:35.0377 0x14f0  WdiSystemHost - ok
18:12:35.0392 0x14f0  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
18:12:35.0410 0x14f0  WebClient - ok
18:12:35.0420 0x14f0  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:12:35.0451 0x14f0  Wecsvc - ok
18:12:35.0459 0x14f0  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:12:35.0485 0x14f0  wercplsupport - ok
18:12:35.0488 0x14f0  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:12:35.0512 0x14f0  WerSvc - ok
18:12:35.0514 0x14f0  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:12:35.0534 0x14f0  WfpLwf - ok
18:12:35.0537 0x14f0  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:12:35.0543 0x14f0  WIMMount - ok
18:12:35.0545 0x14f0  WinDefend - ok
18:12:35.0549 0x14f0  WinHttpAutoProxySvc - ok
18:12:35.0558 0x14f0  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:12:35.0582 0x14f0  Winmgmt - ok
18:12:35.0617 0x14f0  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
18:12:35.0677 0x14f0  WinRM - ok
18:12:35.0683 0x14f0  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
18:12:35.0697 0x14f0  WinUsb - ok
18:12:35.0712 0x14f0  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:12:35.0741 0x14f0  Wlansvc - ok
18:12:35.0815 0x14f0  [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:12:35.0892 0x14f0  wlidsvc - ok
18:12:35.0896 0x14f0  [ 680A7846370000D20D7E74917D5B7936, 55B77B358039672845D361CA4205F3482D1F30A4654B610FD785A1337EFDC316 ] WmBEnum         C:\Windows\system32\drivers\WmBEnum.sys
18:12:35.0906 0x14f0  WmBEnum - ok
18:12:35.0909 0x14f0  [ 14C35BA8189C6F65D839163AA285E954, 8981AA488320C75E26E1ABDF884B721A4065F5D28F54782598B03F21B8CDC020 ] WmFilter        C:\Windows\system32\drivers\WmFilter.sys
18:12:35.0919 0x14f0  WmFilter - ok
18:12:35.0922 0x14f0  [ AC4331AF118A720F13C9C5CABBFE27BD, 2C5F453996B00078F3E8E731F6B3DD4529831BDA2146EAFC66727C9460E85112 ] WmHidLo         C:\Windows\system32\drivers\WmHidLo.sys
18:12:35.0932 0x14f0  WmHidLo - ok
18:12:35.0934 0x14f0  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
18:12:35.0945 0x14f0  WmiAcpi - ok
18:12:35.0952 0x14f0  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:12:35.0964 0x14f0  wmiApSrv - ok
18:12:35.0966 0x14f0  WMPNetworkSvc - ok
18:12:35.0969 0x14f0  [ 8488DD91A3EE54A8E29F02AD7BB8201E, D428ED991D9E4A8765C240B21884A262854278698D60862117AC5949713231F9 ] WmVirHid        C:\Windows\system32\drivers\WmVirHid.sys
18:12:35.0977 0x14f0  WmVirHid - ok
18:12:35.0980 0x14f0  [ 14802B3A30AA849C97CB968CCC813BF3, 330AD828ABD040ECDBF58F7162978CD61BFC093CAD404FD2BCAC74E3F2EC542A ] WmXlCore        C:\Windows\system32\drivers\WmXlCore.sys
18:12:35.0990 0x14f0  WmXlCore - ok
18:12:35.0993 0x14f0  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:12:36.0001 0x14f0  WPCSvc - ok
18:12:36.0005 0x14f0  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:12:36.0018 0x14f0  WPDBusEnum - ok
18:12:36.0020 0x14f0  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:12:36.0042 0x14f0  ws2ifsl - ok
18:12:36.0046 0x14f0  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
18:12:36.0057 0x14f0  wscsvc - ok
18:12:36.0059 0x14f0  WSearch - ok
18:12:36.0101 0x14f0  [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:12:36.0154 0x14f0  wuauserv - ok
18:12:36.0159 0x14f0  [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:12:36.0180 0x14f0  WudfPf - ok
18:12:36.0185 0x14f0  [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:12:36.0207 0x14f0  WUDFRd - ok
18:12:36.0211 0x14f0  [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:12:36.0232 0x14f0  wudfsvc - ok
18:12:36.0238 0x14f0  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:12:36.0335 0x14f0  WwanSvc - ok
18:12:36.0349 0x14f0  [ 4A5CE13408945E525503B5F73D29B9C5, D58BB31AF17752508EA67931BF170CE46877DC204FC5DA7EED5A078AEB0CA0FD ] xnacc           C:\Windows\system32\DRIVERS\xnacc.sys
18:12:36.0378 0x14f0  xnacc - ok
18:12:36.0383 0x14f0  [ 2C6BC21B2D5B58D8B1D638C1704CB494, 0AABCEB627E274E338DDD9BA664BAA128D7C00AF04C95C776C2AFFA6BB17F680 ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
18:12:36.0394 0x14f0  xusb21 - ok
18:12:36.0397 0x14f0  ================ Scan global ===============================
18:12:36.0400 0x14f0  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
18:12:36.0406 0x14f0  [ B96D67F1BF78F1005B9D77EA7889F2B8, CD4A75C306E5B2A0898849DC8700548AE2771F6D3618ACB2E8A1A1DB04224B49 ] C:\Windows\system32\winsrv.dll
18:12:36.0415 0x14f0  [ B96D67F1BF78F1005B9D77EA7889F2B8, CD4A75C306E5B2A0898849DC8700548AE2771F6D3618ACB2E8A1A1DB04224B49 ] C:\Windows\system32\winsrv.dll
18:12:36.0421 0x14f0  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:12:36.0428 0x14f0  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
18:12:36.0433 0x14f0  [ Global ] - ok
18:12:36.0433 0x14f0  ================ Scan MBR ==================================
18:12:36.0434 0x14f0  [ EA923EB0EC0060F1451E9AD7B5762CFE ] \Device\Harddisk2\DR2
18:12:36.0451 0x14f0  \Device\Harddisk2\DR2 - ok
18:12:36.0476 0x14f0  [ EA923EB0EC0060F1451E9AD7B5762CFE ] \Device\Harddisk0\DR0
18:12:36.0539 0x14f0  \Device\Harddisk0\DR0 - ok
18:12:36.0542 0x14f0  [ EA923EB0EC0060F1451E9AD7B5762CFE ] \Device\Harddisk1\DR1
18:12:36.0560 0x14f0  \Device\Harddisk1\DR1 - ok
18:12:36.0560 0x14f0  ================ Scan VBR ==================================
18:12:36.0562 0x14f0  [ C6FDB0B8C95363488A7CB458D9F2C099 ] \Device\Harddisk2\DR2\Partition1
18:12:36.0563 0x14f0  \Device\Harddisk2\DR2\Partition1 - ok
18:12:36.0565 0x14f0  [ 78248127D91A52A8931C171D78F99C7C ] \Device\Harddisk2\DR2\Partition2
18:12:36.0566 0x14f0  \Device\Harddisk2\DR2\Partition2 - ok
18:12:36.0567 0x14f0  [ 7152AE12BABD80B805B99C950D8D8C8A ] \Device\Harddisk0\DR0\Partition1
18:12:36.0568 0x14f0  \Device\Harddisk0\DR0\Partition1 - ok
18:12:36.0569 0x14f0  [ AE46E072AF1A2BD6BB1C4C6F09B153E2 ] \Device\Harddisk0\DR0\Partition2
18:12:36.0570 0x14f0  \Device\Harddisk0\DR0\Partition2 - ok
18:12:36.0571 0x14f0  [ 336709E644633B02B90210B427D8AFB5 ] \Device\Harddisk1\DR1\Partition1
18:12:36.0572 0x14f0  \Device\Harddisk1\DR1\Partition1 - ok
18:12:36.0572 0x14f0  ================ Scan generic autorun ======================
18:12:36.0781 0x14f0  [ 19ECAAEA3CC248489FE987C10B688C0D, 967CB23A8176B3181EE2A55DFBB04A69988AB22105D4C450C5B5E729B91FAD5A ] C:\Program Files\Logitech Gaming Software\LCore.exe
18:12:37.0040 0x14f0  Launch LCore - ok
18:12:37.0068 0x14f0  [ 66598E7BC1960E5E57A646B69671182F, A6B5008742A3E5C506C870CBA27711AF6F25B840E7B869FB33E9C080A4917C76 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
18:12:37.0093 0x14f0  avgnt - ok
18:12:37.0109 0x14f0  [ C5F49EEBA10F86A5AF1C2D7B126A90FF, 1DFDB5A14FAE540634A8F9A724EB3036536B6B3FBE130172BA7226C4113D3B86 ] C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe
18:12:37.0124 0x14f0  ContentTransferWMDetector.exe - ok
18:12:37.0128 0x14f0  [ E127B5D81CE968CD3858AF6BDCADEC7C, AF426B8259E2801679A8E3FAE42B617D0DA1D4E834DF0F7B1FD93AB5E64CBE34 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
18:12:37.0138 0x14f0  Avira SystrayStartTrigger - ok
18:12:37.0164 0x14f0  [ 6EACC43D0542EF88226FB34B0B12EDB0, 6345E4B49D7F804F6DE042F981AB172822B6AB74C42209BEFB0582B019430884 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
18:12:37.0187 0x14f0  SunJavaUpdateSched - ok
18:12:37.0190 0x14f0  [ 6A188ECFCA5A2A6F41CA145FC93F96A6, 48D70FAA4C4F6F1F6542E2C54085857CE6906A69C0412E8A08BF69010FDF07CF ] C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe
18:12:37.0198 0x14f0  EasyTuneVI - detected UnsignedFile.Multi.Generic ( 1 )
18:12:37.0280 0x14f0  Detect skipped due to KSN trusted
18:12:37.0280 0x14f0  EasyTuneVI - ok
18:12:37.0289 0x14f0  [ 297C1BDCC26ADB339D4C0F0550E434D6, EFF4EC2543421BE537B1EDC8E88CFF7C529F3774F54BD9A71CCDB33EE9ED6370 ] C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe
18:12:37.0314 0x14f0   Malwarebytes Anti-Malware  (cleanup) - ok
18:12:37.0341 0x14f0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:12:37.0389 0x14f0  Sidebar - ok
18:12:37.0393 0x14f0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:12:37.0405 0x14f0  mctadmin - ok
18:12:37.0425 0x14f0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:12:37.0448 0x14f0  Sidebar - ok
18:12:37.0452 0x14f0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:12:37.0463 0x14f0  mctadmin - ok
18:12:37.0522 0x14f0  [ AFE3883FB37A5567C913E7DFCF2924A5, 3CA38EE302E0FF343DB87AE90DA868DCE5B7B490C2AA32164AF8DD4773482265 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
18:12:37.0583 0x14f0  DAEMON Tools Lite - ok
18:12:37.0587 0x14f0  Spybot-S&D Cleaning - ok
18:12:37.0597 0x14f0  [ E8405C87CD06FF5D69BC6F3B24D766D0, C82171BEDBFE593A04D09C2E20B0528AA3CEC722D6919F8A5C70C6EFFB9EFEAE ] C:\Users\*****\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
18:12:37.0764 0x14f0  AmazonMP3DownloaderHelper - ok
18:12:37.0765 0x14f0  SandboxieControl - ok
18:12:37.0780 0x14f0  [ AD2B04882D0DE3976628CCAA53436E5D, 3F84A02721761EB793FAFA926358D73F90EC168C75FB88F62D1A6FDBE9D96BEF ] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
18:12:37.0804 0x14f0  HydraVisionDesktopManager - detected UnsignedFile.Multi.Generic ( 1 )
18:12:38.0005 0x14f0  Detect skipped due to KSN trusted
18:12:38.0005 0x14f0  HydraVisionDesktopManager - ok
18:12:38.0045 0x14f0  [ 49610A409DFAE252AE6A07E400013178, 4191C5BF1BF0E029F58F71BC9B06C1A817FA6250EC6F33C6C680EDE4A2B47F19 ] C:\Users\*****\AppData\Roaming\Spotify\SpotifyWebHelper.exe
18:12:38.0084 0x14f0  Spotify Web Helper - ok
18:12:38.0089 0x14f0  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe
18:12:38.0096 0x14f0  Dropbox Update - ok
18:12:38.0197 0x14f0  [ F38F205DB8CD54351735E3FECBB78788, 1E3577CD1D12B9AD44D2675267D6322114B4FBD06754BA1C80908E3C74BBCCAA ] C:\Users\*****\AppData\Roaming\Spotify\Spotify.exe
18:12:38.0296 0x14f0  Spotify - ok
18:12:38.0310 0x14f0  [ 89CACBC5A5D9F14AD11F09D1DE49294E, 5D9F810E57527ED9E95BB208DBA13D25AF64346B298C1C793335775F9AED21C7 ] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
18:12:38.0321 0x14f0  Sony PC Companion - ok
18:12:38.0325 0x14f0  [ 50FCC5C822A6B4FC6F377EE9F9F37C7B, 57BD4032367D91EF19931E927127AA1D54DA6118B36C219B0FFD95326A2FFCA0 ] C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe
18:12:38.0340 0x14f0  Google Update - ok
18:12:38.0342 0x14f0  Discord - ok
18:12:38.0359 0x14f0  [ 89CACBC5A5D9F14AD11F09D1DE49294E, 5D9F810E57527ED9E95BB208DBA13D25AF64346B298C1C793335775F9AED21C7 ] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
18:12:38.0370 0x14f0  Sony PC Companion - ok
18:12:38.0395 0x14f0  [ 981FE670A8D36E9F43A74FAE1218F080, 84EFCC024B5F6DE6554C40033462B21CA550A240C84E46B36EBB972799AA8A8B ] C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySqlNotifier.exe
18:12:38.0441 0x14f0  MySQL Notifier - detected UnsignedFile.Multi.Generic ( 1 )
18:12:38.0534 0x14f0  Detect skipped due to KSN trusted
18:12:38.0534 0x14f0  MySQL Notifier - ok
18:12:38.0568 0x14f0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:12:38.0599 0x14f0  Sidebar - ok
18:12:38.0603 0x14f0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:12:38.0614 0x14f0  mctadmin - ok
18:12:38.0614 0x14f0  Waiting for KSN requests completion. In queue: 139
18:12:44.0770 0x14f0  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.20.55 ), 0x41000 ( enabled : updated )
18:12:44.0784 0x14f0  Win FW state via NFP2: enabled ( trusted )
18:12:44.0873 0x14f0  ============================================================
18:12:44.0873 0x14f0  Scan finished
18:12:44.0873 0x14f0  ============================================================
18:12:44.0878 0x12b4  Detected object count: 1
18:12:44.0878 0x12b4  Actual detected object count: 1
18:13:33.0536 0x12b4  BEService ( UnsignedFile.Multi.Generic ) - skipped by user
18:13:33.0536 0x12b4  BEService ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Alt 08.10.2016, 15:14   #11
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Backdoor "BDS/Cycbotcfg" in Firefox Cache gefunden - Standard

Backdoor "BDS/Cycbotcfg" in Firefox Cache gefunden



Jetzt bitte Suchscan durchführen:

Schritt 1

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 08.10.2016, 23:23   #12
Esdeh
 
Backdoor "BDS/Cycbotcfg" in Firefox Cache gefunden - Standard

Backdoor "BDS/Cycbotcfg" in Firefox Cache gefunden



ESET Scan Log:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=279bbcf854749a4baf9b7313f6688845
# end=init
# utc_time=2016-10-08 05:18:04
# local_time=2016-10-08 07:18:04 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 31012
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=279bbcf854749a4baf9b7313f6688845
# end=updated
# utc_time=2016-10-08 05:19:48
# local_time=2016-10-08 07:19:48 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=279bbcf854749a4baf9b7313f6688845
# engine=31012
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-10-08 08:56:14
# local_time=2016-10-08 10:56:14 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Antivirus'
# compatibility_mode=1815 16777213 100 98 13348 68736436 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 102501604 227590024 0 0
# scanned=1723865
# found=8
# cleaned=0
# scan_time=12984
sh=A65519AFD5F278CA041AF46B50E508972FBEB01C ft=1 fh=740d70e088a57dbd vn="Variante von Win32/DepoDownloader.A evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-2919925435-3243357412-1734966863-1000\$RN5PQ18.exe"
sh=928A536FBFF196495B90E4BD51B932485B84A099 ft=1 fh=748b6a41a833329e vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\*****\AppData\Local\Temp\DMR\dmr_72.exe"
sh=B49883F9F0353B15AEE87E3BFA81E3055C3B2363 ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\2b5e33.msi"
sh=1A7335815425735F5BFE075D7AB232A2237CCD1F ft=1 fh=4869d065c1b4e7e5 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="F:\Downloads_Temp\Android SDK - CHIP-Installer.exe"
sh=17D512BDA0E1FAA882FAF1875AC6166B3DE8AE29 ft=1 fh=7391b3e125e390de vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="F:\Downloads_Temp\Steam Mover - CHIP-Installer.exe"
sh=5AE9389D5BF50B07173944F3041D33B3C11E7078 ft=1 fh=cac44e7c9517d797 vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="F:\Setups\Musik Video\Setup_FreeFlvConverter.exe"
sh=1534373A7B6D68811F74C848937BC2E1A721611B ft=1 fh=e1b9a4173fb1f469 vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="F:\Setups\Spiele\Tools\gamebooster22.exe"
sh=25734F71E80826BFB3BAD0744574B15101BA7219 ft=1 fh=53a07840ccf7e54f vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="F:\Stick\Grundausstattung\cdex_170b2_enu.exe"
         
Sieht für meine Laienaugen nach nem Haufen Fehlalarme aus...

Alt 09.10.2016, 17:56   #13
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Backdoor "BDS/Cycbotcfg" in Firefox Cache gefunden - Standard

Backdoor "BDS/Cycbotcfg" in Firefox Cache gefunden



Nee, keine Fehlalarme. Der Chip-Installer wird nicht ohne Grund detektiert...

Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?

Schritt 1



Bitte starte FRST erneut, und drücke auf Untersuchen.
Bitte poste mir den Inhalt des Logs.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 09.10.2016, 18:05   #14
Esdeh
 
Backdoor "BDS/Cycbotcfg" in Firefox Cache gefunden - Standard

Backdoor "BDS/Cycbotcfg" in Firefox Cache gefunden



Keine Probleme. Gab auch nie welche, nur eben dass Avira mich alarmiert hat. Aber keine erkennbaren Anzeichen, dass irgendwer oder irgendwas auf meinem PC sein Unwesen treibt.

FRST Log #2:


FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 04-10-2016
durchgeführt von Admin (Administrator) auf STV-DESKTOP (09-10-2016 18:01:55)
Gestartet von C:\Users\*****\Desktop
Geladene Profile: ***** & Admin (Verfügbare Profile: ***** & Admin & nx)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
() C:\Users\*****\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Spotify Ltd) C:\Users\*****\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Hammer & Chisel, Inc.) C:\Users\*****\AppData\Local\Discord\app-0.0.296\Discord.exe
(Dropbox, Inc.) C:\Users\*****\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Hammer & Chisel, Inc.) C:\Users\*****\AppData\Local\Discord\app-0.0.296\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\*****\AppData\Local\Discord\app-0.0.296\Discord.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Last.fm) C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-14] (Logitech Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [917584 2016-10-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ContentTransferWMDetector.exe] => C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe [423200 2008-07-11] (Sony Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-08-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM-x32\...\RunOnce: [EasyTuneVI] => C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe [40960 2012-07-09] ()
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe [55264 2016-03-10] (Malwarebytes)
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Run: [Spybot-S&D Cleaning] => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\*****\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Run: [SandboxieControl] => "C:\Program Files\Sandboxie\SbieCtrl.exe"
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2012-02-14] (AMD)
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Run: [Spotify Web Helper] => C:\Users\*****\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1529456 2016-09-21] (Spotify Ltd)
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Run: [Dropbox Update] => C:\Users\*****\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Run: [Spotify] => C:\Users\*****\AppData\Roaming\Spotify\Spotify.exe [6795376 2016-09-21] (Spotify Ltd)
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Run: [Google Update] => C:\Users\*****\AppData\Local\Google\Update\GoogleUpdate.exe [152216 2016-05-10] (Google Inc.)
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\Run: [Discord] => C:\Users\*****\AppData\Local\Discord\app-0.0.296\Discord.exe [62471352 2016-08-24] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\MountPoints2: J - J:\autorun.exe
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\MountPoints2: {5b8ed942-f05d-11e4-beac-94de8021e984} - I:\Startme.exe
HKU\S-1-5-21-2919925435-3243357412-1734966863-1000\...\MountPoints2: {cbd273f9-584d-11e6-8278-94de8021e984} - K:\Lenovo_Suite.exe
HKU\S-1-5-21-2919925435-3243357412-1734966863-1003\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-2919925435-3243357412-1734966863-1003\...\Run: [MySQL Notifier] => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySqlNotifier.exe [773120 2014-09-03] (Oracle Corporation)
Lsa: [Authentication Packages] msv1_0 nxlsa
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-10-07]
ShortcutTarget: Dropbox.lnk -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Keine Datei)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{721F4271-35C9-40A5-B9ED-398DE2D809A9}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{E65348D7-0263-4F99-A662-1B18C086C5BB}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-08-12] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-12] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: areovegl.default
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\areovegl.default [2016-01-11]
FF Extension: (Avira Browser Safety) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\areovegl.default\Extensions\abs@avira.com [2015-03-16] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: (PDF Architect Converter For Firefox) - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-05-29] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-20] ()
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-12] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-12] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-20] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-01] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-04-14] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2919925435-3243357412-1734966863-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\*****\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2919925435-3243357412-1734966863-1000: @talk.google.com/O1DPlugin -> C:\Users\*****\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-2919925435-3243357412-1734966863-1000: @tools.google.com/Google Update;version=3 -> C:\Users\*****\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-01] (Google Inc.)
FF Plugin HKU\S-1-5-21-2919925435-3243357412-1734966863-1000: @tools.google.com/Google Update;version=9 -> C:\Users\*****\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-01] (Google Inc.)
FF Plugin HKU\S-1-5-21-2919925435-3243357412-1734966863-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\*****\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-2919925435-3243357412-1734966863-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-08-31] ()
FF Plugin HKU\S-1-5-21-2919925435-3243357412-1734966863-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Admin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-10-20] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2919925435-3243357412-1734966863-1003: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-11-20] (Sony Network Entertainment International LLC)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com" 
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2016-01-11]
CHR Extension: (Google Präsentationen) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-16]
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-16]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-16]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-16]
CHR Extension: (Google-Suche) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-16]
CHR Extension: (Google Tabellen) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-16]
CHR Extension: (Avira Browserschutz) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-03-16]
CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-16]
CHR Extension: (Google Mail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-16]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1086040 2016-10-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [475232 2016-10-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [475232 2016-10-09] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1489240 2016-10-09] (Avira Operations GmbH & Co. KG)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S4 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [324304 2016-08-19] (Avira Operations GmbH & Co. KG)
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-06-24] () [Datei ist nicht signiert]
S4 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [218112 2013-10-07] () [Datei ist nicht signiert]
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [227104 2016-08-10] (EasyAntiCheat Ltd)
S4 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [Datei ist nicht signiert]
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MySQL57; C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe [39209984 2015-11-30] () [Datei ist nicht signiert]
S4 nxdeviced; C:\Program Files (x86)\NoMachine\bin\nxdeviced64.exe [861360 2014-04-17] (NoMachine)
S4 nxdisplay; C:\Program Files (x86)\NoMachine\bin\nxdisplay.exe [221872 2014-04-17] (NoMachine)
S4 nxfsd; C:\Program Files (x86)\NoMachine\bin\nxfsd.exe [181936 2014-04-17] (NoMachine)
S4 nxservice; C:\Program Files (x86)\NoMachine\bin\nxservice.exe [204464 2014-04-17] (NoMachine)
S4 nxusbd; C:\Program Files (x86)\NoMachine\bin\nxusbd64.exe [1248944 2014-04-17] (NoMachine)
S4 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S4 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-08-31] ()
S4 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH) [Datei ist nicht signiert]
S4 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-03] (VIA Technologies, Inc.)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [177432 2016-10-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [145536 2016-10-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-18] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-04-19] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2015-05-02] (Sony Mobile Communications)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2016-08-29] ()
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [110744 2012-07-19] (Qualcomm Atheros Co., Ltd.)
S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 nxaudio; C:\Windows\System32\drivers\nxaudio.sys [17920 2013-08-29] (NoMachine)
R3 nxdm; C:\Windows\System32\DRIVERS\nxdm.sys [29696 2012-12-11] (NoMachine Sarl)
R2 nxfs; C:\Program Files (x86)\NoMachine\bin\drivers\nxdisk\amd64\nxfs.sys [57008 2014-02-24] (NoMachine)
R2 nxusbf; C:\Program Files (x86)\NoMachine\bin\drivers\nxusb\NT6\amd64\nxusbf.sys [87216 2014-01-24] (NoMachine)
R3 nxusbh; C:\Windows\System32\DRIVERS\nxusbh.sys [68096 2013-11-12] (NoMachine)
R3 nxusbs; C:\Windows\System32\DRIVERS\nxusbs.sys [10240 2013-11-04] (NoMachine)
R3 SynUSB64; C:\Windows\System32\DRIVERS\SynUSB64.sys [30352 2011-12-14] (Steinberg Media Technologies GmbH)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R3 TASCAM_US122144; C:\Windows\System32\Drivers\tascusb2.sys [409664 2010-06-18] (TASCAM)
R3 TASCAM_US122L_WDM; C:\Windows\System32\drivers\tscusb2a.sys [50240 2010-06-18] (TASCAM)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-09 01:13 - 2016-10-09 01:13 - 00031720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avusbflt.sys
2016-10-08 23:21 - 2016-10-08 23:21 - 00003007 _____ C:\Users\*****\Desktop\eset_log.txt
2016-10-08 23:20 - 2016-10-08 23:20 - 00001778 _____ C:\Users\Admin\Desktop\eset_scan_results.txt
2016-10-08 19:18 - 2016-10-08 19:18 - 00000000 ____D C:\Program Files (x86)\ESET
2016-10-07 18:14 - 2016-10-07 18:14 - 00116212 _____ C:\Users\*****\Desktop\report_tdsskiller.txt
2016-10-07 18:11 - 2016-10-07 18:43 - 00232514 _____ C:\TDSSKiller.3.1.0.11_07.10.2016_18.11.28_log.txt
2016-10-07 18:11 - 2016-10-07 18:11 - 04747704 _____ (AO Kaspersky Lab) C:\Users\*****\Desktop\tdsskiller.exe
2016-10-07 07:55 - 2016-10-07 07:55 - 00081622 _____ C:\Users\Admin\Desktop\avira_0710.txt
2016-10-07 02:36 - 2016-10-07 02:36 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-10-06 20:53 - 2016-10-09 18:01 - 00021108 _____ C:\Users\*****\Desktop\FRST.txt
2016-10-06 20:53 - 2016-10-06 20:56 - 00136383 _____ C:\Users\*****\Desktop\Addition.txt
2016-10-06 07:39 - 2016-10-06 07:39 - 00050685 _____ C:\Users\*****\Desktop\Logfiles_Esdeh.zip
2016-10-06 07:29 - 2016-10-06 07:30 - 00002282 _____ C:\Users\*****\Desktop\Malwarebytes.txt
2016-10-06 07:27 - 2016-10-06 07:27 - 00000265 _____ C:\Users\Admin\Desktop\malwarebytes.txt
2016-10-06 00:01 - 2016-10-06 07:34 - 00055400 _____ C:\Users\*****\Desktop\Avira.txt
2016-10-05 23:56 - 2016-10-09 18:01 - 00000000 ____D C:\FRST
2016-10-05 23:56 - 2016-10-05 23:56 - 02405376 _____ (Farbar) C:\Users\*****\Desktop\FRST64.exe
2016-10-05 23:52 - 2016-10-05 23:52 - 00001124 _____ C:\Users\*****\Desktop\ Malwarebytes Anti-Malware .lnk
2016-10-05 23:47 - 2016-10-05 23:58 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-10-05 23:47 - 2016-10-05 23:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-10-05 23:47 - 2016-10-05 23:47 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-10-05 23:47 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-10-05 23:47 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-10-05 23:47 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-10-05 21:55 - 2016-10-05 21:55 - 00079570 _____ C:\Users\*****\Desktop\Splines.pdf
2016-09-28 18:55 - 2016-09-28 18:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atlassian
2016-09-28 18:55 - 2016-09-28 18:55 - 00000000 ____D C:\Program Files (x86)\SourceTree
2016-09-28 13:54 - 2016-10-02 23:17 - 00000000 ____D C:\Users\*****\AppData\Roaming\MonoDevelop-Unity-5.0
2016-09-28 13:54 - 2016-09-28 13:54 - 00000000 ____D C:\Users\*****\AppData\Local\MonoDevelop-Unity-5.0
2016-09-28 13:45 - 2016-10-03 15:31 - 00000000 ____D C:\Users\*****\AppData\LocalLow\DefaultCompany
2016-09-27 23:24 - 2016-09-27 23:25 - 128365670 _____ C:\Users\*****\Downloads\Carbon Based Lifeforms - The Path.zip
2016-09-27 18:14 - 2016-09-27 18:14 - 00000000 ____D C:\Users\Admin\AppData\Roaming\MonoDevelop-Unity-5.0
2016-09-27 18:14 - 2016-09-27 18:14 - 00000000 ____D C:\Users\Admin\AppData\Local\MonoDevelop-Unity-5.0
2016-09-27 18:10 - 2016-09-27 18:10 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\DefaultCompany
2016-09-27 17:53 - 2016-09-27 17:53 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2015 Tools for Unity
2016-09-27 17:53 - 2016-09-27 17:53 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity
2016-09-27 17:49 - 2016-09-27 17:49 - 00000883 _____ C:\Users\Public\Desktop\Unity 5.4.1f1 (64-bit).lnk
2016-09-27 17:49 - 2016-09-27 17:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.4.1f1 (64-bit)
2016-09-27 17:49 - 2016-09-27 17:49 - 00000000 ____D C:\Program Files (x86)\GtkSharp
2016-09-26 16:40 - 2016-09-26 16:40 - 00001322 _____ C:\Users\*****\Desktop\RocketLeagueTrainer.exe - Verknüpfung.lnk
2016-09-23 13:35 - 2016-09-23 13:35 - 00000000 __HDC C:\ProgramData\{2FBE3374-BA89-48C3-B5F4-877C1D7D624D}
2016-09-21 15:03 - 2016-09-21 15:03 - 00000000 ____D C:\Users\*****\Documents\KONAMI
2016-09-21 15:03 - 2016-09-21 15:03 - 00000000 ____D C:\Users\Admin\Documents\KONAMI
2016-09-21 15:03 - 2016-09-21 15:03 - 00000000 ____D C:\ProgramData\KONAMI
2016-09-21 14:00 - 2016-08-05 17:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-09-21 14:00 - 2016-08-05 17:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-09-20 13:39 - 2016-09-20 13:39 - 00000168 _____ C:\Users\*****\.gitconfig
2016-09-18 19:29 - 2016-09-18 19:29 - 00001138 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-09-16 22:00 - 2016-09-22 17:01 - 00000000 ____D C:\Windows\rescache
2016-09-16 21:32 - 2016-09-26 17:05 - 00000000 ____D C:\Users\*****\Documents\Project CARS
2016-09-16 21:32 - 2016-09-16 21:32 - 00000000 ____D C:\Users\*****\Documents\wmd_symbol_cache
2016-09-15 00:58 - 2016-09-02 17:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-09-15 00:58 - 2016-09-02 17:35 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-09-15 00:58 - 2016-09-02 17:35 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-09-15 00:58 - 2016-09-02 17:35 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-09-15 00:58 - 2016-09-02 17:35 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-09-15 00:58 - 2016-09-02 17:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-09-15 00:58 - 2016-09-02 17:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-09-15 00:58 - 2016-09-02 17:31 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-09-15 00:58 - 2016-09-02 17:31 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-09-15 00:58 - 2016-09-02 17:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-09-15 00:58 - 2016-09-02 17:31 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-09-15 00:58 - 2016-09-02 17:31 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-09-15 00:58 - 2016-09-02 17:31 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-09-15 00:58 - 2016-09-02 17:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-09-15 00:58 - 2016-09-02 17:31 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-09-15 00:58 - 2016-09-02 17:31 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:21 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-09-15 00:58 - 2016-09-02 17:21 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-09-15 00:58 - 2016-09-02 17:18 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 17:02 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-09-15 00:58 - 2016-09-02 17:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-09-15 00:58 - 2016-09-02 17:02 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-09-15 00:58 - 2016-09-02 17:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-09-15 00:58 - 2016-09-02 16:58 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-09-15 00:58 - 2016-09-02 16:57 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-09-15 00:58 - 2016-09-02 16:55 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-09-15 00:58 - 2016-09-02 16:54 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-09-15 00:58 - 2016-09-02 16:54 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-09-15 00:58 - 2016-09-02 16:53 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-09-15 00:58 - 2016-09-02 16:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-09-15 00:58 - 2016-09-02 16:53 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-09-15 00:58 - 2016-09-02 16:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-09-15 00:58 - 2016-09-02 16:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-09-15 00:58 - 2016-09-02 16:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-09-15 00:58 - 2016-09-02 16:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-09-15 00:58 - 2016-09-02 16:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-09-15 00:58 - 2016-09-02 16:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 16:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 16:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-09-15 00:58 - 2016-09-02 16:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-09-15 00:58 - 2016-09-01 21:26 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-09-15 00:58 - 2016-09-01 20:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-09-15 00:58 - 2016-09-01 05:18 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-09-15 00:58 - 2016-09-01 05:08 - 20312064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-09-15 00:58 - 2016-09-01 04:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-09-15 00:58 - 2016-09-01 04:46 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-09-15 00:58 - 2016-09-01 04:46 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-09-15 00:58 - 2016-09-01 04:46 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-09-15 00:58 - 2016-09-01 04:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-09-15 00:58 - 2016-09-01 04:34 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-09-15 00:58 - 2016-09-01 04:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-09-15 00:58 - 2016-09-01 04:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-09-15 00:58 - 2016-09-01 04:26 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-09-15 00:58 - 2016-09-01 04:24 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-09-15 00:58 - 2016-09-01 04:24 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-09-15 00:58 - 2016-09-01 04:23 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-09-15 00:58 - 2016-09-01 04:08 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-09-15 00:58 - 2016-09-01 03:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-09-15 00:58 - 2016-09-01 03:57 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-09-15 00:58 - 2016-09-01 03:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-09-15 00:58 - 2016-09-01 03:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-09-15 00:58 - 2016-09-01 03:48 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-09-15 00:58 - 2016-09-01 03:45 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-09-15 00:58 - 2016-09-01 03:34 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-09-15 00:58 - 2016-09-01 03:30 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-09-15 00:58 - 2016-09-01 03:29 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-09-15 00:58 - 2016-09-01 03:29 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-09-15 00:58 - 2016-09-01 03:27 - 13808128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-09-15 00:58 - 2016-09-01 03:24 - 04607488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-09-15 00:58 - 2016-09-01 02:45 - 25770496 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-09-15 00:58 - 2016-09-01 02:43 - 02445824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-09-15 00:58 - 2016-09-01 02:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-09-15 00:58 - 2016-09-01 02:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-09-15 00:58 - 2016-09-01 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-09-15 00:58 - 2016-09-01 02:38 - 01316352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-09-15 00:58 - 2016-09-01 02:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-09-15 00:58 - 2016-09-01 02:24 - 02894336 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-09-15 00:58 - 2016-09-01 02:24 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-09-15 00:58 - 2016-09-01 02:24 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-09-15 00:58 - 2016-09-01 02:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-09-15 00:58 - 2016-09-01 02:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-09-15 00:58 - 2016-09-01 02:16 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-09-15 00:58 - 2016-09-01 02:15 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-09-15 00:58 - 2016-09-01 02:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-09-15 00:58 - 2016-09-01 02:11 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-09-15 00:58 - 2016-09-01 02:11 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-09-15 00:58 - 2016-09-01 02:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-09-15 00:58 - 2016-09-01 02:10 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-09-15 00:58 - 2016-09-01 02:06 - 06047232 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-09-15 00:58 - 2016-09-01 02:03 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-09-15 00:58 - 2016-09-01 01:59 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-09-15 00:58 - 2016-09-01 01:51 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-09-15 00:58 - 2016-09-01 01:50 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-09-15 00:58 - 2016-09-01 01:47 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-09-15 00:58 - 2016-09-01 01:46 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-09-15 00:58 - 2016-09-01 01:44 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-09-15 00:58 - 2016-09-01 01:42 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-09-15 00:58 - 2016-09-01 01:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-09-15 00:58 - 2016-09-01 01:29 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-09-15 00:58 - 2016-09-01 01:28 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-09-15 00:58 - 2016-09-01 01:27 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-09-15 00:58 - 2016-09-01 01:26 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-09-15 00:58 - 2016-09-01 01:15 - 15411712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-09-15 00:58 - 2016-09-01 01:10 - 02921472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-09-15 00:58 - 2016-09-01 00:58 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-09-15 00:58 - 2016-09-01 00:47 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-09-15 00:58 - 2016-08-16 19:36 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-09-15 00:58 - 2016-08-16 04:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-09-15 00:58 - 2016-08-16 04:35 - 03218432 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-09-15 00:58 - 2016-08-12 18:26 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-09-15 00:58 - 2016-08-12 18:26 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-09-15 00:58 - 2016-08-12 18:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-09-15 00:58 - 2016-08-06 17:31 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-09-15 00:58 - 2016-08-06 17:15 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-09-13 00:09 - 2016-09-13 00:09 - 00000000 ____D C:\Users\Admin\Documents\Steinberg
2016-09-13 00:09 - 2016-09-13 00:09 - 00000000 ____D C:\Users\Admin\AppData\Local\Native Instruments
2016-09-13 00:08 - 2016-09-13 00:08 - 00000000 ____D C:\Users\Admin\Documents\VST3 Presets

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-09 17:50 - 2014-11-06 18:23 - 00000000 ____D C:\Users\*****\AppData\Local\Spotify
2016-10-09 17:33 - 2016-05-21 11:40 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2919925435-3243357412-1734966863-1000UA.job
2016-10-09 17:33 - 2013-04-13 20:37 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-09 17:28 - 2013-06-20 01:04 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-09 17:06 - 2015-06-17 07:55 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2919925435-3243357412-1734966863-1000UA.job
2016-10-09 14:13 - 2014-11-06 18:22 - 00000000 ____D C:\Users\*****\AppData\Roaming\Spotify
2016-10-09 12:29 - 2013-04-13 21:22 - 00000000 ____D C:\Users\*****\AppData\Roaming\MediaMonkey
2016-10-09 11:06 - 2015-06-17 07:55 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2919925435-3243357412-1734966863-1000Core.job
2016-10-09 10:32 - 2009-07-14 06:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-09 10:32 - 2009-07-14 06:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-09 10:24 - 2013-04-13 20:37 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-09 10:24 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-09 01:14 - 2013-04-13 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-10-09 01:13 - 2013-04-13 21:04 - 00177432 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2016-10-09 01:13 - 2013-04-13 21:04 - 00145536 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-10-08 19:02 - 2013-04-13 21:06 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-10-07 04:33 - 2016-05-21 11:40 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2919925435-3243357412-1734966863-1000Core.job
2016-10-07 02:37 - 2013-04-29 11:18 - 00000000 ____D C:\Users\*****\AppData\Roaming\Dropbox
2016-10-06 22:51 - 2013-04-19 20:17 - 00000000 ____D C:\Users\*****\AppData\Roaming\vlc
2016-10-06 20:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Vss
2016-10-05 20:19 - 2013-04-21 20:48 - 00000000 ____D C:\Users\*****\AppData\Local\Last.fm
2016-10-05 19:26 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-10-04 19:34 - 2013-04-13 20:37 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-03 19:11 - 2014-06-18 00:44 - 00000000 ____D C:\ProgramData\Unity
2016-10-02 17:13 - 2013-11-26 15:05 - 00000000 ____D C:\Users\Admin
2016-10-02 16:16 - 2013-04-13 18:07 - 00000000 ____D C:\Users\*****\AppData\Local\VirtualStore
2016-09-30 23:54 - 2015-06-17 07:55 - 00000000 ____D C:\Users\*****\AppData\Local\Dropbox
2016-09-30 15:50 - 2013-11-14 23:32 - 00000000 ____D C:\Users\*****\Documents\Telltale Games
2016-09-28 20:30 - 2016-02-02 00:21 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-09-28 18:53 - 2016-02-26 21:24 - 00000000 ____D C:\ProgramData\Atlassian
2016-09-28 13:53 - 2015-10-26 11:44 - 00000000 ____D C:\Users\*****\Documents\Visual Studio 2015
2016-09-28 13:45 - 2013-04-30 00:55 - 00000000 ____D C:\Users\*****\AppData\LocalLow\Unity
2016-09-28 13:44 - 2014-06-18 00:53 - 00000000 ____D C:\Users\*****\AppData\Roaming\Unity
2016-09-27 18:12 - 2015-10-26 10:56 - 00000000 ____D C:\Users\Admin\Documents\Visual Studio 2015
2016-09-27 18:10 - 2014-06-18 00:42 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\Unity
2016-09-27 18:07 - 2015-05-02 01:09 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Unity
2016-09-27 17:53 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-27 17:49 - 2015-04-29 19:55 - 00000000 ____D C:\Program Files\Unity
2016-09-27 13:36 - 2015-01-18 03:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-27 13:36 - 2013-04-13 21:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-26 16:40 - 2016-08-29 16:28 - 00000000 ____D C:\Tools
2016-09-23 17:06 - 2011-04-12 09:43 - 00701778 _____ C:\Windows\system32\perfh007.dat
2016-09-23 17:06 - 2011-04-12 09:43 - 00150388 _____ C:\Windows\system32\perfc007.dat
2016-09-23 17:06 - 2009-07-14 07:13 - 01622158 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-23 17:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-09-23 17:01 - 2015-11-25 01:39 - 00000000 ____D C:\Users\*****\Desktop\Recording_part
2016-09-23 13:35 - 2016-08-30 18:01 - 00001014 _____ C:\Users\Public\Desktop\Kontakt 5.lnk
2016-09-20 16:47 - 2013-04-13 21:22 - 00000000 ____D C:\Users\*****\AppData\Roaming\Skype
2016-09-20 14:06 - 2013-04-13 21:27 - 00000000 ____D C:\Spiele
2016-09-20 13:39 - 2013-04-13 18:07 - 00000000 ____D C:\Users\*****
2016-09-20 13:24 - 2016-01-09 22:54 - 00000000 ____D C:\Users\*****\Desktop\Temp
2016-09-20 10:52 - 2013-06-20 01:04 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-09-20 10:52 - 2013-04-14 22:17 - 00000000 ____D C:\Users\*****\AppData\Local\Adobe
2016-09-20 10:52 - 2013-04-13 21:50 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-09-20 10:52 - 2013-04-13 21:50 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-20 10:52 - 2013-04-13 21:50 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-09-20 10:52 - 2013-04-13 21:50 - 00000000 ____D C:\Windows\system32\Macromed
2016-09-20 10:51 - 2014-01-18 19:24 - 00000000 ____D C:\Users\Admin\AppData\Local\Adobe
2016-09-18 19:29 - 2013-04-20 12:37 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-15 20:44 - 2015-10-14 22:43 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-09-15 20:44 - 2013-04-13 21:22 - 00000000 ____D C:\ProgramData\Skype
2016-09-15 11:45 - 2009-07-14 06:45 - 00288544 _____ C:\Windows\system32\FNTCACHE.DAT
2016-09-15 01:21 - 2014-01-14 20:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-09-15 01:21 - 2014-01-14 20:47 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-09-15 01:21 - 2014-01-14 20:47 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-09-15 01:15 - 2013-08-07 03:00 - 00000000 ____D C:\Windows\system32\MRT
2016-09-15 01:15 - 2013-04-17 21:59 - 144199024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-09-13 00:09 - 2016-08-30 04:23 - 00000000 ____D C:\Users\Admin\Documents\Native Instruments
2016-09-13 00:09 - 2015-06-21 23:24 - 00000000 ____D C:\Users\Admin\AppData\Roaming\HOFA
2016-09-13 00:09 - 2015-03-15 17:33 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Steinberg

Einige Dateien in TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\avgnt.exe
C:\Users\*****\AppData\Local\Temp\avgnt.exe
C:\Users\*****\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5lcyn1.dll
C:\Users\*****\AppData\Local\Temp\i4jdel0.exe
C:\Users\*****\AppData\Local\Temp\jansi-64-git-Bukkit-1.4.7-R1.0-b2624jnks.dll
C:\Users\*****\AppData\Local\Temp\jre-8u101-windows-au.exe
C:\Users\*****\AppData\Local\Temp\SandboxieInstall.exe
C:\Users\*****\AppData\Local\Temp\sfamcc00001.dll
C:\Users\*****\AppData\Local\Temp\SIntf16.dll
C:\Users\*****\AppData\Local\Temp\SIntf32.dll
C:\Users\*****\AppData\Local\Temp\SIntfNT.dll
C:\Users\*****\AppData\Local\Temp\SkypeSetup.exe
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-017471a8-1214-486f-9b4a-6e529bb5ee14-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-01cd0e59-8904-4451-8229-c98a886174a4-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-39c97557-0fcd-4524-a96e-83a449cc35ee-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-57b36b20-ffe8-468e-ad7f-8f3b4952b002-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-5895c0e3-5d25-47b1-8cb6-5d5b7b789a4a-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-5aef941f-7615-4b58-99d1-5afa8b23370d-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-640ebc9d-babc-41ea-bcc3-9425a8eca9ba-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-7fdf69e2-65b8-4d50-9486-2bebc9f75b5c-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-887e3172-c01b-4465-8b9c-8743ca07f224-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-9dcd7c7e-f044-49ab-8fe4-4c6436ea0b35-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-adb19df7-9df5-40a1-a0b4-774d1e938e6c-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-adccf870-0580-4add-90d9-00f757647648-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-b91bc444-4e38-46d5-8519-d7d5bc30747a-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-c1d8f87b-c58b-43ce-a09b-635fd8761cba-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-c6605e17-6f6a-40a6-8eea-1ec2e775c9b3-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-cdefe8e8-c740-49c3-907b-d9d423f7526e-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-d44f120d-82e1-45fc-9306-1c0b28cf306d-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\sqlite-3.8.11.2-e695e562-a52c-4c87-8b36-b1e43b16bd71-sqlitejdbc.dll
C:\Users\*****\AppData\Local\Temp\vlc-2.2.1-win32.exe
C:\Users\*****\AppData\Local\Temp\war3_Install.exe
C:\Users\*****\AppData\Local\Temp\_is7B47.exe


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-10-06 04:36

==================== Ende von FRST.txt ============================
         
--- --- ---

Alt 10.10.2016, 18:28   #15
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Backdoor "BDS/Cycbotcfg" in Firefox Cache gefunden - Standard

Backdoor "BDS/Cycbotcfg" in Firefox Cache gefunden



Schritt 1



Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:
Code:
ATTFilter
CloseProcesses:
C:\Windows\Installer\2b5e33.msi
EmptyTemp:
         
Speichere dieses bitte als Fixlist.txt in das Verzeichnis ab, in dem sich auch die FRST-Anwendung befindet.
  • Starte FRST und drücke auf den Entfernen-Button.
  • Das Tool erstellt eine "Fixlog.txt" -Datei.
  • Poste mir bitte deren Inhalt.



Wir haben es geschafft!
Die Logs sehen für mich im Moment sauber aus.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.
Es bleibt mir nur noch, Dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen.




Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.



Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken (z.B. hier) in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.

Meine Kauf-Empfehlung:



Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware scannen.

Optional:
NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie .
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Antwort

Themen zu Backdoor "BDS/Cycbotcfg" in Firefox Cache gefunden
anhang, antivir, avira, backdoor, brauche, cache, datei, ernst, erstellt, festplatte, firefox, kurze, lizenz, logdateien, logfiles, lösung, malwarebytes, neuinstallation, nutzen, platte, quarantäne, scan, upgrade, windows, windows 7



Ähnliche Themen: Backdoor "BDS/Cycbotcfg" in Firefox Cache gefunden


  1. Windows 8, Firefox: immer wieder "Webseite nicht gefunden", "sichere Verbindung fehlgeschlagen"
    Alles rund um Windows - 28.06.2016 (33)
  2. Diverse Malware ("CoolSaleCoupon", "ddownlloaditkeep", "omiga-plus", "SaveSense", "SaleItCoupon"); lahmer PC & viel Werbung!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (16)
  3. "Prozedureinsprungpunkt"_iob_func" wurde in der DLL "MSVCR70.dll" nicht gefunden
    Plagegeister aller Art und deren Bekämpfung - 11.03.2014 (4)
  4. "EXP/CVE-2011-3402' [exploit]" heute gefunden und (bereits länger) "Server ist ausgelastet" Meldung
    Log-Analyse und Auswertung - 17.12.2013 (3)
  5. Sicherheitscenter deaktiviert und Virus "ADWARE/InstallCo.HA" "ADWARE/bProtect.D" "TR/Mevade.A.95" gefunden
    Log-Analyse und Auswertung - 10.09.2013 (10)
  6. Virus im Verzeichnis "User\Benutzer\Cache\"
    Plagegeister aller Art und deren Bekämpfung - 21.08.2011 (23)
  7. Malwarereinigung: "TR/Kazy.25747.40", "Trojan.Downloader..." und "Backdoor: Win32Cycbot.B"
    Log-Analyse und Auswertung - 09.06.2011 (1)
  8. Wie soll ich "HTML/Rce.gen" in "\Firefox\Profiles\p2hadvdz.default\Cache" entfernen?
    Plagegeister aller Art und deren Bekämpfung - 06.02.2011 (1)
  9. Unerwünschtes Programm 'BDS/TDSS.6246458.1' [backdoor] gefunden! + Trojaner "TR/Alureon.EC.63"
    Plagegeister aller Art und deren Bekämpfung - 30.01.2011 (1)
  10. "BDS/Backdoor.Gen" in "C:\Windows\Installer\MSI7D1E.tmp"
    Plagegeister aller Art und deren Bekämpfung - 08.02.2010 (1)
  11. Trojaner "Backdoor.Bifrose" ,Fund durch "Spyware Doctor"
    Plagegeister aller Art und deren Bekämpfung - 27.01.2010 (9)
  12. Backdoor "TR/DelSelf.H" und "TR/Dldr.FraudL.vahk"
    Log-Analyse und Auswertung - 21.10.2008 (14)
  13. Virus gefunden: "Backdoor.Win32.RemoteHack.15.c". Ist alles trotzdem ok?
    Log-Analyse und Auswertung - 10.10.2008 (11)
  14. Virus gefunden: "Backdoor.Win32.RemoteHack.15.c". Ist alle trotzdem ok?
    Mülltonne - 09.10.2008 (0)
  15. Was ist der Sinn von "static.cache.l.google.com"
    Plagegeister aller Art und deren Bekämpfung - 17.08.2008 (0)
  16. Was ist der sinn von "static.cache.l.google.com"
    Mülltonne - 17.08.2008 (0)
  17. "Seite nicht gefunden" im Explorer, Firefox etc.
    Plagegeister aller Art und deren Bekämpfung - 16.07.2008 (2)

Zum Thema Backdoor "BDS/Cycbotcfg" in Firefox Cache gefunden - Hallo allerseits, Habe heute leider aus heiterem Himmel eine Benachrichtigung von Avira bekommen. Im Cache von Firefox wurde eine Backdoor-Malware vom Typ BDS/Cycbotcfg.A.1744 gefunden. Eine kurze Recherche hat ergeben, dass - Backdoor "BDS/Cycbotcfg" in Firefox Cache gefunden...
Archiv
Du betrachtest: Backdoor "BDS/Cycbotcfg" in Firefox Cache gefunden auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.