Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Virenprüfung meldet infizierte Dateien mit Win32:DH

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 19.02.2017, 16:58   #1
Jens85
 
Virenprüfung meldet infizierte Dateien mit Win32:DH - Frage

Virenprüfung meldet infizierte Dateien mit Win32:DH



Hallo zusammen,

Ich habe gestern die Startzeit Überprüfung von Avast gestartet, die ich immer wöchentlich mal ausführe.
Leider wurde etwas gefunden:
Die Datei wurde dann in die Quarantäne verschoben. Ich hab zur Sicherheit nochmal einen normalen Scan mit Avast und Malwarebytes AntiMalware durchgeführt, glücklicherweise ohne Funde.
Heute vormittag nochmal die Startzeit Überprüfung ausgeführt und leider wieder Funde:

Allerdings läuft der Rechner meiner Einschätzung nach ohne Probleme. Handelt es sich hier evtl. um einen Fehlalarm? Ich möchte dennoch die Situation ernst nehmen und möchte daher um eine Einschätzung bitten.

Mfg.
Jens

Hier mal die Logs:

FRST
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-02-2017 01
durchgeführt von Moritz (Administrator) auf MORITZ2-PC (19-02-2017 17:17:03)
Gestartet von C:\Users\Moritz\Desktop\FRST_64
Geladene Profile: Moritz (Verfügbare Profile: Moritz & Gast)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(AddGadgets) C:\Users\Moritz\Downloads\network meter\PCMeterV4\PCMeterV0.4.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\system\HsMgr64.exe
(CMedia) C:\Program Files\ASUS Xonar DG Audio\Customapp\AsusAudioCenter.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIJJE.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Program Files (x86)\Func\KB-460\KB-460_Core.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone Pure Optical Mouse\KonePureOpticalMonitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Realtek) C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtlService.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtWLan.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [517912 2013-02-15] (Acronis)
HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-02-16] (AVAST Software)
HKLM-x32\...\Run: [Func KB-460] => C:\Program Files (x86)\Func\KB-460\KB-460_Core
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6405376 2013-03-27] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105848 2013-01-10] (Acronis)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-03] (Intel Corporation)
HKLM-x32\...\Run: [RoccatKonePureOptical] => C:\Program Files (x86)\ROCCAT\Kone Pure Optical Mouse\KonePureOpticalMonitor.exe [561152 2014-01-20] (ROCCAT GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-2295199210-3298315446-242086744-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2295199210-3298315446-242086744-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-02-16] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-02-16] (AVAST Software)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-03-27] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-03-27] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-03-27] (Acronis)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{0B593FE7-9DC9-4042-B7EE-47F019FA174C}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{E43E45DB-6A41-48AA-823C-DD6D572B70A2}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-2295199210-3298315446-242086744-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2295199210-3298315446-242086744-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-02-16] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28] (SEIKO EPSON CORPORATION)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-24] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-02-16] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-24] (Oracle Corporation)
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  Keine Datei
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28] (SEIKO EPSON CORPORATION)

FireFox:
========
FF DefaultProfile: u4sfw4f1.default-1391466045898
FF ProfilePath: C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898 [2017-02-19]
FF Homepage: Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898 -> hxxps://www.google.de/
FF NetworkProxy: Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898 -> type", 0
FF Extension: (Add to Amazon Wish List Button) - C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\Extensions\amznUWL2@amazon.com.xpi [2016-04-27]
FF Extension: (ProxTube) - C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\Extensions\ich@maltegoetz.de.xpi [2016-08-28]
FF Extension: (Premiumize.me) - C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\Extensions\jid1-sirVJT0BXhkuJg@jetpack.xpi [2014-11-07] [ist nicht signiert]
FF Extension: (Personas Plus) - C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\Extensions\personas@christopher.beard.xpi [2016-07-28]
FF Extension: (Google Translator for Firefox) - C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\Extensions\translator@zoli.bod.xpi [2016-04-27]
FF Extension: (NoScript) - C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-12-01]
FF Extension: (Video DownloadHelper) - C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-08-05]
FF Extension: (Adblock Plus) - C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF SearchPlugin: C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\searchplugins\google-play.xml [2015-05-05]
FF SearchPlugin: C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\searchplugins\wettercom.xml [2014-06-18]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF48 [2017-02-16]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF48 [2017-02-16]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2014-02-02] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-21] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-02-21] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-21] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1214154.dll [2014-11-07] (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-02-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2295199210-3298315446-242086744-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Moritz\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default [2017-02-18]
CHR Extension: (Google Docs) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-12]
CHR Extension: (Google Drive) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-21]
CHR Extension: (Google Cast) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-08-10]
CHR Extension: (Adblock Plus) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-12-06]
CHR Extension: (Google-Suche) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Adobe Acrobat) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-02-16]
CHR Extension: (Google Docs Offline) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-10]
CHR Extension: (Avast Online Security) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-28]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-16]
CHR Extension: (Google Mail) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-26]
CHR Extension: (Chrome Media Router) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-16]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-12-23] (Advanced Micro Devices) [Datei ist nicht signiert]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7142136 2017-02-16] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-02-16] (AVAST Software)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [173848 2015-02-22] (EasyAntiCheat Ltd)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
S3 GalaxyClientService; E:\Programme\GOG Galaxy\GalaxyClient\GalaxyClientService.exe [284224 2016-12-26] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6625856 2016-12-26] (GOG.com)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [38200 2014-12-01] (The OpenVPN Project)
S3 Origin Client Service; E:\Programme\Origin\OriginClientService.exe [2122248 2017-01-24] (Electronic Arts)
S2 Origin Web Helper Service; E:\Programme\Origin\OriginWebHelperService.exe [2184208 2017-01-24] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-04-20] ()
R2 Realtek11nCU; C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) [Datei ist nicht signiert]
S4 TeamViewer9; E:\Programme\Team Viewer 9\TeamViewer_Service.exe [4915040 2014-01-29] (TeamViewer GmbH)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-09-06] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [305544 2016-12-23] (Advanced Micro Devices)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309784 2017-02-16] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-02-16] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-02-16] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-02-16] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-02-16] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126088 2017-02-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-02-16] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [74680 2017-02-16] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [991496 2017-02-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [547904 2017-02-16] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-02-16] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337080 2017-02-16] (AVAST Software)
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2725376 2011-03-10] (C-Media Inc)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-02-02] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-05-30] (Intel Corporation)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-07-04] (REALiX(tm))
R3 I1KBFLTR; C:\Windows\System32\drivers\I1KBFLTR.sys [29440 2014-06-26] ()
R2 IntelHaxm; C:\Windows\System32\DRIVERS\IntelHaxm.sys [93192 2016-06-12] (Intel  Corporation)
S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [762472 2010-08-06] (Realtek Semiconductor Corporation                           )
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2014-02-02] (Duplex Secure Ltd.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2015-10-16] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2015-10-16] (Acronis)
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2013-11-22] (Seiko Epson Corporation)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2015-10-16] (Acronis International GmbH)
R3 WinRing0_1_2_0; C:\Users\Moritz\AppData\Local\Temp\tmpBA0B.tmp [14544 2017-02-18] (OpenLibSys.org) <==== ACHTUNG
S3 ALSysIO; \??\C:\Users\Moritz\AppData\Local\Temp\ALSysIO64.sys [X] <==== ACHTUNG
S3 GPU-Z; \??\C:\Users\Moritz\AppData\Local\Temp\GPU-Z.sys [X] <==== ACHTUNG
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-19 17:16 - 2017-02-19 17:17 - 00000000 ____D C:\Users\Moritz\Desktop\FRST_64
2017-02-19 17:15 - 2017-02-19 17:15 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-02-18 20:17 - 2017-02-18 22:15 - 00000000 ____D C:\Users\Moritz\Desktop\Neuer Ordner
2017-02-18 20:02 - 2017-02-18 20:02 - 34980000 _____ (AMD Inc.) C:\Users\Moritz\Downloads\radeon-crimson-relive-17.2.1-minimalsetup-170213_64bit.exe
2017-02-17 00:38 - 2017-02-17 00:38 - 00000000 _____ C:\Users\Moritz\Desktop\spotfy premium account.txt
2017-02-17 00:26 - 2017-02-17 00:26 - 00000000 _____ C:\Users\Moritz\Desktop\Graktreiber wurde widerhergestellt.txt
2017-02-17 00:24 - 2017-02-17 00:24 - 00000000 _____ C:\Users\Moritz\Desktop\Der Treiber hat einen Controllerfehler auf DeviceHarddisk2DR2.txt
2017-02-16 22:08 - 2017-02-19 17:03 - 00004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-02-16 22:08 - 2017-02-16 22:08 - 00398408 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-02-16 22:08 - 2017-02-16 22:08 - 00334600 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-02-16 22:08 - 2017-02-16 22:08 - 00309784 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-02-16 22:08 - 2017-02-16 22:08 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-02-16 22:08 - 2017-02-16 22:08 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-02-06 19:00 - 2017-02-06 19:00 - 00000000 ____D C:\Users\Moritz\.QtWebEngineProcess
2017-02-06 19:00 - 2017-02-06 19:00 - 00000000 ____D C:\Users\Moritz\.Origin
2017-02-01 22:38 - 2017-02-01 22:38 - 00000000 ____D C:\Users\Moritz\AppData\LocalLow\AMD
2017-01-30 17:20 - 2017-01-30 17:20 - 00000000 ____D C:\ProgramData\ATI
2017-01-28 14:17 - 2017-01-28 14:18 - 00000000 ____D C:\Users\Moritz\Desktop\Fritzbox Einstellung_Sicherung
2017-01-28 14:13 - 2017-01-28 14:13 - 00000000 ____D C:\Users\Moritz\AppData\Local\AMD
2017-01-28 14:12 - 2017-01-28 14:12 - 00003152 _____ C:\Windows\System32\Tasks\StartCN
2017-01-28 14:12 - 2017-01-28 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-01-28 14:12 - 2017-01-28 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2017-01-28 14:11 - 2017-01-28 14:11 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-01-28 14:11 - 2016-09-09 19:25 - 00269600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2017-01-28 14:11 - 2016-09-09 19:25 - 00261920 _____ C:\Windows\system32\vulkan-1.dll
2017-01-28 14:11 - 2016-09-09 19:25 - 00110880 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2017-01-28 14:11 - 2016-09-09 19:24 - 00125216 _____ C:\Windows\system32\vulkaninfo.exe
2017-01-26 15:12 - 2017-01-26 15:12 - 54462926 _____ C:\Users\Moritz\Desktop\PC-WeltWLAN09-2015-issue.pdf
2017-01-21 16:08 - 2017-01-21 16:08 - 00010755 _____ C:\Users\Moritz\Desktop\NAS vergleich.xlsx

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-19 17:17 - 2015-12-16 15:35 - 00000000 ____D C:\FRST
2017-02-19 17:13 - 2014-02-04 12:12 - 00000029 _____ C:\Users\Moritz\AppData\Roaming\Network Meter_Usage.ini
2017-02-19 17:13 - 2014-02-02 10:28 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2017-02-19 17:13 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-19 16:18 - 2016-12-21 19:03 - 00000000 ____D C:\Users\Moritz\AppData\Roaming\vlc
2017-02-19 16:17 - 2014-02-04 11:57 - 00000000 ____D C:\Users\Moritz\Documents\My Games
2017-02-19 16:16 - 2016-11-16 12:17 - 00000000 ____D C:\Users\Moritz\AppData\LocalLow\Mozilla
2017-02-19 16:05 - 2014-07-24 20:44 - 00000000 ____D C:\Users\Moritz\AppData\Local\Sony
2017-02-19 16:05 - 2014-07-24 20:44 - 00000000 ____D C:\ProgramData\Sony
2017-02-19 16:05 - 2014-07-24 20:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2017-02-19 15:03 - 2014-05-27 10:34 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-02-19 15:00 - 2009-07-14 05:45 - 00030752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-19 15:00 - 2009-07-14 05:45 - 00030752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-19 14:56 - 2011-04-12 08:43 - 03941958 _____ C:\Windows\system32\perfh007.dat
2017-02-19 14:56 - 2011-04-12 08:43 - 01156746 _____ C:\Windows\system32\perfc007.dat
2017-02-19 14:56 - 2009-07-14 06:13 - 00006224 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-19 01:09 - 2014-02-01 22:14 - 00007622 _____ C:\Users\Moritz\AppData\Local\resmon.resmoncfg
2017-02-18 23:58 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2017-02-18 20:16 - 2016-11-16 13:08 - 00000000 ____D C:\ProgramData\Unity
2017-02-18 20:02 - 2014-02-02 10:25 - 00000000 ____D C:\AMD
2017-02-16 22:08 - 2014-05-02 20:54 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-02-16 22:08 - 2014-02-02 13:55 - 00991496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-02-16 22:08 - 2014-02-02 13:55 - 00547904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-02-16 22:08 - 2014-02-02 13:55 - 00337080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.148727930370604
2017-02-16 22:08 - 2014-02-02 13:55 - 00337080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-02-16 22:08 - 2014-02-02 13:55 - 00162528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-02-16 22:08 - 2014-02-02 13:55 - 00126088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-02-16 22:08 - 2014-02-02 13:55 - 00100640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-02-16 22:08 - 2014-02-02 13:55 - 00074680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-02-14 23:52 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-02-14 23:50 - 2014-02-03 15:00 - 00000000 ____D C:\Users\Moritz\AppData\Roaming\Origin
2017-02-14 22:40 - 2014-02-03 14:54 - 00000000 ____D C:\ProgramData\Origin
2017-02-09 13:17 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2017-02-07 17:26 - 2014-02-03 15:00 - 00000000 ____D C:\Users\Moritz\AppData\Local\Origin
2017-02-07 01:00 - 2014-02-17 17:55 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-07 01:00 - 2014-02-17 17:55 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-06 19:00 - 2014-02-01 20:46 - 00000000 ____D C:\Users\Moritz
2017-02-01 22:27 - 2014-08-28 10:32 - 00000000 ____D C:\Program Files\Recuva
2017-01-30 17:45 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2017-01-28 14:12 - 2015-10-09 12:03 - 00000000 ____D C:\Program Files (x86)\AMD
2017-01-28 14:12 - 2014-02-02 10:27 - 00000000 ____D C:\Program Files\AMD
2017-01-28 14:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-01-28 14:06 - 2014-02-02 11:38 - 00000000 ____D C:\Windows\system32\MRT
2017-01-28 14:04 - 2014-02-02 11:38 - 135657872 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-01-28 14:02 - 2016-11-16 12:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-28 14:02 - 2014-02-02 13:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-26 10:25 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-01-24 21:41 - 2016-11-16 12:34 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2017-01-24 21:41 - 2016-08-28 10:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2017-01-24 21:41 - 2014-08-06 21:20 - 00000000 ____D C:\Program Files (x86)\Java
2017-01-24 21:41 - 2014-02-03 09:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-01-21 20:35 - 2014-04-02 19:25 - 00779776 ___SH C:\Users\Moritz\Desktop\Thumbs.db
2017-01-21 20:35 - 2014-02-03 19:44 - 00000000 ____D C:\Users\Moritz\.gimp-2.8
2017-01-21 14:45 - 2015-11-01 00:10 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-01-21 14:45 - 2015-11-01 00:09 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-21 14:45 - 2014-08-26 09:31 - 00000000 ____D C:\Users\Moritz\AppData\Local\Adobe
2017-01-21 14:45 - 2014-02-02 20:32 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-01-21 14:45 - 2014-02-02 20:32 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-20 23:42 - 2015-10-27 17:23 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-02-03 20:49 - 2014-06-10 23:45 - 0000627 _____ () C:\Users\Moritz\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-02-03 20:49 - 2014-11-21 15:15 - 0000293 _____ () C:\Users\Moritz\AppData\Roaming\GPU MeterV2_Settings.ini
2014-02-04 11:46 - 2016-08-02 21:47 - 0000971 _____ () C:\Users\Moritz\AppData\Roaming\Network Meter_Settings.ini
2014-02-04 12:12 - 2017-02-19 17:13 - 0000029 _____ () C:\Users\Moritz\AppData\Roaming\Network Meter_Usage.ini
2014-03-24 13:06 - 2016-02-21 17:02 - 1065984 _____ () C:\Users\Moritz\AppData\Local\file__0.localstorage
2017-01-05 16:38 - 2017-01-05 16:38 - 0006787 _____ () C:\Users\Moritz\AppData\Local\recently-used.xbel
2014-02-01 22:14 - 2017-02-19 01:09 - 0007622 _____ () C:\Users\Moritz\AppData\Local\resmon.resmoncfg
2014-02-02 10:53 - 2014-02-02 10:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
2017-01-24 21:40 - 2017-01-24 21:40 - 0739904 _____ (Oracle Corporation) C:\Users\Moritz\AppData\Local\Temp\jre-8u121-windows-au.exe
2017-01-28 14:08 - 2017-01-28 14:09 - 429088496 _____ (AMD Inc.) C:\Users\Moritz\AppData\Local\Temp\tmp510C.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-02-13 13:45

==================== Ende von FRST.txt ============================
         

Geändert von Jens85 (19.02.2017 um 17:31 Uhr)

Alt 19.02.2017, 17:31   #2
Jens85
 
Virenprüfung meldet infizierte Dateien mit Win32:DH - Standard

Virenprüfung meldet infizierte Dateien mit Win32:DH



Addition
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-02-2017 01
durchgeführt von Moritz (19-02-2017 17:17:17)
Gestartet von C:\Users\Moritz\Desktop\FRST_64
Windows 7 Ultimate Service Pack 1 (X64) (2014-02-01 19:46:13)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2295199210-3298315446-242086744-500 - Administrator - Disabled)
Gast (S-1-5-21-2295199210-3298315446-242086744-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-2295199210-3298315446-242086744-1002 - Limited - Enabled)
Moritz (S-1-5-21-2295199210-3298315446-242086744-1000 - Administrator - Enabled) => C:\Users\Moritz

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ACP Application (Version: 2016.1223.1210.58 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.4.154 - Adobe Systems, Inc.)
Alternative Look for Triss (HKLM-x32\...\Alternative Look for Triss_is1) (Version: 1.0.0.0 - GOG.com)
Alternative Look for Yennefer (HKLM-x32\...\Alternative Look for Yennefer_is1) (Version: 1.0.0.0 - GOG.com)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Any Video Converter 5.5.5 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{0E4C791E-B78E-477D-BD5A-CDD0985BA6EC}) (Version: 7.0.20622.1 - Microsoft Corporation)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Assassin's Creed(R) III v1.03 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.03 - Ubisoft)
ASUS Xonar DG Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version:  - )
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.1.2286 - AVAST Software)
Azure AD Authentication Connected Service (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Ballad Heroes - Neutral Gwent Card Set (HKLM-x32\...\Ballad Heroes - Neutral Gwent Card Set_is1) (Version: 1.0.0.0 - GOG.com)
Battlefield 4â„¢ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Beard and Hairstyle Set (HKLM-x32\...\Beard and Hairstyle Set_is1) (Version: 1.0.0.0 - GOG.com)
BioShock Remastered (HKLM\...\Steam App 409710) (Version:  - 2K Boston)
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blender (HKLM\...\Blender) (Version: 2.74 - Blender Foundation)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - Treyarch)
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - Treyarch)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
Canon iP2700 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2700_series) (Version:  - Canon Inc.)
Catalyst Control Center Next Localization BR (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5844 - CDBurnerXP)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CrystalDiskInfo 6.1.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.1 - Crystal Dew World)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
DARK SOULS III (HKLM-x32\...\Steam App 374320) (Version:  - FromSoftware, Inc.)
Day of the Tentacle Remastered (HKLM\...\Steam App 388210) (Version:  - Double Fine Productions)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dotfuscator and Analytics Community Edition 5.22.0 (x32 Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
Driver Sweeper Version 3.2.0 (HKLM-x32\...\{5A67D2EA-FB70-4033-A6F3-606AD85B2015}_is1) (Version: 3.2.0 - Phyxion.net)
Druckerdeinstallation für EPSON Remote Print (HKLM\...\EPSON Remote Print) (Version:  - SEIKO EPSON Corporation)
Druckerdeinstallation für EPSON WF-3520 Series (HKLM\...\EPSON WF-3520 Series) (Version:  - SEIKO EPSON Corporation)
Edimax Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D12314F45EB}) (Version: 1.00.0165 - Edimax Technology Co.)
Elite Crossbow Set (HKLM-x32\...\Elite Crossbow Set_is1) (Version: 1.0.0.0 - GOG.com)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.1.1 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print 2 (HKLM-x32\...\{02A312B5-1542-47B6-BFE9-F51358C39E86}) (Version: 2.4.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM-x32\...\{8F01524C-0676-4CC1-B4AE-64753C723391}) (Version: 3.01.0005 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{CEC98C2A-9ED5-49DA-9F3A-92434E0A4FA3}) (Version: 1.19.0000 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.46.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version:  - )
EPSON Printer Finder (HKLM-x32\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EpsonNet Config V4 (HKLM-x32\...\{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version:  - Bethesda Game Studios)
Firewatch (HKLM-x32\...\Steam App 383870) (Version:  - Campo Santo)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Func KB-460 Settings software (HKLM-x32\...\{8918A402-4EEF-489F-940F-DC25BEEFA6FF}_sbay) (Version:  - )
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version:  - Greenheart Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Geeks3D FurMark 1.17.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
GRID 2 (HKLM-x32\...\Steam App 44350) (Version:  - Codemasters Racing)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
H1Z1 (HKLM-x32\...\Steam App 295110) (Version:  - Sony Online Entertainment)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Half-Life 2: Deathmatch (HKLM-x32\...\Steam App 320) (Version:  - Valve)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
Hotline Miami 2 - Wrong Number (HKLM-x32\...\1424773427_is1) (Version: 2.3.0.4 - GOG.com)
HWiNFO64 Version 4.40 (HKLM\...\HWiNFO64_is1) (Version: 4.40 - Martin MalÃ*k - REALiX)
Insurgency (HKLM-x32\...\Steam App 222880) (Version:  - New World Interactive)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{6F73FF93-0B55-4194-AE45-C19DA1F33E97}) (Version: 6.0.3 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
Kits Configuration Installer (x32 Version: 8.59.25584 - Microsoft) Hidden
Kyocera Product Library (HKLM\...\Kyocera Product Library) (Version: 4.2.1909 - KYOCERA Document Solutions Inc.)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Livestreamer 1.11.1 (HKLM-x32\...\Livestreamer) (Version:  - )
Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.109 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.109 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Updates (HKLM-x32\...\{79b486b9-c5f0-4096-a00c-8351f59587c2}) (Version: 14.0.25420.1 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{68ADAEAA-DABD-45C1-9CC2-F995407549CD}) (Version: 7601 - Microsoft)
Mount and Blade (HKLM-x32\...\1207666893_is1) (Version: 2.0.0.4 - GOG.com)
Mozilla Firefox 51.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
New Quest - Contract Missing Miners (HKLM-x32\...\New Quest - Contract Missing Miners_is1) (Version: 1.0.0.0 - GOG.com)
New Quest - Fool's Gold (HKLM-x32\...\New Quest - Fool's Gold_is1) (Version: 1.0.0.0 - GOG.com)
New Quest - Scavenger Hunt - Wolf School Gear (HKLM-x32\...\New Quest - Scavenger Hunt: Wolf School Gear_is1) (Version: 1.0.0.0 - GOG.com)
Nilfgaardian Armor Set (HKLM-x32\...\Nilfgaardian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
Nosgoth (HKLM-x32\...\Steam App 200110) (Version: 141106.96623 - Square Enix Ltd)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenVPN 2.3.6-I601  (HKLM\...\OpenVPN) (Version: 2.3.6-I601 - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.3.15631 - Electronic Arts, Inc.)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Pixum Fotowelt (HKLM-x32\...\Pixum Fotowelt) (Version: 6.1.2 - CEWE Stiftung u Co. KGaA)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
RAD Video Tools (HKLM-x32\...\RADVideo) (Version:  - )
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
ROCCAT Kone Pure Optical Mouse Driver (HKLM-x32\...\{22D40E66-0D41-45A3-A8A1-90B8A38D9A68}) (Version:  - Roccat GmbH)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.0.8 - Rockstar Games)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.25431 - Microsoft Corporation) Hidden
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
S.T.A.L.K.E.R. German Uncut Trilogy Edition 1.0 (HKLM-x32\...\S.T.A.L.K.E.R. German Uncut Trilogy Edition 1.0) (Version:  - )
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
SDK Debuggers (x32 Version: 8.59.29746 - Microsoft Corporation) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
SILKYPIX Developer Studio 3.1 SE (HKLM-x32\...\InstallShield_{0A04086B-0B71-43C3-95EF-FDFC4C18D161}) (Version: 3 - Ichikawa Soft Laboratory)
SILKYPIX Developer Studio 3.1 SE (x32 Version: 3 - Ichikawa Soft Laboratory) Hidden
SketchUp 2017 (HKLM\...\{5A8C61BD-0912-4B76-805E-4EDE5E13298C}) (Version: 17.1.174 - Trimble Navigation Limited)
Sleeping Dogsâ„¢ (HKLM-x32\...\Steam App 202170) (Version:  - United Front Games)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15044.7 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.0.15044.7 - Samsung Electronics Co., Ltd.) Hidden
SmartGit (HKLM-x32\...\SmartGit c:/program files (x86)/smartgit_is1) (Version:  - syntevo GmbH)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
Software Updater (HKLM-x32\...\{6DFBE8A2-CDBF-453E-B34C-32F202FCEE4C}) (Version: 4.2.1 - SEIKO EPSON CORPORATION)
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
Source SDK Base 2006 (HKLM-x32\...\Steam App 215) (Version:  - Valve)
Spotify (HKU\S-1-5-21-2295199210-3298315446-242086744-1000\...\Spotify) (Version: 1.0.16.104.g3b776c9e - Spotify AB)
Star Swarm Stress Test (HKLM-x32\...\Steam App 267130) (Version:  - Oxide Games)
Star Wars Republic Commando (HKLM-x32\...\Steam App 6000) (Version:  - LucasArts)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Stronghold Crusader 2 (HKLM\...\Steam App 232890) (Version:  - FireFly Studios)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (x32 Version: 14.102.25619 - Microsoft) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.25790 - TeamViewer)
Temerian Armor Set (HKLM-x32\...\Temerian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Walking Dead: A New Frontier (HKLM\...\Steam App 536220) (Version:  - Telltale Games)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.6.0 - GOG.com)
True Image 2013 (HKLM-x32\...\{4AA75223-6CBF-46F4-8EE4-7BF0591089F7}Visible) (Version: 16.0.6514 - Acronis)
True Image 2013 (x32 Version: 16.0.6514 - Acronis) Hidden
TypeScript Power Tool (x32 Version: 1.8.34.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.36.0 - Microsoft Corporation) Hidden
Unity (HKLM-x32\...\Unity) (Version: 5.5.0f3 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-2295199210-3298315446-242086744-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 4.2 - Ubisoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VS Update core components (x32 Version: 14.0.25431 - Microsoft Corporation) Hidden
vs_update3notification (x32 Version: 14.0.25431 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Deployment Tools (HKLM-x32\...\{BFC9778E-9765-C94C-C082-C2514F8DEB9B}) (Version: 8.59.25584 - Microsoft)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows PE x86 x64 (HKLM-x32\...\{F89D69CA-6EE1-E037-DD3B-08CDDE1BED1C}) (Version: 8.59.25584 - Microsoft)
Windows PE x86 x64 wims (HKLM-x32\...\{85F4ACB1-E7DC-C3C6-F4FD-BB936DF2695E}) (Version: 8.59.25584 - Microsoft)
Windows Software Development Kit (HKLM-x32\...\{363a2c1e-637f-45ce-933b-5a5463efd945}) (Version: 8.59.29750 - Microsoft Corporation)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Worms Clan Wars (HKLM-x32\...\Steam App 233840) (Version:  - Team17 Digital Ltd)
Worms Revolution (HKLM-x32\...\Steam App 200170) (Version:  - Team17 Digital Ltd.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2295199210-3298315446-242086744-1000_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2295199210-3298315446-242086744-1000_Classes\CLSID\{25815CC0-43F4-3C75-8C3A-A139D9ADE740}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2295199210-3298315446-242086744-1000_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2295199210-3298315446-242086744-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {1115AF7F-56C9-47A7-8828-A5C6A5A56119} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {2175CC94-DF29-4050-A204-C6862C86A73F} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [2016-06-20] (Microsoft Corporation)
Task: {2F7ECD5A-49A4-4B39-ADB6-90A35A5A8571} - System32\Tasks\{3EF969C1-230F-4C85-837A-38BC5527D691} => Firefox.exe hxxp://ui.skype.com/ui/0/7.12.80.101/de/abandoninstall?page=tsProgressBar
Task: {313BBAC0-B0CE-488F-8189-518B0C9AFF23} - System32\Tasks\SafeZone scheduled Autoupdate 1461831637 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe 
Task: {3824FB2D-EDF7-4602-9D27-66D3F4ABB7BF} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2016-12-23] (Advanced Micro Devices, Inc.)
Task: {3B544326-D40E-486D-BB94-F7ED8B065A37} - System32\Tasks\PCMeter\Startup => C:\Users\Moritz\Downloads\network meter\PCMeterV4\PCMeterV0.4.exe [2013-11-05] (AddGadgets)
Task: {3BC6704D-33F0-4CE7-AE7E-3E6869F61CCC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {3FDC4290-414E-423E-B951-5461E645FBA7} - System32\Tasks\{AE8D2FA2-1FA0-4FB0-B984-D9D50CEB0C70} => pcalua.exe -a C:\Users\Moritz\Downloads\iview437g_setup(1).exe -d C:\Users\Moritz\Downloads
Task: {6A8BBF8A-FC41-4B98-A830-9F96547B56B8} - System32\Tasks\{A9B95B13-260E-46B0-9C7D-C402B89FAACD} => pcalua.exe -a F:\SETUP.EXE -d F:\
Task: {6D887FBC-9C90-4C7A-A77F-79252CD57BB8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {98E8D6FC-7A7C-43DF-B27F-14E0826F76FF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {BE01862F-FD61-45FA-A951-5BB4F61DB955} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-02-16] (AVAST Software)
Task: {C6861602-9B6F-47E4-B964-62175A3B6E76} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2295199210-3298315446-242086744-1000
Task: {CAD7C128-9F9F-429E-AEA3-9C1B3AB2EBE3} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
Task: {F2EA2F54-A3A3-428D-9168-19D87223A5CC} - System32\Tasks\{276C619C-62DD-43E3-815B-3BEEDEDC334B} => pcalua.exe -a "E:\Programme\Steam\steamapps\common\Left 4 Dead 2\bin\addoninstaller.exe" -d "E:\Programme\Steam\steamapps\common\Left 4 Dead 2" -c /register

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2013-03-27 21:39 - 2013-03-27 21:39 - 00021824 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\x64\ti_managers_proxy_stub.dll
2014-06-08 23:56 - 2008-07-11 15:04 - 00200704 _____ () C:\Windows\SysWOW64\HsMgr.exe
2014-04-01 14:14 - 2008-07-11 15:03 - 00282112 _____ () C:\Windows\system\HsMgr64.exe
2014-02-03 20:49 - 2014-02-03 20:49 - 00012520 _____ () C:\Users\Moritz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\CoreTempReader.dll
2014-02-03 20:49 - 2014-02-03 20:49 - 00015080 _____ () C:\Users\Moritz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\GetCoreTempInfoNET.dll
2014-02-03 20:49 - 2014-02-03 20:49 - 00014056 _____ () C:\Users\Moritz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\SystemInfo.dll
2017-01-15 15:51 - 2014-06-27 14:15 - 01750528 _____ () C:\Program Files (x86)\Func\KB-460\KB-460_Core.exe
2015-03-13 14:54 - 2015-03-13 14:54 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-02-04 21:52 - 2014-04-20 14:43 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2017-02-16 22:08 - 2017-02-16 22:08 - 00162600 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
2017-02-16 22:08 - 2017-02-16 22:08 - 00792656 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
2017-02-16 22:08 - 2017-02-16 22:08 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-02-18 15:17 - 2017-02-18 15:17 - 05979224 _____ () C:\Program Files\AVAST Software\Avast\defs\17021801\algo.dll
2017-02-16 22:08 - 2017-02-16 22:08 - 00655056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-10-25 18:08 - 2011-04-19 14:56 - 00143360 ____N () C:\Program Files\ASUS Xonar DG Audio\Customapp\VmixP8.dll
2016-08-07 09:30 - 2016-08-07 09:30 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-02-16 22:08 - 2017-02-16 22:08 - 00289328 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2013-03-27 23:37 - 2013-03-27 23:37 - 13627872 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2013-01-10 12:43 - 2013-01-10 12:43 - 00014360 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll
2017-01-15 16:23 - 2012-10-01 18:53 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kone Pure Optical Mouse\hiddriver.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-02-13 17:19 - 2009-12-09 21:20 - 00126976 _____ () C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\EnumDevLib.dll
2014-02-02 11:13 - 2013-09-03 16:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-03-27 21:09 - 2013-03-27 21:09 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2013-03-27 21:36 - 2013-03-27 21:36 - 00021312 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2295199210-3298315446-242086744-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2295199210-3298315446-242086744-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2295199210-3298315446-242086744-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2295199210-3298315446-242086744-1000\...\sony.com -> sony.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2295199210-3298315446-242086744-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Moritz\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\startupfolder: C:^Users^Moritz^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Cmaudio8788 => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
MSCONFIG\startupreg: Cmaudio8788GX => C:\Windows\syswow64\HsMgr.exe Envoke
MSCONFIG\startupreg: Cmaudio8788GX64 => C:\Windows\system\HsMgr64.exe Envoke
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: EPLTarget => 
MSCONFIG\startupreg: FUFAXRCV => "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"
MSCONFIG\startupreg: FUFAXSTM => "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
MSCONFIG\startupreg: GalaxyClient => 
MSCONFIG\startupreg: HydraVisionDesktopManager => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: Spotify => "C:\Users\Moritz\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Moritz\AppData\Roaming\Spotify\SpotifyWebHelper.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{9F48DC17-C632-40B9-B6CC-C749FEE8F505}C:\users\moritz\desktop\microsoft.toolkit.v2.4.5\microsoft toolkit.exe] => (Block) C:\users\moritz\desktop\microsoft.toolkit.v2.4.5\microsoft toolkit.exe
FirewallRules: [UDP Query User{C47FBBE4-221C-4A67-8837-7A9CAA8BFDE4}C:\users\moritz\desktop\microsoft.toolkit.v2.4.5\microsoft toolkit.exe] => (Block) C:\users\moritz\desktop\microsoft.toolkit.v2.4.5\microsoft toolkit.exe
FirewallRules: [{A252124C-789B-4CCB-9296-A5BB6E432880}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [{D9CB8CF5-B053-4444-9374-970CC9723693}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [TCP Query User{1FEDF8B8-3AB5-41C2-92E1-1F9FF81C2E3E}C:\users\moritz\desktop\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe] => (Allow) C:\users\moritz\desktop\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe
FirewallRules: [UDP Query User{270380D9-80FB-41C3-A882-E35A7BA57E10}C:\users\moritz\desktop\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe] => (Allow) C:\users\moritz\desktop\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe
FirewallRules: [TCP Query User{ED07AD7E-3AF6-4114-8A21-009585115235}C:\users\moritz\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\moritz\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{CAC1056C-04D1-4FBD-B0C6-E31781E990D2}C:\users\moritz\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\moritz\appdata\roaming\spotify\spotify.exe
FirewallRules: [{835761BC-EC5F-4FA0-85F0-5ED6EE4190E6}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{6E3BCFF2-261C-4427-AE80-9353E04A6560}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [TCP Query User{5F890B29-C7E6-462E-A803-D5AC3C10B647}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{B802124F-A6D7-4849-AC50-E92D1D8BEF2F}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{4AB85895-9616-4292-BE0D-0AB33A55F89D}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{2D1FC328-3892-4123-9872-277B9CEC3ECB}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{F243356A-171C-49AF-97B7-3B67679411E0}] => (Allow) E:\Programme\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{3AD70C31-E055-4C3B-B3F3-1EE8626D2F72}] => (Allow) E:\Programme\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{1E9817E7-EC93-4E70-B501-0255782E5409}] => (Allow) E:\Programme\Team Viewer 9\TeamViewer.exe
FirewallRules: [{DC079025-4EE8-46FB-B0A2-E69804592552}] => (Allow) E:\Programme\Team Viewer 9\TeamViewer.exe
FirewallRules: [{F6A23DAD-C4BA-4BA2-AEDA-D9F30038B647}] => (Allow) E:\Programme\Team Viewer 9\TeamViewer_Service.exe
FirewallRules: [{D5025577-8916-4148-9578-E467DE9F4357}] => (Allow) E:\Programme\Team Viewer 9\TeamViewer_Service.exe
FirewallRules: [{66FDFD22-8967-4518-A622-EA700C4E3ADB}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{846B3CF1-9334-4EF9-8E35-624FA05276D9}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{1C3941DA-6072-4ED0-969C-B2D06D0EF8E5}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [{AE3E2EB6-60B1-40FD-82D3-C6713B632B33}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [{121EA7B1-4A8A-4F57-BE8F-651A57473C6B}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [{7B3A6EAE-79A9-4149-9006-4E2D85EE0413}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [{21C3FC04-0454-4CEC-A22F-A03D36A0EF35}] => (Allow) E:\Programme\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{5BAE880F-8396-4A5C-8F9E-FAF6B00F6CF0}] => (Allow) E:\Programme\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{5E5BDF55-2B94-474E-A299-3ECFFE013878}] => (Allow) E:\Programme\Steam\SteamApps\common\Half-Life 2 Deathmatch\hl2.exe
FirewallRules: [{A463E25A-51BE-4C01-A6AE-D60D5B4036F9}] => (Allow) E:\Programme\Steam\SteamApps\common\Half-Life 2 Deathmatch\hl2.exe
FirewallRules: [{1F3AE00A-4009-40A7-AC96-B723739FA96B}] => (Allow) E:\Programme\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{9A9C40DB-49E9-42C5-93F0-F379185FB3B4}] => (Allow) E:\Programme\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{55029BE0-8F2D-4DE3-B801-CD32B295EEC2}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{A020E013-F054-4AD3-AB62-4B16B21ECA4D}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{9F2DE602-1069-4763-8893-8E89EDAF5A71}] => (Allow) E:\Programme\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{AA991D56-6514-4129-8D8A-E56F3E772D22}] => (Allow) E:\Programme\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{3A7EC411-FE92-4B01-BD5A-55B2D14A7CBA}] => (Allow) E:\Programme\Steam\SteamApps\common\Star Swarm Benchmark\StarSwarmLauncher.exe
FirewallRules: [{7D44FF47-F694-4F33-8102-5C24E82B33C8}] => (Allow) E:\Programme\Steam\SteamApps\common\Star Swarm Benchmark\StarSwarmLauncher.exe
FirewallRules: [{317F0B43-5E45-4370-AAC1-EEE35C049984}] => (Allow) C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{FE9DF765-320D-4DB2-8B53-9CAA58269692}] => (Allow) C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{A4967B98-9263-4D9A-86BD-E45EB81131D9}] => (Allow) LPort=1542
FirewallRules: [{0B39CF90-9205-4D4D-8AE0-DD57E95FB7E8}] => (Allow) LPort=1542
FirewallRules: [{A7564107-3D25-45CE-AE76-ACD34F690568}] => (Allow) LPort=53
FirewallRules: [TCP Query User{366E93D3-2AFD-4CBB-8120-553F448EB7CD}E:\downloads\ldbm\lichdom battlemage\bin32\lichdombattlemage.exe] => (Block) E:\downloads\ldbm\lichdom battlemage\bin32\lichdombattlemage.exe
FirewallRules: [UDP Query User{E4205812-FA12-4EBC-B457-E34DD51C6EA9}E:\downloads\ldbm\lichdom battlemage\bin32\lichdombattlemage.exe] => (Block) E:\downloads\ldbm\lichdom battlemage\bin32\lichdombattlemage.exe
FirewallRules: [TCP Query User{0C9CB934-4D96-410F-AE9A-FBBB39DD1D46}E:\downloads\goa-goy-p2p\goat simulator goat of the year edition-p2p\p2p-goat\p2p-goat\goatsim\binaries\win32\goatgame-win32-shipping.exe] => (Block) E:\downloads\goa-goy-p2p\goat simulator goat of the year edition-p2p\p2p-goat\p2p-goat\goatsim\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [UDP Query User{CCFA0A18-E8D0-4021-AD9D-E653C3EF5568}E:\downloads\goa-goy-p2p\goat simulator goat of the year edition-p2p\p2p-goat\p2p-goat\goatsim\binaries\win32\goatgame-win32-shipping.exe] => (Block) E:\downloads\goa-goy-p2p\goat simulator goat of the year edition-p2p\p2p-goat\p2p-goat\goatsim\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [TCP Query User{6EA67949-9DF2-4784-B4F6-47E0AAD28836}E:\downloads\goat sim\goat simulator goat of the year edition-p2p\p2p-goat\p2p-goat\goatsim\binaries\win32\goatgame-win32-shipping.exe] => (Block) E:\downloads\goat sim\goat simulator goat of the year edition-p2p\p2p-goat\p2p-goat\goatsim\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [UDP Query User{80CA1D36-2FB0-4E22-BF13-41753E818971}E:\downloads\goat sim\goat simulator goat of the year edition-p2p\p2p-goat\p2p-goat\goatsim\binaries\win32\goatgame-win32-shipping.exe] => (Block) E:\downloads\goat sim\goat simulator goat of the year edition-p2p\p2p-goat\p2p-goat\goatsim\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [{3145218B-FBD9-4AFB-B133-A17A32A36721}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{FB3370E0-A42A-4CEB-A804-0732635AAA1A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3BDCF098-75A1-4E34-AB24-C9D24E006CA4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A5CF7C33-9FAF-45C4-AF2A-5555FF10BEE4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{FDB386EA-9777-4ED8-BA56-2EFDAF991A5D}] => (Allow) E:\Programme\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{F22D6293-39FE-4BAC-A133-76E4FC2C6719}] => (Allow) E:\Programme\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{B0000A8C-E298-4B92-912E-70A5B41A10B6}] => (Allow) E:\Programme\Assasins Creed III\AC3SP.exe
FirewallRules: [{C39FED0D-95CD-4650-BEA6-BAC67B2D7D55}] => (Allow) E:\Programme\Assasins Creed III\AC3SP.exe
FirewallRules: [{D7BACB0B-A225-440C-96A2-1030C117C0C2}] => (Allow) E:\Programme\Assasins Creed III\AC3MP.exe
FirewallRules: [{FF5C97D6-0669-4131-8FD9-06768CD84BB7}] => (Allow) E:\Programme\Assasins Creed III\AC3MP.exe
FirewallRules: [{FA392126-FEA6-45DC-B9E6-6DB4A5009572}] => (Allow) E:\Programme\Assasins Creed III\AssassinsCreed3.exe
FirewallRules: [{7C713F40-8DF5-4DC1-AFBB-1FBE1A177F6E}] => (Allow) E:\Programme\Assasins Creed III\AssassinsCreed3.exe
FirewallRules: [{80C79962-F0F8-4107-9707-DAEA51C6BA1C}] => (Allow) E:\Programme\Steam\SteamApps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{55AD4AE4-2AE6-472E-A7FD-BF390AD51AA5}] => (Allow) E:\Programme\Steam\SteamApps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{01C37433-0382-462F-85EE-D1ECD5B5BC33}] => (Allow) E:\Programme\Steam\SteamApps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{20E7E8A9-B9E1-43FE-9B5A-046FC0C3A18B}] => (Allow) E:\Programme\Steam\SteamApps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{175897FA-452C-49A0-990B-36D3A2EFA861}] => (Allow) E:\Programme\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{C1DED10E-3BA3-4733-B569-BA6471C02A47}] => (Allow) E:\Programme\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{BAADD536-7203-4158-B9A8-51F54163C1AF}] => (Allow) E:\Programme\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{126C9FCC-B3A4-4751-A195-715C4DBCA19B}] => (Allow) E:\Programme\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [TCP Query User{8043B5FC-DA6F-49CA-839E-CC41ED1D5FE0}E:\programme\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe] => (Allow) E:\programme\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe
FirewallRules: [UDP Query User{7528866E-B88D-494A-B442-718E97848541}E:\programme\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe] => (Allow) E:\programme\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe
FirewallRules: [{FF058A66-A2B5-422C-BCF3-E4F900AB3221}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{C4FD885D-09FE-4E02-858E-4B2E29222FCB}] => (Allow) E:\Programme\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{64BA3D36-2928-4A39-9A0F-CE165CACCA62}] => (Allow) E:\Programme\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [TCP Query User{BAA949F5-3D1C-4319-963A-D5B291812238}E:\programme\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) E:\programme\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{6EE8280D-7E91-4225-B1C8-904648C34D72}E:\programme\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) E:\programme\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [TCP Query User{78097B75-6F31-4C81-9A7D-F78371BCC7FF}E:\programme\steam\steamapps\common\chivalrymedievalwarfare\cdw\binaries\win64\cdw.exe] => (Allow) E:\programme\steam\steamapps\common\chivalrymedievalwarfare\cdw\binaries\win64\cdw.exe
FirewallRules: [UDP Query User{B71BC5AE-6458-45DA-9A2D-7CC437F76242}E:\programme\steam\steamapps\common\chivalrymedievalwarfare\cdw\binaries\win64\cdw.exe] => (Allow) E:\programme\steam\steamapps\common\chivalrymedievalwarfare\cdw\binaries\win64\cdw.exe
FirewallRules: [{DC8BB13D-638B-4F72-90D7-26D9BAAD45E8}] => (Allow) E:\Programme\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{64513FC1-06CC-4650-8A0B-45F58EB0C62F}] => (Allow) E:\Programme\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{2661D080-2A6D-445E-ABB2-99A9A73AEA31}] => (Allow) E:\Programme\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{9825C8BA-734B-48D1-B127-BD9BD927854C}] => (Allow) E:\Programme\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{9B67DD18-3377-4A3F-9827-26DBB199CEF5}] => (Allow) E:\Programme\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{2A045AAC-3F12-400E-B4C6-35D9BA741DB4}] => (Allow) E:\Programme\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [TCP Query User{BF6A92E6-0F95-40A4-AD0A-17E468A62832}I:\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe] => (Block) I:\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe
FirewallRules: [UDP Query User{7B15D0FE-4DA4-41DF-9125-527ECB87AD80}I:\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe] => (Block) I:\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe
FirewallRules: [{84D1E065-51FF-4567-A449-A363D143FD10}] => (Allow) E:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{23CF9A31-CD04-4AF3-9978-B23DDB60CC5A}] => (Allow) E:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{6FA92CD7-0ABC-4772-AE06-C6CDD433280E}] => (Allow) E:\Programme\Steam\SteamApps\common\grid 2\grid2.exe
FirewallRules: [{C6E4FE6E-A4CD-4070-964D-7A733431B654}] => (Allow) E:\Programme\Steam\SteamApps\common\grid 2\grid2.exe
FirewallRules: [{0BE50CA4-1562-4FA3-AB1A-51D3B9725FF1}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{DF853EA3-0BD6-4760-911D-7868114CE916}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{7C7BA48E-930C-4FFD-A107-D61237E4EEF4}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{07BA5C2B-EC8C-4FDF-9909-D0B96DA0924D}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{D2C623EA-C39C-4F52-B95E-006BFEBB4A0D}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{9F32FD7E-E274-429D-8366-442BA260C3FC}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{F9970860-B3C3-40DA-9FEA-36130036CFBC}] => (Allow) E:\Programme\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{21DED4B3-AD60-4E3C-909F-BF803A8370AD}] => (Allow) E:\Programme\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{529CC96F-B359-4462-9F4C-1DE5AA7874C8}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{5B24E472-D439-4BB2-828F-316419EA973A}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{C6A5902A-220F-4C2A-9503-EF5F4AC78A61}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{B689282E-E994-42E2-B83B-C551AA42400F}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{E478F2D4-3D92-459A-8CB5-120C5B63D8B5}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{3C2EB2E1-DC55-4F68-A2DD-D1AF6F774D74}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{665CA9D4-E4E9-4F15-8183-EF19E2441128}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{8C931A00-EB42-48FF-8A01-33EC9495BB22}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{4FACA160-C14A-43EB-AAE4-8EF15D0D4BE7}E:\programme\wolfenstein the new order\wolfenstein the new order german\wolfneworder_x64.exe] => (Block) E:\programme\wolfenstein the new order\wolfenstein the new order german\wolfneworder_x64.exe
FirewallRules: [UDP Query User{CDDF2E14-32F3-4D4D-9D41-F0465B640AEE}E:\programme\wolfenstein the new order\wolfenstein the new order german\wolfneworder_x64.exe] => (Block) E:\programme\wolfenstein the new order\wolfenstein the new order german\wolfneworder_x64.exe
FirewallRules: [{9B6590AC-50A6-4DE8-927A-713388A6EF44}] => (Allow) E:\Programme\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{4B5ED7AE-90A4-4ABA-A28E-A40346F6943F}] => (Allow) E:\Programme\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{AA611099-568A-4A41-9AAC-810C5FFDA3B9}] => (Allow) E:\Programme\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{74FC100C-4BAC-4CDC-B825-93242412C57D}] => (Allow) E:\Programme\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{6653207C-500F-4FAD-94B3-0ABC8DD2BF34}] => (Allow) E:\Programme\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{9D57DCA7-53A1-4660-B490-9B6B64B5C9A1}] => (Allow) E:\Programme\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{08A409A9-D7BF-43E3-A602-65216779DD96}] => (Allow) E:\Programme\Steam\SteamApps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{165F398A-1093-4883-9930-4DC59D7A4765}] => (Allow) E:\Programme\Steam\SteamApps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [TCP Query User{28BFD208-5463-451D-94E1-1B9BC7DDA854}E:\programme\far cry 4\far cry 4\bin\farcry4.exe] => (Block) E:\programme\far cry 4\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{F430BED3-DACD-4A1F-88B6-8125CB8E63D7}E:\programme\far cry 4\far cry 4\bin\farcry4.exe] => (Block) E:\programme\far cry 4\far cry 4\bin\farcry4.exe
FirewallRules: [{F3CF7B63-D80B-4626-9029-C3BF55B2CF25}] => (Allow) E:\Programme\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{FB1F6F93-A4A3-4684-AB92-851ECC9297D6}] => (Allow) E:\Programme\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [TCP Query User{47DFBE5E-499F-48FB-A181-A35E7E762637}E:\programme\company of heroes 2\company of heroes 2\reliccoh2.exe] => (Block) E:\programme\company of heroes 2\company of heroes 2\reliccoh2.exe
FirewallRules: [UDP Query User{C96B953B-DB6E-4941-A4B0-757A33578997}E:\programme\company of heroes 2\company of heroes 2\reliccoh2.exe] => (Block) E:\programme\company of heroes 2\company of heroes 2\reliccoh2.exe
FirewallRules: [{6600AB11-F4FF-4FD3-9D44-F0B249663B05}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1DA234D1-3ED1-4400-8104-167385FCE302}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EAD6A776-C1A3-4BDC-B419-DF3CC12C0281}] => (Allow) E:\Programme\Steam\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [{8DFDB7EA-96C6-45B2-806A-E24B2A0BE02C}] => (Allow) E:\Programme\Steam\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [{3406CBDC-A022-455E-BB26-CC45A7BDC392}] => (Allow) E:\Programme\Steam\SteamApps\common\WormsRevolution\WormsRevolution.exe
FirewallRules: [{9F1AFE9D-5508-49CB-9F76-19A4F1388C63}] => (Allow) E:\Programme\Steam\SteamApps\common\WormsRevolution\WormsRevolution.exe
FirewallRules: [TCP Query User{D2A0A427-23FF-4D9D-8134-4183278B5592}E:\programme\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) E:\programme\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{BB4B8E49-7A11-4BAB-A749-FCCC4A871E71}E:\programme\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) E:\programme\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [TCP Query User{33541720-48A2-41D5-B528-AFCC0CF1ECF2}E:\programme\dying light\dying light\dyinglightgame.exe] => (Block) E:\programme\dying light\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{E7FE5F35-8063-4089-A883-EF3A7724016D}E:\programme\dying light\dying light\dyinglightgame.exe] => (Block) E:\programme\dying light\dying light\dyinglightgame.exe
FirewallRules: [{22B672A0-D761-4D6A-B4B7-F64FABA1730A}] => (Allow) E:\Programme\Steam\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{779CBB8F-8927-4CD5-8C2B-CC259FE52F6F}] => (Allow) E:\Programme\Steam\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [TCP Query User{193929A9-9386-4D63-B5DE-CC7661484202}C:\Program Files\OpenVPN\bin\openvpn.exe] => (Allow) C:\Program Files\OpenVPN\bin\openvpn.exe
FirewallRules: [UDP Query User{DC2D5FCA-16D0-4E27-9B83-EC738B51CA07}C:\Program Files\OpenVPN\bin\openvpn.exe] => (Allow) C:\Program Files\OpenVPN\bin\openvpn.exe
FirewallRules: [{4D423F66-D8AB-44AE-B01D-52B03B7936A9}] => (Allow) E:\Programme\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{40ECA176-3CFC-4AAA-B20F-3BFAEF91CB3A}] => (Allow) E:\Programme\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{272BC383-A829-406C-8C0A-BA2A18DB9D3D}] => (Allow) E:\Programme\Steam\SteamApps\common\Rust\Rust.exe
FirewallRules: [{81AC5D42-A04C-4704-8003-C94FA45248AA}] => (Allow) E:\Programme\Steam\SteamApps\common\Rust\Rust.exe
FirewallRules: [{CE5FCD03-2C17-4E78-9FE8-E32BFB8C766E}] => (Allow) E:\Programme\Steam\SteamApps\common\Rust\Legacy\rust.exe
FirewallRules: [{80ADC9D8-30D7-46CB-9C3C-C463D2694D0F}] => (Allow) E:\Programme\Steam\SteamApps\common\Rust\Legacy\rust.exe
FirewallRules: [TCP Query User{15093DF0-A055-4F42-818E-66F84A7278EC}G:\sonstiges\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe] => (Block) G:\sonstiges\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe
FirewallRules: [UDP Query User{1DD764AC-D614-4A76-939D-786695796C92}G:\sonstiges\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe] => (Block) G:\sonstiges\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe
FirewallRules: [{83CBA4A7-FCF9-4C14-A527-B59199D5C001}] => (Allow) E:\Programme\Steam\SteamApps\common\SleepingDogs\HKShip.exe
FirewallRules: [{8C2F0E84-AC94-402E-B080-C6EB616FD081}] => (Allow) E:\Programme\Steam\SteamApps\common\SleepingDogs\HKShip.exe
FirewallRules: [TCP Query User{3D3EDF22-206C-4139-AFB2-752C8EAC0058}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{7FD67DD5-19BC-4901-9220-9CFD16E7FD94}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{A84CCA9C-2775-4DAD-877C-10B3B4AD35F2}] => (Allow) E:\Programme\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{FC829EE0-E9A9-4271-9078-8672DD52B3DA}] => (Allow) E:\Programme\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [TCP Query User{EF1E5EBD-355C-49A5-A72B-D2ACF6FF392B}E:\programme\gta 5\gta5.exe] => (Allow) E:\programme\gta 5\gta5.exe
FirewallRules: [UDP Query User{C3156579-4BF6-4C2B-A2A8-176C03CC8DCA}E:\programme\gta 5\gta5.exe] => (Allow) E:\programme\gta 5\gta5.exe
FirewallRules: [{BCCB1445-8058-41A8-9FCD-E8EC324CC440}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{A5FEE466-AE08-46A6-AC39-61D8CB376579}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{8608C00B-E65E-41B2-9F1B-6C2028BE69E0}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{2D9703EB-DBEA-47B8-8E9F-04D8910B98F0}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [TCP Query User{23E15B51-BF8A-40EF-8B0A-3A4E69126DFC}E:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) E:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [UDP Query User{77D0A513-9A42-4CF3-B324-015291FC1AE4}E:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) E:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [{3A8D7A81-9173-41A9-AF37-DBB798B3AC28}] => (Allow) E:\Programme\Steam\SteamApps\common\insurgency2\insurgency.exe
FirewallRules: [{55D1FD90-F3BB-4004-A0ED-ABC25E43558C}] => (Allow) E:\Programme\Steam\SteamApps\common\insurgency2\insurgency.exe
FirewallRules: [TCP Query User{1BCD782D-5586-47F8-A5D9-A32CBFBBA246}C:\users\moritz\desktop\microsoft toolkit.exe] => (Allow) C:\users\moritz\desktop\microsoft toolkit.exe
FirewallRules: [UDP Query User{1A47E407-6F1D-49B7-A85A-79E0855752F7}C:\users\moritz\desktop\microsoft toolkit.exe] => (Allow) C:\users\moritz\desktop\microsoft toolkit.exe
FirewallRules: [{90A1B2B7-6481-47EA-A517-42AE89A63CE3}] => (Allow) E:\Programme\Steam\SteamApps\common\Worms Clan Wars\WormsClanWars.exe
FirewallRules: [{0A24BE58-DDB2-452E-8471-D0ABD256362F}] => (Allow) E:\Programme\Steam\SteamApps\common\Worms Clan Wars\WormsClanWars.exe
FirewallRules: [TCP Query User{4449331D-B7B2-49EF-B76A-48EC9E0A6786}C:\users\moritz\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\moritz\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{D3799B63-4753-4A81-AE8D-F98A0352F7EE}C:\users\moritz\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\moritz\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9C7F33D4-B81D-4234-BCE0-18A3B7EB344E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F9E7D781-EA50-4A3F-8EA7-7F81250BEE6D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8048DCCD-272F-4C91-A2C9-A2EC17A881BC}] => (Allow) E:\Programme\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{BFE71DEC-3CD6-4BBA-85E8-0D9E1F7F621A}] => (Allow) E:\Programme\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{8157D4D5-AA29-49AA-992F-D89F83C9C3A5}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{636ADD68-371F-487D-8FF3-39BC34921934}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{DB7A3645-FF67-4CAC-AFBB-80FA26F9D17D}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{A090F100-31BD-4351-B02D-61C83A0015CF}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [TCP Query User{0AF77098-3F6E-4BDB-892C-4813CF1675E9}E:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) E:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [UDP Query User{952F1315-D8D4-4E21-A818-F48D9D4CAE7D}E:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) E:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [{B3A77A6B-9CCB-46A9-BF3F-277A7B087826}] => (Allow) E:\Programme\Steam\SteamApps\common\Star Wars Republic Commando\GameData\System\SWRepublicCommando.exe
FirewallRules: [{792178EC-0D5D-4566-B41D-93359E0FD7C9}] => (Allow) E:\Programme\Steam\SteamApps\common\Star Wars Republic Commando\GameData\System\SWRepublicCommando.exe
FirewallRules: [{0C09BD9D-116E-46C1-A3F0-021DA04CF309}] => (Allow) E:\Programme\Steam\SteamApps\common\Firewatch\Firewatch.exe
FirewallRules: [{185182B9-44F4-46DA-A139-B640D40C7BD3}] => (Allow) E:\Programme\Steam\SteamApps\common\Firewatch\Firewatch.exe
FirewallRules: [{CC3D82A3-B5D1-48BD-B2C7-1FC1308C58B1}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{F0398C61-D380-41BE-8B49-CE8671852B53}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{09853F4D-C08A-4C44-A0C3-651976FD7A12}] => (Allow) E:\Programme\Steam\SteamApps\common\Day of the Tentacle Remastered\Dott.exe
FirewallRules: [{85688F78-4467-4F5B-99FA-428292CD3CAD}] => (Allow) E:\Programme\Steam\SteamApps\common\Day of the Tentacle Remastered\Dott.exe
FirewallRules: [TCP Query User{F310E270-D523-4AAE-9A61-9EAEA3E13584}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [UDP Query User{645F17DC-9E39-4A7E-AFE0-4C8B76902B56}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [{46AF9636-F522-4442-8986-F34E3D5D711E}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{2D630AD7-E9F9-4502-8AB1-F4103D501BCE}] => (Allow) E:\Programme\Steam\SteamApps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe
FirewallRules: [{1C65D9B4-7168-46A0-A1CB-3C8160C909ED}] => (Allow) E:\Programme\Steam\SteamApps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe
FirewallRules: [{9BF1CA9B-A955-4A4E-ACC6-AE9DE1B0A8F2}] => (Allow) E:\Programme\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C731DBB6-CF7D-430D-BDCD-6574D95430D5}] => (Allow) E:\Programme\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{23D7BD37-12B2-4F7A-B72E-A2C5FE9CE3CD}] => (Allow) E:\Programme\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{F5F2528C-0CE6-4A83-96D7-0A46DA679B1C}] => (Allow) E:\Programme\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{A937D96F-5191-4D67-A53B-18C174E84940}] => (Allow) E:\Programme\Steam\SteamApps\common\BioShock Remastered\Build\Final\BioshockHD.exe
FirewallRules: [{02C4124C-3FE8-402B-B7DF-436B184E1C2A}] => (Allow) E:\Programme\Steam\SteamApps\common\BioShock Remastered\Build\Final\BioshockHD.exe
FirewallRules: [{20A101F3-8A38-4D76-9C8F-52DED032B7D7}] => (Allow) E:\Programme\Steam\SteamApps\common\The Walking Dead - A New Frontier (Season 3)\WalkingDead3_win8.exe
FirewallRules: [{36777EE1-AC1A-4973-8F8A-8CB2E20A7A9D}] => (Allow) E:\Programme\Steam\SteamApps\common\The Walking Dead - A New Frontier (Season 3)\WalkingDead3_win8.exe
FirewallRules: [{44D00FB1-BC73-4220-9D8A-FD4136203F1E}] => (Allow) E:\Programme\Steam\SteamApps\common\The Walking Dead - A New Frontier (Season 3)\WalkingDead3_win7.exe
FirewallRules: [{EF7D0523-FCC5-4B1B-84D8-8828A39F6FCB}] => (Allow) E:\Programme\Steam\SteamApps\common\The Walking Dead - A New Frontier (Season 3)\WalkingDead3_win7.exe
FirewallRules: [{8D5EBC86-0A97-42D7-B8E5-82C46B9FC7D4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1F007600-62A9-4C3A-88A9-AFEBEAC8DC40}] => (Allow) E:\Programme\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{F0783921-5361-405E-815E-C2F5AA11E73B}] => (Allow) E:\Programme\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe

==================== Wiederherstellungspunkte =========================

19-02-2017 16:05:08 Removed Vegas Pro 12.0 (64-bit)

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Hamachi Network Interface
Description: Hamachi Network Interface
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/19/2017 05:14:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (02/19/2017 02:56:52 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (02/19/2017 02:56:52 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (02/19/2017 02:56:52 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (02/19/2017 02:52:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (02/19/2017 02:14:35 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (02/19/2017 02:14:35 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (02/19/2017 02:14:35 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (02/19/2017 02:10:40 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Moritz\Downloads\esetsmartinstaller_deu.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (02/19/2017 02:10:40 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Moritz\Downloads\esetsmartinstaller_deu(1).exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.


Systemfehler:
=============
Error: (02/19/2017 05:14:53 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID 
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 und APPID 
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.

Error: (02/19/2017 05:14:21 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
sptd

Error: (02/19/2017 05:14:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (02/19/2017 05:14:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (02/19/2017 05:13:42 PM) (Source: sptd) (EventID: 4) (User: )
Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für  festgestellt.

Error: (02/19/2017 02:53:41 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID 
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 und APPID 
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.

Error: (02/19/2017 02:52:36 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
sptd

Error: (02/19/2017 02:52:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (02/19/2017 02:52:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (02/19/2017 12:00:39 PM) (Source: sptd) (EventID: 4) (User: )
Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für  festgestellt.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Xeon(R) CPU E3-1230 v3 @ 3.30GHz
Prozentuale Nutzung des RAM: 17%
Installierter physikalischer RAM: 16303.22 MB
Verfügbarer physikalischer RAM: 13451.99 MB
Summe virtueller Speicher: 32604.62 MB
Verfügbarer virtueller Speicher: 29975.76 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:223.47 GB) (Free:30.21 GB) NTFS
Drive e: (Data) (Fixed) (Total:931.51 GB) (Free:220.71 GB) NTFS
Drive j: (Stick_Transcend_32GB) (Removable) (Total:29.42 GB) (Free:19 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 9B757ED2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 1DE46529)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 29.4 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=29.4 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
__________________


Alt 20.02.2017, 00:48   #3
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Virenprüfung meldet infizierte Dateien mit Win32:DH - Standard

Virenprüfung meldet infizierte Dateien mit Win32:DH



Zitat:
desktop\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack
Lesestoff:
Illegale Software: Cracks, Keygens und Co

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________
__________________

Alt 20.02.2017, 11:07   #4
Jens85
 
Virenprüfung meldet infizierte Dateien mit Win32:DH - Standard

Virenprüfung meldet infizierte Dateien mit Win32:DH



Ok, ist entfernt. Ist natürlich noch unter den Firewall regeln aufgeführt, habe es aber eben deinstalliert

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-02-2017 01
durchgeführt von Moritz (Administrator) auf MORITZ2-PC (20-02-2017 10:59:53)
Gestartet von C:\Users\Moritz\Desktop\FRST_64
Geladene Profile: Moritz (Verfügbare Profile: Moritz & Gast)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(AddGadgets) C:\Users\Moritz\Downloads\network meter\PCMeterV4\PCMeterV0.4.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\system\HsMgr64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(CMedia) C:\Program Files\ASUS Xonar DG Audio\Customapp\AsusAudioCenter.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIJJE.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Program Files (x86)\Func\KB-460\KB-460_Core.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone Pure Optical Mouse\KonePureOpticalMonitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Realtek) C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtlService.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtWLan.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [517912 2013-02-15] (Acronis)
HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-02-16] (AVAST Software)
HKLM-x32\...\Run: [Func KB-460] => C:\Program Files (x86)\Func\KB-460\KB-460_Core
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6405376 2013-03-27] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105848 2013-01-10] (Acronis)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-03] (Intel Corporation)
HKLM-x32\...\Run: [RoccatKonePureOptical] => C:\Program Files (x86)\ROCCAT\Kone Pure Optical Mouse\KonePureOpticalMonitor.exe [561152 2014-01-20] (ROCCAT GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-2295199210-3298315446-242086744-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2295199210-3298315446-242086744-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-02-16] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-02-16] (AVAST Software)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-03-27] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-03-27] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-03-27] (Acronis)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0B593FE7-9DC9-4042-B7EE-47F019FA174C}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{E43E45DB-6A41-48AA-823C-DD6D572B70A2}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-2295199210-3298315446-242086744-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2295199210-3298315446-242086744-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-02-16] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28] (SEIKO EPSON CORPORATION)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-24] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-02-16] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-24] (Oracle Corporation)
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  Keine Datei
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2013-02-28] (SEIKO EPSON CORPORATION)

FireFox:
========
FF DefaultProfile: u4sfw4f1.default-1391466045898
FF ProfilePath: C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898 [2017-02-19]
FF Homepage: Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898 -> hxxps://www.google.de/
FF NetworkProxy: Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898 -> type", 0
FF Extension: (Add to Amazon Wish List Button) - C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\Extensions\amznUWL2@amazon.com.xpi [2016-04-27]
FF Extension: (ProxTube) - C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\Extensions\ich@maltegoetz.de.xpi [2016-08-28]
FF Extension: (Premiumize.me) - C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\Extensions\jid1-sirVJT0BXhkuJg@jetpack.xpi [2014-11-07] [ist nicht signiert]
FF Extension: (Personas Plus) - C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\Extensions\personas@christopher.beard.xpi [2016-07-28]
FF Extension: (Google Translator for Firefox) - C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\Extensions\translator@zoli.bod.xpi [2016-04-27]
FF Extension: (NoScript) - C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-12-01]
FF Extension: (Video DownloadHelper) - C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-08-05]
FF Extension: (Adblock Plus) - C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF SearchPlugin: C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\searchplugins\google-play.xml [2015-05-05]
FF SearchPlugin: C:\Users\Moritz\AppData\Roaming\Mozilla\Firefox\Profiles\u4sfw4f1.default-1391466045898\searchplugins\wettercom.xml [2014-06-18]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF48 [2017-02-16]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF48 [2017-02-16]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2014-02-02] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-21] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-02-21] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-21] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1214154.dll [2014-11-07] (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-02-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2295199210-3298315446-242086744-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Moritz\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default [2017-02-18]
CHR Extension: (Google Docs) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-12]
CHR Extension: (Google Drive) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-21]
CHR Extension: (Google Cast) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-08-10]
CHR Extension: (Adblock Plus) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-12-06]
CHR Extension: (Google-Suche) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Adobe Acrobat) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-02-16]
CHR Extension: (Google Docs Offline) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-10]
CHR Extension: (Avast Online Security) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-28]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-16]
CHR Extension: (Google Mail) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-26]
CHR Extension: (Chrome Media Router) - C:\Users\Moritz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-16]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-12-23] (Advanced Micro Devices) [Datei ist nicht signiert]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7142136 2017-02-16] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-02-16] (AVAST Software)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [173848 2015-02-22] (EasyAntiCheat Ltd)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
S3 GalaxyClientService; E:\Programme\GOG Galaxy\GalaxyClient\GalaxyClientService.exe [284224 2016-12-26] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6625856 2016-12-26] (GOG.com)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [38200 2014-12-01] (The OpenVPN Project)
S3 Origin Client Service; E:\Programme\Origin\OriginClientService.exe [2122248 2017-01-24] (Electronic Arts)
S2 Origin Web Helper Service; E:\Programme\Origin\OriginWebHelperService.exe [2184208 2017-01-24] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-04-20] ()
R2 Realtek11nCU; C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtlService.exe [36864 2010-04-16] (Realtek) [Datei ist nicht signiert]
S4 TeamViewer9; E:\Programme\Team Viewer 9\TeamViewer_Service.exe [4915040 2014-01-29] (TeamViewer GmbH)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-09-06] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [305544 2016-12-23] (Advanced Micro Devices)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309784 2017-02-16] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-02-16] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-02-16] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-02-16] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-02-16] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126088 2017-02-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-02-16] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [74680 2017-02-16] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [991496 2017-02-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [547904 2017-02-16] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-02-16] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337080 2017-02-16] (AVAST Software)
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2725376 2011-03-10] (C-Media Inc)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-02-02] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-05-30] (Intel Corporation)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-07-04] (REALiX(tm))
R3 I1KBFLTR; C:\Windows\System32\drivers\I1KBFLTR.sys [29440 2014-06-26] ()
R2 IntelHaxm; C:\Windows\System32\DRIVERS\IntelHaxm.sys [93192 2016-06-12] (Intel  Corporation)
S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [762472 2010-08-06] (Realtek Semiconductor Corporation                           )
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2014-02-02] (Duplex Secure Ltd.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2015-10-16] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2015-10-16] (Acronis)
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2013-11-22] (Seiko Epson Corporation)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2015-10-16] (Acronis International GmbH)
R3 WinRing0_1_2_0; C:\Users\Moritz\AppData\Local\Temp\tmpBA0B.tmp [14544 2017-02-18] (OpenLibSys.org) <==== ACHTUNG
S3 ALSysIO; \??\C:\Users\Moritz\AppData\Local\Temp\ALSysIO64.sys [X] <==== ACHTUNG
S3 GPU-Z; \??\C:\Users\Moritz\AppData\Local\Temp\GPU-Z.sys [X] <==== ACHTUNG
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-20 10:51 - 2017-02-20 10:51 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-02-20 10:39 - 2017-02-20 10:44 - 00000004 _____ C:\ScrubRetValFile.txt
2017-02-19 17:16 - 2017-02-20 10:59 - 00000000 ____D C:\Users\Moritz\Desktop\FRST_64
2017-02-18 20:17 - 2017-02-18 22:15 - 00000000 ____D C:\Users\Moritz\Desktop\Neuer Ordner
2017-02-18 20:02 - 2017-02-18 20:02 - 34980000 _____ (AMD Inc.) C:\Users\Moritz\Downloads\radeon-crimson-relive-17.2.1-minimalsetup-170213_64bit.exe
2017-02-17 00:38 - 2017-02-17 00:38 - 00000000 _____ C:\Users\Moritz\Desktop\spotfy premium account.txt
2017-02-17 00:26 - 2017-02-17 00:26 - 00000000 _____ C:\Users\Moritz\Desktop\Graktreiber wurde widerhergestellt.txt
2017-02-17 00:24 - 2017-02-17 00:24 - 00000000 _____ C:\Users\Moritz\Desktop\Der Treiber hat einen Controllerfehler auf DeviceHarddisk2DR2.txt
2017-02-16 22:08 - 2017-02-20 10:56 - 00004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-02-16 22:08 - 2017-02-16 22:08 - 00398408 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-02-16 22:08 - 2017-02-16 22:08 - 00334600 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-02-16 22:08 - 2017-02-16 22:08 - 00309784 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-02-16 22:08 - 2017-02-16 22:08 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-02-16 22:08 - 2017-02-16 22:08 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-02-06 19:00 - 2017-02-06 19:00 - 00000000 ____D C:\Users\Moritz\.QtWebEngineProcess
2017-02-06 19:00 - 2017-02-06 19:00 - 00000000 ____D C:\Users\Moritz\.Origin
2017-02-01 22:38 - 2017-02-01 22:38 - 00000000 ____D C:\Users\Moritz\AppData\LocalLow\AMD
2017-01-30 17:20 - 2017-01-30 17:20 - 00000000 ____D C:\ProgramData\ATI
2017-01-28 14:17 - 2017-01-28 14:18 - 00000000 ____D C:\Users\Moritz\Desktop\Fritzbox Einstellung_Sicherung
2017-01-28 14:13 - 2017-01-28 14:13 - 00000000 ____D C:\Users\Moritz\AppData\Local\AMD
2017-01-28 14:12 - 2017-01-28 14:12 - 00003152 _____ C:\Windows\System32\Tasks\StartCN
2017-01-28 14:12 - 2017-01-28 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-01-28 14:12 - 2017-01-28 14:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2017-01-28 14:11 - 2017-01-28 14:11 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-01-28 14:11 - 2016-09-09 19:25 - 00269600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2017-01-28 14:11 - 2016-09-09 19:25 - 00261920 _____ C:\Windows\system32\vulkan-1.dll
2017-01-28 14:11 - 2016-09-09 19:25 - 00110880 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2017-01-28 14:11 - 2016-09-09 19:24 - 00125216 _____ C:\Windows\system32\vulkaninfo.exe
2017-01-26 15:12 - 2017-01-26 15:12 - 54462926 _____ C:\Users\Moritz\Desktop\PC-WeltWLAN09-2015-issue.pdf
2017-01-21 16:08 - 2017-01-21 16:08 - 00010755 _____ C:\Users\Moritz\Desktop\NAS vergleich.xlsx

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-02-20 10:59 - 2015-12-16 15:35 - 00000000 ____D C:\FRST
2017-02-20 10:55 - 2009-07-14 05:45 - 00030752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-20 10:55 - 2009-07-14 05:45 - 00030752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-20 10:52 - 2011-04-12 08:43 - 04000126 _____ C:\Windows\system32\perfh007.dat
2017-02-20 10:52 - 2011-04-12 08:43 - 01174818 _____ C:\Windows\system32\perfc007.dat
2017-02-20 10:52 - 2009-07-14 06:13 - 00006224 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-20 10:47 - 2014-02-02 10:28 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2017-02-20 10:47 - 2014-02-01 21:54 - 00124048 _____ C:\Users\Moritz\AppData\Local\GDIPFONTCACHEV1.DAT
2017-02-20 10:47 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-20 10:47 - 2009-07-14 05:45 - 00505008 _____ C:\Windows\system32\FNTCACHE.DAT
2017-02-20 10:46 - 2014-02-04 12:12 - 00000029 _____ C:\Users\Moritz\AppData\Roaming\Network Meter_Usage.ini
2017-02-20 10:43 - 2014-02-02 19:04 - 00000000 ____D C:\Program Files\Microsoft Office
2017-02-20 10:43 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2017-02-20 10:41 - 2014-02-02 19:05 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2017-02-20 10:41 - 2011-04-12 08:54 - 00000000 ____D C:\Windows\ShellNew
2017-02-20 10:41 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-02-20 10:41 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\System
2017-02-20 10:41 - 2009-07-14 03:34 - 00000387 _____ C:\Windows\win.ini
2017-02-19 20:10 - 2016-11-16 12:17 - 00000000 ____D C:\Users\Moritz\AppData\LocalLow\Mozilla
2017-02-19 16:18 - 2016-12-21 19:03 - 00000000 ____D C:\Users\Moritz\AppData\Roaming\vlc
2017-02-19 16:17 - 2014-02-04 11:57 - 00000000 ____D C:\Users\Moritz\Documents\My Games
2017-02-19 16:05 - 2014-07-24 20:44 - 00000000 ____D C:\Users\Moritz\AppData\Local\Sony
2017-02-19 16:05 - 2014-07-24 20:44 - 00000000 ____D C:\ProgramData\Sony
2017-02-19 16:05 - 2014-07-24 20:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2017-02-19 15:03 - 2014-05-27 10:34 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-02-19 01:09 - 2014-02-01 22:14 - 00007622 _____ C:\Users\Moritz\AppData\Local\resmon.resmoncfg
2017-02-18 23:58 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2017-02-18 20:16 - 2016-11-16 13:08 - 00000000 ____D C:\ProgramData\Unity
2017-02-18 20:02 - 2014-02-02 10:25 - 00000000 ____D C:\AMD
2017-02-16 22:08 - 2014-05-02 20:54 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-02-16 22:08 - 2014-02-02 13:55 - 00991496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-02-16 22:08 - 2014-02-02 13:55 - 00547904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-02-16 22:08 - 2014-02-02 13:55 - 00337080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.148727930370604
2017-02-16 22:08 - 2014-02-02 13:55 - 00337080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-02-16 22:08 - 2014-02-02 13:55 - 00162528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-02-16 22:08 - 2014-02-02 13:55 - 00126088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-02-16 22:08 - 2014-02-02 13:55 - 00100640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-02-16 22:08 - 2014-02-02 13:55 - 00074680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-02-14 23:52 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-02-14 23:50 - 2014-02-03 15:00 - 00000000 ____D C:\Users\Moritz\AppData\Roaming\Origin
2017-02-14 22:40 - 2014-02-03 14:54 - 00000000 ____D C:\ProgramData\Origin
2017-02-09 13:17 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2017-02-07 17:26 - 2014-02-03 15:00 - 00000000 ____D C:\Users\Moritz\AppData\Local\Origin
2017-02-07 01:00 - 2014-02-17 17:55 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-07 01:00 - 2014-02-17 17:55 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-06 19:00 - 2014-02-01 20:46 - 00000000 ____D C:\Users\Moritz
2017-02-01 22:27 - 2014-08-28 10:32 - 00000000 ____D C:\Program Files\Recuva
2017-01-30 17:45 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2017-01-28 14:12 - 2015-10-09 12:03 - 00000000 ____D C:\Program Files (x86)\AMD
2017-01-28 14:12 - 2014-02-02 10:27 - 00000000 ____D C:\Program Files\AMD
2017-01-28 14:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-01-28 14:06 - 2014-02-02 11:38 - 00000000 ____D C:\Windows\system32\MRT
2017-01-28 14:04 - 2014-02-02 11:38 - 135657872 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-01-28 14:02 - 2016-11-16 12:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-28 14:02 - 2014-02-02 13:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-26 10:25 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-01-24 21:41 - 2016-11-16 12:34 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2017-01-24 21:41 - 2016-08-28 10:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2017-01-24 21:41 - 2014-08-06 21:20 - 00000000 ____D C:\Program Files (x86)\Java
2017-01-24 21:41 - 2014-02-03 09:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-01-21 20:35 - 2014-04-02 19:25 - 00779776 ___SH C:\Users\Moritz\Desktop\Thumbs.db
2017-01-21 20:35 - 2014-02-03 19:44 - 00000000 ____D C:\Users\Moritz\.gimp-2.8
2017-01-21 14:45 - 2015-11-01 00:10 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-01-21 14:45 - 2015-11-01 00:09 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-21 14:45 - 2014-08-26 09:31 - 00000000 ____D C:\Users\Moritz\AppData\Local\Adobe
2017-01-21 14:45 - 2014-02-02 20:32 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-01-21 14:45 - 2014-02-02 20:32 - 00000000 ____D C:\Windows\system32\Macromed

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-02-03 20:49 - 2014-06-10 23:45 - 0000627 _____ () C:\Users\Moritz\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-02-03 20:49 - 2014-11-21 15:15 - 0000293 _____ () C:\Users\Moritz\AppData\Roaming\GPU MeterV2_Settings.ini
2014-02-04 11:46 - 2016-08-02 21:47 - 0000971 _____ () C:\Users\Moritz\AppData\Roaming\Network Meter_Settings.ini
2014-02-04 12:12 - 2017-02-20 10:46 - 0000029 _____ () C:\Users\Moritz\AppData\Roaming\Network Meter_Usage.ini
2014-03-24 13:06 - 2016-02-21 17:02 - 1065984 _____ () C:\Users\Moritz\AppData\Local\file__0.localstorage
2017-01-05 16:38 - 2017-01-05 16:38 - 0006787 _____ () C:\Users\Moritz\AppData\Local\recently-used.xbel
2014-02-01 22:14 - 2017-02-19 01:09 - 0007622 _____ () C:\Users\Moritz\AppData\Local\resmon.resmoncfg
2014-02-02 10:53 - 2014-02-02 10:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
2017-01-24 21:40 - 2017-01-24 21:40 - 0739904 _____ (Oracle Corporation) C:\Users\Moritz\AppData\Local\Temp\jre-8u121-windows-au.exe
2017-02-20 10:35 - 2017-02-20 10:35 - 1278976 _____ (Microsoft Corporation) C:\Users\Moritz\AppData\Local\Temp\PidGenX.dll
2017-01-28 14:08 - 2017-01-28 14:09 - 429088496 _____ (AMD Inc.) C:\Users\Moritz\AppData\Local\Temp\tmp510C.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-02-13 13:45

==================== Ende von FRST.txt ============================
         

Alt 20.02.2017, 11:08   #5
Jens85
 
Virenprüfung meldet infizierte Dateien mit Win32:DH - Standard

Virenprüfung meldet infizierte Dateien mit Win32:DH



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-02-2017 01
durchgeführt von Moritz (20-02-2017 11:00:10)
Gestartet von C:\Users\Moritz\Desktop\FRST_64
Windows 7 Ultimate Service Pack 1 (X64) (2014-02-01 19:46:13)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2295199210-3298315446-242086744-500 - Administrator - Disabled)
Gast (S-1-5-21-2295199210-3298315446-242086744-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-2295199210-3298315446-242086744-1002 - Limited - Enabled)
Moritz (S-1-5-21-2295199210-3298315446-242086744-1000 - Administrator - Enabled) => C:\Users\Moritz

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ACP Application (Version: 2016.1223.1210.58 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.4.154 - Adobe Systems, Inc.)
Alternative Look for Triss (HKLM-x32\...\Alternative Look for Triss_is1) (Version: 1.0.0.0 - GOG.com)
Alternative Look for Yennefer (HKLM-x32\...\Alternative Look for Yennefer_is1) (Version: 1.0.0.0 - GOG.com)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.)
Any Video Converter 5.5.5 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{0E4C791E-B78E-477D-BD5A-CDD0985BA6EC}) (Version: 7.0.20622.1 - Microsoft Corporation)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Assassin's Creed(R) III v1.03 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.03 - Ubisoft)
ASUS Xonar DG Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version:  - )
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.1.2286 - AVAST Software)
Azure AD Authentication Connected Service (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Ballad Heroes - Neutral Gwent Card Set (HKLM-x32\...\Ballad Heroes - Neutral Gwent Card Set_is1) (Version: 1.0.0.0 - GOG.com)
Battlefield 4â„¢ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Beard and Hairstyle Set (HKLM-x32\...\Beard and Hairstyle Set_is1) (Version: 1.0.0.0 - GOG.com)
BioShock Remastered (HKLM\...\Steam App 409710) (Version:  - 2K Boston)
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blender (HKLM\...\Blender) (Version: 2.74 - Blender Foundation)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - Treyarch)
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - Treyarch)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
Canon iP2700 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2700_series) (Version:  - Canon Inc.)
Catalyst Control Center Next Localization BR (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1223.1240.22785 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5844 - CDBurnerXP)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CrystalDiskInfo 6.1.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.1 - Crystal Dew World)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
DARK SOULS III (HKLM-x32\...\Steam App 374320) (Version:  - FromSoftware, Inc.)
Day of the Tentacle Remastered (HKLM\...\Steam App 388210) (Version:  - Double Fine Productions)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dotfuscator and Analytics Community Edition 5.22.0 (x32 Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
Driver Sweeper Version 3.2.0 (HKLM-x32\...\{5A67D2EA-FB70-4033-A6F3-606AD85B2015}_is1) (Version: 3.2.0 - Phyxion.net)
Druckerdeinstallation für EPSON Remote Print (HKLM\...\EPSON Remote Print) (Version:  - SEIKO EPSON Corporation)
Druckerdeinstallation für EPSON WF-3520 Series (HKLM\...\EPSON WF-3520 Series) (Version:  - SEIKO EPSON Corporation)
Edimax Wireless LAN Driver and Utility (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D12314F45EB}) (Version: 1.00.0165 - Edimax Technology Co.)
Elite Crossbow Set (HKLM-x32\...\Elite Crossbow Set_is1) (Version: 1.0.0.0 - GOG.com)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.1.1 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print 2 (HKLM-x32\...\{02A312B5-1542-47B6-BFE9-F51358C39E86}) (Version: 2.4.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM-x32\...\{8F01524C-0676-4CC1-B4AE-64753C723391}) (Version: 3.01.0005 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{CEC98C2A-9ED5-49DA-9F3A-92434E0A4FA3}) (Version: 1.19.0000 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.46.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version:  - )
EPSON Printer Finder (HKLM-x32\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EpsonNet Config V4 (HKLM-x32\...\{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version:  - Bethesda Game Studios)
Firewatch (HKLM-x32\...\Steam App 383870) (Version:  - Campo Santo)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Func KB-460 Settings software (HKLM-x32\...\{8918A402-4EEF-489F-940F-DC25BEEFA6FF}_sbay) (Version:  - )
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version:  - Greenheart Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Geeks3D FurMark 1.17.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
GRID 2 (HKLM-x32\...\Steam App 44350) (Version:  - Codemasters Racing)
Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.)
H1Z1 (HKLM-x32\...\Steam App 295110) (Version:  - Sony Online Entertainment)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Half-Life 2: Deathmatch (HKLM-x32\...\Steam App 320) (Version:  - Valve)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
Hotline Miami 2 - Wrong Number (HKLM-x32\...\1424773427_is1) (Version: 2.3.0.4 - GOG.com)
HWiNFO64 Version 4.40 (HKLM\...\HWiNFO64_is1) (Version: 4.40 - Martin MalÃ*k - REALiX)
Insurgency (HKLM-x32\...\Steam App 222880) (Version:  - New World Interactive)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{6F73FF93-0B55-4194-AE45-C19DA1F33E97}) (Version: 6.0.3 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle)
Kits Configuration Installer (x32 Version: 8.59.25584 - Microsoft) Hidden
Kyocera Product Library (HKLM\...\Kyocera Product Library) (Version: 4.2.1909 - KYOCERA Document Solutions Inc.)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Livestreamer 1.11.1 (HKLM-x32\...\Livestreamer) (Version:  - )
Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.109 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.109 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects  (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom  (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service  (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Updates (HKLM-x32\...\{79b486b9-c5f0-4096-a00c-8351f59587c2}) (Version: 14.0.25420.1 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft Windows Debugging Symbols (HKLM-x32\...\{68ADAEAA-DABD-45C1-9CC2-F995407549CD}) (Version: 7601 - Microsoft)
Mount and Blade (HKLM-x32\...\1207666893_is1) (Version: 2.0.0.4 - GOG.com)
Mozilla Firefox 51.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
New Quest - Contract Missing Miners (HKLM-x32\...\New Quest - Contract Missing Miners_is1) (Version: 1.0.0.0 - GOG.com)
New Quest - Fool's Gold (HKLM-x32\...\New Quest - Fool's Gold_is1) (Version: 1.0.0.0 - GOG.com)
New Quest - Scavenger Hunt - Wolf School Gear (HKLM-x32\...\New Quest - Scavenger Hunt: Wolf School Gear_is1) (Version: 1.0.0.0 - GOG.com)
Nilfgaardian Armor Set (HKLM-x32\...\Nilfgaardian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
Nosgoth (HKLM-x32\...\Steam App 200110) (Version: 141106.96623 - Square Enix Ltd)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenVPN 2.3.6-I601  (HKLM\...\OpenVPN) (Version: 2.3.6-I601 - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.3.15631 - Electronic Arts, Inc.)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Pixum Fotowelt (HKLM-x32\...\Pixum Fotowelt) (Version: 6.1.2 - CEWE Stiftung u Co. KGaA)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
RAD Video Tools (HKLM-x32\...\RADVideo) (Version:  - )
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
ROCCAT Kone Pure Optical Mouse Driver (HKLM-x32\...\{22D40E66-0D41-45A3-A8A1-90B8A38D9A68}) (Version:  - Roccat GmbH)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.0.8 - Rockstar Games)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.25431 - Microsoft Corporation) Hidden
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
S.T.A.L.K.E.R. German Uncut Trilogy Edition 1.0 (HKLM-x32\...\S.T.A.L.K.E.R. German Uncut Trilogy Edition 1.0) (Version:  - )
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
SDK Debuggers (x32 Version: 8.59.29746 - Microsoft Corporation) Hidden
SILKYPIX Developer Studio 3.1 SE (HKLM-x32\...\InstallShield_{0A04086B-0B71-43C3-95EF-FDFC4C18D161}) (Version: 3 - Ichikawa Soft Laboratory)
SILKYPIX Developer Studio 3.1 SE (x32 Version: 3 - Ichikawa Soft Laboratory) Hidden
SketchUp 2017 (HKLM\...\{5A8C61BD-0912-4B76-805E-4EDE5E13298C}) (Version: 17.1.174 - Trimble Navigation Limited)
Sleeping Dogsâ„¢ (HKLM-x32\...\Steam App 202170) (Version:  - United Front Games)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15044.7 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.0.15044.7 - Samsung Electronics Co., Ltd.) Hidden
SmartGit (HKLM-x32\...\SmartGit c:/program files (x86)/smartgit_is1) (Version:  - syntevo GmbH)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
Software Updater (HKLM-x32\...\{6DFBE8A2-CDBF-453E-B34C-32F202FCEE4C}) (Version: 4.2.1 - SEIKO EPSON CORPORATION)
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
Source SDK Base 2006 (HKLM-x32\...\Steam App 215) (Version:  - Valve)
Spotify (HKU\S-1-5-21-2295199210-3298315446-242086744-1000\...\Spotify) (Version: 1.0.16.104.g3b776c9e - Spotify AB)
Star Swarm Stress Test (HKLM-x32\...\Steam App 267130) (Version:  - Oxide Games)
Star Wars Republic Commando (HKLM-x32\...\Steam App 6000) (Version:  - LucasArts)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Stronghold Crusader 2 (HKLM\...\Steam App 232890) (Version:  - FireFly Studios)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (x32 Version: 14.102.25619 - Microsoft) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.25790 - TeamViewer)
Temerian Armor Set (HKLM-x32\...\Temerian Armor Set_is1) (Version: 1.0.0.0 - GOG.com)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Walking Dead: A New Frontier (HKLM\...\Steam App 536220) (Version:  - Telltale Games)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.6.0 - GOG.com)
True Image 2013 (HKLM-x32\...\{4AA75223-6CBF-46F4-8EE4-7BF0591089F7}Visible) (Version: 16.0.6514 - Acronis)
True Image 2013 (x32 Version: 16.0.6514 - Acronis) Hidden
TypeScript Power Tool (x32 Version: 1.8.34.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.36.0 - Microsoft Corporation) Hidden
Unity (HKLM-x32\...\Unity) (Version: 5.5.0f3 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-2295199210-3298315446-242086744-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 4.2 - Ubisoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VS Update core components (x32 Version: 14.0.25431 - Microsoft Corporation) Hidden
vs_update3notification (x32 Version: 14.0.25431 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Deployment Tools (HKLM-x32\...\{BFC9778E-9765-C94C-C082-C2514F8DEB9B}) (Version: 8.59.25584 - Microsoft)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows PE x86 x64 (HKLM-x32\...\{F89D69CA-6EE1-E037-DD3B-08CDDE1BED1C}) (Version: 8.59.25584 - Microsoft)
Windows PE x86 x64 wims (HKLM-x32\...\{85F4ACB1-E7DC-C3C6-F4FD-BB936DF2695E}) (Version: 8.59.25584 - Microsoft)
Windows Software Development Kit (HKLM-x32\...\{363a2c1e-637f-45ce-933b-5a5463efd945}) (Version: 8.59.29750 - Microsoft Corporation)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Worms Clan Wars (HKLM-x32\...\Steam App 233840) (Version:  - Team17 Digital Ltd)
Worms Revolution (HKLM-x32\...\Steam App 200170) (Version:  - Team17 Digital Ltd.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2295199210-3298315446-242086744-1000_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2295199210-3298315446-242086744-1000_Classes\CLSID\{25815CC0-43F4-3C75-8C3A-A139D9ADE740}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2295199210-3298315446-242086744-1000_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2295199210-3298315446-242086744-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {1115AF7F-56C9-47A7-8828-A5C6A5A56119} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {2175CC94-DF29-4050-A204-C6862C86A73F} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [2016-06-20] (Microsoft Corporation)
Task: {2F7ECD5A-49A4-4B39-ADB6-90A35A5A8571} - System32\Tasks\{3EF969C1-230F-4C85-837A-38BC5527D691} => Firefox.exe hxxp://ui.skype.com/ui/0/7.12.80.101/de/abandoninstall?page=tsProgressBar
Task: {313BBAC0-B0CE-488F-8189-518B0C9AFF23} - System32\Tasks\SafeZone scheduled Autoupdate 1461831637 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe 
Task: {3824FB2D-EDF7-4602-9D27-66D3F4ABB7BF} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2016-12-23] (Advanced Micro Devices, Inc.)
Task: {3B544326-D40E-486D-BB94-F7ED8B065A37} - System32\Tasks\PCMeter\Startup => C:\Users\Moritz\Downloads\network meter\PCMeterV4\PCMeterV0.4.exe [2013-11-05] (AddGadgets)
Task: {3BC6704D-33F0-4CE7-AE7E-3E6869F61CCC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {3FDC4290-414E-423E-B951-5461E645FBA7} - System32\Tasks\{AE8D2FA2-1FA0-4FB0-B984-D9D50CEB0C70} => pcalua.exe -a C:\Users\Moritz\Downloads\iview437g_setup(1).exe -d C:\Users\Moritz\Downloads
Task: {6A8BBF8A-FC41-4B98-A830-9F96547B56B8} - System32\Tasks\{A9B95B13-260E-46B0-9C7D-C402B89FAACD} => pcalua.exe -a F:\SETUP.EXE -d F:\
Task: {6D887FBC-9C90-4C7A-A77F-79252CD57BB8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {98E8D6FC-7A7C-43DF-B27F-14E0826F76FF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {BE01862F-FD61-45FA-A951-5BB4F61DB955} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-02-16] (AVAST Software)
Task: {C6861602-9B6F-47E4-B964-62175A3B6E76} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2295199210-3298315446-242086744-1000
Task: {CAD7C128-9F9F-429E-AEA3-9C1B3AB2EBE3} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
Task: {F2EA2F54-A3A3-428D-9168-19D87223A5CC} - System32\Tasks\{276C619C-62DD-43E3-815B-3BEEDEDC334B} => pcalua.exe -a "E:\Programme\Steam\steamapps\common\Left 4 Dead 2\bin\addoninstaller.exe" -d "E:\Programme\Steam\steamapps\common\Left 4 Dead 2" -c /register

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-03-27 21:39 - 2013-03-27 21:39 - 00021824 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\x64\ti_managers_proxy_stub.dll
2014-06-08 23:56 - 2008-07-11 15:04 - 00200704 _____ () C:\Windows\SysWOW64\HsMgr.exe
2014-04-01 14:14 - 2008-07-11 15:03 - 00282112 _____ () C:\Windows\system\HsMgr64.exe
2014-02-03 20:49 - 2014-02-03 20:49 - 00012520 _____ () C:\Users\Moritz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\CoreTempReader.dll
2014-02-03 20:49 - 2014-02-03 20:49 - 00015080 _____ () C:\Users\Moritz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\GetCoreTempInfoNET.dll
2014-02-03 20:49 - 2014-02-03 20:49 - 00014056 _____ () C:\Users\Moritz\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\SystemInfo.dll
2017-01-15 15:51 - 2014-06-27 14:15 - 01750528 _____ () C:\Program Files (x86)\Func\KB-460\KB-460_Core.exe
2016-09-13 01:51 - 2016-09-13 01:51 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-13 01:50 - 2016-09-13 01:50 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-13 01:51 - 2016-09-13 01:51 - 00191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2015-03-13 14:54 - 2015-03-13 14:54 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-02-04 21:52 - 2014-04-20 14:43 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2017-02-16 22:08 - 2017-02-16 22:08 - 00162600 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
2017-02-16 22:08 - 2017-02-16 22:08 - 00792656 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
2017-02-16 22:08 - 2017-02-16 22:08 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-02-19 17:28 - 2017-02-19 17:28 - 05979224 _____ () C:\Program Files\AVAST Software\Avast\defs\17021900\algo.dll
2017-02-16 22:08 - 2017-02-16 22:08 - 00655056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-10-25 18:08 - 2011-04-19 14:56 - 00143360 ____N () C:\Program Files\ASUS Xonar DG Audio\Customapp\VmixP8.dll
2016-08-07 09:30 - 2016-08-07 09:30 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-02-16 22:08 - 2017-02-16 22:08 - 00289328 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2013-03-27 23:37 - 2013-03-27 23:37 - 13627872 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2013-01-10 12:43 - 2013-01-10 12:43 - 00014360 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll
2017-01-15 16:23 - 2012-10-01 18:53 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kone Pure Optical Mouse\hiddriver.dll
2014-02-13 17:19 - 2009-12-09 21:20 - 00126976 _____ () C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\EnumDevLib.dll
2014-02-02 11:13 - 2013-09-03 16:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-03-27 21:09 - 2013-03-27 21:09 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2295199210-3298315446-242086744-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2295199210-3298315446-242086744-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2295199210-3298315446-242086744-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2295199210-3298315446-242086744-1000\...\sony.com -> sony.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2295199210-3298315446-242086744-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Moritz\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\startupfolder: C:^Users^Moritz^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Cmaudio8788 => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
MSCONFIG\startupreg: Cmaudio8788GX => C:\Windows\syswow64\HsMgr.exe Envoke
MSCONFIG\startupreg: Cmaudio8788GX64 => C:\Windows\system\HsMgr64.exe Envoke
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: EPLTarget => 
MSCONFIG\startupreg: FUFAXRCV => "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"
MSCONFIG\startupreg: FUFAXSTM => "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
MSCONFIG\startupreg: GalaxyClient => 
MSCONFIG\startupreg: HydraVisionDesktopManager => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: Spotify => "C:\Users\Moritz\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Moritz\AppData\Roaming\Spotify\SpotifyWebHelper.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{9F48DC17-C632-40B9-B6CC-C749FEE8F505}C:\users\moritz\desktop\microsoft.toolkit.v2.4.5\microsoft toolkit.exe] => (Block) C:\users\moritz\desktop\microsoft.toolkit.v2.4.5\microsoft toolkit.exe
FirewallRules: [UDP Query User{C47FBBE4-221C-4A67-8837-7A9CAA8BFDE4}C:\users\moritz\desktop\microsoft.toolkit.v2.4.5\microsoft toolkit.exe] => (Block) C:\users\moritz\desktop\microsoft.toolkit.v2.4.5\microsoft toolkit.exe
FirewallRules: [{A252124C-789B-4CCB-9296-A5BB6E432880}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [{D9CB8CF5-B053-4444-9374-970CC9723693}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [TCP Query User{1FEDF8B8-3AB5-41C2-92E1-1F9FF81C2E3E}C:\users\moritz\desktop\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe] => (Allow) C:\users\moritz\desktop\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe
FirewallRules: [UDP Query User{270380D9-80FB-41C3-A882-E35A7BA57E10}C:\users\moritz\desktop\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe] => (Allow) C:\users\moritz\desktop\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe
FirewallRules: [TCP Query User{ED07AD7E-3AF6-4114-8A21-009585115235}C:\users\moritz\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\moritz\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{CAC1056C-04D1-4FBD-B0C6-E31781E990D2}C:\users\moritz\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\moritz\appdata\roaming\spotify\spotify.exe
FirewallRules: [{835761BC-EC5F-4FA0-85F0-5ED6EE4190E6}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [{6E3BCFF2-261C-4427-AE80-9353E04A6560}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe
FirewallRules: [TCP Query User{5F890B29-C7E6-462E-A803-D5AC3C10B647}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{B802124F-A6D7-4849-AC50-E92D1D8BEF2F}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{4AB85895-9616-4292-BE0D-0AB33A55F89D}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{2D1FC328-3892-4123-9872-277B9CEC3ECB}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{F243356A-171C-49AF-97B7-3B67679411E0}] => (Allow) E:\Programme\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{3AD70C31-E055-4C3B-B3F3-1EE8626D2F72}] => (Allow) E:\Programme\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{1E9817E7-EC93-4E70-B501-0255782E5409}] => (Allow) E:\Programme\Team Viewer 9\TeamViewer.exe
FirewallRules: [{DC079025-4EE8-46FB-B0A2-E69804592552}] => (Allow) E:\Programme\Team Viewer 9\TeamViewer.exe
FirewallRules: [{F6A23DAD-C4BA-4BA2-AEDA-D9F30038B647}] => (Allow) E:\Programme\Team Viewer 9\TeamViewer_Service.exe
FirewallRules: [{D5025577-8916-4148-9578-E467DE9F4357}] => (Allow) E:\Programme\Team Viewer 9\TeamViewer_Service.exe
FirewallRules: [{66FDFD22-8967-4518-A622-EA700C4E3ADB}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{846B3CF1-9334-4EF9-8E35-624FA05276D9}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{1C3941DA-6072-4ED0-969C-B2D06D0EF8E5}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [{AE3E2EB6-60B1-40FD-82D3-C6713B632B33}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [{121EA7B1-4A8A-4F57-BE8F-651A57473C6B}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [{7B3A6EAE-79A9-4149-9006-4E2D85EE0413}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [{21C3FC04-0454-4CEC-A22F-A03D36A0EF35}] => (Allow) E:\Programme\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{5BAE880F-8396-4A5C-8F9E-FAF6B00F6CF0}] => (Allow) E:\Programme\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{5E5BDF55-2B94-474E-A299-3ECFFE013878}] => (Allow) E:\Programme\Steam\SteamApps\common\Half-Life 2 Deathmatch\hl2.exe
FirewallRules: [{A463E25A-51BE-4C01-A6AE-D60D5B4036F9}] => (Allow) E:\Programme\Steam\SteamApps\common\Half-Life 2 Deathmatch\hl2.exe
FirewallRules: [{1F3AE00A-4009-40A7-AC96-B723739FA96B}] => (Allow) E:\Programme\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{9A9C40DB-49E9-42C5-93F0-F379185FB3B4}] => (Allow) E:\Programme\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{55029BE0-8F2D-4DE3-B801-CD32B295EEC2}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{A020E013-F054-4AD3-AB62-4B16B21ECA4D}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{9F2DE602-1069-4763-8893-8E89EDAF5A71}] => (Allow) E:\Programme\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{AA991D56-6514-4129-8D8A-E56F3E772D22}] => (Allow) E:\Programme\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{3A7EC411-FE92-4B01-BD5A-55B2D14A7CBA}] => (Allow) E:\Programme\Steam\SteamApps\common\Star Swarm Benchmark\StarSwarmLauncher.exe
FirewallRules: [{7D44FF47-F694-4F33-8102-5C24E82B33C8}] => (Allow) E:\Programme\Steam\SteamApps\common\Star Swarm Benchmark\StarSwarmLauncher.exe
FirewallRules: [{317F0B43-5E45-4370-AAC1-EEE35C049984}] => (Allow) C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{FE9DF765-320D-4DB2-8B53-9CAA58269692}] => (Allow) C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtWLan.exe
FirewallRules: [{A4967B98-9263-4D9A-86BD-E45EB81131D9}] => (Allow) LPort=1542
FirewallRules: [{0B39CF90-9205-4D4D-8AE0-DD57E95FB7E8}] => (Allow) LPort=1542
FirewallRules: [{A7564107-3D25-45CE-AE76-ACD34F690568}] => (Allow) LPort=53
FirewallRules: [TCP Query User{366E93D3-2AFD-4CBB-8120-553F448EB7CD}E:\downloads\ldbm\lichdom battlemage\bin32\lichdombattlemage.exe] => (Block) E:\downloads\ldbm\lichdom battlemage\bin32\lichdombattlemage.exe
FirewallRules: [UDP Query User{E4205812-FA12-4EBC-B457-E34DD51C6EA9}E:\downloads\ldbm\lichdom battlemage\bin32\lichdombattlemage.exe] => (Block) E:\downloads\ldbm\lichdom battlemage\bin32\lichdombattlemage.exe
FirewallRules: [TCP Query User{0C9CB934-4D96-410F-AE9A-FBBB39DD1D46}E:\downloads\goa-goy-p2p\goat simulator goat of the year edition-p2p\p2p-goat\p2p-goat\goatsim\binaries\win32\goatgame-win32-shipping.exe] => (Block) E:\downloads\goa-goy-p2p\goat simulator goat of the year edition-p2p\p2p-goat\p2p-goat\goatsim\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [UDP Query User{CCFA0A18-E8D0-4021-AD9D-E653C3EF5568}E:\downloads\goa-goy-p2p\goat simulator goat of the year edition-p2p\p2p-goat\p2p-goat\goatsim\binaries\win32\goatgame-win32-shipping.exe] => (Block) E:\downloads\goa-goy-p2p\goat simulator goat of the year edition-p2p\p2p-goat\p2p-goat\goatsim\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [TCP Query User{6EA67949-9DF2-4784-B4F6-47E0AAD28836}E:\downloads\goat sim\goat simulator goat of the year edition-p2p\p2p-goat\p2p-goat\goatsim\binaries\win32\goatgame-win32-shipping.exe] => (Block) E:\downloads\goat sim\goat simulator goat of the year edition-p2p\p2p-goat\p2p-goat\goatsim\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [UDP Query User{80CA1D36-2FB0-4E22-BF13-41753E818971}E:\downloads\goat sim\goat simulator goat of the year edition-p2p\p2p-goat\p2p-goat\goatsim\binaries\win32\goatgame-win32-shipping.exe] => (Block) E:\downloads\goat sim\goat simulator goat of the year edition-p2p\p2p-goat\p2p-goat\goatsim\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [{3145218B-FBD9-4AFB-B133-A17A32A36721}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{FB3370E0-A42A-4CEB-A804-0732635AAA1A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3BDCF098-75A1-4E34-AB24-C9D24E006CA4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A5CF7C33-9FAF-45C4-AF2A-5555FF10BEE4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{FDB386EA-9777-4ED8-BA56-2EFDAF991A5D}] => (Allow) E:\Programme\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{F22D6293-39FE-4BAC-A133-76E4FC2C6719}] => (Allow) E:\Programme\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{B0000A8C-E298-4B92-912E-70A5B41A10B6}] => (Allow) E:\Programme\Assasins Creed III\AC3SP.exe
FirewallRules: [{C39FED0D-95CD-4650-BEA6-BAC67B2D7D55}] => (Allow) E:\Programme\Assasins Creed III\AC3SP.exe
FirewallRules: [{D7BACB0B-A225-440C-96A2-1030C117C0C2}] => (Allow) E:\Programme\Assasins Creed III\AC3MP.exe
FirewallRules: [{FF5C97D6-0669-4131-8FD9-06768CD84BB7}] => (Allow) E:\Programme\Assasins Creed III\AC3MP.exe
FirewallRules: [{FA392126-FEA6-45DC-B9E6-6DB4A5009572}] => (Allow) E:\Programme\Assasins Creed III\AssassinsCreed3.exe
FirewallRules: [{7C713F40-8DF5-4DC1-AFBB-1FBE1A177F6E}] => (Allow) E:\Programme\Assasins Creed III\AssassinsCreed3.exe
FirewallRules: [{80C79962-F0F8-4107-9707-DAEA51C6BA1C}] => (Allow) E:\Programme\Steam\SteamApps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{55AD4AE4-2AE6-472E-A7FD-BF390AD51AA5}] => (Allow) E:\Programme\Steam\SteamApps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{01C37433-0382-462F-85EE-D1ECD5B5BC33}] => (Allow) E:\Programme\Steam\SteamApps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{20E7E8A9-B9E1-43FE-9B5A-046FC0C3A18B}] => (Allow) E:\Programme\Steam\SteamApps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{175897FA-452C-49A0-990B-36D3A2EFA861}] => (Allow) E:\Programme\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{C1DED10E-3BA3-4733-B569-BA6471C02A47}] => (Allow) E:\Programme\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{BAADD536-7203-4158-B9A8-51F54163C1AF}] => (Allow) E:\Programme\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{126C9FCC-B3A4-4751-A195-715C4DBCA19B}] => (Allow) E:\Programme\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [TCP Query User{8043B5FC-DA6F-49CA-839E-CC41ED1D5FE0}E:\programme\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe] => (Allow) E:\programme\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe
FirewallRules: [UDP Query User{7528866E-B88D-494A-B442-718E97848541}E:\programme\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe] => (Allow) E:\programme\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe
FirewallRules: [{FF058A66-A2B5-422C-BCF3-E4F900AB3221}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{C4FD885D-09FE-4E02-858E-4B2E29222FCB}] => (Allow) E:\Programme\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{64BA3D36-2928-4A39-9A0F-CE165CACCA62}] => (Allow) E:\Programme\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [TCP Query User{BAA949F5-3D1C-4319-963A-D5B291812238}E:\programme\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) E:\programme\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{6EE8280D-7E91-4225-B1C8-904648C34D72}E:\programme\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) E:\programme\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [TCP Query User{78097B75-6F31-4C81-9A7D-F78371BCC7FF}E:\programme\steam\steamapps\common\chivalrymedievalwarfare\cdw\binaries\win64\cdw.exe] => (Allow) E:\programme\steam\steamapps\common\chivalrymedievalwarfare\cdw\binaries\win64\cdw.exe
FirewallRules: [UDP Query User{B71BC5AE-6458-45DA-9A2D-7CC437F76242}E:\programme\steam\steamapps\common\chivalrymedievalwarfare\cdw\binaries\win64\cdw.exe] => (Allow) E:\programme\steam\steamapps\common\chivalrymedievalwarfare\cdw\binaries\win64\cdw.exe
FirewallRules: [{DC8BB13D-638B-4F72-90D7-26D9BAAD45E8}] => (Allow) E:\Programme\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{64513FC1-06CC-4650-8A0B-45F58EB0C62F}] => (Allow) E:\Programme\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{2661D080-2A6D-445E-ABB2-99A9A73AEA31}] => (Allow) E:\Programme\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{9825C8BA-734B-48D1-B127-BD9BD927854C}] => (Allow) E:\Programme\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{9B67DD18-3377-4A3F-9827-26DBB199CEF5}] => (Allow) E:\Programme\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{2A045AAC-3F12-400E-B4C6-35D9BA741DB4}] => (Allow) E:\Programme\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [TCP Query User{BF6A92E6-0F95-40A4-AD0A-17E468A62832}I:\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe] => (Block) I:\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe
FirewallRules: [UDP Query User{7B15D0FE-4DA4-41DF-9125-527ECB87AD80}I:\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe] => (Block) I:\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe
FirewallRules: [{84D1E065-51FF-4567-A449-A363D143FD10}] => (Allow) E:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{23CF9A31-CD04-4AF3-9978-B23DDB60CC5A}] => (Allow) E:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{6FA92CD7-0ABC-4772-AE06-C6CDD433280E}] => (Allow) E:\Programme\Steam\SteamApps\common\grid 2\grid2.exe
FirewallRules: [{C6E4FE6E-A4CD-4070-964D-7A733431B654}] => (Allow) E:\Programme\Steam\SteamApps\common\grid 2\grid2.exe
FirewallRules: [{0BE50CA4-1562-4FA3-AB1A-51D3B9725FF1}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{DF853EA3-0BD6-4760-911D-7868114CE916}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{7C7BA48E-930C-4FFD-A107-D61237E4EEF4}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{07BA5C2B-EC8C-4FDF-9909-D0B96DA0924D}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{D2C623EA-C39C-4F52-B95E-006BFEBB4A0D}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{9F32FD7E-E274-429D-8366-442BA260C3FC}] => (Allow) E:\Programme\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{F9970860-B3C3-40DA-9FEA-36130036CFBC}] => (Allow) E:\Programme\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{21DED4B3-AD60-4E3C-909F-BF803A8370AD}] => (Allow) E:\Programme\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{529CC96F-B359-4462-9F4C-1DE5AA7874C8}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{5B24E472-D439-4BB2-828F-316419EA973A}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{C6A5902A-220F-4C2A-9503-EF5F4AC78A61}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{B689282E-E994-42E2-B83B-C551AA42400F}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{E478F2D4-3D92-459A-8CB5-120C5B63D8B5}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{3C2EB2E1-DC55-4F68-A2DD-D1AF6F774D74}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{665CA9D4-E4E9-4F15-8183-EF19E2441128}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{8C931A00-EB42-48FF-8A01-33EC9495BB22}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{4FACA160-C14A-43EB-AAE4-8EF15D0D4BE7}E:\programme\wolfenstein the new order\wolfenstein the new order german\wolfneworder_x64.exe] => (Block) E:\programme\wolfenstein the new order\wolfenstein the new order german\wolfneworder_x64.exe
FirewallRules: [UDP Query User{CDDF2E14-32F3-4D4D-9D41-F0465B640AEE}E:\programme\wolfenstein the new order\wolfenstein the new order german\wolfneworder_x64.exe] => (Block) E:\programme\wolfenstein the new order\wolfenstein the new order german\wolfneworder_x64.exe
FirewallRules: [{9B6590AC-50A6-4DE8-927A-713388A6EF44}] => (Allow) E:\Programme\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{4B5ED7AE-90A4-4ABA-A28E-A40346F6943F}] => (Allow) E:\Programme\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{AA611099-568A-4A41-9AAC-810C5FFDA3B9}] => (Allow) E:\Programme\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{74FC100C-4BAC-4CDC-B825-93242412C57D}] => (Allow) E:\Programme\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{6653207C-500F-4FAD-94B3-0ABC8DD2BF34}] => (Allow) E:\Programme\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{9D57DCA7-53A1-4660-B490-9B6B64B5C9A1}] => (Allow) E:\Programme\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{08A409A9-D7BF-43E3-A602-65216779DD96}] => (Allow) E:\Programme\Steam\SteamApps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{165F398A-1093-4883-9930-4DC59D7A4765}] => (Allow) E:\Programme\Steam\SteamApps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [TCP Query User{28BFD208-5463-451D-94E1-1B9BC7DDA854}E:\programme\far cry 4\far cry 4\bin\farcry4.exe] => (Block) E:\programme\far cry 4\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{F430BED3-DACD-4A1F-88B6-8125CB8E63D7}E:\programme\far cry 4\far cry 4\bin\farcry4.exe] => (Block) E:\programme\far cry 4\far cry 4\bin\farcry4.exe
FirewallRules: [{F3CF7B63-D80B-4626-9029-C3BF55B2CF25}] => (Allow) E:\Programme\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{FB1F6F93-A4A3-4684-AB92-851ECC9297D6}] => (Allow) E:\Programme\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [TCP Query User{47DFBE5E-499F-48FB-A181-A35E7E762637}E:\programme\company of heroes 2\company of heroes 2\reliccoh2.exe] => (Block) E:\programme\company of heroes 2\company of heroes 2\reliccoh2.exe
FirewallRules: [UDP Query User{C96B953B-DB6E-4941-A4B0-757A33578997}E:\programme\company of heroes 2\company of heroes 2\reliccoh2.exe] => (Block) E:\programme\company of heroes 2\company of heroes 2\reliccoh2.exe
FirewallRules: [{6600AB11-F4FF-4FD3-9D44-F0B249663B05}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1DA234D1-3ED1-4400-8104-167385FCE302}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EAD6A776-C1A3-4BDC-B419-DF3CC12C0281}] => (Allow) E:\Programme\Steam\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [{8DFDB7EA-96C6-45B2-806A-E24B2A0BE02C}] => (Allow) E:\Programme\Steam\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [{3406CBDC-A022-455E-BB26-CC45A7BDC392}] => (Allow) E:\Programme\Steam\SteamApps\common\WormsRevolution\WormsRevolution.exe
FirewallRules: [{9F1AFE9D-5508-49CB-9F76-19A4F1388C63}] => (Allow) E:\Programme\Steam\SteamApps\common\WormsRevolution\WormsRevolution.exe
FirewallRules: [TCP Query User{D2A0A427-23FF-4D9D-8134-4183278B5592}E:\programme\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) E:\programme\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{BB4B8E49-7A11-4BAB-A749-FCCC4A871E71}E:\programme\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) E:\programme\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [TCP Query User{33541720-48A2-41D5-B528-AFCC0CF1ECF2}E:\programme\dying light\dying light\dyinglightgame.exe] => (Block) E:\programme\dying light\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{E7FE5F35-8063-4089-A883-EF3A7724016D}E:\programme\dying light\dying light\dyinglightgame.exe] => (Block) E:\programme\dying light\dying light\dyinglightgame.exe
FirewallRules: [{22B672A0-D761-4D6A-B4B7-F64FABA1730A}] => (Allow) E:\Programme\Steam\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{779CBB8F-8927-4CD5-8C2B-CC259FE52F6F}] => (Allow) E:\Programme\Steam\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [TCP Query User{193929A9-9386-4D63-B5DE-CC7661484202}C:\Program Files\OpenVPN\bin\openvpn.exe] => (Allow) C:\Program Files\OpenVPN\bin\openvpn.exe
FirewallRules: [UDP Query User{DC2D5FCA-16D0-4E27-9B83-EC738B51CA07}C:\Program Files\OpenVPN\bin\openvpn.exe] => (Allow) C:\Program Files\OpenVPN\bin\openvpn.exe
FirewallRules: [{4D423F66-D8AB-44AE-B01D-52B03B7936A9}] => (Allow) E:\Programme\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{40ECA176-3CFC-4AAA-B20F-3BFAEF91CB3A}] => (Allow) E:\Programme\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{272BC383-A829-406C-8C0A-BA2A18DB9D3D}] => (Allow) E:\Programme\Steam\SteamApps\common\Rust\Rust.exe
FirewallRules: [{81AC5D42-A04C-4704-8003-C94FA45248AA}] => (Allow) E:\Programme\Steam\SteamApps\common\Rust\Rust.exe
FirewallRules: [{CE5FCD03-2C17-4E78-9FE8-E32BFB8C766E}] => (Allow) E:\Programme\Steam\SteamApps\common\Rust\Legacy\rust.exe
FirewallRules: [{80ADC9D8-30D7-46CB-9C3C-C463D2694D0F}] => (Allow) E:\Programme\Steam\SteamApps\common\Rust\Legacy\rust.exe
FirewallRules: [TCP Query User{15093DF0-A055-4F42-818E-66F84A7278EC}G:\sonstiges\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe] => (Block) G:\sonstiges\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe
FirewallRules: [UDP Query User{1DD764AC-D614-4A76-939D-786695796C92}G:\sonstiges\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe] => (Block) G:\sonstiges\microsoft.office.professional.plus.2010.vl.x64.sp2.german-mcu\crack\microsoft toolkit.exe
FirewallRules: [{83CBA4A7-FCF9-4C14-A527-B59199D5C001}] => (Allow) E:\Programme\Steam\SteamApps\common\SleepingDogs\HKShip.exe
FirewallRules: [{8C2F0E84-AC94-402E-B080-C6EB616FD081}] => (Allow) E:\Programme\Steam\SteamApps\common\SleepingDogs\HKShip.exe
FirewallRules: [TCP Query User{3D3EDF22-206C-4139-AFB2-752C8EAC0058}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{7FD67DD5-19BC-4901-9220-9CFD16E7FD94}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{A84CCA9C-2775-4DAD-877C-10B3B4AD35F2}] => (Allow) E:\Programme\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{FC829EE0-E9A9-4271-9078-8672DD52B3DA}] => (Allow) E:\Programme\Steam\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [TCP Query User{EF1E5EBD-355C-49A5-A72B-D2ACF6FF392B}E:\programme\gta 5\gta5.exe] => (Allow) E:\programme\gta 5\gta5.exe
FirewallRules: [UDP Query User{C3156579-4BF6-4C2B-A2A8-176C03CC8DCA}E:\programme\gta 5\gta5.exe] => (Allow) E:\programme\gta 5\gta5.exe
FirewallRules: [{BCCB1445-8058-41A8-9FCD-E8EC324CC440}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{A5FEE466-AE08-46A6-AC39-61D8CB376579}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{8608C00B-E65E-41B2-9F1B-6C2028BE69E0}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{2D9703EB-DBEA-47B8-8E9F-04D8910B98F0}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [TCP Query User{23E15B51-BF8A-40EF-8B0A-3A4E69126DFC}E:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) E:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [UDP Query User{77D0A513-9A42-4CF3-B324-015291FC1AE4}E:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) E:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [{3A8D7A81-9173-41A9-AF37-DBB798B3AC28}] => (Allow) E:\Programme\Steam\SteamApps\common\insurgency2\insurgency.exe
FirewallRules: [{55D1FD90-F3BB-4004-A0ED-ABC25E43558C}] => (Allow) E:\Programme\Steam\SteamApps\common\insurgency2\insurgency.exe
FirewallRules: [TCP Query User{1BCD782D-5586-47F8-A5D9-A32CBFBBA246}C:\users\moritz\desktop\microsoft toolkit.exe] => (Allow) C:\users\moritz\desktop\microsoft toolkit.exe
FirewallRules: [UDP Query User{1A47E407-6F1D-49B7-A85A-79E0855752F7}C:\users\moritz\desktop\microsoft toolkit.exe] => (Allow) C:\users\moritz\desktop\microsoft toolkit.exe
FirewallRules: [{90A1B2B7-6481-47EA-A517-42AE89A63CE3}] => (Allow) E:\Programme\Steam\SteamApps\common\Worms Clan Wars\WormsClanWars.exe
FirewallRules: [{0A24BE58-DDB2-452E-8471-D0ABD256362F}] => (Allow) E:\Programme\Steam\SteamApps\common\Worms Clan Wars\WormsClanWars.exe
FirewallRules: [TCP Query User{4449331D-B7B2-49EF-B76A-48EC9E0A6786}C:\users\moritz\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\moritz\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{D3799B63-4753-4A81-AE8D-F98A0352F7EE}C:\users\moritz\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\moritz\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9C7F33D4-B81D-4234-BCE0-18A3B7EB344E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F9E7D781-EA50-4A3F-8EA7-7F81250BEE6D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8048DCCD-272F-4C91-A2C9-A2EC17A881BC}] => (Allow) E:\Programme\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{BFE71DEC-3CD6-4BBA-85E8-0D9E1F7F621A}] => (Allow) E:\Programme\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{8157D4D5-AA29-49AA-992F-D89F83C9C3A5}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{636ADD68-371F-487D-8FF3-39BC34921934}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{DB7A3645-FF67-4CAC-AFBB-80FA26F9D17D}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{A090F100-31BD-4351-B02D-61C83A0015CF}] => (Allow) E:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [TCP Query User{0AF77098-3F6E-4BDB-892C-4813CF1675E9}E:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) E:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [UDP Query User{952F1315-D8D4-4E21-A818-F48D9D4CAE7D}E:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) E:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [{B3A77A6B-9CCB-46A9-BF3F-277A7B087826}] => (Allow) E:\Programme\Steam\SteamApps\common\Star Wars Republic Commando\GameData\System\SWRepublicCommando.exe
FirewallRules: [{792178EC-0D5D-4566-B41D-93359E0FD7C9}] => (Allow) E:\Programme\Steam\SteamApps\common\Star Wars Republic Commando\GameData\System\SWRepublicCommando.exe
FirewallRules: [{0C09BD9D-116E-46C1-A3F0-021DA04CF309}] => (Allow) E:\Programme\Steam\SteamApps\common\Firewatch\Firewatch.exe
FirewallRules: [{185182B9-44F4-46DA-A139-B640D40C7BD3}] => (Allow) E:\Programme\Steam\SteamApps\common\Firewatch\Firewatch.exe
FirewallRules: [{CC3D82A3-B5D1-48BD-B2C7-1FC1308C58B1}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{F0398C61-D380-41BE-8B49-CE8671852B53}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{09853F4D-C08A-4C44-A0C3-651976FD7A12}] => (Allow) E:\Programme\Steam\SteamApps\common\Day of the Tentacle Remastered\Dott.exe
FirewallRules: [{85688F78-4467-4F5B-99FA-428292CD3CAD}] => (Allow) E:\Programme\Steam\SteamApps\common\Day of the Tentacle Remastered\Dott.exe
FirewallRules: [TCP Query User{F310E270-D523-4AAE-9A61-9EAEA3E13584}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [UDP Query User{645F17DC-9E39-4A7E-AFE0-4C8B76902B56}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [{46AF9636-F522-4442-8986-F34E3D5D711E}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{2D630AD7-E9F9-4502-8AB1-F4103D501BCE}] => (Allow) E:\Programme\Steam\SteamApps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe
FirewallRules: [{1C65D9B4-7168-46A0-A1CB-3C8160C909ED}] => (Allow) E:\Programme\Steam\SteamApps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe
FirewallRules: [{9BF1CA9B-A955-4A4E-ACC6-AE9DE1B0A8F2}] => (Allow) E:\Programme\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C731DBB6-CF7D-430D-BDCD-6574D95430D5}] => (Allow) E:\Programme\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{23D7BD37-12B2-4F7A-B72E-A2C5FE9CE3CD}] => (Allow) E:\Programme\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{F5F2528C-0CE6-4A83-96D7-0A46DA679B1C}] => (Allow) E:\Programme\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{A937D96F-5191-4D67-A53B-18C174E84940}] => (Allow) E:\Programme\Steam\SteamApps\common\BioShock Remastered\Build\Final\BioshockHD.exe
FirewallRules: [{02C4124C-3FE8-402B-B7DF-436B184E1C2A}] => (Allow) E:\Programme\Steam\SteamApps\common\BioShock Remastered\Build\Final\BioshockHD.exe
FirewallRules: [{20A101F3-8A38-4D76-9C8F-52DED032B7D7}] => (Allow) E:\Programme\Steam\SteamApps\common\The Walking Dead - A New Frontier (Season 3)\WalkingDead3_win8.exe
FirewallRules: [{36777EE1-AC1A-4973-8F8A-8CB2E20A7A9D}] => (Allow) E:\Programme\Steam\SteamApps\common\The Walking Dead - A New Frontier (Season 3)\WalkingDead3_win8.exe
FirewallRules: [{44D00FB1-BC73-4220-9D8A-FD4136203F1E}] => (Allow) E:\Programme\Steam\SteamApps\common\The Walking Dead - A New Frontier (Season 3)\WalkingDead3_win7.exe
FirewallRules: [{EF7D0523-FCC5-4B1B-84D8-8828A39F6FCB}] => (Allow) E:\Programme\Steam\SteamApps\common\The Walking Dead - A New Frontier (Season 3)\WalkingDead3_win7.exe
FirewallRules: [{8D5EBC86-0A97-42D7-B8E5-82C46B9FC7D4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1F007600-62A9-4C3A-88A9-AFEBEAC8DC40}] => (Allow) E:\Programme\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{F0783921-5361-405E-815E-C2F5AA11E73B}] => (Allow) E:\Programme\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [TCP Query User{2EC20945-A94F-4566-9AA7-2D74A8600C1F}C:\users\moritz\desktop\microsoft toolkit.exe] => (Block) C:\users\moritz\desktop\microsoft toolkit.exe
FirewallRules: [UDP Query User{57530A65-6715-46D6-88B3-C6633576F1C8}C:\users\moritz\desktop\microsoft toolkit.exe] => (Block) C:\users\moritz\desktop\microsoft toolkit.exe

==================== Wiederherstellungspunkte =========================

19-02-2017 16:05:08 Removed Vegas Pro 12.0 (64-bit)
20-02-2017 10:40:38 Removed Microsoft Office Professional Plus 2010

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Hamachi Network Interface
Description: Hamachi Network Interface
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/20/2017 10:52:12 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (02/20/2017 10:52:12 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (02/20/2017 10:52:12 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (02/20/2017 10:48:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (02/20/2017 10:40:37 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {8e3616e0-5daa-4053-a29a-27e8281f2a73}

Error: (02/20/2017 10:37:28 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (02/20/2017 10:37:28 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (02/20/2017 10:37:28 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (02/20/2017 10:33:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (02/19/2017 07:15:15 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.


Systemfehler:
=============
Error: (02/20/2017 10:48:34 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID 
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 und APPID 
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.

Error: (02/20/2017 10:48:00 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
sptd

Error: (02/20/2017 10:47:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (02/20/2017 10:47:59 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (02/20/2017 10:47:19 AM) (Source: sptd) (EventID: 4) (User: )
Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für  festgestellt.

Error: (02/20/2017 10:33:45 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID 
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
 und APPID 
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
 gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.

Error: (02/20/2017 10:33:11 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
sptd

Error: (02/20/2017 10:33:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (02/20/2017 10:33:11 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (02/20/2017 10:32:32 AM) (Source: sptd) (EventID: 4) (User: )
Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für  festgestellt.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Xeon(R) CPU E3-1230 v3 @ 3.30GHz
Prozentuale Nutzung des RAM: 15%
Installierter physikalischer RAM: 16303.22 MB
Verfügbarer physikalischer RAM: 13771.4 MB
Summe virtueller Speicher: 32604.62 MB
Verfügbarer virtueller Speicher: 29924.84 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:223.47 GB) (Free:38.02 GB) NTFS
Drive e: (Data) (Fixed) (Total:931.51 GB) (Free:240.07 GB) NTFS
Drive j: (Stick_Transcend_32GB) (Removable) (Total:29.42 GB) (Free:19 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 9B757ED2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 1DE46529)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 29.4 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=29.4 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         


Alt 20.02.2017, 11:10   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Virenprüfung meldet infizierte Dateien mit Win32:DH - Standard

Virenprüfung meldet infizierte Dateien mit Win32:DH



Bitte Avast deinstallieren. Das Teil können wir einfach nicht mehr guten Gewissens empfehlen. => Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog

Auch andere Freewareanbieter wie Avira, AVG oder Panda springen auf diesen oder ähnlichen Zügen rauf, basteln Junkware in die Setups, arbeiten mit ASK zusammen etc; so was ist bei Sicherheitssoftware einfach inakzeptabel.

Gib Bescheid wenn Avast weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________
--> Virenprüfung meldet infizierte Dateien mit Win32:DH

Alt 20.02.2017, 11:24   #7
Jens85
 
Virenprüfung meldet infizierte Dateien mit Win32:DH - Standard

Virenprüfung meldet infizierte Dateien mit Win32:DH



Okay, wurde gemacht. Wird ein neuer frst log benötigt?

Geändert von Jens85 (20.02.2017 um 11:45 Uhr)

Alt 20.02.2017, 12:13   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Virenprüfung meldet infizierte Dateien mit Win32:DH - Standard

Virenprüfung meldet infizierte Dateien mit Win32:DH



1. Schritt: Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers




2. Schritt: Kaspersky TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 20.02.2017, 12:45   #9
Jens85
 
Virenprüfung meldet infizierte Dateien mit Win32:DH - Standard

Virenprüfung meldet infizierte Dateien mit Win32:DH



Erstmal Danke soweit.
Hier die Logs:

Code:
ATTFilter
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.3.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.18537

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 3.299000 GHz
Memory total: 17095163904, free: 14645968896

Downloaded database version: v2017.02.20.03
Downloaded database version: v2017.02.15.01
Downloaded database version: v2017.02.15.02
=======================================
Initializing...
Driver version: 0.3.0.4
------------ Kernel report ------------
     02/20/2017 12:23:56
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\SCSIPORT.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\DRIVERS\iusb3hcs.sys
\SystemRoot\system32\DRIVERS\vidsflt.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\vididr.sys
\SystemRoot\system32\DRIVERS\tib_mounter.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\system32\DRIVERS\tib.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\system32\DRIVERS\snapman.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\system32\DRIVERS\fltsrv.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\dtsoftbus01.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\??\C:\Windows\system32\drivers\HWiNFO64A.SYS
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\iusb3xhc.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\TeeDriverx64.sys
\SystemRoot\system32\DRIVERS\e1d62x64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\drivers\cmudaxp.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\tap0901.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\drivers\LGBusEnum.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\drivers\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtihdW76.sys
\SystemRoot\system32\DRIVERS\iusb3hub.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_msahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\xusb21.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\I1KBFLTR.sys
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\??\C:\Windows\system32\drivers\amdacpksd.sys
\SystemRoot\system32\DRIVERS\IntelHaxm.sys
\SystemRoot\system32\DRIVERS\afcdp.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Users\Moritz\AppData\Local\Temp\tmpBA0B.tmp
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\system32\drivers\spsys.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\nsi.dll
\Windows\System32\shell32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\setupapi.dll
\Windows\System32\ole32.dll
\Windows\System32\usp10.dll
\Windows\System32\wininet.dll
\Windows\System32\difxapi.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\psapi.dll
\Windows\System32\urlmon.dll
\Windows\System32\msvcrt.dll
\Windows\System32\oleaut32.dll
\Windows\System32\lpk.dll
\Windows\System32\Wldap32.dll
\Windows\System32\gdi32.dll
\Windows\System32\sechost.dll
\Windows\System32\imm32.dll
\Windows\System32\comdlg32.dll
\Windows\System32\normaliz.dll
\Windows\System32\kernel32.dll
\Windows\System32\iertutil.dll
\Windows\System32\imagehlp.dll
\Windows\System32\advapi32.dll
\Windows\System32\ws2_32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\msctf.dll
\Windows\System32\user32.dll
\Windows\System32\comctl32.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\devobj.dll
\Windows\System32\crypt32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\wintrust.dll
\Windows\System32\userenv.dll
\Windows\System32\msasn1.dll
\Windows\System32\profapi.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2017.02.20.03
  rootkit: v2017.02.15.01

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa800d149790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800d01fb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800d149790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800d01be00, DeviceName: Unknown, DriverName: \Driver\vidsflt\
DevicePointer: 0xfffffa800cee3060, DeviceName: \Device\Ide\IdeDeviceP2T0L0-2\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 9B757ED2

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 204800
    Partition is bootable
    Partition file system is NTFS

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 206848  Numsec = 468652032
    Partition is not bootable
    Partition file system is NTFS

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

Disk Size: 240057409536 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa800d138790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800d1382c0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800d138790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800d149530, DeviceName: Unknown, DriverName: \Driver\vidsflt\
DevicePointer: 0xfffffa800ced6060, DeviceName: \Device\Ide\IdeDeviceP1T0L0-1\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 1DE46529

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048  Numsec = 1953519616
    Partition is not bootable
    Partition file system is NTFS

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 2, DevicePointer: 0xfffffa800d358060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800deadb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800d358060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800deabe00, DeviceName: Unknown, DriverName: \Driver\vidsflt\
DevicePointer: 0xfffffa800deaa990, DeviceName: \Device\00000083\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 2
Scanning MBR on drive 2...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: C3072E18

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 96  Numsec = 61702048
    Partition is not bootable
    Partition file system is NTFS

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

Disk Size: 31591497728 bytes
Sector size: 512 bytes

Done!
Infected: C:\Users\Moritz\AppData\Local\Temp\_avast_\unp16039750.tmp\13.exe --> [HackTool.WinActivator]
Scan finished
Creating System Restore point...
Cleaning up...
Removal scheduling successful. System shutdown needed.
System shutdown occurred
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-206848-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-2-0-96-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-r.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.3.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.18537

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 3.299000 GHz
Memory total: 17095163904, free: 14731411456

=======================================
Initializing...
Driver version: 0.3.0.4
------------ Kernel report ------------
     02/20/2017 12:32:10
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\imofugc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\SCSIPORT.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\DRIVERS\iusb3hcs.sys
\SystemRoot\system32\DRIVERS\vidsflt.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\vididr.sys
\SystemRoot\system32\DRIVERS\tib_mounter.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\system32\DRIVERS\tib.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\system32\DRIVERS\snapman.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\system32\DRIVERS\fltsrv.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\dtsoftbus01.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\??\C:\Windows\system32\drivers\HWiNFO64A.SYS
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\iusb3xhc.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\TeeDriverx64.sys
\SystemRoot\system32\DRIVERS\e1d62x64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\drivers\cmudaxp.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\tap0901.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\drivers\LGBusEnum.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\drivers\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtihdW76.sys
\SystemRoot\system32\DRIVERS\iusb3hub.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_msahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\xusb21.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\I1KBFLTR.sys
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\??\C:\Windows\system32\drivers\amdacpksd.sys
\SystemRoot\system32\DRIVERS\IntelHaxm.sys
\SystemRoot\system32\DRIVERS\afcdp.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Users\Moritz\AppData\Local\Temp\tmpBA0B.tmp
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\SystemRoot\system32\drivers\spsys.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\imagehlp.dll
\Windows\System32\shlwapi.dll
\Windows\System32\msctf.dll
\Windows\System32\normaliz.dll
\Windows\System32\user32.dll
\Windows\System32\shell32.dll
\Windows\System32\wininet.dll
\Windows\System32\setupapi.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\advapi32.dll
\Windows\System32\oleaut32.dll
\Windows\System32\kernel32.dll
\Windows\System32\psapi.dll
\Windows\System32\Wldap32.dll
\Windows\System32\usp10.dll
\Windows\System32\nsi.dll
\Windows\System32\ole32.dll
\Windows\System32\ws2_32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\iertutil.dll
\Windows\System32\comdlg32.dll
\Windows\System32\imm32.dll
\Windows\System32\lpk.dll
\Windows\System32\gdi32.dll
\Windows\System32\sechost.dll
\Windows\System32\urlmon.dll
\Windows\System32\difxapi.dll
\Windows\System32\clbcatq.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\comctl32.dll
\Windows\System32\crypt32.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\KernelBase.dll
\Windows\System32\devobj.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\wintrust.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\userenv.dll
\Windows\System32\profapi.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2017.02.20.03
  rootkit: v2017.02.15.01

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa800d168790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800d05fb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800d168790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800d05ab40, DeviceName: Unknown, DriverName: \Driver\vidsflt\
DevicePointer: 0xfffffa800cf02060, DeviceName: \Device\Ide\IdeDeviceP2T0L0-2\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 9B757ED2

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 204800
    Partition is bootable
    Partition file system is NTFS

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 206848  Numsec = 468652032
    Partition is not bootable
    Partition file system is NTFS

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

Disk Size: 240057409536 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa800d157790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800d1572c0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800d157790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800d168530, DeviceName: Unknown, DriverName: \Driver\vidsflt\
DevicePointer: 0xfffffa800cedd060, DeviceName: \Device\Ide\IdeDeviceP1T0L0-1\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 1DE46529

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048  Numsec = 1953519616
    Partition is not bootable
    Partition file system is NTFS

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 2, DevicePointer: 0xfffffa800e32e790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800e144b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800e32e790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800e13de00, DeviceName: Unknown, DriverName: \Driver\vidsflt\
DevicePointer: 0xfffffa800e141b60, DeviceName: \Device\00000083\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 2
Scanning MBR on drive 2...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: C3072E18

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 96  Numsec = 61702048
    Partition is not bootable
    Partition file system is NTFS

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

Disk Size: 31591497728 bytes
Sector size: 512 bytes

Done!
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-206848-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-2-0-96-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-r.mbam...
Removal finished
         

Alt 20.02.2017, 12:45   #10
Jens85
 
Virenprüfung meldet infizierte Dateien mit Win32:DH - Standard

Virenprüfung meldet infizierte Dateien mit Win32:DH



Code:
ATTFilter
12:38:53.0863 0x0b1c  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
12:38:58.0725 0x0b1c  ============================================================
12:38:58.0725 0x0b1c  Current date / time: 2017/02/20 12:38:58.0725
12:38:58.0725 0x0b1c  SystemInfo:
12:38:58.0725 0x0b1c  
12:38:58.0725 0x0b1c  OS Version: 6.1.7601 ServicePack: 1.0
12:38:58.0725 0x0b1c  Product type: Workstation
12:38:58.0725 0x0b1c  ComputerName: MORITZ2-PC
12:38:58.0725 0x0b1c  UserName: Moritz
12:38:58.0725 0x0b1c  Windows directory: C:\Windows
12:38:58.0725 0x0b1c  System windows directory: C:\Windows
12:38:58.0725 0x0b1c  Running under WOW64
12:38:58.0725 0x0b1c  Processor architecture: Intel x64
12:38:58.0725 0x0b1c  Number of processors: 8
12:38:58.0725 0x0b1c  Page size: 0x1000
12:38:58.0725 0x0b1c  Boot type: Normal boot
12:38:58.0725 0x0b1c  CodeIntegrityOptions = 0x00000001
12:38:58.0725 0x0b1c  ============================================================
12:38:59.0252 0x0b1c  KLMD registered as C:\Windows\system32\drivers\09133975.sys
12:38:59.0252 0x0b1c  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23572, osProperties = 0x1
12:38:59.0310 0x0b1c  System UUID: {DF0E4705-3441-119B-07D8-5F3ACBE2D13C}
12:38:59.0686 0x0b1c  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:38:59.0687 0x0b1c  Drive \Device\Harddisk0\DR0 - Size: 0x37E4896000 ( 223.57 Gb ), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:38:59.0697 0x0b1c  Drive \Device\Harddisk2\DR2 - Size: 0x75B000000 ( 29.42 Gb ), SectorSize: 0x200, Cylinders: 0xF00, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:38:59.0702 0x0b1c  ============================================================
12:38:59.0702 0x0b1c  \Device\Harddisk1\DR1:
12:38:59.0702 0x0b1c  MBR partitions:
12:38:59.0702 0x0b1c  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
12:38:59.0702 0x0b1c  \Device\Harddisk0\DR0:
12:38:59.0702 0x0b1c  MBR partitions:
12:38:59.0702 0x0b1c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:38:59.0702 0x0b1c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1BEF1000
12:38:59.0702 0x0b1c  \Device\Harddisk2\DR2:
12:38:59.0703 0x0b1c  MBR partitions:
12:38:59.0703 0x0b1c  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x60, BlocksNum 0x3AD7FA0
12:38:59.0703 0x0b1c  ============================================================
12:38:59.0704 0x0b1c  C: <-> \Device\Harddisk0\DR0\Partition2
12:38:59.0722 0x0b1c  E: <-> \Device\Harddisk1\DR1\Partition1
12:38:59.0722 0x0b1c  ============================================================
12:38:59.0722 0x0b1c  Initialize success
12:38:59.0722 0x0b1c  ============================================================
12:39:24.0349 0x17a4  ============================================================
12:39:24.0349 0x17a4  Scan started
12:39:24.0349 0x17a4  Mode: Manual; SigCheck; TDLFS; 
12:39:24.0349 0x17a4  ============================================================
12:39:24.0349 0x17a4  KSN ping started
12:39:24.0521 0x17a4  KSN ping finished: true
12:39:25.0100 0x17a4  ================ Scan system memory ========================
12:39:25.0100 0x17a4  System memory - ok
12:39:25.0100 0x17a4  ================ Scan services =============================
12:39:25.0137 0x17a4  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:39:25.0161 0x17a4  1394ohci - ok
12:39:25.0170 0x17a4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:39:25.0179 0x17a4  ACPI - ok
12:39:25.0181 0x17a4  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:39:25.0193 0x17a4  AcpiPmi - ok
12:39:25.0213 0x17a4  [ 8054C6835F89CA2367798396423608F1, 086B19922CA9DA1BD45BB1CE5E9303A137A09EC6D5971F59341A612CE3BB50BC ] AcrSch2Svc      C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
12:39:25.0233 0x17a4  AcrSch2Svc - ok
12:39:25.0237 0x17a4  [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:39:25.0242 0x17a4  AdobeARMservice - ok
12:39:25.0251 0x17a4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
12:39:25.0262 0x17a4  adp94xx - ok
12:39:25.0270 0x17a4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
12:39:25.0278 0x17a4  adpahci - ok
12:39:25.0283 0x17a4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
12:39:25.0289 0x17a4  adpu320 - ok
12:39:25.0293 0x17a4  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:39:25.0300 0x17a4  AeLookupSvc - ok
12:39:25.0307 0x17a4  [ ABCF9C80EAACE03021BB7F450EB8993F, 8E38726C423E82954CA85266D6F38B605D010A659420A4EF99D29035A9474BFB ] afcdp           C:\Windows\system32\DRIVERS\afcdp.sys
12:39:25.0318 0x17a4  afcdp - ok
12:39:25.0375 0x17a4  [ 3625E0DEAE06134C3B6FD4CC90329912, B2DD2931C9CD6B6C1D8BB26D78ABD095723EBEA82B2DF26DB99605B3E106CD10 ] afcdpsrv        C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
12:39:25.0430 0x17a4  afcdpsrv - ok
12:39:25.0441 0x17a4  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
12:39:25.0454 0x17a4  AFD - ok
12:39:25.0457 0x17a4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
12:39:25.0462 0x17a4  agp440 - ok
12:39:25.0464 0x17a4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
12:39:25.0473 0x17a4  ALG - ok
12:39:25.0476 0x17a4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:39:25.0480 0x17a4  aliide - ok
12:39:25.0492 0x17a4  ALSysIO - ok
12:39:25.0498 0x17a4  [ 128E410A4935CAF039B8B2566B9CDEC3, F688154E9A3109E796F49D911C003223C5A4436FB4FF976C3C1216DA728A4CD3 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:39:25.0508 0x17a4  AMD External Events Utility - ok
12:39:25.0514 0x17a4  [ DEFDB9543F04FFEB060A02EC631315C0, 11848CA1AC5BB085EDBE68AFF8A690B2ADCE1F8637186ECEE5FF395E2E7DE3CF ] amdacpksd       C:\Windows\system32\drivers\amdacpksd.sys
12:39:25.0523 0x17a4  amdacpksd - ok
12:39:25.0528 0x17a4  [ 7F7FD795017E887CD460D94C64FF5E15, AF9D06B1DB07CD6CF59508C1CEBF607BDCEA071545B11CFE0F763149F767AFBD ] amdacpusrsvc    C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
12:39:25.0531 0x17a4  amdacpusrsvc - detected UnsignedFile.Multi.Generic ( 1 )
12:39:25.0788 0x17a4  Detect skipped due to KSN trusted
12:39:25.0788 0x17a4  amdacpusrsvc - ok
12:39:25.0790 0x17a4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
12:39:25.0795 0x17a4  amdide - ok
12:39:25.0798 0x17a4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
12:39:25.0804 0x17a4  AmdK8 - ok
12:39:25.0806 0x17a4  amdkmdag - ok
12:39:25.0815 0x17a4  [ E23D39E82905A7587C4AFF2D31A18456, E9F7DBB09D2292379E0AE15B07EBCB386088E469EBC53790053D2948DBA405B7 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
12:39:25.0828 0x17a4  amdkmdap - ok
12:39:25.0831 0x17a4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
12:39:25.0837 0x17a4  AmdPPM - ok
12:39:25.0841 0x17a4  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:39:25.0847 0x17a4  amdsata - ok
12:39:25.0851 0x17a4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
12:39:25.0859 0x17a4  amdsbs - ok
12:39:25.0861 0x17a4  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:39:25.0866 0x17a4  amdxata - ok
12:39:25.0869 0x17a4  [ FCE5C79717A487BDC71F3DEC78A684CA, F5520F112A4EBDD10444AA5E9FDB9125219FCF768FEB95AB608BC84D60136816 ] AppID           C:\Windows\system32\drivers\appid.sys
12:39:25.0877 0x17a4  AppID - ok
12:39:25.0879 0x17a4  [ 8921E1D8AE5171691F186A7C5B98B630, 4A37313BB94D4B49D0294C9439AD0793DE328F9F4DA1C47E34E6ACEA46AF6E14 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:39:25.0885 0x17a4  AppIDSvc - ok
12:39:25.0888 0x17a4  [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo         C:\Windows\System32\appinfo.dll
12:39:25.0895 0x17a4  Appinfo - ok
12:39:25.0900 0x17a4  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
12:39:25.0908 0x17a4  AppMgmt - ok
12:39:25.0911 0x17a4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
12:39:25.0916 0x17a4  arc - ok
12:39:25.0919 0x17a4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
12:39:25.0924 0x17a4  arcsas - ok
12:39:25.0934 0x17a4  [ EE424A5CE56E3923D59BB7DE2E15036D, 8B8196870EFE74D43EDA72674021A46846D370E97A6A058134D84A721AECD091 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:39:25.0940 0x17a4  aspnet_state - ok
12:39:25.0942 0x17a4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:39:25.0983 0x17a4  AsyncMac - ok
12:39:25.0985 0x17a4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
12:39:25.0990 0x17a4  atapi - ok
12:39:25.0994 0x17a4  [ F9DB31BC5CD3700D37DB136BA56E5E9D, 9AB7421975500EE7FE583CCF86914F94E697606A9199DC4F27D5609554C5D3F7 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
12:39:26.0001 0x17a4  AtiHDAudioService - ok
12:39:26.0014 0x17a4  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:39:26.0030 0x17a4  AudioEndpointBuilder - ok
12:39:26.0041 0x17a4  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:39:26.0055 0x17a4  AudioSrv - ok
12:39:26.0059 0x17a4  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:39:26.0075 0x17a4  AxInstSV - ok
12:39:26.0083 0x17a4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
12:39:26.0095 0x17a4  b06bdrv - ok
12:39:26.0101 0x17a4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:39:26.0110 0x17a4  b57nd60a - ok
12:39:26.0114 0x17a4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:39:26.0121 0x17a4  BDESVC - ok
12:39:26.0123 0x17a4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:39:26.0141 0x17a4  Beep - ok
12:39:26.0153 0x17a4  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
12:39:26.0169 0x17a4  BFE - ok
12:39:26.0183 0x17a4  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
12:39:26.0238 0x17a4  BITS - ok
12:39:26.0241 0x17a4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:39:26.0247 0x17a4  blbdrive - ok
12:39:26.0250 0x17a4  [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:39:26.0258 0x17a4  bowser - ok
12:39:26.0260 0x17a4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
12:39:26.0267 0x17a4  BrFiltLo - ok
12:39:26.0269 0x17a4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
12:39:26.0275 0x17a4  BrFiltUp - ok
12:39:26.0279 0x17a4  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
12:39:26.0297 0x17a4  BridgeMP - ok
12:39:26.0301 0x17a4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
12:39:26.0308 0x17a4  Browser - ok
12:39:26.0314 0x17a4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:39:26.0325 0x17a4  Brserid - ok
12:39:26.0328 0x17a4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:39:26.0335 0x17a4  BrSerWdm - ok
12:39:26.0337 0x17a4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:39:26.0343 0x17a4  BrUsbMdm - ok
12:39:26.0345 0x17a4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:39:26.0351 0x17a4  BrUsbSer - ok
12:39:26.0354 0x17a4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
12:39:26.0361 0x17a4  BTHMODEM - ok
12:39:26.0365 0x17a4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
12:39:26.0385 0x17a4  bthserv - ok
12:39:26.0388 0x17a4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:39:26.0406 0x17a4  cdfs - ok
12:39:26.0410 0x17a4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:39:26.0417 0x17a4  cdrom - ok
12:39:26.0420 0x17a4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:39:26.0438 0x17a4  CertPropSvc - ok
12:39:26.0441 0x17a4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
12:39:26.0448 0x17a4  circlass - ok
12:39:26.0455 0x17a4  [ 3D67C27DD17B254D7915FA16A5AE3573, 5B3A6C6A7F940C06362775DAF13CEADA37C7AA84A509458A57C23B4369970A90 ] CLFS            C:\Windows\system32\CLFS.sys
12:39:26.0465 0x17a4  CLFS - ok
12:39:26.0470 0x17a4  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:39:26.0475 0x17a4  clr_optimization_v2.0.50727_32 - ok
12:39:26.0479 0x17a4  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:39:26.0484 0x17a4  clr_optimization_v2.0.50727_64 - ok
12:39:26.0492 0x17a4  [ 5BAF4F1296D4D91FC28560CDB4C37C4B, ACA4BC57ED1F8432F18F0F215EC7FF956BAEF6E02760779E264E4008A979E9DD ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:39:26.0499 0x17a4  clr_optimization_v4.0.30319_32 - ok
12:39:26.0502 0x17a4  [ 569B54004A7E85A74FD92841DE6058E2, 58949313D0F6B1C06359B2F3C68E29940B1655A17E93FFC3718F6D2EAE1633E4 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:39:26.0509 0x17a4  clr_optimization_v4.0.30319_64 - ok
12:39:26.0512 0x17a4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
12:39:26.0517 0x17a4  CmBatt - ok
12:39:26.0519 0x17a4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:39:26.0523 0x17a4  cmdide - ok
12:39:26.0563 0x17a4  [ 0367F029425CBD5506E8DB2757FF3A8F, EABE6AE4CDB692717AD243D8AA9E11E7AEC0E566204C6873F7E6D24AA5593043 ] cmudaxp         C:\Windows\system32\drivers\cmudaxp.sys
12:39:26.0606 0x17a4  cmudaxp - ok
12:39:26.0616 0x17a4  [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG             C:\Windows\system32\Drivers\cng.sys
12:39:26.0630 0x17a4  CNG - ok
12:39:26.0633 0x17a4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
12:39:26.0637 0x17a4  Compbatt - ok
12:39:26.0640 0x17a4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
12:39:26.0647 0x17a4  CompositeBus - ok
12:39:26.0649 0x17a4  COMSysApp - ok
12:39:26.0651 0x17a4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
12:39:26.0656 0x17a4  crcdisk - ok
12:39:26.0661 0x17a4  [ 2C6632CECFDBBE793FDA8AF9CA55A9CC, 335188515F798483660E529204A13012E4D21B0ECA489224A11C26F91A5B3CCE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:39:26.0671 0x17a4  CryptSvc - ok
12:39:26.0680 0x17a4  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
12:39:26.0692 0x17a4  CSC - ok
12:39:26.0704 0x17a4  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
12:39:26.0719 0x17a4  CscService - ok
12:39:26.0729 0x17a4  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:39:26.0742 0x17a4  DcomLaunch - ok
12:39:26.0749 0x17a4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
12:39:26.0770 0x17a4  defragsvc - ok
12:39:26.0774 0x17a4  [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:39:26.0782 0x17a4  DfsC - ok
12:39:26.0788 0x17a4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:39:26.0798 0x17a4  Dhcp - ok
12:39:26.0819 0x17a4  [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack       C:\Windows\system32\diagtrack.dll
12:39:26.0844 0x17a4  DiagTrack - ok
12:39:26.0848 0x17a4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
12:39:26.0866 0x17a4  discache - ok
12:39:26.0869 0x17a4  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
12:39:26.0874 0x17a4  Disk - ok
12:39:26.0877 0x17a4  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
12:39:26.0883 0x17a4  dmvsc - ok
12:39:26.0887 0x17a4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:39:26.0895 0x17a4  Dnscache - ok
12:39:26.0901 0x17a4  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:39:26.0922 0x17a4  dot3svc - ok
12:39:26.0926 0x17a4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
12:39:26.0946 0x17a4  DPS - ok
12:39:26.0948 0x17a4  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:39:26.0953 0x17a4  drmkaud - ok
12:39:26.0959 0x17a4  [ 6A0E850DDCB136AA3D2FB7234382DF12, C01863E95F45E1B74AC65C9CD12C8DC769299218255B3C94E3EBF58C4D79FEF3 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
12:39:26.0967 0x17a4  dtsoftbus01 - ok
12:39:26.0983 0x17a4  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:39:27.0001 0x17a4  DXGKrnl - ok
12:39:27.0012 0x17a4  [ 73F8DE25B04A66CE3BE5D09A10DE56E6, ABA5AA50D936897CC71D710BBCF9A1B1CCCAC290FCD10A710E4471C1CDDE1093 ] e1dexpress      C:\Windows\system32\DRIVERS\e1d62x64.sys
12:39:27.0023 0x17a4  e1dexpress - ok
12:39:27.0027 0x17a4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
12:39:27.0046 0x17a4  EapHost - ok
12:39:27.0048 0x17a4  EasyAntiCheat - ok
12:39:27.0096 0x17a4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
12:39:27.0146 0x17a4  ebdrv - ok
12:39:27.0150 0x17a4  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] EFS             C:\Windows\System32\lsass.exe
12:39:27.0157 0x17a4  EFS - ok
12:39:27.0169 0x17a4  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:39:27.0185 0x17a4  ehRecvr - ok
12:39:27.0189 0x17a4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
12:39:27.0196 0x17a4  ehSched - ok
12:39:27.0206 0x17a4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
12:39:27.0218 0x17a4  elxstor - ok
12:39:27.0222 0x17a4  [ 20ECD0A490A121CB34F553FAD1DBBD39, 17C9DA33E78FBC7582B0AA53C611929B80FBBE1343B84A179D515B51C964D218 ] EpsonScanSvc    C:\Windows\system32\EscSvc64.exe
12:39:27.0228 0x17a4  EpsonScanSvc - ok
12:39:27.0230 0x17a4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:39:27.0235 0x17a4  ErrDev - ok
12:39:27.0244 0x17a4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
12:39:27.0268 0x17a4  EventSystem - ok
12:39:27.0273 0x17a4  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
12:39:27.0293 0x17a4  exfat - ok
12:39:27.0298 0x17a4  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:39:27.0317 0x17a4  fastfat - ok
12:39:27.0329 0x17a4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
12:39:27.0343 0x17a4  Fax - ok
12:39:27.0346 0x17a4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
12:39:27.0352 0x17a4  fdc - ok
12:39:27.0354 0x17a4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
12:39:27.0372 0x17a4  fdPHost - ok
12:39:27.0374 0x17a4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:39:27.0393 0x17a4  FDResPub - ok
12:39:27.0395 0x17a4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:39:27.0401 0x17a4  FileInfo - ok
12:39:27.0403 0x17a4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:39:27.0420 0x17a4  Filetrace - ok
12:39:27.0422 0x17a4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
12:39:27.0427 0x17a4  flpydisk - ok
12:39:27.0433 0x17a4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:39:27.0441 0x17a4  FltMgr - ok
12:39:27.0445 0x17a4  [ C06AF3D1E7CA6868A6A3064CE6907C4A, A1A357CF99291E1611A4380BF8866B5B594637C186B5FD1EFDF052D4EB69FAB9 ] fltsrv          C:\Windows\system32\DRIVERS\fltsrv.sys
12:39:27.0450 0x17a4  fltsrv - ok
12:39:27.0468 0x17a4  [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache       C:\Windows\system32\FntCache.dll
12:39:27.0490 0x17a4  FontCache - ok
12:39:27.0494 0x17a4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:39:27.0498 0x17a4  FontCache3.0.0.0 - ok
12:39:27.0501 0x17a4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:39:27.0506 0x17a4  FsDepends - ok
12:39:27.0508 0x17a4  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:39:27.0512 0x17a4  Fs_Rec - ok
12:39:27.0517 0x17a4  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:39:27.0525 0x17a4  fvevol - ok
12:39:27.0528 0x17a4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
12:39:27.0533 0x17a4  gagp30kx - ok
12:39:27.0640 0x17a4  [ 11DD69E94F3B3F2614E88C5657011583, C87D588C3F6517F5ED42BB2512653E0D9860D98E043161686F3A4750F6ECBD40 ] GalaxyClientService E:\Programme\GOG Galaxy\GalaxyClient\GalaxyClientService.exe
12:39:27.0658 0x17a4  GalaxyClientService - ok
12:39:27.0766 0x17a4  [ CB8157B535DA674CA6CBEBE7E3BD5268, 1028FDA5207E9CF412BB0B1F0B984FEFEE511EBF8BD353F392F7052B0021F531 ] GalaxyCommunication C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
12:39:27.0857 0x17a4  GalaxyCommunication - ok
12:39:27.0874 0x17a4  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
12:39:27.0891 0x17a4  gpsvc - ok
12:39:27.0902 0x17a4  GPU-Z - ok
12:39:27.0905 0x17a4  GPUZ - ok
12:39:27.0910 0x17a4  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:39:27.0915 0x17a4  gupdate - ok
12:39:27.0918 0x17a4  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:39:27.0923 0x17a4  gupdatem - ok
12:39:27.0926 0x17a4  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
12:39:27.0930 0x17a4  hamachi - ok
12:39:27.0963 0x17a4  [ E24E88736B13BC54CA93E7F86A0F4FCF, 0BD480373AE40C1155E4B4C1D5607C7DF9CD4C5D9C5034F7A35993180BDF2665 ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
12:39:27.0995 0x17a4  Hamachi2Svc - ok
12:39:27.0999 0x17a4  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:39:28.0005 0x17a4  hcw85cir - ok
12:39:28.0011 0x17a4  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:39:28.0024 0x17a4  HdAudAddService - ok
12:39:28.0027 0x17a4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
12:39:28.0036 0x17a4  HDAudBus - ok
12:39:28.0039 0x17a4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
12:39:28.0045 0x17a4  HidBatt - ok
12:39:28.0048 0x17a4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
12:39:28.0056 0x17a4  HidBth - ok
12:39:28.0058 0x17a4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
12:39:28.0066 0x17a4  HidIr - ok
12:39:28.0068 0x17a4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
12:39:28.0087 0x17a4  hidserv - ok
12:39:28.0089 0x17a4  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:39:28.0094 0x17a4  HidUsb - ok
12:39:28.0097 0x17a4  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:39:28.0115 0x17a4  hkmsvc - ok
12:39:28.0120 0x17a4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:39:28.0130 0x17a4  HomeGroupListener - ok
12:39:28.0134 0x17a4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:39:28.0142 0x17a4  HomeGroupProvider - ok
12:39:28.0145 0x17a4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:39:28.0151 0x17a4  HpSAMD - ok
12:39:28.0163 0x17a4  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:39:28.0178 0x17a4  HTTP - ok
12:39:28.0181 0x17a4  [ D7E0591E2BA1289C875A9D948377441E, 9FDBC10A4FBCE2E9521DF84E177A08530DF6FBF1F830B3D3788367DF8F8ED327 ] HWiNFO32        C:\Windows\system32\drivers\HWiNFO64A.SYS
12:39:28.0186 0x17a4  HWiNFO32 - ok
12:39:28.0188 0x17a4  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:39:28.0192 0x17a4  hwpolicy - ok
12:39:28.0194 0x17a4  [ 839C97ED7FF07F1C457B7F1751C82C9D, 2C38B7F03E29A163F6F2D8A2BBFB69D3FC5C44B7EA7B662D5A0B5F37D7D0F1C3 ] I1KBFLTR        C:\Windows\system32\drivers\I1KBFLTR.sys
12:39:28.0200 0x17a4  I1KBFLTR - ok
12:39:28.0203 0x17a4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
12:39:28.0209 0x17a4  i8042prt - ok
12:39:28.0217 0x17a4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:39:28.0227 0x17a4  iaStorV - ok
12:39:28.0231 0x17a4  [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
12:39:28.0234 0x17a4  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
12:39:28.0491 0x17a4  Detect skipped due to KSN trusted
12:39:28.0492 0x17a4  IDriverT - ok
12:39:28.0541 0x17a4  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:39:28.0569 0x17a4  idsvc - ok
12:39:28.0573 0x17a4  IEEtwCollectorService - ok
12:39:28.0575 0x17a4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
12:39:28.0580 0x17a4  iirsp - ok
12:39:28.0594 0x17a4  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
12:39:28.0612 0x17a4  IKEEXT - ok
12:39:28.0667 0x17a4  [ E9740A3BC0AE6EA035FF7ECE3A1B27B6, 4CA3E094B0057E143955DE5D41C3344688B6D2C4FFC0417235FF46312B600F99 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:39:28.0721 0x17a4  IntcAzAudAddService - ok
12:39:28.0737 0x17a4  [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
12:39:28.0749 0x17a4  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
12:39:29.0006 0x17a4  Detect skipped due to KSN trusted
12:39:29.0006 0x17a4  Intel(R) Capability Licensing Service Interface - ok
12:39:29.0022 0x17a4  [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
12:39:29.0038 0x17a4  Intel(R) Capability Licensing Service TCP IP Interface - ok
12:39:29.0044 0x17a4  [ CBF7341E55A8348C7AB01A9870C7D948, A5084DF3C6321788C88A9E6B5F43FE5BCFDBB579BDE3A4D5F55558C6D13035A5 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
12:39:29.0052 0x17a4  Intel(R) PROSet Monitoring Service - ok
12:39:29.0056 0x17a4  [ B3FF41FCB17206ABFC9B7DCC5E8E0777, 9C4BFC63A2DECBBD380FCCEEFCC8B04BFC4C76F26D4AEEAC5EE8D9D8ED68A493 ] IntelHaxm       C:\Windows\system32\DRIVERS\IntelHaxm.sys
12:39:29.0063 0x17a4  IntelHaxm - ok
12:39:29.0066 0x17a4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:39:29.0070 0x17a4  intelide - ok
12:39:29.0073 0x17a4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:39:29.0079 0x17a4  intelppm - ok
12:39:29.0082 0x17a4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:39:29.0102 0x17a4  IPBusEnum - ok
12:39:29.0105 0x17a4  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:39:29.0122 0x17a4  IpFilterDriver - ok
12:39:29.0132 0x17a4  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:39:29.0146 0x17a4  iphlpsvc - ok
12:39:29.0149 0x17a4  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:39:29.0156 0x17a4  IPMIDRV - ok
12:39:29.0159 0x17a4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:39:29.0180 0x17a4  IPNAT - ok
12:39:29.0182 0x17a4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:39:29.0190 0x17a4  IRENUM - ok
12:39:29.0192 0x17a4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:39:29.0196 0x17a4  isapnp - ok
12:39:29.0202 0x17a4  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:39:29.0210 0x17a4  iScsiPrt - ok
12:39:29.0212 0x17a4  [ 78D369F8A81A341109FBA1DB64B4C512, E584F693255CCBF7006E7D35984149CF599BB0849A8F02EFDD6223DF0D606049 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
12:39:29.0217 0x17a4  iusb3hcs - ok
12:39:29.0224 0x17a4  [ 5B632ABA038CE2E2D5D2D1115C6B26D1, 605A8FFA704E4369CF9D17DF8630DC9E196B8920D47F1CC5151759E60B234C1F ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
12:39:29.0233 0x17a4  iusb3hub - ok
12:39:29.0246 0x17a4  [ EA841584EF59528D11F20355770E427E, 515737761BB2A0A233F4AD141E28D93E3B9789320A15B7D5FB3DB5AC3CD8E249 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
12:39:29.0261 0x17a4  iusb3xhc - ok
12:39:29.0267 0x17a4  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
12:39:29.0273 0x17a4  jhi_service - ok
12:39:29.0276 0x17a4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:39:29.0281 0x17a4  kbdclass - ok
12:39:29.0283 0x17a4  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:39:29.0289 0x17a4  kbdhid - ok
12:39:29.0291 0x17a4  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] KeyIso          C:\Windows\system32\lsass.exe
12:39:29.0297 0x17a4  KeyIso - ok
12:39:29.0300 0x17a4  [ 6F5F0C6160EF237F0243C1E416EEBA98, 8BA8AA0D71350A74E294A731226B1638C6059013D645ABDE7188F7733E320FBD ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:39:29.0305 0x17a4  KSecDD - ok
12:39:29.0310 0x17a4  [ 05529E53B286FD60E7EF04EF138CABFD, 6C045750DCD3EE76F748582513AD4FA99C0E8E56B616725CD48DCA1068FF8923 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:39:29.0316 0x17a4  KSecPkg - ok
12:39:29.0318 0x17a4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:39:29.0337 0x17a4  ksthunk - ok
12:39:29.0344 0x17a4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:39:29.0367 0x17a4  KtmRm - ok
12:39:29.0375 0x17a4  [ 305BB2AC00D46542E0A653AB63F4ABB1, E3BE57A0EBB1194656D20C11688863A7864B06223419F688D82881F9F49604B6 ] LADF_CaptureOnly C:\Windows\system32\DRIVERS\ladfGSCamd64.sys
12:39:29.0384 0x17a4  LADF_CaptureOnly - ok
12:39:29.0388 0x17a4  [ 28CDDC7D478A6313F55077416DCBD0DE, EE4174FC9444856DF0693D1A5F16EB88352A3B012AA82D49C462980703981A7A ] LADF_RenderOnly C:\Windows\system32\DRIVERS\ladfGSRamd64.sys
12:39:29.0393 0x17a4  LADF_RenderOnly - ok
12:39:29.0399 0x17a4  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
12:39:29.0420 0x17a4  LanmanServer - ok
12:39:29.0424 0x17a4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:39:29.0442 0x17a4  LanmanWorkstation - ok
12:39:29.0445 0x17a4  [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
12:39:29.0449 0x17a4  LGBusEnum - ok
12:39:29.0452 0x17a4  [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt      C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
12:39:29.0456 0x17a4  LGSHidFilt - ok
12:39:29.0459 0x17a4  [ 8F4DA100274CF85D94FBA8CA76125255, 1ADA7C36C915CB9BD41CF291F8E6990746A83F4D2ABCC5CAF765A3CE388BE5E5 ] LGSUsbFilt      C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys
12:39:29.0463 0x17a4  LGSUsbFilt - ok
12:39:29.0465 0x17a4  [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
12:39:29.0469 0x17a4  LGVirHid - ok
12:39:29.0472 0x17a4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:39:29.0490 0x17a4  lltdio - ok
12:39:29.0497 0x17a4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:39:29.0521 0x17a4  lltdsvc - ok
12:39:29.0523 0x17a4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:39:29.0542 0x17a4  lmhosts - ok
12:39:29.0549 0x17a4  [ 02468469C450CD16FB66A56FAB70138B, 9C3788B3DB2DBF9DE192447EADB6F1A17B69FC4813284B86E589784A53154FAA ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
12:39:29.0558 0x17a4  LMIGuardianSvc - ok
12:39:29.0566 0x17a4  [ 90C864827E1722F5BB6EEA8896A4E8EF, 6F9D96B7A65BD79ED5A384025393F36A5DEAC4EE01CA173874906B54F57150EF ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:39:29.0575 0x17a4  LMS - ok
12:39:29.0579 0x17a4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
12:39:29.0585 0x17a4  LSI_FC - ok
12:39:29.0588 0x17a4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
12:39:29.0594 0x17a4  LSI_SAS - ok
12:39:29.0597 0x17a4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
12:39:29.0602 0x17a4  LSI_SAS2 - ok
12:39:29.0605 0x17a4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
12:39:29.0611 0x17a4  LSI_SCSI - ok
12:39:29.0614 0x17a4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
12:39:29.0634 0x17a4  luafv - ok
12:39:29.0637 0x17a4  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:39:29.0644 0x17a4  Mcx2Svc - ok
12:39:29.0647 0x17a4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
12:39:29.0652 0x17a4  megasas - ok
12:39:29.0658 0x17a4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
12:39:29.0666 0x17a4  MegaSR - ok
12:39:29.0670 0x17a4  [ 926C135CFB0C75B32FB714B5C0C58FAA, AF627CD125794B69D450D298D5608D357F2C91FB89EBFAA0DA2A0F07C6A304A8 ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
12:39:29.0675 0x17a4  MEIx64 - ok
12:39:29.0678 0x17a4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
12:39:29.0697 0x17a4  MMCSS - ok
12:39:29.0700 0x17a4  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
12:39:29.0719 0x17a4  Modem - ok
12:39:29.0721 0x17a4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:39:29.0729 0x17a4  monitor - ok
12:39:29.0731 0x17a4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:39:29.0736 0x17a4  mouclass - ok
12:39:29.0739 0x17a4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:39:29.0744 0x17a4  mouhid - ok
12:39:29.0747 0x17a4  [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:39:29.0752 0x17a4  mountmgr - ok
12:39:29.0756 0x17a4  [ ADF79A49E942C91D1FC9863CBFDD6B58, C2B2A792C4717133DCAE6297EE3F5D985B11D3C1E68A8DC23985AC6B78ACDE98 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:39:29.0763 0x17a4  MozillaMaintenance - ok
12:39:29.0767 0x17a4  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:39:29.0773 0x17a4  mpio - ok
12:39:29.0776 0x17a4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:39:29.0794 0x17a4  mpsdrv - ok
12:39:29.0808 0x17a4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:39:29.0836 0x17a4  MpsSvc - ok
12:39:29.0841 0x17a4  [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:39:29.0848 0x17a4  MRxDAV - ok
12:39:29.0852 0x17a4  [ 632E8A00090E4F85F304E152C92C7F2C, A3098941251A8327C95E6B1122384D54FB0ED705A9215577D968EA5B5FD88C87 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:39:29.0861 0x17a4  mrxsmb - ok
12:39:29.0868 0x17a4  [ 0D9C05484F2F4BD9D33A615D5DBE67EA, 1E164B631B1CD85DD5B205284CB547B189609946490AAABD22741743BFB413DF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:39:29.0877 0x17a4  mrxsmb10 - ok
12:39:29.0880 0x17a4  [ 6123E6FECC1C164022868FB1982271BE, 417E6C7AFF8B014B31AFCC202B0DCEECBDBB73205DF8C3EFC7E313664E284178 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:39:29.0887 0x17a4  mrxsmb20 - ok
12:39:29.0889 0x17a4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:39:29.0894 0x17a4  msahci - ok
12:39:29.0897 0x17a4  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:39:29.0903 0x17a4  msdsm - ok
12:39:29.0907 0x17a4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
12:39:29.0915 0x17a4  MSDTC - ok
12:39:29.0919 0x17a4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:39:29.0937 0x17a4  Msfs - ok
12:39:29.0939 0x17a4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:39:29.0957 0x17a4  mshidkmdf - ok
12:39:29.0959 0x17a4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:39:29.0964 0x17a4  msisadrv - ok
12:39:29.0968 0x17a4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:39:29.0988 0x17a4  MSiSCSI - ok
12:39:29.0990 0x17a4  msiserver - ok
12:39:29.0991 0x17a4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:39:30.0009 0x17a4  MSKSSRV - ok
12:39:30.0011 0x17a4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:39:30.0029 0x17a4  MSPCLOCK - ok
12:39:30.0031 0x17a4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:39:30.0049 0x17a4  MSPQM - ok
12:39:30.0057 0x17a4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:39:30.0066 0x17a4  MsRPC - ok
12:39:30.0069 0x17a4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
12:39:30.0074 0x17a4  mssmbios - ok
12:39:30.0077 0x17a4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:39:30.0095 0x17a4  MSTEE - ok
12:39:30.0097 0x17a4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
12:39:30.0103 0x17a4  MTConfig - ok
12:39:30.0105 0x17a4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
12:39:30.0110 0x17a4  Mup - ok
12:39:30.0119 0x17a4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
12:39:30.0143 0x17a4  napagent - ok
12:39:30.0149 0x17a4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:39:30.0161 0x17a4  NativeWifiP - ok
12:39:30.0177 0x17a4  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:39:30.0194 0x17a4  NDIS - ok
12:39:30.0197 0x17a4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:39:30.0214 0x17a4  NdisCap - ok
12:39:30.0217 0x17a4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:39:30.0235 0x17a4  NdisTapi - ok
12:39:30.0238 0x17a4  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:39:30.0255 0x17a4  Ndisuio - ok
12:39:30.0259 0x17a4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:39:30.0278 0x17a4  NdisWan - ok
12:39:30.0281 0x17a4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:39:30.0298 0x17a4  NDProxy - ok
12:39:30.0301 0x17a4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:39:30.0318 0x17a4  NetBIOS - ok
12:39:30.0324 0x17a4  [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:39:30.0333 0x17a4  NetBT - ok
12:39:30.0335 0x17a4  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] Netlogon        C:\Windows\system32\lsass.exe
12:39:30.0341 0x17a4  Netlogon - ok
12:39:30.0348 0x17a4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
12:39:30.0371 0x17a4  Netman - ok
12:39:30.0379 0x17a4  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:39:30.0386 0x17a4  NetMsmqActivator - ok
12:39:30.0389 0x17a4  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:39:30.0395 0x17a4  NetPipeActivator - ok
12:39:30.0404 0x17a4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
12:39:30.0429 0x17a4  netprofm - ok
12:39:30.0433 0x17a4  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:39:30.0440 0x17a4  NetTcpActivator - ok
12:39:30.0443 0x17a4  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:39:30.0449 0x17a4  NetTcpPortSharing - ok
12:39:30.0452 0x17a4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
12:39:30.0457 0x17a4  nfrd960 - ok
12:39:30.0463 0x17a4  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:39:30.0473 0x17a4  NlaSvc - ok
12:39:30.0476 0x17a4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:39:30.0494 0x17a4  Npfs - ok
12:39:30.0496 0x17a4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
12:39:30.0515 0x17a4  nsi - ok
12:39:30.0517 0x17a4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:39:30.0535 0x17a4  nsiproxy - ok
12:39:30.0561 0x17a4  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:39:30.0589 0x17a4  Ntfs - ok
12:39:30.0592 0x17a4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
12:39:30.0610 0x17a4  Null - ok
12:39:30.0615 0x17a4  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:39:30.0621 0x17a4  nvraid - ok
12:39:30.0625 0x17a4  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:39:30.0632 0x17a4  nvstor - ok
12:39:30.0635 0x17a4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:39:30.0641 0x17a4  nv_agp - ok
12:39:30.0644 0x17a4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:39:30.0649 0x17a4  ohci1394 - ok
12:39:30.0652 0x17a4  [ 4DE56CE5F4F191C6F040B6C8AA776794, 19E61A561AEE7B49C6B0915EE0FA66047930D46B5FF233608F368A5FF824A156 ] OpenVPNService  C:\Program Files\OpenVPN\bin\openvpnserv.exe
12:39:30.0656 0x17a4  OpenVPNService - ok
12:39:30.0792 0x17a4  [ 7D331DD034C85FB18DDF028F744FA37B, BF6ADD7AF05732340831CA7DE766B5C93323A190107F7570E2130398846F4430 ] Origin Client Service E:\Programme\Origin\OriginClientService.exe
12:39:30.0825 0x17a4  Origin Client Service - ok
12:39:30.0893 0x17a4  [ 2B099DEBCFCBE33036406739F94C529C, DBBACA632F39530F81D3AC28A350CAE49972156149835197053B8D61E00D8CEA ] Origin Web Helper Service E:\Programme\Origin\OriginWebHelperService.exe
12:39:30.0926 0x17a4  Origin Web Helper Service - ok
12:39:30.0934 0x17a4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:39:30.0944 0x17a4  p2pimsvc - ok
12:39:30.0952 0x17a4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
12:39:30.0964 0x17a4  p2psvc - ok
12:39:30.0967 0x17a4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
12:39:30.0974 0x17a4  Parport - ok
12:39:30.0977 0x17a4  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:39:30.0982 0x17a4  partmgr - ok
12:39:30.0986 0x17a4  [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:39:30.0995 0x17a4  PcaSvc - ok
12:39:30.0999 0x17a4  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
12:39:31.0006 0x17a4  pci - ok
12:39:31.0008 0x17a4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:39:31.0012 0x17a4  pciide - ok
12:39:31.0017 0x17a4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
12:39:31.0025 0x17a4  pcmcia - ok
12:39:31.0027 0x17a4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:39:31.0032 0x17a4  pcw - ok
12:39:31.0043 0x17a4  [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:39:31.0058 0x17a4  PEAUTH - ok
12:39:31.0080 0x17a4  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
12:39:31.0105 0x17a4  PeerDistSvc - ok
12:39:31.0128 0x17a4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:39:31.0135 0x17a4  PerfHost - ok
12:39:31.0158 0x17a4  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
12:39:31.0195 0x17a4  pla - ok
12:39:31.0204 0x17a4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:39:31.0215 0x17a4  PlugPlay - ok
12:39:31.0218 0x17a4  PnkBstrA - ok
12:39:31.0220 0x17a4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:39:31.0226 0x17a4  PNRPAutoReg - ok
12:39:31.0232 0x17a4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:39:31.0242 0x17a4  PNRPsvc - ok
12:39:31.0252 0x17a4  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:39:31.0265 0x17a4  PolicyAgent - ok
12:39:31.0270 0x17a4  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
12:39:31.0291 0x17a4  Power - ok
12:39:31.0295 0x17a4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:39:31.0313 0x17a4  PptpMiniport - ok
12:39:31.0316 0x17a4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
12:39:31.0322 0x17a4  Processor - ok
12:39:31.0327 0x17a4  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:39:31.0336 0x17a4  ProfSvc - ok
12:39:31.0338 0x17a4  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] ProtectedStorage C:\Windows\system32\lsass.exe
12:39:31.0344 0x17a4  ProtectedStorage - ok
12:39:31.0347 0x17a4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:39:31.0366 0x17a4  Psched - ok
12:39:31.0389 0x17a4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
12:39:31.0413 0x17a4  ql2300 - ok
12:39:31.0418 0x17a4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
12:39:31.0423 0x17a4  ql40xx - ok
12:39:31.0429 0x17a4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
12:39:31.0440 0x17a4  QWAVE - ok
12:39:31.0443 0x17a4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:39:31.0452 0x17a4  QWAVEdrv - ok
12:39:31.0454 0x17a4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:39:31.0471 0x17a4  RasAcd - ok
12:39:31.0474 0x17a4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:39:31.0491 0x17a4  RasAgileVpn - ok
12:39:31.0495 0x17a4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
12:39:31.0514 0x17a4  RasAuto - ok
12:39:31.0518 0x17a4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:39:31.0536 0x17a4  Rasl2tp - ok
12:39:31.0543 0x17a4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
12:39:31.0564 0x17a4  RasMan - ok
12:39:31.0568 0x17a4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:39:31.0586 0x17a4  RasPppoe - ok
12:39:31.0589 0x17a4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:39:31.0607 0x17a4  RasSstp - ok
12:39:31.0613 0x17a4  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:39:31.0633 0x17a4  rdbss - ok
12:39:31.0635 0x17a4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
12:39:31.0642 0x17a4  rdpbus - ok
12:39:31.0644 0x17a4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:39:31.0660 0x17a4  RDPCDD - ok
12:39:31.0665 0x17a4  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
12:39:31.0673 0x17a4  RDPDR - ok
12:39:31.0675 0x17a4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:39:31.0692 0x17a4  RDPENCDD - ok
12:39:31.0695 0x17a4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:39:31.0712 0x17a4  RDPREFMP - ok
12:39:31.0716 0x17a4  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:39:31.0722 0x17a4  RdpVideoMiniport - ok
12:39:31.0727 0x17a4  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:39:31.0736 0x17a4  RDPWD - ok
12:39:31.0741 0x17a4  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:39:31.0749 0x17a4  rdyboost - ok
12:39:31.0753 0x17a4  [ EA569D48B2E755AF6D96F03F3335D98A, EED2DCDF187A69F36A38129C8A1E0D6FE0EBF9232DEAF68A116E9A26E40AB636 ] Realtek11nCU    C:\Program Files (x86)\Edimax\11n USB Wireless LAN Utility\RtlService.exe
12:39:31.0755 0x17a4  Realtek11nCU - detected UnsignedFile.Multi.Generic ( 1 )
12:39:32.0045 0x17a4  Detect skipped due to KSN trusted
12:39:32.0045 0x17a4  Realtek11nCU - ok
12:39:32.0049 0x17a4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:39:32.0069 0x17a4  RemoteAccess - ok
12:39:32.0073 0x17a4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:39:32.0095 0x17a4  RemoteRegistry - ok
12:39:32.0098 0x17a4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:39:32.0117 0x17a4  RpcEptMapper - ok
12:39:32.0119 0x17a4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
12:39:32.0125 0x17a4  RpcLocator - ok
12:39:32.0134 0x17a4  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs           C:\Windows\system32\rpcss.dll
12:39:32.0146 0x17a4  RpcSs - ok
12:39:32.0150 0x17a4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:39:32.0168 0x17a4  rspndr - ok
12:39:32.0181 0x17a4  [ 2BE8E7D6DF63183100F15B27B82EE2ED, CEF98489F7A36F06FF2961CA852386F6E7160BF2F31F12E578D778BE61D56BD6 ] RTL8192cu       C:\Windows\system32\DRIVERS\RTL8192cu.sys
12:39:32.0195 0x17a4  RTL8192cu - ok
12:39:32.0198 0x17a4  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
12:39:32.0203 0x17a4  s3cap - ok
12:39:32.0206 0x17a4  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] SamSs           C:\Windows\system32\lsass.exe
12:39:32.0213 0x17a4  SamSs - ok
12:39:32.0217 0x17a4  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:39:32.0223 0x17a4  sbp2port - ok
12:39:32.0227 0x17a4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:39:32.0248 0x17a4  SCardSvr - ok
12:39:32.0250 0x17a4  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:39:32.0268 0x17a4  scfilter - ok
12:39:32.0286 0x17a4  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
12:39:32.0307 0x17a4  Schedule - ok
12:39:32.0311 0x17a4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:39:32.0328 0x17a4  SCPolicySvc - ok
12:39:32.0332 0x17a4  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:39:32.0341 0x17a4  SDRSVC - ok
12:39:32.0343 0x17a4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:39:32.0349 0x17a4  secdrv - ok
12:39:32.0352 0x17a4  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
12:39:32.0358 0x17a4  seclogon - ok
12:39:32.0361 0x17a4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
12:39:32.0380 0x17a4  SENS - ok
12:39:32.0383 0x17a4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:39:32.0390 0x17a4  SensrSvc - ok
12:39:32.0393 0x17a4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
12:39:32.0399 0x17a4  Serenum - ok
12:39:32.0401 0x17a4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
12:39:32.0409 0x17a4  Serial - ok
12:39:32.0411 0x17a4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
12:39:32.0417 0x17a4  sermouse - ok
12:39:32.0423 0x17a4  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
12:39:32.0443 0x17a4  SessionEnv - ok
12:39:32.0446 0x17a4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:39:32.0452 0x17a4  sffdisk - ok
12:39:32.0455 0x17a4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:39:32.0462 0x17a4  sffp_mmc - ok
12:39:32.0464 0x17a4  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:39:32.0471 0x17a4  sffp_sd - ok
12:39:32.0473 0x17a4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
12:39:32.0478 0x17a4  sfloppy - ok
12:39:32.0485 0x17a4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:39:32.0507 0x17a4  SharedAccess - ok
12:39:32.0515 0x17a4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:39:32.0538 0x17a4  ShellHWDetection - ok
12:39:32.0541 0x17a4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
12:39:32.0546 0x17a4  SiSRaid2 - ok
12:39:32.0548 0x17a4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
12:39:32.0554 0x17a4  SiSRaid4 - ok
12:39:32.0557 0x17a4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:39:32.0577 0x17a4  Smb - ok
12:39:32.0583 0x17a4  [ E3E56CAF0472163871B922FC7CBC9654, 1D7208519DB904E1B27F8D5214CA219BD52AB8C1AB64F22F8959DC4E8955AD37 ] snapman         C:\Windows\system32\DRIVERS\snapman.sys
12:39:32.0591 0x17a4  snapman - ok
12:39:32.0593 0x17a4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:39:32.0600 0x17a4  SNMPTRAP - ok
12:39:32.0605 0x17a4  [ 21FF393512F51F5A98620C794B4488A3, 8A35923D3D6993FC014D86F0F7BD5C106586824DB8D26C04DC2AD0B8ED13ED20 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
12:39:32.0611 0x17a4  Sony PC Companion - ok
12:39:32.0613 0x17a4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:39:32.0617 0x17a4  spldr - ok
12:39:32.0628 0x17a4  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
12:39:32.0641 0x17a4  Spooler - ok
12:39:32.0695 0x17a4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
12:39:32.0762 0x17a4  sppsvc - ok
12:39:32.0767 0x17a4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:39:32.0789 0x17a4  sppuinotify - ok
12:39:32.0805 0x17a4  [ 9AB59CF736981ED1F83C6AB5FAA8BA5C, 997F3134B5CE3FD73E88E4823FE94D1D0FFA8BE05A35F9982C49A7ED84385A76 ] sptd            C:\Windows\system32\Drivers\sptd.sys
12:39:32.0821 0x17a4  sptd - ok
12:39:32.0830 0x17a4  [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:39:32.0841 0x17a4  srv - ok
12:39:32.0849 0x17a4  [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:39:32.0858 0x17a4  srv2 - ok
12:39:32.0863 0x17a4  [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:39:32.0869 0x17a4  srvnet - ok
12:39:32.0874 0x17a4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:39:32.0895 0x17a4  SSDPSRV - ok
12:39:32.0899 0x17a4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:39:32.0918 0x17a4  SstpSvc - ok
12:39:32.0941 0x17a4  [ 596DC69BB40A96FCA4B19D9D1E221E34, 3469D3B2E9A88E39C14AE2E3DD5EC3D91FBB88CA568D794555B397B50E64AB15 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
12:39:32.0965 0x17a4  Steam Client Service - ok
12:39:32.0969 0x17a4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
12:39:32.0973 0x17a4  stexstor - ok
12:39:32.0983 0x17a4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
12:39:33.0000 0x17a4  stisvc - ok
12:39:33.0004 0x17a4  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
12:39:33.0008 0x17a4  storflt - ok
12:39:33.0011 0x17a4  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
12:39:33.0015 0x17a4  storvsc - ok
12:39:33.0017 0x17a4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
12:39:33.0022 0x17a4  swenum - ok
12:39:33.0030 0x17a4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
12:39:33.0056 0x17a4  swprv - ok
12:39:33.0161 0x17a4  [ 062404ED60707B116EDD3E52836AE664, 846E1BF6FA3E8C6484438305901DC9AD867743104A07F67502F5F3A7195CAED7 ] syncagentsrv    C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
12:39:33.0265 0x17a4  syncagentsrv - ok
12:39:33.0273 0x17a4  [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys
12:39:33.0278 0x17a4  Synth3dVsc - ok
12:39:33.0305 0x17a4  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
12:39:33.0336 0x17a4  SysMain - ok
12:39:33.0340 0x17a4  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:39:33.0350 0x17a4  TabletInputService - ok
12:39:33.0353 0x17a4  [ 134B275751051C5D03F9ACCDC4F8CAAB, D50F96485AF6F26EA9A5A3A2ADEACC2DFD3B2ABCDAB88195B75CC72EAC543BE2 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
12:39:33.0358 0x17a4  tap0901 - ok
12:39:33.0364 0x17a4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:39:33.0386 0x17a4  TapiSrv - ok
12:39:33.0416 0x17a4  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:39:33.0447 0x17a4  Tcpip - ok
12:39:33.0477 0x17a4  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:39:33.0508 0x17a4  TCPIP6 - ok
12:39:33.0512 0x17a4  [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:39:33.0518 0x17a4  tcpipreg - ok
12:39:33.0521 0x17a4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:39:33.0525 0x17a4  TDPIPE - ok
12:39:33.0548 0x17a4  [ AC28A6FCA485821499FF018695CEDE16, 8BA6086EB1831FDEDB9E195EA7D5F2FE2B0944E4E0B0CDB41CD06971F7DAC805 ] tdrpman         C:\Windows\system32\DRIVERS\tdrpman.sys
12:39:33.0573 0x17a4  tdrpman - ok
12:39:33.0577 0x17a4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:39:33.0581 0x17a4  TDTCP - ok
12:39:33.0584 0x17a4  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:39:33.0590 0x17a4  tdx - ok
12:39:33.0709 0x17a4  [ 8EA86BC14E5AE25E4DA5C742587FB1A4, F95A56D5C651596AFDF0B794F4F2920CE5193333CE96D26D9A6645E6417ABA47 ] TeamViewer9     E:\Programme\Team Viewer 9\TeamViewer_Service.exe
12:39:33.0781 0x17a4  TeamViewer9 - ok
12:39:33.0787 0x17a4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
12:39:33.0792 0x17a4  TermDD - ok
12:39:33.0795 0x17a4  [ EF4469AB69EB15E5D3754E6AEAFBCD3D, 3609214C3D5181364B544EBF17E9A109952BE1C4C35BE0A8727BFA8F49ECB130 ] terminpt        C:\Windows\system32\drivers\terminpt.sys
12:39:33.0800 0x17a4  terminpt - ok
12:39:33.0812 0x17a4  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
12:39:33.0827 0x17a4  TermService - ok
12:39:33.0830 0x17a4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
12:39:33.0839 0x17a4  Themes - ok
12:39:33.0842 0x17a4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
12:39:33.0861 0x17a4  THREADORDER - ok
12:39:33.0878 0x17a4  [ DE604462206F7D8C203F767F425FCA8D, 149FBF6367C45415B939A9B1A7A10DA7A5E19F28CE533BCBE2B20DA4B78F8645 ] tib             C:\Windows\system32\DRIVERS\tib.sys
12:39:33.0898 0x17a4  tib - ok
12:39:33.0904 0x17a4  [ 8C750FE6DE38AF13506B99EC2F519F79, 232D18416E9DE3A676C625280CF172ED180B5AF98C69E5B24CC780D480549E35 ] tib_mounter     C:\Windows\system32\DRIVERS\tib_mounter.sys
12:39:33.0911 0x17a4  tib_mounter - ok
12:39:33.0916 0x17a4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
12:39:33.0935 0x17a4  TrkWks - ok
12:39:33.0940 0x17a4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:39:33.0959 0x17a4  TrustedInstaller - ok
12:39:33.0962 0x17a4  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:39:33.0967 0x17a4  tssecsrv - ok
12:39:33.0969 0x17a4  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:39:33.0975 0x17a4  TsUsbFlt - ok
12:39:33.0977 0x17a4  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
12:39:33.0982 0x17a4  TsUsbGD - ok
12:39:33.0986 0x17a4  [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
12:39:33.0992 0x17a4  tsusbhub - ok
12:39:33.0996 0x17a4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:39:34.0014 0x17a4  tunnel - ok
12:39:34.0017 0x17a4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
12:39:34.0022 0x17a4  uagp35 - ok
12:39:34.0029 0x17a4  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:39:34.0051 0x17a4  udfs - ok
12:39:34.0055 0x17a4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:39:34.0062 0x17a4  UI0Detect - ok
12:39:34.0064 0x17a4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:39:34.0070 0x17a4  uliagpkx - ok
12:39:34.0072 0x17a4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
12:39:34.0078 0x17a4  umbus - ok
12:39:34.0079 0x17a4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
12:39:34.0084 0x17a4  UmPass - ok
12:39:34.0089 0x17a4  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
12:39:34.0098 0x17a4  UmRdpService - ok
12:39:34.0105 0x17a4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
12:39:34.0129 0x17a4  upnphost - ok
12:39:34.0132 0x17a4  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
12:39:34.0138 0x17a4  usbaudio - ok
12:39:34.0141 0x17a4  [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:39:34.0148 0x17a4  usbccgp - ok
12:39:34.0151 0x17a4  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:39:34.0157 0x17a4  usbcir - ok
12:39:34.0160 0x17a4  [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
12:39:34.0166 0x17a4  usbehci - ok
12:39:34.0172 0x17a4  [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
12:39:34.0181 0x17a4  usbhub - ok
12:39:34.0184 0x17a4  [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci         C:\Windows\system32\drivers\usbohci.sys
12:39:34.0189 0x17a4  usbohci - ok
12:39:34.0192 0x17a4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:39:34.0198 0x17a4  usbprint - ok
12:39:34.0202 0x17a4  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:39:34.0209 0x17a4  USBSTOR - ok
12:39:34.0211 0x17a4  [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
12:39:34.0217 0x17a4  usbuhci - ok
12:39:34.0219 0x17a4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
12:39:34.0240 0x17a4  UxSms - ok
12:39:34.0242 0x17a4  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] VaultSvc        C:\Windows\system32\lsass.exe
12:39:34.0248 0x17a4  VaultSvc - ok
12:39:34.0250 0x17a4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:39:34.0256 0x17a4  vdrvroot - ok
12:39:34.0265 0x17a4  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
12:39:34.0290 0x17a4  vds - ok
12:39:34.0293 0x17a4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:39:34.0300 0x17a4  vga - ok
12:39:34.0302 0x17a4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:39:34.0319 0x17a4  VgaSave - ok
12:39:34.0321 0x17a4  VGPU - ok
12:39:34.0325 0x17a4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:39:34.0332 0x17a4  vhdmp - ok
12:39:34.0335 0x17a4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:39:34.0339 0x17a4  viaide - ok
12:39:34.0343 0x17a4  [ 35E8A18D1C558D5C2FF2FFED2FD396F6, 5516AC03964DD33CF239AB3FB1D41BAB7454DB35FB38C45907614C3DB8F23391 ] vididr          C:\Windows\system32\DRIVERS\vididr.sys
12:39:34.0350 0x17a4  vididr - ok
12:39:34.0354 0x17a4  [ 0DCD5C8F2E0B3650C4A29F6569C074FD, 8FB24D79ADE1541C5DD6241A3395EF2E6575A8376111294CD5C87ECA798EDCFD ] vidsflt         C:\Windows\system32\DRIVERS\vidsflt.sys
12:39:34.0360 0x17a4  vidsflt - ok
12:39:34.0365 0x17a4  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
12:39:34.0372 0x17a4  vmbus - ok
12:39:34.0374 0x17a4  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
12:39:34.0379 0x17a4  VMBusHID - ok
12:39:34.0382 0x17a4  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:39:34.0387 0x17a4  volmgr - ok
12:39:34.0393 0x17a4  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:39:34.0402 0x17a4  volmgrx - ok
12:39:34.0409 0x17a4  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:39:34.0417 0x17a4  volsnap - ok
12:39:34.0421 0x17a4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
12:39:34.0428 0x17a4  vsmraid - ok
12:39:34.0453 0x17a4  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
12:39:34.0496 0x17a4  VSS - ok
12:39:34.0502 0x17a4  [ BE6C456AE7620B86A7273CBD11A3D450, DEBBB12CB9771722D8258FDF9ECC4ED035BD7090371A975928D11F6B9EDC0C59 ] VSStandardCollectorService140 C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe
12:39:34.0509 0x17a4  VSStandardCollectorService140 - ok
12:39:34.0511 0x17a4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
12:39:34.0518 0x17a4  vwifibus - ok
12:39:34.0520 0x17a4  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
12:39:34.0529 0x17a4  vwififlt - ok
12:39:34.0536 0x17a4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
12:39:34.0561 0x17a4  W32Time - ok
12:39:34.0564 0x17a4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
12:39:34.0570 0x17a4  WacomPen - ok
12:39:34.0573 0x17a4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:39:34.0591 0x17a4  WANARP - ok
12:39:34.0593 0x17a4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:39:34.0611 0x17a4  Wanarpv6 - ok
12:39:34.0631 0x17a4  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
12:39:34.0652 0x17a4  WatAdminSvc - ok
12:39:34.0676 0x17a4  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
12:39:34.0703 0x17a4  wbengine - ok
12:39:34.0709 0x17a4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:39:34.0720 0x17a4  WbioSrvc - ok
12:39:34.0727 0x17a4  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:39:34.0742 0x17a4  wcncsvc - ok
12:39:34.0744 0x17a4  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:39:34.0751 0x17a4  WcsPlugInService - ok
12:39:34.0754 0x17a4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
12:39:34.0758 0x17a4  Wd - ok
12:39:34.0771 0x17a4  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:39:34.0787 0x17a4  Wdf01000 - ok
12:39:34.0791 0x17a4  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:39:34.0798 0x17a4  WdiServiceHost - ok
12:39:34.0800 0x17a4  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:39:34.0808 0x17a4  WdiSystemHost - ok
12:39:34.0813 0x17a4  [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient       C:\Windows\System32\webclnt.dll
12:39:34.0823 0x17a4  WebClient - ok
12:39:34.0829 0x17a4  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:39:34.0850 0x17a4  Wecsvc - ok
12:39:34.0853 0x17a4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:39:34.0874 0x17a4  wercplsupport - ok
12:39:34.0877 0x17a4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:39:34.0897 0x17a4  WerSvc - ok
12:39:34.0899 0x17a4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:39:34.0918 0x17a4  WfpLwf - ok
12:39:34.0920 0x17a4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:39:34.0925 0x17a4  WIMMount - ok
12:39:34.0926 0x17a4  WinDefend - ok
12:39:34.0929 0x17a4  WinHttpAutoProxySvc - ok
12:39:34.0938 0x17a4  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:39:34.0959 0x17a4  Winmgmt - ok
12:39:34.0971 0x17a4  [ 0C0195C48B6B8582FA6F6373032118DA, 11BD2C9F9E2397C9A16E0990E4ED2CF0679498FE0FD418A3DFDAC60B5C160EE5 ] WinRing0_1_2_0  C:\Users\Moritz\AppData\Local\Temp\tmpBA0B.tmp
12:39:34.0976 0x17a4  WinRing0_1_2_0 - ok
12:39:35.0006 0x17a4  [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM           C:\Windows\system32\WsmSvc.dll
12:39:35.0039 0x17a4  WinRM - ok
12:39:35.0044 0x17a4  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUSB.sys
12:39:35.0052 0x17a4  WinUsb - ok
12:39:35.0066 0x17a4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:39:35.0087 0x17a4  Wlansvc - ok
12:39:35.0123 0x17a4  [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:39:35.0159 0x17a4  wlidsvc - ok
12:39:35.0163 0x17a4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
12:39:35.0168 0x17a4  WmiAcpi - ok
12:39:35.0174 0x17a4  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:39:35.0181 0x17a4  wmiApSrv - ok
12:39:35.0183 0x17a4  WMPNetworkSvc - ok
12:39:35.0185 0x17a4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:39:35.0191 0x17a4  WPCSvc - ok
12:39:35.0195 0x17a4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:39:35.0202 0x17a4  WPDBusEnum - ok
12:39:35.0205 0x17a4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:39:35.0222 0x17a4  ws2ifsl - ok
12:39:35.0226 0x17a4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
12:39:35.0236 0x17a4  wscsvc - ok
12:39:35.0238 0x17a4  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
12:39:35.0245 0x17a4  WSDPrintDevice - ok
12:39:35.0247 0x17a4  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
12:39:35.0252 0x17a4  WSDScan - ok
12:39:35.0254 0x17a4  WSearch - ok
12:39:35.0295 0x17a4  [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:39:35.0336 0x17a4  wuauserv - ok
12:39:35.0341 0x17a4  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:39:35.0347 0x17a4  WudfPf - ok
12:39:35.0352 0x17a4  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:39:35.0360 0x17a4  WUDFRd - ok
12:39:35.0363 0x17a4  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:39:35.0370 0x17a4  wudfsvc - ok
12:39:35.0376 0x17a4  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:39:35.0384 0x17a4  WwanSvc - ok
12:39:35.0388 0x17a4  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
12:39:35.0394 0x17a4  xusb21 - ok
12:39:35.0397 0x17a4  ================ Scan global ===============================
12:39:35.0399 0x17a4  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
12:39:35.0405 0x17a4  [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
12:39:35.0412 0x17a4  [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
12:39:35.0418 0x17a4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:39:35.0425 0x17a4  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
12:39:35.0430 0x17a4  [ Global ] - ok
12:39:35.0430 0x17a4  ================ Scan MBR ==================================
12:39:35.0448 0x17a4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
12:39:35.0540 0x17a4  \Device\Harddisk1\DR1 - ok
12:39:35.0541 0x17a4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:39:35.0621 0x17a4  \Device\Harddisk0\DR0 - ok
12:39:35.0623 0x17a4  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2
12:39:35.0710 0x17a4  \Device\Harddisk2\DR2 - ok
12:39:35.0711 0x17a4  ================ Scan VBR ==================================
12:39:35.0712 0x17a4  [ 5D23D8AA856C245B3F0EEDBCCED02212 ] \Device\Harddisk1\DR1\Partition1
12:39:35.0713 0x17a4  \Device\Harddisk1\DR1\Partition1 - ok
12:39:35.0714 0x17a4  [ E4D1D2EAD36901D9233A070316E5B491 ] \Device\Harddisk0\DR0\Partition1
12:39:35.0715 0x17a4  \Device\Harddisk0\DR0\Partition1 - ok
12:39:35.0716 0x17a4  [ 019409E518D7611233B9FD2C64C39F86 ] \Device\Harddisk0\DR0\Partition2
12:39:35.0717 0x17a4  \Device\Harddisk0\DR0\Partition2 - ok
12:39:35.0719 0x17a4  [ AA8C651406C6BEA6E0B73760F1DBA14C ] \Device\Harddisk2\DR2\Partition1
12:39:35.0721 0x17a4  \Device\Harddisk2\DR2\Partition1 - ok
12:39:35.0721 0x17a4  ================ Scan generic autorun ======================
12:39:35.0730 0x17a4  [ C37341BBB89067D4CCAC7FA799F78BB6, B13B066376B03FA150B53E37FE39DAC4CC82AC66D433C1BB44276235EC0E79E8 ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
12:39:35.0740 0x17a4  Acronis Scheduler2 Service - ok
12:39:35.0763 0x17a4  [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\Windows\syswow64\RunDll32.exe
12:39:35.0769 0x17a4  Cmaudio8788 - ok
12:39:35.0774 0x17a4  [ 0740D338A42F7778760F2B0CB6DA5830, C6D275B4993502A155F85D8DE26B119866DEE106C98CF29CDAACBAF11484C94A ] C:\Windows\syswow64\HsMgr.exe
12:39:35.0778 0x17a4  Cmaudio8788GX - detected UnsignedFile.Multi.Generic ( 1 )
12:39:36.0035 0x17a4  Detect skipped due to KSN trusted
12:39:36.0035 0x17a4  Cmaudio8788GX - ok
12:39:36.0040 0x17a4  [ BEF1B23AD0BBF805F02FAA01EAE0AF4E, 65CCFEC1F61E475A1F6759ECCA8DE1844A26AB7F827BC1F63339A0DFF554B039 ] C:\Windows\system\HsMgr64.exe
12:39:36.0046 0x17a4  Cmaudio8788GX64 - detected UnsignedFile.Multi.Generic ( 1 )
12:39:36.0303 0x17a4  Detect skipped due to KSN trusted
12:39:36.0303 0x17a4  Cmaudio8788GX64 - ok
12:39:36.0500 0x17a4  [ 324B8DDDF70D28B7A767E0608256DF36, 2FA4AA3F5E6D9C16A50F986027708AF657ADE9AE2A286E4F7686A1DF510FC2C1 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
12:39:36.0684 0x17a4  RTHDVCPL - ok
12:39:36.0697 0x17a4  [ 094E4E76FB9AB960A73F841BC6733F42, 01C1BFF17BEC6588E192EC4D7ACB74FC9B95ECA7CB8BB9585B04FC8EA73C3B43 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
12:39:36.0705 0x17a4  USB3MON - ok
12:39:36.0705 0x17a4  Func KB-460 - ok
12:39:36.0795 0x17a4  [ F0C14288A8CBB4919919063F7B781483, 23BD6592035FAB1B222B151134D2504AC013F93768EAB91DF39EE9439AB11F4F ] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
12:39:36.0882 0x17a4  TrueImageMonitor.exe - ok
12:39:36.0903 0x17a4  [ 3CEF82F01A4E5071D60CF45264FC50EB, 3E30C49E6B43EF901DBED56A18B88BE5741A8B9576587891BDED6C7174AC5859 ] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
12:39:36.0921 0x17a4  AcronisTibMounterMonitor - ok
12:39:36.0925 0x17a4  [ 1907517A11D41C24BD3A8F9137E334B7, 18AC567D9F1284B5CF60D5E98759D691E1BB1DE2637E55CEBEE88C1B68C10CD9 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
12:39:36.0931 0x17a4  IMSS - ok
12:39:36.0940 0x17a4  [ FE6E7F52D875E49A8DA4597675A38D9C, A116BDBD72AA9E21E2F5EE10E62B0FD530C66AD151B2C3CBA9AC77C7FCDE3ACB ] C:\Program Files (x86)\ROCCAT\Kone Pure Optical Mouse\KonePureOpticalMonitor.exe
12:39:36.0950 0x17a4  RoccatKonePureOptical - detected UnsignedFile.Multi.Generic ( 1 )
12:39:37.0247 0x17a4  RoccatKonePureOptical ( UnsignedFile.Multi.Generic ) - warning
12:39:37.0378 0x17a4  [ 395CB6E8C67BFB1063AD86987909C184, 15F3BA6DF6D0C5C8FB9FF0AB661A5A652F26BAB7A0FB0DB47874069522400B16 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
12:39:37.0390 0x17a4  SunJavaUpdateSched - ok
12:39:37.0413 0x17a4  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
12:39:37.0441 0x17a4  Sidebar - ok
12:39:37.0454 0x17a4  [ 6ECE746BB283927604DA192CA0D1403D, 327E1E908B6DB1C8414B31DB277EF5EABA340B2EE7FEE19349860B3C8F7778FE ] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE
12:39:37.0462 0x17a4  EPLTarget\P0000000000000000 - ok
12:39:37.0573 0x17a4  [ F679E30A5F7CE39F7FA134E61BD2D6D3, 84BD25FFF9C47AC5A00E225DCF03D82A79FE036E3B553D2D81254F2F1FC120A1 ] C:\Program Files\CCleaner\CCleaner64.exe
12:39:37.0676 0x17a4  CCleaner Monitoring - ok
12:39:37.0680 0x17a4  HydraVisionDesktopManager - ok
12:39:37.0689 0x17a4  [ 6ECE746BB283927604DA192CA0D1403D, 327E1E908B6DB1C8414B31DB277EF5EABA340B2EE7FEE19349860B3C8F7778FE ] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE
12:39:37.0696 0x17a4  EPLTarget\P0000000000000000 - ok
12:39:37.0719 0x17a4  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
12:39:37.0744 0x17a4  Sidebar - ok
12:39:37.0854 0x17a4  [ F679E30A5F7CE39F7FA134E61BD2D6D3, 84BD25FFF9C47AC5A00E225DCF03D82A79FE036E3B553D2D81254F2F1FC120A1 ] C:\Program Files\CCleaner\CCleaner64.exe
12:39:37.0956 0x17a4  CCleaner Monitoring - ok
12:39:37.0961 0x17a4  Waiting for KSN requests completion. In queue: 151
12:39:38.0968 0x17a4  Win FW state via NFP2: enabled ( trusted )
12:39:39.0048 0x17a4  ============================================================
12:39:39.0048 0x17a4  Scan finished
12:39:39.0048 0x17a4  ============================================================
12:39:39.0051 0x03cc  Detected object count: 1
12:39:39.0051 0x03cc  Actual detected object count: 1
12:40:37.0374 0x03cc  RoccatKonePureOptical ( UnsignedFile.Multi.Generic ) - skipped by user
12:40:37.0374 0x03cc  RoccatKonePureOptical ( UnsignedFile.Multi.Generic ) - User select action: Skip 
12:40:43.0611 0x03a0  Deinitialize success
         

Alt 20.02.2017, 13:04   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Virenprüfung meldet infizierte Dateien mit Win32:DH - Standard

Virenprüfung meldet infizierte Dateien mit Win32:DH



Bitte das richtige Log von MBAR posten.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 20.02.2017, 13:16   #12
Jens85
 
Virenprüfung meldet infizierte Dateien mit Win32:DH - Standard

Virenprüfung meldet infizierte Dateien mit Win32:DH



Upps, hier nun das richtige:

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2017.02.20.03
  rootkit: v2017.02.15.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18537
Moritz :: MORITZ2-PC [administrator]

20.02.2017 12:24:02
mbar-log-2017-02-20 (12-24-02).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 394366
Time elapsed: 5 minute(s), 29 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Moritz\AppData\Local\Temp\_avast_\unp16039750.tmp\13.exe (HackTool.WinActivator) -> Delete on reboot. [959e92133a6e4cea9ed007b96799639d]

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
zweiter Durchgang

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2017.02.20.03
  rootkit: v2017.02.15.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18537
Moritz :: MORITZ2-PC [administrator]

20.02.2017 12:32:17
mbar-log-2017-02-20 (12-32-17).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 394149
Time elapsed: 5 minute(s), 37 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         

Alt 20.02.2017, 13:49   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Virenprüfung meldet infizierte Dateien mit Win32:DH - Standard

Virenprüfung meldet infizierte Dateien mit Win32:DH



Zitat:
13.exe (HackTool.WinActivator)
Sry aber offensichtlich hast du ein gecracktes Windows drauf aus zweifelhafter Quelle.

Normalerweile machen wir mit der Reinigung weiter wenn das gecrackte Zeugs vom Hilfesuchenden deinstalliert wird. Aber wenn das OS gecrackt ist, wirds sinnfrei.

Besorg dir ein legales Windows. Dann helfe ich gern weiter bei der Neuinstallation. Nimm am besten gleich Windows 10.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 20.02.2017, 18:01   #14
Jens85
 
Virenprüfung meldet infizierte Dateien mit Win32:DH - Standard

Virenprüfung meldet infizierte Dateien mit Win32:DH



Da war mal ein gecracktes Windows installiert, das stimmt. Ich habe den Crack aber entfernt und das Windows mit einem legalen Key aktiviert. Das kann ich dir versichern und wenn du willst auch die Rechnung zeigen. Allerdings ist das schon über ein Jahr her.
Ich weiß nicht, warum da scheinbar noch Rückstände vorhanden sind.
Gibts denn noch Anzeichen für eine Infektion?

Falls du mir dennoch nicht weiterhelfen möchtest, kannst du mir sagen, ob ich die Tools dann einfach löschen kann?

Sorry, aber gehts jetzt noch weiter oder nicht?

Alt 20.02.2017, 23:07   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Virenprüfung meldet infizierte Dateien mit Win32:DH - Standard

Virenprüfung meldet infizierte Dateien mit Win32:DH



Wie gesagt, gecracktes Windows. Und zuvor wurdest du auch hier mit gecracktem Office schon erwischt. Hilfe gibts jetzt von mir noch mit der Neuinstallation...
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Virenprüfung meldet infizierte Dateien mit Win32:DH
antimalware, ausgeführt, avast, datei, dateien, durchgeführt, ernst, fehlalarm, gestartet, gestern, hallo zusammen, infizierte, malwarebytes, malwarebytes antimalware, melde, meldet, prüfung, quarantäne, rechner, scan, sicherheit, situation, virus, win, win32, win32:dh, zusammen



Ähnliche Themen: Virenprüfung meldet infizierte Dateien mit Win32:DH


  1. Virenprüfung meldet infizierte Dateien mit Win32:DH
    Mülltonne - 19.02.2017 (0)
  2. Kaspersky meldet Malware mit dem Namen "not-a-virus" und zeigt mehrere infizierte Temp-Dateien.
    Plagegeister aller Art und deren Bekämpfung - 02.12.2016 (13)
  3. Windows 10: Malwarebytes meldet infizierte Dateien, teilweise funktioniert das Internet nicht, generell PC langsam
    Log-Analyse und Auswertung - 24.12.2015 (15)
  4. Win7: Kaspersky meldet wiederholt infizierte DLL-Dateien
    Log-Analyse und Auswertung - 05.03.2015 (21)
  5. BitDefender meldet mir ständig infizierte Webressource
    Log-Analyse und Auswertung - 23.09.2014 (20)
  6. WIN 7: Ad-Aware meldet infizierte Dateien
    Log-Analyse und Auswertung - 17.02.2014 (18)
  7. Malwarebytes meldet 88 infizierte Objekte!
    Plagegeister aller Art und deren Bekämpfung - 08.10.2013 (20)
  8. Infizierte Dateien
    Plagegeister aller Art und deren Bekämpfung - 11.09.2013 (11)
  9. Windows7|64-bit System|Avast meldet 5 infizierte Dateien
    Log-Analyse und Auswertung - 14.08.2013 (7)
  10. Zuerst avast Warnung wegen win32:evo-gen susp, dann hat Malwarebytes 2 infizierte Dateien gefunden
    Plagegeister aller Art und deren Bekämpfung - 06.08.2013 (9)
  11. Avast meldet infizierte Datei: Win32:Kryptik-JUW [Trj]
    Log-Analyse und Auswertung - 05.08.2013 (8)
  12. 2 infizierte Dateien bei MBam
    Log-Analyse und Auswertung - 26.02.2013 (3)
  13. Infizierte Dateien
    Log-Analyse und Auswertung - 19.12.2012 (2)
  14. 10 infizierte Dateien
    Plagegeister aller Art und deren Bekämpfung - 26.10.2011 (3)
  15. TrojanDownloader:Win32/Renos.JS (36 Infizierte Dateien gefunden)
    Log-Analyse und Auswertung - 21.10.2009 (1)
  16. Verdacht auf infizierte DLL-Dateien
    Log-Analyse und Auswertung - 17.06.2008 (0)
  17. Antivir meldet mir eine infizierte Datei.
    Plagegeister aller Art und deren Bekämpfung - 05.01.2005 (2)

Zum Thema Virenprüfung meldet infizierte Dateien mit Win32:DH - Hallo zusammen, Ich habe gestern die Startzeit Überprüfung von Avast gestartet, die ich immer wöchentlich mal ausführe. Leider wurde etwas gefunden: Die Datei wurde dann in die Quarantäne verschoben. Ich - Virenprüfung meldet infizierte Dateien mit Win32:DH...
Archiv
Du betrachtest: Virenprüfung meldet infizierte Dateien mit Win32:DH auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.