Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Driver Booster unmöglich zu deinstallieren

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 16.09.2017, 23:24   #1
SLGHTRRR
 
Driver Booster unmöglich zu deinstallieren - Standard

Driver Booster unmöglich zu deinstallieren



Guten Tag erstmal!

So. Da ich mich nun lange genug mit dem Thema gequält habe und einfach keine Lösung finde, wende ich mich nun hier an dieses Forum und hoffe, dass ihr mir helfen könnt. <:

Also. Worum gehts?

Ein Freund hat mir vor längerer Zeit einmal ein Programm namens "Driver Booster" empfohlen. Ich habe dieses Programm nur einmal benutzt, war auch nicht wirklich begeistert davon und seitdem lungert es auf meinem Rechner herum. Heute dachte ich mir, dass ich dies mal ändere. Tcha, so einfach war das allerdings dann doch nicht, wie zuerst gedacht. Das Programm wird in der Systemsteuerung unter "Programme und Funktionen" nicht angezeigt. Im Ordner des Programms gab es eine "unins000.msg"und eine "unins000.dat". Die .exe habe ich dann wenig später auch gefunden. Sie befand sich in Quarantäne meiner Avira Antivir Software. Warum auch immer. Für Hintergrundinfos bin ich da immer dankbar. (:
Führe ich diese .exe aus, passiert absolut gar nichts. Ich finde einfach keine Möglichkeit, dieses Problem zu deinstallieren und weiß echt nicht mehr weiter. Daher bitte ich euch um Hilfe.

Vielen Dank schon mal im Voraus,

SLGHTRRR

Alt 17.09.2017, 01:36   #2
burningice
/// Malwareteam
 
Driver Booster unmöglich zu deinstallieren - Standard

Driver Booster unmöglich zu deinstallieren




Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen.

Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:
  • Bitte lies meine Posts komplett durch bevor du sie abarbeitest
  • Wenn ein Problem auftauchen sollte oder dir etwas unklar ist, unterbreche deine Arbeit und beschreibe es so genau wie möglich.
  • Bitte kein Crossposting
  • Installiere oder Deinstalliere keine Software ohne Aufforderung
  • Bitte verwende nur die Tools, welche hier im Thread erwähnt werden und führe sie nur gemäß Anweisung aus
  • Bitte antworte innerhalb von 24h um eine sinnvolle Bereinigung zu ermöglichen
  • Poste die Logs immer in CODE-Tags (#-Button), zur Not die Logs einfach aufteilen
  • Wichtig: Nur weil dein Problem mit einem Schritt plötzlich behoben ist, bedeutet das nicht, dass dein PC auch sauber ist. Mache solange weiter, bis ich dir sage, dass dein PC "clean" ist
  • Wir machen unsere Arbeit freiwillig und ehrenamtlich neben unserer normalen Beschäftigung im Leben. Dennoch, wenn ich dir nicht binnen 36h antworte, sende mir bitte eine persönliche Nachricht!
Los geht's

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 17.09.2017, 02:29   #3
SLGHTRRR
 
Driver Booster unmöglich zu deinstallieren - Standard

Driver Booster unmöglich zu deinstallieren



Hey. Vielen Dank für die schnelle Antwort! Hier die gewünschten Logs!

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2017
durchgeführt von Andre (Administrator) auf ANDRE-PC (17-09-2017 02:21:19)
Gestartet von C:\Users\Andre\Desktop
Geladene Profile: Andre &  (Verfügbare Profile: Andre)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
() C:\Users\Andre\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Google, Inc) C:\Users\Andre\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe
(Spotify Ltd) C:\Users\Andre\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(ROCCAT GmbH) D:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() D:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
() C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Malwarebytes) D:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17361016 2016-12-20] (Logitech Inc.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [919032 2017-08-31] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LWS] => D:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [593216 2015-08-11] (Razer Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2303152 2015-07-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-08-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ROCCAT Savu Gaming Mouse] => D:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe [872048 2012-09-10] (ROCCAT GmbH)
HKLM-x32\...\Run: [EaseUS EPM tray] => D:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.0\bin\EpmNews.exe
HKLM-x32\...\Run: [EaseUS Cleanup] => "D:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.0\bin\CleanUpUI.exe" 10 300
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5263504 2012-08-09] (VIA)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5885352 2017-06-29] (LogMeIn Inc.)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000\...\Run: [Amazon Music] => C:\Users\Andre\AppData\Local\Amazon Music\Amazon Music Helper.exe [5886784 2015-04-19] ()
HKU\S-1-5-21-146311287-3911743294-2340431242-1000\...\Run: [GalaxyClient] => D:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [5161536 2017-09-14] (GOG.com)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 6\CyberGhost.exe" /autostart /min
HKU\S-1-5-21-146311287-3911743294-2340431242-1000\...\Run: [Google Update] => C:\Users\Andre\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-28] (Google Inc.)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000\...\Run: [Google Photos Backup] => C:\Users\Andre\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3790936 2016-04-09] (Google, Inc)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000\...\Run: [Discord] => C:\Users\Andre\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000\...\Run: [Spotify Web Helper] => C:\Users\Andre\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1580144 2017-08-11] (Spotify Ltd)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-146311287-3911743294-2340431242-1000\...\MountPoints2: {bb40fb4b-66d3-11e4-b154-74d435b4f298} - G:\setup.exe
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017204210833\...\Run: [Amazon Music] => C:\Users\Andre\AppData\Local\Amazon Music\Amazon Music Helper.exe [5886784 2015-04-19] ()
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017204210833\...\Run: [GalaxyClient] => D:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [5161536 2017-09-14] (GOG.com)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017204210833\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 6\CyberGhost.exe" /autostart /min
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017204210833\...\Run: [Google Update] => C:\Users\Andre\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-28] (Google Inc.)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017204210833\...\Run: [Google Photos Backup] => C:\Users\Andre\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3790936 2016-04-09] (Google, Inc)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017204210833\...\Run: [Discord] => C:\Users\Andre\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017204210833\...\Run: [Spotify Web Helper] => C:\Users\Andre\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1580144 2017-08-11] (Spotify Ltd)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017204210833\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017204210833\...\MountPoints2: {bb40fb4b-66d3-11e4-b154-74d435b4f298} - G:\setup.exe
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017205517673\...\Run: [Amazon Music] => C:\Users\Andre\AppData\Local\Amazon Music\Amazon Music Helper.exe [5886784 2015-04-19] ()
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017205517673\...\Run: [GalaxyClient] => D:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [5161536 2017-09-14] (GOG.com)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017205517673\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 6\CyberGhost.exe" /autostart /min
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017205517673\...\Run: [Google Update] => C:\Users\Andre\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-28] (Google Inc.)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017205517673\...\Run: [Google Photos Backup] => C:\Users\Andre\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3790936 2016-04-09] (Google, Inc)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017205517673\...\Run: [Discord] => C:\Users\Andre\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017205517673\...\Run: [Spotify Web Helper] => C:\Users\Andre\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1580144 2017-08-11] (Spotify Ltd)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017205517673\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017205517673\...\MountPoints2: {bb40fb4b-66d3-11e4-b154-74d435b4f298} - G:\setup.exe
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017210053079\...\Run: [Amazon Music] => C:\Users\Andre\AppData\Local\Amazon Music\Amazon Music Helper.exe [5886784 2015-04-19] ()
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017210053079\...\Run: [GalaxyClient] => D:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [5161536 2017-09-14] (GOG.com)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017210053079\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 6\CyberGhost.exe" /autostart /min
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017210053079\...\Run: [Google Update] => C:\Users\Andre\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-28] (Google Inc.)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017210053079\...\Run: [Google Photos Backup] => C:\Users\Andre\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3790936 2016-04-09] (Google, Inc)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017210053079\...\Run: [Discord] => C:\Users\Andre\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017210053079\...\Run: [Spotify Web Helper] => C:\Users\Andre\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1580144 2017-08-11] (Spotify Ltd)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017210053079\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017210053079\...\MountPoints2: {bb40fb4b-66d3-11e4-b154-74d435b4f298} - G:\setup.exe
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017211439571\...\Run: [Amazon Music] => C:\Users\Andre\AppData\Local\Amazon Music\Amazon Music Helper.exe [5886784 2015-04-19] ()
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017211439571\...\Run: [GalaxyClient] => D:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [5161536 2017-09-14] (GOG.com)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017211439571\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 6\CyberGhost.exe" /autostart /min
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017211439571\...\Run: [Google Update] => C:\Users\Andre\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-28] (Google Inc.)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017211439571\...\Run: [Google Photos Backup] => C:\Users\Andre\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3790936 2016-04-09] (Google, Inc)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017211439571\...\Run: [Discord] => C:\Users\Andre\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017211439571\...\Run: [Spotify Web Helper] => C:\Users\Andre\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1580144 2017-08-11] (Spotify Ltd)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017211439571\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017211439571\...\MountPoints2: {bb40fb4b-66d3-11e4-b154-74d435b4f298} - G:\setup.exe
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224623236\...\Run: [Amazon Music] => C:\Users\Andre\AppData\Local\Amazon Music\Amazon Music Helper.exe [5886784 2015-04-19] ()
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224623236\...\Run: [GalaxyClient] => D:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [5161536 2017-09-14] (GOG.com)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224623236\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 6\CyberGhost.exe" /autostart /min
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224623236\...\Run: [Google Update] => C:\Users\Andre\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-28] (Google Inc.)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224623236\...\Run: [Google Photos Backup] => C:\Users\Andre\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3790936 2016-04-09] (Google, Inc)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224623236\...\Run: [Discord] => C:\Users\Andre\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224623236\...\Run: [Spotify Web Helper] => C:\Users\Andre\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1580144 2017-08-11] (Spotify Ltd)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224623236\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224623236\...\MountPoints2: {bb40fb4b-66d3-11e4-b154-74d435b4f298} - G:\setup.exe
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224656211\...\Run: [Amazon Music] => C:\Users\Andre\AppData\Local\Amazon Music\Amazon Music Helper.exe [5886784 2015-04-19] ()
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224656211\...\Run: [GalaxyClient] => D:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [5161536 2017-09-14] (GOG.com)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224656211\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 6\CyberGhost.exe" /autostart /min
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224656211\...\Run: [Google Update] => C:\Users\Andre\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-28] (Google Inc.)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224656211\...\Run: [Google Photos Backup] => C:\Users\Andre\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3790936 2016-04-09] (Google, Inc)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224656211\...\Run: [Discord] => C:\Users\Andre\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224656211\...\Run: [Spotify Web Helper] => C:\Users\Andre\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1580144 2017-08-11] (Spotify Ltd)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224656211\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224656211\...\MountPoints2: {bb40fb4b-66d3-11e4-b154-74d435b4f298} - G:\setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2016-08-11]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
BootExecute: autocheck autochk * bootdelete

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{30541F6D-4F58-4531-AED5-F5F482CAC65A}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{602B6AA2-CDBC-436A-A711-F2C318EA6F98}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{67952031-F654-4616-9793-086A29AF8A54}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-146311287-3911743294-2340431242-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-146311287-3911743294-2340431242-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017204210833\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017204210833\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017205517673\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017205517673\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017210053079\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017210053079\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017211439571\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017211439571\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224623236\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224623236\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224656211\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224656211\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-09-16] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-16] (Oracle Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)

FireFox:
========
FF ProfilePath: C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\red1zlkb.default [2017-09-16]
FF Homepage: Mozilla\Firefox\Profiles\red1zlkb.default -> about:home
FF NetworkProxy: Mozilla\Firefox\Profiles\red1zlkb.default -> type", 0
FF Extension: (Avira Browserschutz) - C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\red1zlkb.default\Extensions\abs@avira.com.xpi [2017-08-14]
FF Extension: (Amazon-Icon) - C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\red1zlkb.default\Extensions\amazon-icon@giga.de [2014-10-02] [ist nicht signiert]
FF Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\red1zlkb.default\Extensions\firefox@zenmate.com.xpi [2017-06-08]
FF Extension: (Adblock Plus) - C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\red1zlkb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08]
FF Extension: (Tab Player Light) - C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\red1zlkb.default\Extensions\{d96f9f93-cdb4-4421-8d3c-28ad2621d5e9}.xpi [2016-06-10] [ist nicht signiert]
FF Extension: (DownThemAll!) - C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\red1zlkb.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2017-04-10]
FF Extension: (Tab Manager Plus) - C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\red1zlkb.default\Extensions\{f19c43f3-1870-45f7-bf5e-88433934799b}.xpi [2015-12-31] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_207.dll [2015-10-14] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-07-02] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_207.dll [2015-10-14] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-16] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-07-02] (Adobe Systems)
FF Plugin HKU\S-1-5-21-146311287-3911743294-2340431242-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Andre\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-146311287-3911743294-2340431242-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Andre\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-146311287-3911743294-2340431242-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-12-16] ()
FF Plugin HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017204210833: @tools.google.com/Google Update;version=3 -> C:\Users\Andre\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017204210833: @tools.google.com/Google Update;version=9 -> C:\Users\Andre\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017204210833: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-12-16] ()
FF Plugin HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017205517673: @tools.google.com/Google Update;version=3 -> C:\Users\Andre\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017205517673: @tools.google.com/Google Update;version=9 -> C:\Users\Andre\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017205517673: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-12-16] ()
FF Plugin HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017210053079: @tools.google.com/Google Update;version=3 -> C:\Users\Andre\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017210053079: @tools.google.com/Google Update;version=9 -> C:\Users\Andre\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017210053079: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-12-16] ()
FF Plugin HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017211439571: @tools.google.com/Google Update;version=3 -> C:\Users\Andre\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017211439571: @tools.google.com/Google Update;version=9 -> C:\Users\Andre\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017211439571: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-12-16] ()
FF Plugin HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224623236: @tools.google.com/Google Update;version=3 -> C:\Users\Andre\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224623236: @tools.google.com/Google Update;version=9 -> C:\Users\Andre\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224623236: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-12-16] ()
FF Plugin HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224656211: @tools.google.com/Google Update;version=3 -> C:\Users\Andre\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224656211: @tools.google.com/Google Update;version=9 -> C:\Users\Andre\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224656211: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-12-16] ()

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3321459&octid=EB_ORIGINAL_CTID&ISID=MA1CA9458-F849-401C-B3FA-4BF4E7A6441C&SearchSource=55&CUI=&UM=8&UP=SP132290FE-315E-4927-9DD6-36D8EA7647E1&SSPV=
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3321459&octid=EB_ORIGINAL_CTID&ISID=MA1CA9458-F849-401C-B3FA-4BF4E7A6441C&SearchSource=55&CUI=&UM=8&UP=SP132290FE-315E-4927-9DD6-36D8EA7647E1&SSPV="
CHR DefaultSearchURL: Default -> hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3321459&octid=EB_ORIGINAL_CTID&ISID=MA1CA9458-F849-401C-B3FA-4BF4E7A6441C&SearchSource=58&CUI=&UM=8&UP=SP132290FE-315E-4927-9DD6-36D8EA7647E1&q={searchTerms}&SSPV=
CHR DefaultSearchKeyword: Default -> trovi.search
CHR DefaultSuggestURL: Default -> hxxp://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}
CHR Session Restore: Default -> ist aktiviert.
CHR Profile: C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default [2017-09-17]
CHR Extension: (ProxFlow) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2017-02-19]
CHR Extension: (Google Präsentationen) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-26]
CHR Extension: (YouTube) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Google-Suche) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Adobe Acrobat) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-07-23]
CHR Extension: (Google Tabellen) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Avira Browserschutz) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-06-10]
CHR Extension: (Google Docs Offline) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-20]
CHR Extension: (AdBlock) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-08-05]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-27]
CHR Extension: (Amazon) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj [2014-11-21]
CHR Extension: (Google Mail) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-12]
CHR Extension: (Chrome Media Router) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-10]
CHR Profile: C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-09-14]
CHR Profile: C:\Users\Andre\AppData\Local\Google\Chrome\User Data\System Profile [2017-09-14]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-146311287-3911743294-2340431242-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017204210833\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017205517673\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017210053079\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017211439571\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224623236\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224656211\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\Andre\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2014-10-02]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [680112 2015-06-09] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-03] (Advanced Micro Devices, Inc.)
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2017-04-24] (Advanced Micro Devices) [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1128432 2017-08-31] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [490968 2017-08-31] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [490968 2017-08-31] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1525240 2017-08-31] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [404816 2017-08-15] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1522184 2017-06-21] ()
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [382504 2017-08-16] (EasyAntiCheat Ltd)
S3 GalaxyClientService; D:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [532544 2017-09-14] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8242752 2017-09-14] (GOG.com)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3418024 2017-06-29] (LogMeIn Inc.)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2015-09-02] (Hi-Rez Studios) [Datei ist nicht signiert]
S3 HnGSteamService; H:\Steam\steamapps\common\Heroes & Generals\hngservice.exe [777512 2017-09-15] (Reto-Moto ApS)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2016-12-20] (Logitech Inc.)
R2 MBAMService; D:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2121736 2017-01-24] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2183696 2017-01-24] (Electronic Arts)
R2 ovpnagent; C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe [949480 2016-08-29] ()
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-10-17] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-02-12] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-16] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5491984 2015-05-20] (TeamViewer GmbH)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2017-01-23] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [305544 2017-04-25] (Advanced Micro Devices)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [65248 2017-01-23] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [64504 2017-06-14] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [194912 2017-08-31] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [151128 2017-08-31] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35328 2017-03-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-02] (Avira Operations GmbH & Co. KG)
S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-31] (Windows (R) Win 7 DDK provider)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 DroidCam; C:\Windows\System32\DRIVERS\droidcam.sys [33080 2014-10-05] (Dev47Apps)
S3 DroidCamVideo; C:\Windows\System32\DRIVERS\droidcamvideo.sys [227512 2014-10-05] (Dev47Apps)
S3 E100B; C:\Windows\System32\DRIVERS\efe5b32e.sys [192256 2009-06-10] (Intel Corporation)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-08-24] ()
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-01-23] (REALiX(tm))
S3 ladfGSS; C:\Windows\System32\drivers\ladfGSS.sys [54552 2016-12-20] (Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [67736 2016-12-20] (Logitech Inc.)
S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [192960 2017-09-16] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [101824 2017-09-16] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [45472 2017-09-16] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [253888 2017-09-16] (Malwarebytes)
R3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [27136 2016-06-15] (The OpenVPN Project)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-10-08] (Razer, Inc.)
R3 ssdevfactory; C:\Windows\System32\DRIVERS\ssdevfactory.sys [32792 2015-06-30] (SteelSeries ApS)
S3 sshid; C:\Windows\System32\DRIVERS\sshid.sys [51400 2015-10-27] (SteelSeries ApS)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 tap0901_openvpn_accl; C:\Windows\System32\DRIVERS\tap0901_openvpn_accl.sys [37912 2016-11-05] (The OpenVPN Project)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
R3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [231112 2013-01-03] (VIA Technologies, Inc.)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [305664 2017-01-23] (VIA Technologies, Inc.)
S3 ALSysIO; \??\C:\Users\Andre\AppData\Local\Temp\ALSysIO64.sys [X] <==== ACHTUNG
S1 ArcCtrl; system32\drivers\ArcCtrl.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
R4 hitmanpro37; \??\C:\Windows\system32\drivers\hitmanpro37.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-17 02:21 - 2017-09-17 02:22 - 000052545 _____ C:\Users\Andre\Desktop\FRST.txt
2017-09-17 02:21 - 2017-09-17 02:21 - 000000000 ____D C:\FRST
2017-09-17 02:19 - 2017-09-17 02:19 - 002398720 _____ (Farbar) C:\Users\Andre\Desktop\FRST64.exe
2017-09-16 22:44 - 2017-09-16 22:44 - 000012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2017-09-16 22:44 - 2017-09-16 22:44 - 000000226 _____ C:\Windows\system32\bootdelete.lst
2017-09-16 22:35 - 2017-09-16 22:45 - 000000000 ____D C:\ProgramData\HitmanPro
2017-09-16 22:34 - 2017-09-16 22:34 - 011584088 _____ (SurfRight B.V.) C:\Users\Andre\Desktop\hitmanpro_x64.exe
2017-09-16 20:21 - 2017-09-16 23:45 - 000084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-09-16 20:21 - 2017-09-16 20:39 - 000101824 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-09-16 20:21 - 2017-09-16 20:38 - 000253888 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-09-16 20:21 - 2017-09-16 20:38 - 000045472 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-09-16 20:21 - 2017-09-16 20:21 - 000192960 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-09-16 20:21 - 2017-09-16 20:21 - 000000939 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-16 20:21 - 2017-09-16 20:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-16 20:21 - 2017-08-24 11:27 - 000077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-09-16 20:20 - 2017-09-16 20:20 - 068408664 _____ (Malwarebytes ) C:\Users\Andre\Desktop\mb3-setup-consumer-3.2.2.2029.exe
2017-09-16 19:47 - 2017-09-16 19:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-09-14 00:30 - 2017-09-14 00:31 - 000000000 ____D C:\Users\Andre\Desktop\arkark
2017-09-13 06:22 - 2017-08-19 17:28 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2017-09-13 06:22 - 2017-08-19 17:10 - 000180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2017-09-13 06:22 - 2017-08-16 17:29 - 000806912 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-09-13 06:22 - 2017-08-16 17:10 - 000629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-09-13 06:22 - 2017-08-16 16:57 - 003224576 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-09-13 06:22 - 2017-08-16 03:10 - 000395976 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-09-13 06:22 - 2017-08-16 02:25 - 000347336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-09-13 06:22 - 2017-08-15 17:29 - 014182400 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-09-13 06:22 - 2017-08-15 17:29 - 001867264 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-09-13 06:22 - 2017-08-15 17:10 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-09-13 06:22 - 2017-08-15 17:10 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-09-13 06:22 - 2017-08-15 16:06 - 015260160 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-09-13 06:22 - 2017-08-15 16:01 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-09-13 06:22 - 2017-08-15 16:01 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-09-13 06:22 - 2017-08-15 16:01 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-09-13 06:22 - 2017-08-15 15:58 - 013673984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-09-13 06:22 - 2017-08-14 19:35 - 003203584 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2017-09-13 06:22 - 2017-08-14 19:35 - 002150912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
2017-09-13 06:22 - 2017-08-14 19:35 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll
2017-09-13 06:22 - 2017-08-14 19:35 - 000303104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcbase.dll
2017-09-13 06:22 - 2017-08-14 19:35 - 000172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cic.dll
2017-09-13 06:22 - 2017-08-14 19:35 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll
2017-09-13 06:22 - 2017-08-14 19:35 - 000128512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcshext.dll
2017-09-13 06:22 - 2017-08-14 19:34 - 000211968 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll
2017-09-13 06:22 - 2017-08-13 23:37 - 002144256 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2017-09-13 06:22 - 2017-08-13 23:30 - 001401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2017-09-13 06:22 - 2017-08-13 20:58 - 025730560 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-09-13 06:22 - 2017-08-13 19:24 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-09-13 06:22 - 2017-08-13 19:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-09-13 06:22 - 2017-08-13 19:06 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-09-13 06:22 - 2017-08-13 19:05 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-09-13 06:22 - 2017-08-13 19:05 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-09-13 06:22 - 2017-08-13 19:05 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-09-13 06:22 - 2017-08-13 19:05 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-09-13 06:22 - 2017-08-13 19:04 - 002899968 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-09-13 06:22 - 2017-08-13 18:56 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-09-13 06:22 - 2017-08-13 18:55 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-09-13 06:22 - 2017-08-13 18:54 - 020269056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-09-13 06:22 - 2017-08-13 18:52 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-09-13 06:22 - 2017-08-13 18:51 - 005981696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-09-13 06:22 - 2017-08-13 18:51 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-09-13 06:22 - 2017-08-13 18:51 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-09-13 06:22 - 2017-08-13 18:50 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-09-13 06:22 - 2017-08-13 18:50 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-09-13 06:22 - 2017-08-13 18:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-09-13 06:22 - 2017-08-13 18:41 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-09-13 06:22 - 2017-08-13 18:38 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-09-13 06:22 - 2017-08-13 18:30 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-09-13 06:22 - 2017-08-13 18:29 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-09-13 06:22 - 2017-08-13 18:29 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-09-13 06:22 - 2017-08-13 18:29 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-09-13 06:22 - 2017-08-13 18:29 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-09-13 06:22 - 2017-08-13 18:29 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-09-13 06:22 - 2017-08-13 18:28 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-09-13 06:22 - 2017-08-13 18:27 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-09-13 06:22 - 2017-08-13 18:24 - 002291200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-09-13 06:22 - 2017-08-13 18:24 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-09-13 06:22 - 2017-08-13 18:23 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-09-13 06:22 - 2017-08-13 18:22 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-09-13 06:22 - 2017-08-13 18:21 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-09-13 06:22 - 2017-08-13 18:20 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-09-13 06:22 - 2017-08-13 18:19 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-09-13 06:22 - 2017-08-13 18:18 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-09-13 06:22 - 2017-08-13 18:17 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-09-13 06:22 - 2017-08-13 18:17 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-09-13 06:22 - 2017-08-13 18:17 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-09-13 06:22 - 2017-08-13 18:07 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-09-13 06:22 - 2017-08-13 18:04 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-09-13 06:22 - 2017-08-13 18:04 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-09-13 06:22 - 2017-08-13 18:02 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-09-13 06:22 - 2017-08-13 18:01 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-09-13 06:22 - 2017-08-13 18:01 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-09-13 06:22 - 2017-08-13 18:01 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-09-13 06:22 - 2017-08-13 18:00 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-09-13 06:22 - 2017-08-13 17:57 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-09-13 06:22 - 2017-08-13 17:53 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-09-13 06:22 - 2017-08-13 17:48 - 004547072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-09-13 06:22 - 2017-08-13 17:46 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-09-13 06:22 - 2017-08-13 17:44 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-09-13 06:22 - 2017-08-13 17:43 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-09-13 06:22 - 2017-08-13 17:43 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-09-13 06:22 - 2017-08-13 17:40 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-09-13 06:22 - 2017-08-13 17:27 - 001544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-09-13 06:22 - 2017-08-13 17:18 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-09-13 06:22 - 2017-08-13 17:17 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-09-13 06:22 - 2017-08-13 17:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-09-13 06:22 - 2017-08-13 17:13 - 001314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-09-13 06:22 - 2017-08-11 08:42 - 000631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-09-13 06:22 - 2017-08-11 08:38 - 005547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-09-13 06:22 - 2017-08-11 08:38 - 000706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-09-13 06:22 - 2017-08-11 08:38 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-09-13 06:22 - 2017-08-11 08:38 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-09-13 06:22 - 2017-08-11 08:36 - 001732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 002065408 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000346112 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000971776 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:24 - 004001000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-09-13 06:22 - 2017-08-11 08:24 - 003945704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-09-13 06:22 - 2017-08-11 08:21 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-09-13 06:22 - 2017-08-11 08:20 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-09-13 06:22 - 2017-08-11 08:20 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-09-13 06:22 - 2017-08-11 08:19 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000299008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winnsi.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nsi.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:12 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2017-09-13 06:22 - 2017-08-11 08:09 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2017-09-13 06:22 - 2017-08-11 08:07 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-09-13 06:22 - 2017-08-11 08:07 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-09-13 06:22 - 2017-08-11 08:07 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-09-13 06:22 - 2017-08-11 08:06 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-09-13 06:22 - 2017-08-11 08:03 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-09-13 06:22 - 2017-08-11 08:03 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2017-09-13 06:22 - 2017-08-11 08:02 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-09-13 06:22 - 2017-08-11 08:01 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2017-09-13 06:22 - 2017-08-11 08:00 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-09-13 06:22 - 2017-08-11 08:00 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-09-13 06:22 - 2017-08-11 08:00 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-09-13 06:22 - 2017-08-11 07:59 - 000460800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-09-13 06:22 - 2017-08-11 07:59 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-09-13 06:22 - 2017-08-11 07:59 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-09-13 06:22 - 2017-08-11 07:59 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-09-13 06:22 - 2017-08-11 07:59 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-09-13 06:22 - 2017-08-11 07:58 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-09-13 06:22 - 2017-08-11 07:58 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-09-13 06:22 - 2017-08-11 07:58 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2017-09-13 06:22 - 2017-08-11 07:56 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-09-13 06:22 - 2017-08-11 07:56 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-09-13 06:22 - 2017-08-11 07:56 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-09-13 06:22 - 2017-08-11 07:56 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-09-13 06:22 - 2017-08-11 07:55 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-09-13 06:22 - 2017-08-11 07:55 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 07:55 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 07:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 07:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-09-13 06:22 - 2017-07-07 17:29 - 001143296 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
2017-09-13 06:22 - 2017-07-07 17:10 - 000973312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXPTaskRingtone.dll
2017-09-09 03:23 - 2017-09-09 03:23 - 055163204 _____ C:\Users\Andre\Desktop\Orchid Mantis It Was Gone.mov
2017-09-06 17:40 - 2017-09-06 19:24 - 000000000 ____D C:\Users\Andre\AppData\Local\HyperLightDrifter
2017-08-28 00:04 - 2017-08-28 00:04 - 004282066 _____ C:\Users\Andre\Desktop\wewelsburg.rar
2017-08-28 00:02 - 2017-08-28 00:04 - 000000000 ____D C:\Users\Andre\Desktop\wewelsburg
2017-08-23 21:41 - 2017-08-23 21:41 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2017-08-23 21:41 - 2017-08-23 21:41 - 000002188 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-17 02:19 - 2014-09-30 18:13 - 000000000 ____D C:\Users\Andre\AppData\Roaming\Skype
2017-09-17 02:00 - 2014-09-30 18:30 - 000000000 ____D C:\Users\Andre\AppData\Local\Adobe
2017-09-17 00:16 - 2014-09-30 18:10 - 000000000 ____D C:\Program Files (x86)\Steam
2017-09-16 22:49 - 2017-01-23 23:19 - 000002886 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Andre)
2017-09-16 20:46 - 2009-07-14 06:45 - 000027936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-09-16 20:46 - 2009-07-14 06:45 - 000027936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-09-16 20:39 - 2015-07-07 23:31 - 000000000 ____D C:\ProgramData\boost_interprocess
2017-09-16 20:37 - 2014-10-18 19:35 - 000000000 ____D C:\Users\Andre\AppData\Local\LogMeIn Hamachi
2017-09-16 20:35 - 2014-09-26 08:43 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2017-09-16 20:35 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-09-16 20:21 - 2016-07-19 17:50 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-16 19:54 - 2017-01-23 23:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2017-09-16 19:21 - 2014-12-31 02:23 - 000000000 ____D C:\ProgramData\Steam
2017-09-16 17:41 - 2014-10-11 03:39 - 000000000 ____D C:\Users\Andre\AppData\Local\Spotify
2017-09-16 17:33 - 2016-09-30 22:27 - 000000000 ____D C:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-09-16 13:28 - 2014-10-11 03:38 - 000000000 ____D C:\Users\Andre\AppData\Roaming\Spotify
2017-09-14 06:01 - 2014-04-03 07:44 - 000000000 ____D C:\ProgramData\Package Cache
2017-09-14 04:31 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2017-09-14 03:50 - 2011-04-12 09:43 - 000713634 _____ C:\Windows\system32\perfh007.dat
2017-09-14 03:50 - 2011-04-12 09:43 - 000153750 _____ C:\Windows\system32\perfc007.dat
2017-09-14 03:50 - 2009-07-14 07:13 - 001647328 _____ C:\Windows\system32\PerfStringBackup.INI
2017-09-14 03:50 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2017-09-14 03:42 - 2009-07-14 06:45 - 004935296 _____ C:\Windows\system32\FNTCACHE.DAT
2017-09-14 03:22 - 2014-09-30 19:42 - 000000000 ____D C:\Windows\system32\MRT
2017-09-14 03:13 - 2014-09-30 19:42 - 138202976 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-09-14 03:05 - 2014-04-03 07:07 - 001620672 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-09-09 03:32 - 2014-09-30 21:57 - 000000000 ____D C:\Users\Andre\AppData\Roaming\vlc
2017-09-08 13:12 - 2014-10-01 04:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-08-31 11:11 - 2014-10-01 04:38 - 000194912 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2017-08-31 11:11 - 2014-10-01 04:38 - 000151128 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2017-08-31 05:40 - 2015-11-05 21:09 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-30 20:04 - 2014-09-30 19:24 - 000000000 ____D C:\Users\Andre\AppData\Roaming\TS3Client
2017-08-28 22:43 - 2014-11-21 02:31 - 000002203 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-27 19:07 - 2017-04-07 02:05 - 000000000 ____D C:\Users\Andre\AppData\LocalLow\Mozilla
2017-08-23 21:41 - 2014-11-21 02:30 - 000000000 ____D C:\Program Files (x86)\Google

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-10-07 03:01 - 2014-10-09 01:13 - 000000296 _____ () C:\Users\Andre\AppData\Roaming\BreakingPoint_Login.ini
2014-10-07 03:02 - 2014-10-08 04:38 - 000001408 _____ () C:\Users\Andre\AppData\Roaming\BreakingPoint_Options.ini
2016-01-06 21:53 - 2016-01-10 00:51 - 000000098 _____ () C:\Users\Andre\AppData\Roaming\LauncherSettings_live.cfg
2016-01-06 21:56 - 2016-01-06 21:56 - 000010495 _____ () C:\Users\Andre\AppData\Roaming\TheHunterSettings_live.bin
2015-10-15 05:50 - 2015-10-15 05:50 - 000003584 _____ () C:\Users\Andre\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-07-14 03:55 - 2017-08-17 23:53 - 000007624 _____ () C:\Users\Andre\AppData\Local\Resmon.ResmonCfg
2014-10-05 23:37 - 2014-10-05 23:42 - 000000017 _____ () C:\ProgramData\droidcam-settings

Einige Dateien in TEMP:
====================
2014-10-01 04:39 - 2014-10-01 04:39 - 000000000 ____D () C:\Users\Andre\AppData\Local\Temp\avgnt.exe
2017-05-24 23:56 - 2017-05-24 23:56 - 000008720 _____ () C:\Users\Andre\AppData\Local\Temp\BullseyeCoverage-2-x86.dll
2017-05-12 13:49 - 2017-05-12 13:49 - 019673080 _____ (Rockstar Games.) C:\Users\Andre\AppData\Local\Temp\GTA_V_Launcher_1_0_1011_1.exe
2017-08-24 03:08 - 2017-08-24 03:08 - 058782680 _____ (Skype Technologies S.A.) C:\Users\Andre\AppData\Local\Temp\SkypeSetup.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-09-10 04:41

==================== Ende von FRST.txt ============================
         
__________________

Alt 17.09.2017, 02:30   #4
SLGHTRRR
 
Driver Booster unmöglich zu deinstallieren - Standard

Driver Booster unmöglich zu deinstallieren



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 16-09-2017
durchgeführt von Andre (17-09-2017 02:22:41)
Gestartet von C:\Users\Andre\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-09-30 16:04:12)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-146311287-3911743294-2340431242-500 - Administrator - Disabled)
Andre (S-1-5-21-146311287-3911743294-2340431242-1000 - Administrator - Enabled) => C:\Users\Andre
Gast (S-1-5-21-146311287-3911743294-2340431242-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-146311287-3911743294-2340431242-1002 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ACP Application (HKLM\...\{08524C4D-56DD-188E-ECD8-4D3F976AA3CF}) (Version: 2017.0424.2109.30 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.1.3.121 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.207 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.0.1 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-146311287-3911743294-2340431242-1000\...\Amazon Amazon Music) (Version: 3.9.0.795 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017204210833\...\Amazon Amazon Music) (Version: 3.9.0.795 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017205517673\...\Amazon Amazon Music) (Version: 3.9.0.795 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017210053079\...\Amazon Amazon Music) (Version: 3.9.0.795 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017211439571\...\Amazon Amazon Music) (Version: 3.9.0.795 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224623236\...\Amazon Amazon Music) (Version: 3.9.0.795 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224656211\...\Amazon Amazon Music) (Version: 3.9.0.795 - Amazon Services LLC)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassins Creed Unity (HKLM-x32\...\QXNzYXNzaW5zQ3JlZWRVbml0eQ==_is1) (Version: 1 - )
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
AunPlayer version 1.1.0.990 (HKLM-x32\...\{83AF2B1C-3F1C-4dc6-8237-5B400AAEB58B}_is1) (Version:  - )
Avira (HKLM-x32\...\{4771539a-931b-4378-8d4a-721ba62effca}) (Version: 1.2.95.14694 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{C22F76F2-AC9E-44BA-B297-71485F94022F}) (Version: 1.2.95.14694 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.30.29 - Avira Operations GmbH & Co. KG)
Awesomium Redistributable (HKLM-x32\...\{5BCB064B-9F65-4E15-BAFB-669E72E54FD9}) (Version: 1.7.4.2 - SIX Networks GmbH)
Axiom Verge (HKLM\...\Steam App 332200) (Version:  - Thomas Happ Games LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.47.30570 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Black ICE 6.21r2945 (HKLM-x32\...\{015E0577-7D4A-456C-A435-DD9EE7E72589}_is1) (Version: 6.21r2945 - Panzeroo, Inc.)
Blitzkrieg Mod MapPack version 4.8.6.0 (HKLM-x32\...\{46640F05-317B-44BA-B234-2382B39E3181}_is1) (Version: 4.8.6.0 - Blitzkrieg Mod Team)
Blitzkrieg Mod version 4.9.5 (HKLM-x32\...\{81EC7B6D-B297-4820-B5BE-5A2373725158}_is1) (Version: 4.9.5 - Blitzkrieg Mod Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{D6823E97-B396-927D-D651-AFB82BE03523}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{4B01C6D5-4693-6CA8-ECF7-A0F9E7FEC6DB}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{50DBC6DD-C2A2-2C38-FE37-A48208474155}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{BF26ACAF-6D09-023B-5FB7-8A848874A724}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{9DB37D05-F855-5D7D-08C2-25E00E2CCDBC}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{87250370-0A99-4ED9-DCE4-970DAC325FA5}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{1F815C78-D31E-53FD-C8BF-3215E4F022A3}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{79F58747-D616-4CDB-7D8B-4BC580D99153}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{02E80355-64BF-6C1E-B0B7-76857D62A86D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{77158555-E271-A561-ECDA-611639388B5C}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{97673BD1-8CA0-53EF-C4E7-282CD8748F1C}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{F1AD64B3-4114-8EF7-407C-F9F9122EDA68}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED28D75F-557C-39C9-5004-F8F17C8BC279}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{41268A73-D680-48C5-DE5E-CF67C05CBBBB}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{9655DE76-0987-9159-5A7E-FCE18409D004}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{CD73EC8B-9F04-5EA1-8FD4-AEE4DAC51267}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{397C2EE5-B514-0CC5-53C3-2FBE46CE6EDF}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{45FA39D2-8AEB-AFF8-2FA6-96891732CB80}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{B3EA6CCB-F44C-DC35-94F5-1B9CC18FE598}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{AEE4C0AE-CDAF-5D37-2DA3-A2B3FDFE6E81}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{BE064737-1F2C-ECDD-916C-798E3D18C263}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CPUID HWMonitor 1.25 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
CrystalDiskInfo 7.0.4 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.0.4 - Crystal Dew World)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DARK SOULS III (HKLM\...\Steam App 374320) (Version:  - FromSoftware, Inc.)
DEADBOLT (HKLM\...\Steam App 394970) (Version:  - Hopoo Games, LLC)
Dear Esther (HKLM\...\Steam App 203810) (Version:  - The Chinese Room)
Discord (HKU\S-1-5-21-146311287-3911743294-2340431242-1000\...\Discord) (Version: 0.0.298 - Discord Inc.)
Discord (HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017204210833\...\Discord) (Version: 0.0.298 - Discord Inc.)
Discord (HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017205517673\...\Discord) (Version: 0.0.298 - Discord Inc.)
Discord (HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017210053079\...\Discord) (Version: 0.0.298 - Discord Inc.)
Discord (HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017211439571\...\Discord) (Version: 0.0.298 - Discord Inc.)
Discord (HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224623236\...\Discord) (Version: 0.0.298 - Discord Inc.)
Discord (HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224656211\...\Discord) (Version: 0.0.298 - Discord Inc.)
Drawful 2 (HKLM-x32\...\7c165bbd-272d-47bd-b387-25ebca8ea6b1) (Version:  - JBCZN)
Dropsy (HKLM\...\Steam App 274350) (Version:  - Tendershoot)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Euro Truck Simulator 2 Multiplayer 0.1.1 R2 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.1.1 R2 Alpha - ETS2MP Team)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Far Cry 4 Update v1.6 (HKLM-x32\...\RmFyQ3J5NA==_is1) (Version: 1 - )
FlyVPN (HKLM-x32\...\FlyVPN) (Version: 3.6.2.2 - FlyVPN)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Photos Backup (HKU\S-1-5-21-146311287-3911743294-2340431242-1000\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
Google Photos Backup (HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017204210833\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
Google Photos Backup (HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017205517673\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
Google Photos Backup (HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017210053079\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
Google Photos Backup (HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017211439571\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
Google Photos Backup (HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224623236\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
Google Photos Backup (HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224656211\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Hacknet (HKLM\...\Steam App 365450) (Version:  - Team Fractal Alligator)
Hellblade: Senua's Sacrifice (HKLM\...\Steam App 414340) (Version:  - Ninja Theory)
Heroes & Generals (HKLM\...\Steam App 227940) (Version:  - Reto-Moto)
Hotline Miami (HKLM\...\Steam App 219150) (Version:  - Dennaton Games)
Hotline Miami 2: Wrong Number Digital Comic (HKLM-x32\...\Steam App 341190) (Version:  - Dennaton Games)
Hyper Light Drifter (HKLM\...\Steam App 257850) (Version:  - Heart Machine)
IL-2 Sturmovik Battle of Stalingrad (HKLM-x32\...\{66F649A9-0FA2-487E-BC0D-894BD7E89D5E}_is1) (Version:  - 1C Game Studios)
InstallShieldHiRezCurrent (HKLM-x32\...\{9433FC1C-7405-433C-A26D-81076293BBCE}) (Version: 3.0.0.0 - Hi-Rez Studios)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kentucky Route Zero (HKLM-x32\...\Steam App 231200) (Version:  - Cardboard Computer)
Killer is Dead (HKLM\...\Steam App 261110) (Version:  - KADOKAWA GAMES / GRASSHOPPER MANUFACTURE)
Leawo Blu-ray Player version  1.9.2.3 (HKLM-x32\...\{CF7F52BF-DEE0-44CD-A7E1-AADD5CCECCDD}_is1) (Version: 1.9.2.3 - leawo Software)
LIMBO (HKLM\...\Steam App 48000) (Version:  - Playdead)
Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)
Logitech Gaming Software 8.90 (HKLM\...\Logitech Gaming Software) (Version: 8.90.117 - Logitech Inc.)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\{BE82D2D7-6CA2-43B3-8C22-CCF6405806E7}) (Version: 2.2.0.579 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.579 - LogMeIn, Inc.)
Malwarebytes Version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Mass Effect™ 2 (HKLM-x32\...\{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}) (Version: 1.2.1604.0 - Electronic Arts)
Men of War: Assault Squad 2 (HKLM\...\Steam App 244450) (Version:  - Digitalmindsoft)
METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM\...\Steam App 287700) (Version:  - Konami Digital Entertainment)
Microsoft .NET Framework 4.7 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.1005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 53.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.2 (x86 de)) (Version: 53.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.2.6333 - Mozilla)
My Music Recognition (HKLM-x32\...\0FAC4B06-C222-4BE6-9118-1D893C4B05AD) (Version: 2.4 - Amir Hammoutene)
Net4Players Launcher Version 0.1 (HKLM-x32\...\{686082EC-BFF8-4C79-AA64-372A05B0662F}_is1) (Version: 0.1 - Net4Players Gaming Organization)
NO THING (HKLM\...\Steam App 444800) (Version:  - Evil Indie Games)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
One Finger Death Punch (HKLM\...\Steam App 264200) (Version:  - Silver Dollar Games)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.2.12697 - Electronic Arts, Inc.)
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.) Hidden
PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version:  - Bluehole, Inc.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.1 - Power Software Ltd)
PrivateTunnel (HKLM-x32\...\PrivateTunnel) (Version: 2.7.0.10 - OpenVPN Technologies)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
Psychonauts (HKLM\...\Steam App 3830) (Version:  - Double Fine Productions)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.7-r116720-release - Raptr, Inc)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.302 - Razer Inc.)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6650 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6767 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Rocket League (HKLM\...\Steam App 252950) (Version:  - Psyonix, Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.4 - Rockstar Games)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Savu Mouse (HKLM-x32\...\{6F4B8EA6-4546-4160-A05F-0706F7DC1EFF}) (Version: 1.1.9 - ROCCAT GmbH)
Silence of the Sleep (HKLM\...\Steam App 321870) (Version:  - Jesse Makkonen)
SIW 2013 Home Edition (HKLM-x32\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2013.05.14 - Topala Software Solutions)
Skype™ 7.37 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.37.103 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKU\S-1-5-21-146311287-3911743294-2340431242-1000\...\Spotify) (Version: 1.0.60.492.gbb40dab8 - Spotify AB)
Spotify (HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017204210833\...\Spotify) (Version: 1.0.60.492.gbb40dab8 - Spotify AB)
Spotify (HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017205517673\...\Spotify) (Version: 1.0.60.492.gbb40dab8 - Spotify AB)
Spotify (HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017210053079\...\Spotify) (Version: 1.0.60.492.gbb40dab8 - Spotify AB)
Spotify (HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017211439571\...\Spotify) (Version: 1.0.60.492.gbb40dab8 - Spotify AB)
Spotify (HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224623236\...\Spotify) (Version: 1.0.60.492.gbb40dab8 - Spotify AB)
Spotify (HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224656211\...\Spotify) (Version: 1.0.60.492.gbb40dab8 - Spotify AB)
Squad (HKLM\...\Steam App 393380) (Version:  - Offworld Industries)
StarCraft (HKLM-x32\...\StarCraft) (Version:  - Blizzard Entertainment)
Stardew Valley (HKLM\...\Steam App 413150) (Version:  - ConcernedApe)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steel Division: Normandy 44 (HKLM\...\Steam App 572410) (Version:  - Eugen Systems)
SteelSeries Engine 3.4.1 (HKLM\...\SteelSeries Engine 3) (Version: 3.4.1 - SteelSeries ApS)
Stellaris (HKLM\...\Steam App 281990) (Version:  - Paradox Development Studio)
System Requirements Lab Detection (HKLM-x32\...\{DE556483-4317-4911-A6F3-E78356331AA4}) (Version: 6.1.6.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.42849 - TeamViewer)
The Binding of Isaac: Rebirth (HKLM\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Cat Lady (HKLM-x32\...\Steam App 253110) (Version:  - Harvester Games)
The Stanley Parable (HKLM\...\Steam App 221910) (Version:  - Galactic Cafe)
The Swapper (HKLM\...\Steam App 231160) (Version:  - Olli Harjola, Otto Hantula, Tom Jubert, Carlo Castellano)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.31.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Blood and Wine (HKLM-x32\...\Blood and Wine_is1) (Version: 1.24.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.24.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.24.0.0 - GOG.com)
To the Moon (HKLM\...\Steam App 206440) (Version:  - Freebird Games)
Transistor (HKLM\...\Steam App 237930) (Version:  - Supergiant Games)
Twitch Launcher (HKLM-x32\...\Twitch Launcher 1.0.0) (Version: 1.0.0 - Twitch)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Undertale (HKLM\...\Steam App 391540) (Version:  - tobyfox)
Updated Unofficial Fallout 3 Patch v1.9.3 (HKLM-x32\...\Updated Unofficial Fallout 3 Patch_is1) (Version: 1.9.3 - )
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
VA-11 Hall-A: Cyberpunk Bartender Action (HKLM\...\Steam App 447530) (Version:  - Sukeban Games)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Virtual Audio Capture Grabber uninstall (HKLM-x32\...\Virtual Audio Capture Grabber_is1) (Version:  - )
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
WhoCrashed 5.02 (HKLM\...\WhoCrashed_is1) (Version:  - Resplendence Software Projects Sp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinHTTrack Website Copier 3.48-19 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.19 - HTTrack)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
XCOM: Enemy Unknown (HKLM\...\Steam App 200510) (Version:  - Firaxis Games)
XMedia Recode Version 3.2.3.2 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.2.3.2 - XMedia Recode)
Zup! 3 (HKLM\...\Steam App 575640) (Version:  - Quiet River)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-146311287-3911743294-2340431242-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Andre\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-146311287-3911743294-2340431242-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Andre\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-146311287-3911743294-2340431242-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Andre\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-146311287-3911743294-2340431242-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-146311287-3911743294-2340431242-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Andre\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-06-13] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-06-13] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-06-13] ()
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-06-13] ()
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2014-10-08] (Power Software Ltd)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2017-08-31] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-09-02] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-09-02] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2014-10-08] (Power Software Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-04-24] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-06-13] ()
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2014-10-08] (Power Software Ltd)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2017-08-31] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-09-02] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-09-02] (Alexander Roshal)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {37C92B9C-7050-4BCC-BEFF-42366A1D8290} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {44F947AF-6C6F-40B6-8D70-50B6A90419EF} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {4C52219A-F5A3-407E-BF20-17B34CBA2748} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {4DBD9F13-52D7-4746-B4DD-62BAFACEFA71} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\Scheduler.exe [2016-12-14] (IObit)
Task: {7846AB11-491D-4843-A62D-D6DEBBBFE5F1} - System32\Tasks\{BEE8BF74-DE32-44F8-984E-D829394C7E4F} => C:\Windows\system32\pcalua.exe -a C:\Users\Andre\Downloads\pb38setup\pbsetup.exe -d C:\Users\Andre\Downloads\pb38setup
Task: {A664BC33-2A7F-4955-A7BF-E2288D197479} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-146311287-3911743294-2340431242-1000UA => C:\Users\Andre\AppData\Local\Google\Update\GoogleUpdate.exe [2017-01-04] (Google Inc.)
Task: {D86B455E-169C-4071-A1D6-63FBA56BCA22} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {DB293ECB-C4B0-4BC4-BF78-ED87BE26D3F8} - System32\Tasks\{531F376E-28BF-41B1-872D-3E0BB69C2575} => C:\Windows\system32\pcalua.exe -a D:\DL\jxpiinstall(1).exe -d D:\DL
Task: {E15754E0-44E4-47D0-87F7-8620E856EBDB} - System32\Tasks\{DAA06107-9AD1-4820-A0B4-BDF4AD8EB1DF} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.5.64.102/de/go/help.faq.installer?LastError=1601
Task: {EC01BBD5-3ADD-441C-91AC-5EA7F14F87EB} - System32\Tasks\Driver Booster SkipUAC (Andre) => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe [2017-01-10] (IObit)
Task: {EC626A2E-84CC-409C-BA80-7FD3FF5D82C6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-146311287-3911743294-2340431242-1000Core => C:\Users\Andre\AppData\Local\Google\Update\GoogleUpdate.exe [2017-01-04] (Google Inc.)
Task: {FA7B315E-99AA-413E-B57B-1AA8DC312F3E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {FAA109F0-CADE-49C3-8542-D19ECAFE10DB} - System32\Tasks\AdobeAAMUpdater-1.0-Andre-PC-Andre => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


Shortcut: C:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\icq.com.lnk -> hxxp://www.icq.com

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-11-03 18:12 - 2015-11-03 18:12 - 000214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 000817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 003650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2015-06-13 14:17 - 2015-06-13 14:17 - 000803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 002013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-12-20 01:59 - 2016-12-20 01:59 - 001096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-12-20 01:59 - 2016-12-20 01:59 - 000241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-04-18 04:47 - 2015-04-19 03:54 - 005886784 _____ () C:\Users\Andre\AppData\Local\Amazon Music\Amazon Music Helper.exe
2012-09-13 01:38 - 2012-09-13 01:38 - 000264040 _____ () D:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2016-08-29 19:31 - 2016-08-29 19:31 - 000949480 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe
2014-10-01 04:58 - 2016-02-12 02:31 - 000076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2016-09-25 00:20 - 2016-09-25 00:21 - 000189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2017-09-16 20:21 - 2017-08-24 11:27 - 002264528 _____ () D:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2015-06-13 14:16 - 2015-06-13 14:16 - 031404192 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2017-08-28 22:43 - 2017-08-23 10:48 - 003824472 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libglesv2.dll
2017-08-28 22:43 - 2017-08-23 10:48 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libegl.dll
2016-04-09 00:35 - 2016-04-09 00:35 - 003481600 _____ () C:\Users\Andre\AppData\Local\Programs\Google\Google Photos Backup\gpuploader_i18n.dll
2015-09-05 03:42 - 2015-09-05 03:42 - 000137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2015-06-09 22:36 - 2015-06-09 22:36 - 036732592 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 002144104 _____ () D:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 007955304 _____ () D:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 000341352 _____ () D:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 000028008 _____ () D:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 000127336 _____ () D:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-09-13 01:39 - 2012-09-13 01:39 - 000336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2015-12-23 17:31 - 2017-04-25 03:36 - 000356744 _____ () C:\Windows\SysWOW64\GameManager32.dll
2014-09-30 18:11 - 2017-09-09 21:25 - 000688416 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-12-28 00:11 - 2016-09-01 03:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-12-28 00:11 - 2016-09-01 03:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2014-12-28 00:11 - 2016-09-01 03:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-09-30 18:11 - 2017-09-16 01:51 - 002544416 _____ () C:\Program Files (x86)\Steam\video.dll
2014-09-30 18:11 - 2016-01-27 09:49 - 002549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-09-30 18:11 - 2016-01-27 09:49 - 000442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-09-30 18:11 - 2016-01-27 09:49 - 000491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-09-30 18:11 - 2016-01-27 09:49 - 000332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-09-30 18:11 - 2016-01-27 09:49 - 000485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-09-30 18:11 - 2017-09-16 01:51 - 000901408 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-02-19 06:40 - 2016-07-05 00:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-11-05 15:06 - 2017-08-17 00:28 - 073130272 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-06-09 16:30 - 2017-09-07 04:04 - 000678400 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2014-12-28 00:11 - 2015-09-25 01:52 - 000119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2016-11-05 15:06 - 2017-08-17 00:28 - 002968864 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libglesv2.dll
2016-11-05 15:06 - 2017-08-17 00:28 - 000086304 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libegl.dll
2017-05-31 11:41 - 2017-05-31 11:41 - 001982976 ____R () C:\Program Files (x86)\skype\phone\skypert.dll
2014-05-24 07:44 - 2014-05-24 07:44 - 000151552 _____ () C:\Program Files (x86)\DroidCam\lib\DroidCam.dll
2014-05-23 06:56 - 2014-05-23 06:56 - 000077824 _____ () C:\Program Files (x86)\DroidCam\lib\DroidCamFilter.ax
2014-05-25 20:55 - 2014-05-25 20:55 - 000086016 _____ () C:\Program Files (x86)\DroidCam\lib\DroidCamFilter240p.ax
2016-08-12 11:35 - 2016-08-12 11:35 - 040523480 _____ () C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\libcef.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Windows\Temp:$DATA [16]
AlternateDataStreams: C:\Users\Andre:Heroes & Generals [38]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-146311287-3911743294-2340431242-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Andre\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017204210833\Control Panel\Desktop\\Wallpaper -> C:\Users\Andre\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017205517673\Control Panel\Desktop\\Wallpaper -> C:\Users\Andre\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017210053079\Control Panel\Desktop\\Wallpaper -> C:\Users\Andre\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017211439571\Control Panel\Desktop\\Wallpaper -> C:\Users\Andre\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224623236\Control Panel\Desktop\\Wallpaper -> C:\Users\Andre\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224656211\Control Panel\Desktop\\Wallpaper -> C:\Users\Andre\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{C2FAC69C-40FC-4E56-93E2-4ECB1D8D999F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0B76BED3-8BAF-4B4A-91F8-D355859857EB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9E19944B-760C-48A2-8275-389B95A43D57}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AF6E4CEB-46FF-40E2-8F4A-E7305599F612}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{94DC5D9D-6C4C-4E79-BE41-7638F6906BA1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C2057AC8-2A64-4E1C-89D6-3CDDA7561A3A}] => (Allow) D:\SteamLibrary\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{BEFC7A58-862E-4060-801B-DB4F874B842B}] => (Allow) D:\SteamLibrary\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [TCP Query User{34AE263B-26B7-450F-96EB-80FF0CEA25A7}C:\program files (x86)\arcsoft\totalmedia theatre 6\totalmedia server\tm server.exe] => (Allow) C:\program files (x86)\arcsoft\totalmedia theatre 6\totalmedia server\tm server.exe
FirewallRules: [UDP Query User{3DE1FA43-E972-4FC1-AA01-377E77800CE4}C:\program files (x86)\arcsoft\totalmedia theatre 6\totalmedia server\tm server.exe] => (Allow) C:\program files (x86)\arcsoft\totalmedia theatre 6\totalmedia server\tm server.exe
FirewallRules: [{16EB805B-0BC6-4D21-A45A-FCB5D9483D1C}] => (Allow) D:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{A7FBE293-5D3F-4D11-99AF-1F23AE04EE48}] => (Allow) D:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E0EE4911-7A41-4CF0-B00A-1BAC6F4C90A7}] => (Allow) D:\SteamLibrary\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{6165FEC5-A0D8-465E-8CFC-C90A2A48F9C6}] => (Allow) D:\SteamLibrary\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [TCP Query User{725D5B2B-3B88-4421-B21F-8C9AD6DECAE8}D:\users\andre\documents\starcitizen\citizenclient\bin64\starcitizen.exe] => (Allow) D:\users\andre\documents\starcitizen\citizenclient\bin64\starcitizen.exe
FirewallRules: [UDP Query User{2371A017-41F8-47B1-BCED-F4E96F3F7C4C}D:\users\andre\documents\starcitizen\citizenclient\bin64\starcitizen.exe] => (Allow) D:\users\andre\documents\starcitizen\citizenclient\bin64\starcitizen.exe
FirewallRules: [{AB97D161-DDDC-4998-94F6-5C59217FDC81}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe
FirewallRules: [{AAE2E4EA-7C9E-4F11-9847-2295739CCB07}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe
FirewallRules: [{CB572621-A223-41B0-B60D-7CF4FFE9F2AA}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{8EE3F803-3C56-49F0-8BF3-C227A56F41A0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [TCP Query User{E5B89517-EBBF-4E84-BA47-550E9BF21D36}C:\users\andre\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\andre\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{CBBA3F09-0F37-46B0-AD9D-CBF091B695BB}C:\users\andre\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\andre\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{BEF0C3DC-3F5A-4CFF-897F-C3C4B18CAEE6}C:\users\andre\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\andre\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{E6D01DCC-6C93-408E-9E33-DFFE68E5B022}C:\users\andre\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\andre\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{96110CDB-4F15-483A-A8AA-F3492C0E5871}C:\users\andre\desktop\przoeaacstbebu27\project.zomboid.early.access.steam.beta.build.v29-raf\projectzomboid64.exe] => (Allow) C:\users\andre\desktop\przoeaacstbebu27\project.zomboid.early.access.steam.beta.build.v29-raf\projectzomboid64.exe
FirewallRules: [UDP Query User{B2AACA04-7619-4F2F-8125-1276A2531B28}C:\users\andre\desktop\przoeaacstbebu27\project.zomboid.early.access.steam.beta.build.v29-raf\projectzomboid64.exe] => (Allow) C:\users\andre\desktop\przoeaacstbebu27\project.zomboid.early.access.steam.beta.build.v29-raf\projectzomboid64.exe
FirewallRules: [TCP Query User{8DEB902C-52FA-446C-8EED-4542925406EF}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{A9B06A69-E59D-4DEC-8181-B2C41693314F}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{3AF0CAFF-8724-4D20-8A86-4282769F2186}] => (Allow) D:\SteamLibrary\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{D9F879F0-BE98-4B1B-9887-226E43374A6F}] => (Allow) D:\SteamLibrary\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [TCP Query User{3651962B-0645-4E7E-9011-29495147780D}F:\far cry 4\bin\farcry4.exe] => (Block) F:\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{7DDDDA87-A348-4848-9E1E-7BE5E459D963}F:\far cry 4\bin\farcry4.exe] => (Block) F:\far cry 4\bin\farcry4.exe
FirewallRules: [{21194D24-FCF1-4AFD-B967-20138FED04C1}] => (Allow) D:\SteamLibrary\SteamApps\common\KentuckyRouteZero\KentuckyRouteZero.exe
FirewallRules: [{72DD1A2A-AE4D-48F2-8630-5A8D2A250F3D}] => (Allow) D:\SteamLibrary\SteamApps\common\KentuckyRouteZero\KentuckyRouteZero.exe
FirewallRules: [{91E7DC56-0E45-4ED5-B48D-F8AFA89850BB}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{FECA188C-812D-4BDB-9E9F-ACC337BE2D62}] => (Allow) LPort=2869
FirewallRules: [{4638ED2E-0579-42FE-B371-69A7134CC7A1}] => (Allow) LPort=1900
FirewallRules: [{42368F2B-023F-499B-B74E-8534EB7BCD29}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{30563856-A6EB-4186-AE11-954E10C9A273}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{76E5C045-F125-4430-B350-3593E9DA9CD7}] => (Allow) D:\Battle.net\Battle.net.exe
FirewallRules: [{6CCB1678-A033-4ADE-8F1E-97A8213DC179}] => (Allow) D:\Battle.net\Battle.net.exe
FirewallRules: [{9EC48815-A646-4D70-B559-37742A9981DC}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{C7108AF7-21C5-4310-B77D-0901D7495788}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{3BC1A4E2-9B75-449D-A8D0-126A2A70CCBB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{978618C8-6C7E-494C-B5B3-CB9A0DD17FE8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6C09DA19-993A-4D7A-A60F-27B495178299}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{56DA53F8-872E-43B8-AA66-22A261E98E7C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D4A4E1DB-9225-4485-B1DB-B0EC10E4D5F5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{6362C7DC-6B56-4D18-8F7D-E43F9497D0AE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{4A179002-7F1C-4773-B9FE-2BA7FACA3676}] => (Allow) D:\Hearthstone\Hearthstone.exe
FirewallRules: [{14CF6587-3130-4374-9F2E-02A2929B612C}] => (Allow) D:\Hearthstone\Hearthstone.exe
FirewallRules: [{75F41A19-F0E8-4DAE-A955-24CEE0B30BD5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{51F17CDF-FCEB-4FC0-A893-9A875581C7FB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{4C449F94-9CC3-4D9A-85BF-403BCE68EAF1}] => (Allow) D:\SteamLibrary\SteamApps\common\TheCatLady\TheCatLady.exe
FirewallRules: [{EFB77C54-0138-4377-A629-5989E1D55771}] => (Allow) D:\SteamLibrary\SteamApps\common\TheCatLady\TheCatLady.exe
FirewallRules: [{8BA409E6-B78A-483E-814E-3263A5D9DF6A}] => (Allow) D:\SteamLibrary\SteamApps\common\Hotline Miami 2 Wrong Number Digital Comic\hlm2comics.exe
FirewallRules: [{1E914A06-BCEF-4DA4-B605-D1C320AFA797}] => (Allow) D:\SteamLibrary\SteamApps\common\Hotline Miami 2 Wrong Number Digital Comic\hlm2comics.exe
FirewallRules: [{6AAD9491-A2CE-4141-A305-573938FB5AD2}] => (Allow) D:\StarCraft II\StarCraft II.exe
FirewallRules: [{CAAA22D6-B84A-434D-8078-7C1AEAD0E39D}] => (Allow) D:\StarCraft II\StarCraft II.exe
FirewallRules: [TCP Query User{7C8D008C-FE61-4F33-B33F-5FCD738EECB5}D:\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{F19CEFD5-44DC-44BC-9AAD-716719BDEBA1}D:\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [TCP Query User{C984F5F6-C71D-4A89-A6DC-062AED429199}D:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{A801B756-814D-48BB-AE16-DFF19E4074E3}D:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{6479B97B-DC03-4EEE-B717-B4342A17E326}D:\steamlibrary\steamapps\common\war thunder\aces.exe] => (Allow) D:\steamlibrary\steamapps\common\war thunder\aces.exe
FirewallRules: [UDP Query User{1F5F1622-B813-4A31-9F50-53EF8F04A297}D:\steamlibrary\steamapps\common\war thunder\aces.exe] => (Allow) D:\steamlibrary\steamapps\common\war thunder\aces.exe
FirewallRules: [{8E90806F-0AF6-49B1-8E78-1AB9163C6B41}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{7CE23BAE-6482-48D4-9042-725B9A00B941}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{70A00908-A1BC-4193-8910-CB9D7EA415C5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{5A89FEC4-D232-4193-AF6B-B435A489F1EA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{6B365EAC-FD4E-446F-9E93-C224FCF44517}D:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) D:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{15F7A1F8-ADA2-4954-8D2A-1C2E5736C2BB}D:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) D:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [TCP Query User{10752EEC-0D84-4D67-B34B-3B6243C38837}F:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe] => (Allow) F:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [UDP Query User{32ED971F-AA35-4B77-8EDF-DFE28D7DE2DF}F:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe] => (Allow) F:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [{2B80EDBC-4180-4162-826C-87D559CD97C6}] => (Allow) D:\SteamLibrary\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{5AD9B50D-79FF-4F6D-93A0-4C9F355FA8DD}] => (Allow) D:\SteamLibrary\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{A58C75FD-857D-4F33-9AA1-C9E33211DB3E}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{25AAA633-D28E-4E85-9C68-6444795DC988}D:\steamlibrary\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe
FirewallRules: [UDP Query User{7F5AA872-626B-465F-9C9C-96B1C8E1FC84}D:\steamlibrary\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe
FirewallRules: [{9F40FF65-A072-4E1B-9BF0-F5AB3A987644}] => (Allow) D:\SteamLibrary\SteamApps\common\Luftrausers\bin\Luftrausers.exe
FirewallRules: [{65AC17C5-6E5E-405D-A644-B25E886BB183}] => (Allow) D:\SteamLibrary\SteamApps\common\Luftrausers\bin\Luftrausers.exe
FirewallRules: [TCP Query User{D01E2CC0-FDC7-4B00-88B3-5F0A2D965C43}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{1EB63D1F-B35C-4CF9-9413-A97AA8A19CB1}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{4A103B1D-61E6-4FEA-AF16-EF936ADE5BF9}] => (Allow) D:\Rainbow Six Siege - Closed Beta\RainbowSix.exe
FirewallRules: [{B7CE41DF-91CE-46FA-B001-12284BC583F9}] => (Allow) D:\Rainbow Six Siege - Closed Beta\RainbowSix.exe
FirewallRules: [{938C600D-CB4B-48F1-87B3-F890F28F4C5A}] => (Allow) D:\SteamLibrary\SteamApps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{C772A154-D985-4D6D-850E-7036D8CD9008}] => (Allow) D:\SteamLibrary\SteamApps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{AE7FA736-A286-4822-A1B7-D728D7BF7B95}] => (Allow) D:\SteamLibrary\SteamApps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{66C02627-B77F-419A-B531-116440ADE725}] => (Allow) D:\SteamLibrary\SteamApps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{58CA2678-589E-42C7-86EB-80CF7AA3BD19}] => (Block) D:\Program Files (x86)\Jotun\Jotun.exe
FirewallRules: [{BD0EBF8E-E786-48B7-BEC0-608CF02224C0}] => (Allow) D:\SteamLibrary\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{0204B525-3889-4C4F-9742-21226A07A119}] => (Allow) D:\SteamLibrary\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [TCP Query User{4401F80D-C72D-4A13-BF0B-DA30145C36DB}D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{BA1DCEA8-22DB-4626-8F78-93650649BD70}D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [{4B290E05-A129-408C-94D6-9B2AF1A2031A}] => (Allow) D:\SteamLibrary\SteamApps\common\Bloodbath Kavkaz\nw.exe
FirewallRules: [{F3F59DF7-5669-45F3-A2A5-3042127AE3F4}] => (Allow) D:\SteamLibrary\SteamApps\common\Bloodbath Kavkaz\nw.exe
FirewallRules: [{B35B066E-248A-48DE-9423-823A78D25016}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{AF88C2E0-DF57-4177-992C-A042C35A75F6}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{F84512FD-535C-41EC-9185-5C376CBB286C}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{7CF7589E-A590-4E8F-AE67-0FAEB8A3FEB7}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{8C1E29F6-D81F-4FA8-9E94-9AE0806DCB60}] => (Allow) D:\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{82C6DD6C-47C7-4309-B5B5-33421D476477}] => (Allow) D:\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [TCP Query User{1CF227C4-27C6-43E7-8E09-0C200889003B}D:\steamlibrary\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\steamlibrary\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{57F6379C-6FA2-4AC2-A82F-4568A0ECE28B}D:\steamlibrary\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\steamlibrary\steamapps\common\h1z1\h1z1.exe
FirewallRules: [TCP Query User{180A84F7-EB5D-41D9-8AA9-10D25700DA21}D:\steamlibrary\steamapps\common\thehunter\game\thehunter.exe] => (Allow) D:\steamlibrary\steamapps\common\thehunter\game\thehunter.exe
FirewallRules: [UDP Query User{38235B5B-957E-4B11-B4E2-5292E03165F0}D:\steamlibrary\steamapps\common\thehunter\game\thehunter.exe] => (Allow) D:\steamlibrary\steamapps\common\thehunter\game\thehunter.exe
FirewallRules: [{934688D1-3D32-4125-B0FE-B223F6A59AA1}] => (Allow) D:\SteamLibrary\SteamApps\common\How to Survive 2\Exe\HowToSurvive2.exe
FirewallRules: [{914092BA-7FD7-4129-AABA-EBA0849D0E5A}] => (Allow) D:\SteamLibrary\SteamApps\common\How to Survive 2\Exe\HowToSurvive2.exe
FirewallRules: [{2CE2BCBE-9376-45A5-A8F5-2584BD600F63}] => (Allow) D:\SteamLibrary\SteamApps\common\How to Survive 2\Exe\Detect.exe
FirewallRules: [{40CB3B41-298A-4861-8C94-486386B0C53F}] => (Allow) D:\SteamLibrary\SteamApps\common\How to Survive 2\Exe\Detect.exe
FirewallRules: [{7551BAFF-BA18-470C-AE77-75D82C9D7F82}] => (Allow) D:\SteamLibrary\SteamApps\common\theHunter\launcher\launcher.exe
FirewallRules: [{DFB2A976-221F-4EF0-8F3B-9EC57CBAA20D}] => (Allow) D:\SteamLibrary\SteamApps\common\theHunter\launcher\launcher.exe
FirewallRules: [TCP Query User{8CC73C3D-E5AF-4DEC-BFE0-71E4C017DCEA}D:\program files (x86)\firewatch\firewatch.exe] => (Block) D:\program files (x86)\firewatch\firewatch.exe
FirewallRules: [UDP Query User{65E73BAA-3B1A-4773-8494-9FC6FD457D12}D:\program files (x86)\firewatch\firewatch.exe] => (Block) D:\program files (x86)\firewatch\firewatch.exe
FirewallRules: [{A4A2F85A-D231-426F-B4A2-62CE1D1EC52E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{FFD537F4-36F1-455A-BFE3-2CE654363B0E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{9D849522-5371-42B7-A197-C2084586B5D3}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{45B5B145-83AE-4998-88BB-9F00516FBF7D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4CD88895-F298-40DF-9A40-8C5BD3D4AAC3}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{7887A2A1-7EAF-4B92-AF68-C534908B6067}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [TCP Query User{EB1A2B12-7DC5-40DC-91BE-ADA1DC773574}D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [UDP Query User{83AA159B-D7FC-449F-8114-3A5A843FA495}D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [TCP Query User{AAAE5867-1B50-4D8C-8EC7-454FE4DF4DE9}D:\steamlibrary\steamapps\common\hearts of iron 3\hoi3_tfh.exe] => (Allow) D:\steamlibrary\steamapps\common\hearts of iron 3\hoi3_tfh.exe
FirewallRules: [UDP Query User{41302F01-F510-4604-AAAC-892CB7AC850D}D:\steamlibrary\steamapps\common\hearts of iron 3\hoi3_tfh.exe] => (Allow) D:\steamlibrary\steamapps\common\hearts of iron 3\hoi3_tfh.exe
FirewallRules: [TCP Query User{AA08C483-A496-4AD6-9834-63B5DF7D8128}D:\steamlibrary\steamapps\common\the vanishing of ethan carter redux\ethancarter\binaries\win64\ethancarter-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\the vanishing of ethan carter redux\ethancarter\binaries\win64\ethancarter-win64-shipping.exe
FirewallRules: [UDP Query User{B9909487-5B79-4E3C-AD9B-FC3BCF96F870}D:\steamlibrary\steamapps\common\the vanishing of ethan carter redux\ethancarter\binaries\win64\ethancarter-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\the vanishing of ethan carter redux\ethancarter\binaries\win64\ethancarter-win64-shipping.exe
FirewallRules: [{73096A2D-4ECA-40DC-B89A-8041F08298E0}] => (Allow) D:\SteamLibrary\SteamApps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{5063C28A-FB06-4C24-A9F2-B330DD2826FE}] => (Allow) D:\SteamLibrary\SteamApps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{10AB8253-BCBC-4A9C-841C-1288157DE997}] => (Allow) D:\SteamLibrary\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{0C862E9B-B166-4981-8473-9499AB457214}] => (Allow) D:\SteamLibrary\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{825C0E61-6A25-4584-80E3-8D9D5833AB8F}] => (Allow) D:\SteamLibrary\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{93DA54F9-100A-4811-902A-6B299DEBAECF}] => (Allow) D:\SteamLibrary\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{B0822B4A-6A4F-4E28-87C5-2BEDD3233D57}] => (Allow) D:\SteamLibrary\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{723407BB-E2BB-4951-9334-6A262E3500E6}] => (Allow) D:\SteamLibrary\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{FD6632AB-4FD7-4F7F-B6EC-2F2C0319498D}] => (Allow) D:\SteamLibrary\SteamApps\common\Dropsy\Dropsy.exe
FirewallRules: [{06D8186D-8E3D-4E1B-A09B-4EEC1B4478CB}] => (Allow) D:\SteamLibrary\SteamApps\common\Dropsy\Dropsy.exe
FirewallRules: [TCP Query User{9FA64384-9CEB-4E02-8293-5CFD47AB97CF}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{18791EE8-738B-4CEB-B57E-EB9841328956}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [{ACC7D05C-F1BE-4AA8-9CF9-E481918FD532}] => (Allow) D:\SteamLibrary\SteamApps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{D53D5250-37F5-42CD-AC15-1547729298D2}] => (Allow) D:\SteamLibrary\SteamApps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{9D5CDEC9-8E0C-4254-A64F-C3A7F75DDDDB}] => (Allow) D:\SteamLibrary\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{CB9FFF4D-5986-4F84-BEAF-90911DC6ABEE}] => (Allow) D:\SteamLibrary\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{5914227A-7D4A-4A3D-B063-6836864A18B6}] => (Allow) D:\SteamLibrary\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{52D68170-AAD3-4228-9C2E-79166E5E6EC0}] => (Allow) D:\SteamLibrary\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{7B1D5410-F690-4162-9FA9-1DFDFA2D05BB}] => (Allow) D:\SteamLibrary\SteamApps\common\Limbo\limbo.exe
FirewallRules: [{CA985A5F-E419-46B4-B6F4-9FD205495D27}] => (Allow) D:\SteamLibrary\SteamApps\common\Limbo\limbo.exe
FirewallRules: [{26CC1832-B374-4FEC-BCF2-F00EE235EB55}] => (Allow) D:\SteamLibrary\SteamApps\common\Psychonauts\Psychonauts.exe
FirewallRules: [{BD3A5BF7-8AE7-47F8-8367-4EB0EEC23A4A}] => (Allow) D:\SteamLibrary\SteamApps\common\Psychonauts\Psychonauts.exe
FirewallRules: [{1CB5E6DA-8303-4A12-BF2A-D6183D74E3DD}] => (Allow) D:\SteamLibrary\SteamApps\common\Hacknet\Hacknet.exe
FirewallRules: [{B224888A-15C7-4CAD-8B15-EA0BA0E91D82}] => (Allow) D:\SteamLibrary\SteamApps\common\Hacknet\Hacknet.exe
FirewallRules: [{87352C7F-5E34-481C-9328-F5BAF67C3FA6}] => (Allow) D:\SteamLibrary\SteamApps\common\Transistor\x64\Transistor.exe
FirewallRules: [{BF16C83D-87F4-4E06-9AF1-655E17EB1E27}] => (Allow) D:\SteamLibrary\SteamApps\common\Transistor\x64\Transistor.exe
FirewallRules: [{2F88E092-A4CE-4BD0-9EF0-036355FA95E7}] => (Allow) D:\SteamLibrary\SteamApps\common\Shadow Warrior\dx11\launcher.exe
FirewallRules: [{A9009DF7-2808-4518-93B8-736C80F69C9F}] => (Allow) D:\SteamLibrary\SteamApps\common\Shadow Warrior\dx11\launcher.exe
FirewallRules: [{0D26C32B-C1E9-4504-9D93-A3BE447DFD2E}] => (Allow) D:\Games\Rayman Origins\gu.exe
FirewallRules: [{EDC7CE51-F718-4190-A45B-4D18DE987B58}] => (Allow) D:\Games\Rayman Origins\gu.exe
FirewallRules: [{5A4505CE-2E51-498A-BF53-40ED19CC9F0D}] => (Allow) D:\Games\Rayman Origins\Rayman Origins.exe
FirewallRules: [{F455FBBB-52A4-4B07-B36E-FE7BE7410600}] => (Allow) D:\Games\Rayman Origins\Rayman Origins.exe
FirewallRules: [{1901167E-4196-4819-8D2D-C1D659E31A01}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{4CE3A17C-127F-4FB4-8290-547A6149081D}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{9F98F01F-90DE-40DC-8C0C-7C03BA6B2A6E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5B81AA0D-C902-424D-ADBF-3608A036E3EF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{751E1B5C-E143-429D-8D0D-FF26E3022025}D:\steamlibrary\steamapps\common\killerisdead\binaries\win32\kidgame.exe] => (Allow) D:\steamlibrary\steamapps\common\killerisdead\binaries\win32\kidgame.exe
FirewallRules: [UDP Query User{90B74C2A-E390-4161-BB34-EEDA8AB5A721}D:\steamlibrary\steamapps\common\killerisdead\binaries\win32\kidgame.exe] => (Allow) D:\steamlibrary\steamapps\common\killerisdead\binaries\win32\kidgame.exe
FirewallRules: [{0C9EB28D-DD89-4772-8963-11017F9CC5B7}] => (Allow) D:\SteamLibrary\SteamApps\common\Commandos Behind Enemy Lines\Legacy\Comandos.exe
FirewallRules: [{A8C2A354-4BC9-4102-895F-1B4E1E9B9BD7}] => (Allow) D:\SteamLibrary\SteamApps\common\Commandos Behind Enemy Lines\Legacy\Comandos.exe
FirewallRules: [{8F8C5235-67C9-41B2-9723-E1A23B2564F6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Oxenfree\Oxenfree.exe
FirewallRules: [{960C036C-3E26-465F-8071-C5A94C9A8438}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Oxenfree\Oxenfree.exe
FirewallRules: [{307F21CA-79CA-4B38-B482-6CADD139E679}] => (Allow) C:\Program Files (x86)\FlyVPN\FlyVPN.exe
FirewallRules: [{3556F4DE-D930-4535-B498-45DE49D5CF86}] => (Allow) D:\SteamLibrary\SteamApps\common\Stellaris\stellaris.exe
FirewallRules: [{FA4EE65D-D337-4CFD-A068-39B4F9EAE3CF}] => (Allow) D:\SteamLibrary\SteamApps\common\Stellaris\stellaris.exe
FirewallRules: [TCP Query User{1C79F4B3-1FE4-4CCD-8468-1FED4B1291C3}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe
FirewallRules: [UDP Query User{3B267D48-F71D-4B67-A300-C0021364D30D}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe
FirewallRules: [{91293530-A823-4672-826E-63EF3082181D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{8180F50F-1071-4595-A904-E38C5FEFC8B7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{71B181F5-E1D9-42EB-8A80-27910291979E}] => (Allow) D:\SteamLibrary\SteamApps\common\Undertale\UNDERTALE.exe
FirewallRules: [{087F2906-2724-4D77-98E2-0C976A68D994}] => (Allow) D:\SteamLibrary\SteamApps\common\Undertale\UNDERTALE.exe
FirewallRules: [{278905C8-27C3-4140-B5B6-3BDA97E4D615}] => (Allow) D:\SteamLibrary\SteamApps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{FAEF7861-4F41-4D7A-B2C2-5FB50A131FAD}] => (Allow) D:\SteamLibrary\SteamApps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{E8803789-3176-4C9A-ACC5-B2EAE66DDF4C}] => (Allow) D:\SteamLibrary\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{F64A876C-30EE-4514-A23C-40CD7A86750E}] => (Allow) D:\SteamLibrary\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{F57A6CD7-DEF4-46B1-9A69-D1A391F8905C}] => (Allow) D:\SteamLibrary\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{EE190FA2-9ED4-4501-BC50-4F8416050FDD}] => (Allow) D:\SteamLibrary\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{A9CCCC88-C63B-4C4F-B173-7EC34876D2DE}] => (Allow) D:\SteamLibrary\SteamApps\common\Silence of the Sleep\sots.exe
FirewallRules: [{6194AC7B-5423-454A-8782-E3748BE5ABAF}] => (Allow) D:\SteamLibrary\SteamApps\common\Silence of the Sleep\sots.exe
FirewallRules: [TCP Query User{C417D2F5-D9E0-4A62-85D8-333C05FE99B7}D:\steamlibrary\steamapps\common\squad\squad\binaries\win64\squad.exe] => (Allow) D:\steamlibrary\steamapps\common\squad\squad\binaries\win64\squad.exe
FirewallRules: [UDP Query User{E2B66D78-1886-4389-92D6-7848400F458E}D:\steamlibrary\steamapps\common\squad\squad\binaries\win64\squad.exe] => (Allow) D:\steamlibrary\steamapps\common\squad\squad\binaries\win64\squad.exe
FirewallRules: [{FA96B100-5007-4D27-8559-2C20DDCE4B36}] => (Allow) D:\SteamLibrary\SteamApps\common\VA-11 HALL-A\VA-11 Hall A.exe
FirewallRules: [{6909A5B8-89EA-4AED-9B39-762AB5AE107A}] => (Allow) D:\SteamLibrary\SteamApps\common\VA-11 HALL-A\VA-11 Hall A.exe
FirewallRules: [{791C38F5-856C-4A8C-8567-4A1AE086CAC6}] => (Allow) D:\SteamLibrary\SteamApps\common\DEADBOLT\deadbolt_game.exe
FirewallRules: [{E46D7A1F-1D90-47F1-9534-7BCE1074DEE8}] => (Allow) D:\SteamLibrary\SteamApps\common\DEADBOLT\deadbolt_game.exe
FirewallRules: [{45B633CD-1AFE-49FB-A0E7-7A6CF2029556}] => (Allow) D:\SteamLibrary\SteamApps\common\Starbound\win64\starbound.exe
FirewallRules: [{243C6683-DB7F-4EFF-A19C-CCC9218E417E}] => (Allow) D:\SteamLibrary\SteamApps\common\Starbound\win64\starbound.exe
FirewallRules: [{7299C000-8713-4298-9EAC-EF4C3E794066}] => (Allow) D:\SteamLibrary\SteamApps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{62AD6B34-C774-4178-B691-F4CA16E8F5D4}] => (Allow) D:\SteamLibrary\SteamApps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{A97485F1-A9BA-4F33-AB93-160BA3E8D803}] => (Allow) D:\SteamLibrary\SteamApps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{EFAEA61A-DC82-45C3-901D-847D7D2EEE84}] => (Allow) D:\SteamLibrary\SteamApps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{2798D427-C876-4A79-90F0-8C30D1CA1A61}] => (Allow) D:\SteamLibrary\SteamApps\common\Starbound\win32\starbound.exe
FirewallRules: [{13DA06C1-8C59-446B-963D-73677F6614BC}] => (Allow) D:\SteamLibrary\SteamApps\common\Starbound\win32\starbound.exe
FirewallRules: [{2D44DDD5-442F-4216-8B22-99CE34A6A389}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe
FirewallRules: [{4EC6E39A-60BC-431E-9190-00B5FF4FAD26}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe
FirewallRules: [{22E496BB-1D68-476B-8DCF-25AAD871CBD3}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DBDownloader.exe
FirewallRules: [{7CAFC905-9292-4259-90B9-8F3EF446C68E}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DBDownloader.exe
FirewallRules: [{4276D919-E52F-4CA4-B189-3FC44426AC8C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\AutoUpdate.exe
FirewallRules: [{72C66339-714D-4FA8-9A58-8E0B7E3D5480}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\AutoUpdate.exe
FirewallRules: [{2942F653-66C4-43AE-B15C-0DADCAE58A56}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{EF66CE43-17E7-46FC-A01C-E04D6C3B6CE5}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{50BC9B87-A4B2-42DA-9368-32481583C9BB}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{9C7C03DD-D047-41F9-B04A-061D2F770B56}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{37F49F6A-5CAD-44F5-9AF7-45E811576717}] => (Allow) D:\OriginSpiele\Battlefield 1\bf1Trial.exe
FirewallRules: [{78BB7A67-475A-4E2C-9981-B339203E9049}] => (Allow) D:\OriginSpiele\Battlefield 1\bf1Trial.exe
FirewallRules: [{21F31D07-1240-4624-BB50-E80D56543D57}] => (Allow) D:\OriginSpiele\Battlefield 1\bf1.exe
FirewallRules: [{C5C61358-F155-4523-87AC-D4512BCA3B73}] => (Allow) D:\OriginSpiele\Battlefield 1\bf1.exe
FirewallRules: [{9CA0FF72-0E91-46EF-BFE6-2C3010BD5B6E}] => (Allow) D:\OriginSpiele\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{831D44F9-A475-48EB-815C-E42778C6B684}] => (Allow) D:\OriginSpiele\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [TCP Query User{A2B39FF8-CF8E-49BD-97B5-D9AE83FEE6BA}D:\originspiele\mass effect 2\binaries\me2game.exe] => (Allow) D:\originspiele\mass effect 2\binaries\me2game.exe
FirewallRules: [UDP Query User{3181E566-00AA-4F6E-9539-5550FD0B3C6F}D:\originspiele\mass effect 2\binaries\me2game.exe] => (Allow) D:\originspiele\mass effect 2\binaries\me2game.exe
FirewallRules: [{E77E10D0-9E2B-4F19-B99E-D5A561E53363}] => (Allow) D:\SteamLibrary\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{8CDED4C9-8F44-4CE9-948D-F1BC2BA1A499}] => (Allow) D:\SteamLibrary\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{C08C6A8B-3F59-4BA2-8B9D-26506722E8CF}] => (Allow) D:\SteamLibrary\SteamApps\common\Men of War Assault Squad 2\mowas_2.exe
FirewallRules: [{B6A4E769-8E69-4A7C-BD78-984632BF5C24}] => (Allow) D:\SteamLibrary\SteamApps\common\Men of War Assault Squad 2\mowas_2.exe
FirewallRules: [{7433F307-F861-4F75-9524-C44D3F411252}] => (Allow) D:\SteamLibrary\SteamApps\common\Men of War Assault Squad 2\mowas_2_ed.exe
FirewallRules: [{C316829C-1610-48E8-BE9E-498F18B8CEAE}] => (Allow) D:\SteamLibrary\SteamApps\common\Men of War Assault Squad 2\mowas_2_ed.exe
FirewallRules: [{78AA8B2C-04A9-433F-AFBF-BE4C1E3461F1}] => (Allow) D:\SteamLibrary\SteamApps\common\Dear Esther\dearesther.exe
FirewallRules: [{70654E9C-D1FB-4131-8802-46CB15B38324}] => (Allow) D:\SteamLibrary\SteamApps\common\Dear Esther\dearesther.exe
FirewallRules: [TCP Query User{ABF5B990-E6B0-4BBE-BBCA-7ADCB49D41F7}D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\launcher.exe] => (Allow) D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\launcher.exe
FirewallRules: [UDP Query User{D23E8369-5B32-4891-A493-2F9FBAC2276A}D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\launcher.exe] => (Allow) D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\launcher.exe
FirewallRules: [TCP Query User{8F9542E3-4424-4DAD-BE55-89E7DCAF2120}D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\il-2.exe] => (Allow) D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\il-2.exe
FirewallRules: [UDP Query User{A6C55AE4-7252-4F50-8EE5-D41D5C5EB259}D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\il-2.exe] => (Allow) D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\il-2.exe
FirewallRules: [{E6789A0A-A36F-4B83-B68F-28CD487FC1DE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5493D350-DA78-47BF-ACE8-BFCABAA99A3C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D79F1DAD-F92E-494C-B19D-F20D246B0844}] => (Allow) H:\tether\win32\node.exe
FirewallRules: [{EB83BD11-723D-44F3-A14F-BCEF89188227}] => (Allow) H:\tether\win32\node.exe
FirewallRules: [{F1B5FF84-3C17-4B5C-93CD-5126477CDAAF}] => (Allow) H:\GTAV\GTA5.exe
FirewallRules: [{B707F6A3-172E-4655-A4C9-BF5F18434D31}] => (Allow) H:\GTAV\GTA5.exe
FirewallRules: [TCP Query User{C695F77D-62AB-450A-A6B1-96D9F1568DD7}D:\steamlibrary\steamapps\common\arma 3\arma3_x64.exe] => (Allow) D:\steamlibrary\steamapps\common\arma 3\arma3_x64.exe
FirewallRules: [UDP Query User{3E79334F-56BA-4B54-AE26-7D36E9DD31AB}D:\steamlibrary\steamapps\common\arma 3\arma3_x64.exe] => (Allow) D:\steamlibrary\steamapps\common\arma 3\arma3_x64.exe
FirewallRules: [{234842A4-3D8E-4AF0-B047-A2C0068962D1}] => (Allow) H:\Steam\steamapps\common\Steel Division\SteelDivision.exe
FirewallRules: [{2C4C4D12-AFAD-4082-A07A-B56935C1C419}] => (Allow) H:\Steam\steamapps\common\Steel Division\SteelDivision.exe
FirewallRules: [{29D71D6F-F861-438C-9F3E-AC71627DE80E}] => (Allow) H:\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{608EA6E9-E480-4B61-9137-990A900E0151}] => (Allow) H:\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{8748D21A-868D-4D72-A90D-64E89DCD1476}] => (Allow) H:\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{31BD2A9F-8036-4026-BF67-43F78E98BCD7}] => (Allow) H:\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [TCP Query User{1C521185-0A9D-41BD-9057-84139ED0D8E1}H:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) H:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{BC1FEB08-ACFC-41B5-B154-D92E5458D7B7}H:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) H:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{D4F5E943-CEF1-471A-A19A-1AE9E6B29910}] => (Allow) H:\Steam\steamapps\common\NO THING\no_thing.exe
FirewallRules: [{B59D1587-E45D-45B4-8CC9-4E401EB96A10}] => (Allow) H:\Steam\steamapps\common\NO THING\no_thing.exe
FirewallRules: [{F2D1BED8-1670-4147-A9AA-9C6FE42D9CB6}] => (Allow) H:\Steam\steamapps\common\The Swapper\TheSwapper.exe
FirewallRules: [{E60CCDD6-BF4D-4E80-B408-4A018186A0E9}] => (Allow) H:\Steam\steamapps\common\The Swapper\TheSwapper.exe
FirewallRules: [{E0A2E103-3A59-4154-91FB-EB19952FB50C}] => (Allow) H:\Steam\steamapps\common\Zup! 3\Zup! 3.exe
FirewallRules: [{0256113E-4A5A-4078-8C9E-05506350CCC6}] => (Allow) H:\Steam\steamapps\common\Zup! 3\Zup! 3.exe
FirewallRules: [{EA302952-0AF7-42FC-A645-AA4B2BECA4A4}] => (Allow) H:\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{A9F1DC4D-B3CD-477E-8A04-4119721EA15F}] => (Allow) H:\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{ACEFDB44-BB7D-43FA-8D3D-E5F46AE49282}] => (Allow) H:\Steam\steamapps\common\Axiom Verge\AxiomVerge.exe
FirewallRules: [{E0F21174-917E-4130-AC86-CB9F52C19B93}] => (Allow) H:\Steam\steamapps\common\Axiom Verge\AxiomVerge.exe
FirewallRules: [{3F66DB11-50DC-4CE8-BC7C-11ACC552857F}] => (Allow) H:\Steam\steamapps\common\To the Moon\To the Moon\To the Moon.exe
FirewallRules: [{015F9A22-4424-4421-A9BF-A6F5C8C72BB4}] => (Allow) H:\Steam\steamapps\common\To the Moon\To the Moon\To the Moon.exe
FirewallRules: [{60155F17-FFD3-4FDE-AA7B-A628E70CDF3C}] => (Allow) H:\Steam\steamapps\common\To the Moon\Minisode_1\Sigmund Holiday Special 1\Siggy - Holiday Special.exe
FirewallRules: [{7079F4B3-7CA7-49B3-BF3E-865D9C6059EE}] => (Allow) H:\Steam\steamapps\common\To the Moon\Minisode_1\Sigmund Holiday Special 1\Siggy - Holiday Special.exe
FirewallRules: [{83164A87-72A8-4A0F-A77C-D5749064F15D}] => (Allow) H:\Steam\steamapps\common\To the Moon\Minisode_2\Sigmund Holiday Special 2\SigCorp Minisode 2.exe
FirewallRules: [{360C1853-25B1-4ABC-B1D1-88EBD1355DF3}] => (Allow) H:\Steam\steamapps\common\To the Moon\Minisode_2\Sigmund Holiday Special 2\SigCorp Minisode 2.exe
FirewallRules: [{0E555580-47B3-48F4-855C-F9495847153A}] => (Allow) H:\Steam\steamapps\common\The Stanley Parable\stanley.exe
FirewallRules: [{B5CFB90D-34AC-4564-9757-8F92E80B9E85}] => (Allow) H:\Steam\steamapps\common\The Stanley Parable\stanley.exe
FirewallRules: [{7BD979D4-EA12-434C-8958-E40EF46D0921}] => (Allow) H:\Steam\steamapps\common\Hellblade\HellbladeGame.exe
FirewallRules: [{8D8BEFD0-C035-4428-ABAE-B9C7EA526294}] => (Allow) H:\Steam\steamapps\common\Hellblade\HellbladeGame.exe
FirewallRules: [TCP Query User{989AECB0-300E-4914-A5A7-B57769B424AD}H:\steam\steamapps\common\hellblade\hellbladegame\binaries\win64\hellbladegame-win64-shipping.exe] => (Allow) H:\steam\steamapps\common\hellblade\hellbladegame\binaries\win64\hellbladegame-win64-shipping.exe
FirewallRules: [UDP Query User{ED538195-C0DC-4D74-BF09-2A4AAB6F4243}H:\steam\steamapps\common\hellblade\hellbladegame\binaries\win64\hellbladegame-win64-shipping.exe] => (Allow) H:\steam\steamapps\common\hellblade\hellbladegame\binaries\win64\hellbladegame-win64-shipping.exe
FirewallRules: [{01526803-2AF0-483A-B0F6-CF984B632628}] => (Allow) H:\Steam\steamapps\common\Squad\squad_launcher.exe
FirewallRules: [{D169830F-0506-4955-B543-648717040D12}] => (Allow) H:\Steam\steamapps\common\Squad\squad_launcher.exe
FirewallRules: [TCP Query User{99115819-BDD9-4D54-A9EA-371D27479702}H:\steam\steamapps\common\squad\squad\binaries\win64\squad.exe] => (Allow) H:\steam\steamapps\common\squad\squad\binaries\win64\squad.exe
FirewallRules: [UDP Query User{44C2E0C1-987B-4456-BCCB-A7E1C38B8E12}H:\steam\steamapps\common\squad\squad\binaries\win64\squad.exe] => (Allow) H:\steam\steamapps\common\squad\squad\binaries\win64\squad.exe
FirewallRules: [{018A806C-C04C-46B6-94E3-37DB6C360B7D}] => (Allow) D:\SteamLibrary\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{1FFD48BF-137B-4FF2-973A-EA7F23F50077}] => (Allow) D:\SteamLibrary\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{5360C832-B2B3-4249-BAAA-7D76E3EEE8D3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8065A110-DE18-474D-886B-22912871C3C0}] => (Allow) H:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{5BF3E37D-77BC-4401-B65C-7C2CBA70B1CC}] => (Allow) H:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{2CC49BCA-F64F-488B-9F28-32F861D88E37}] => (Allow) H:\Steam\steamapps\common\HyperLightDrifter\HyperLightDrifter.exe
FirewallRules: [{B037865A-F8EE-44E8-BA79-B5114399566B}] => (Allow) H:\Steam\steamapps\common\HyperLightDrifter\HyperLightDrifter.exe
FirewallRules: [{97F3B2F4-DC55-4392-88BF-3400B0EF8285}] => (Allow) H:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{747B6E09-CEB1-4360-826D-566F515EFC67}] => (Allow) H:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{549BF1B5-7869-40D2-8DD6-5CFE42F325C9}] => (Allow) H:\Steam\steamapps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{830390BA-0228-48E0-8A62-818B4C46D29B}] => (Allow) H:\Steam\steamapps\common\hotline_miami\HotlineMiami.exe

==================== Wiederherstellungspunkte =========================

Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.


==================== Fehlerhafte Geräte im Gerätemanager =============

Name: DroidCam Source 3
Description: DroidCam Source 3
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Dev47Apps.com
Service: DroidCamVideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: DroidCam Virtual Audio
Description: DroidCam Virtual Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Dev47Apps.com
Service: DroidCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Hamachi Network Interface
Description: Hamachi Network Interface
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/16/2017 10:44:41 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x000002f0,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,0000000003DBF100.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.

Error: (09/16/2017 10:44:41 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x000006e4,(null),0,REG_BINARY,000000000177E320.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.


Vorgang:
   BackupShutdown-Ereignis

Kontext:
   Ausführungskontext: Writer
   Generatorklassen-ID: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Generatorname: WMI Writer
   Generatorinstanz-ID: {2eae57c7-b8f4-4bfe-9032-28e5abedb724}

Error: (09/16/2017 10:44:41 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x00000200,(null),0,REG_BINARY,0000000001B9E8F0.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.


Vorgang:
   BackupShutdown-Ereignis

Kontext:
   Ausführungskontext: Writer
   Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Generatorname: Shadow Copy Optimization Writer
   Generatorinstanz-ID: {efb0667d-959a-4296-b0b2-03ad1ece4a50}

Error: (09/16/2017 10:44:41 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x00000b48,(null),0,REG_BINARY,00000000089BDFE0.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.


Vorgang:
   BackupShutdown-Ereignis

Kontext:
   Ausführungskontext: Writer
   Generatorklassen-ID: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
   Generatorname: MSSearch Service Writer
   Generatorinstanz-ID: {018d5366-c33f-41bf-b392-c5a049b90db6}

Error: (09/16/2017 10:44:41 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x000001c4,(null),0,REG_BINARY,0000000002AEEEE0.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.


Vorgang:
   BackupShutdown-Ereignis

Kontext:
   Ausführungskontext: Writer
   Generatorklassen-ID: {afbab4a2-367d-4d15-a586-71dbb18f8485}
   Generatorname: Registry Writer
   Generatorinstanz-ID: {a4b598a0-6fb5-49e5-9541-e8cf666399de}

Error: (09/16/2017 10:44:41 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x000001d0,(null),0,REG_BINARY,0000000002A4F510.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.


Vorgang:
   BackupShutdown-Ereignis

Kontext:
   Ausführungskontext: Writer
   Generatorklassen-ID: {542da469-d3e1-473c-9f4f-7847f01fc64f}
   Generatorname: COM+ REGDB Writer
   Generatorinstanz-ID: {209e4487-383d-40b0-8b49-a2970e31f2fa}

Error: (09/16/2017 10:44:41 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x000006e4,(null),0,REG_BINARY,000000000177E320.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.


Vorgang:
   BackupShutdown-Ereignis

Kontext:
   Ausführungskontext: Writer
   Generatorklassen-ID: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Generatorname: WMI Writer
   Generatorinstanz-ID: {2eae57c7-b8f4-4bfe-9032-28e5abedb724}

Error: (09/16/2017 10:44:41 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x00000200,(null),0,REG_BINARY,0000000001B9E8F0.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.


Vorgang:
   BackupShutdown-Ereignis

Kontext:
   Ausführungskontext: Writer
   Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Generatorname: Shadow Copy Optimization Writer
   Generatorinstanz-ID: {efb0667d-959a-4296-b0b2-03ad1ece4a50}

Error: (09/16/2017 10:44:41 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x00000b48,(null),0,REG_BINARY,00000000089BDFE0.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.


Vorgang:
   BackupShutdown-Ereignis

Kontext:
   Ausführungskontext: Writer
   Generatorklassen-ID: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
   Generatorname: MSSearch Service Writer
   Generatorinstanz-ID: {018d5366-c33f-41bf-b392-c5a049b90db6}

Error: (09/16/2017 10:44:41 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x000001c4,(null),0,REG_BINARY,0000000002AEEEE0.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.


Vorgang:
   BackupShutdown-Ereignis

Kontext:
   Ausführungskontext: Writer
   Generatorklassen-ID: {afbab4a2-367d-4d15-a586-71dbb18f8485}
   Generatorname: Registry Writer
   Generatorinstanz-ID: {a4b598a0-6fb5-49e5-9541-e8cf666399de}


Systemfehler:
=============
Error: (09/17/2017 12:16:18 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Description" aufgrund folgenden Fehlers fehlgeschlagen: 
Zugriff verweigert

Error: (09/17/2017 12:16:18 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen: 
Zugriff verweigert

Error: (09/16/2017 11:45:11 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen: 
Zugriff verweigert

Error: (09/16/2017 11:45:11 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "DeleteFlag" aufgrund folgenden Fehlers fehlgeschlagen: 
Zugriff verweigert

Error: (09/16/2017 11:00:20 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen: 
Zugriff verweigert

Error: (09/16/2017 11:00:18 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen: 
Zugriff verweigert

Error: (09/16/2017 08:38:18 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
ArcCtrl

Error: (09/16/2017 08:36:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (09/16/2017 08:36:33 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (09/16/2017 08:36:22 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.


CodeIntegrity:
===================================
  Date: 2016-01-15 16:55:46.971
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\Andre\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-01-15 16:55:46.927
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\Andre\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-01-15 16:55:46.213
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-01-15 16:55:46.167
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: AMD FX(tm)-8350 Eight-Core Processor 
Prozentuale Nutzung des RAM: 71%
Installierter physikalischer RAM: 8173.53 MB
Verfügbarer physikalischer RAM: 2289.67 MB
Summe virtueller Speicher: 16345.24 MB
Verfügbarer virtueller Speicher: 9082.62 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:160 GB) (Free:19.54 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Data) (Fixed) (Total:771.51 GB) (Free:496.68 GB) NTFS
Drive h: (Volume) (Fixed) (Total:931.51 GB) (Free:513.34 GB) NTFS
Drive j: (EXTERN) (Fixed) (Total:931.51 GB) (Free:466.35 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: CE4B2957)
Partition 1: (Active) - (Size=160 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=771.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 738A5F22)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 000D8F54)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 17.09.2017, 03:16   #5
burningice
/// Malwareteam
 
Driver Booster unmöglich zu deinstallieren - Standard

Driver Booster unmöglich zu deinstallieren



Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel
    • "Prefetch" Dateien
    • Proxy
    • Winsock
    • Internet Explorer Richtlinien
    • Chrome Richtlinien
  • Bestätige die Auswahl mit Ok.
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Starte bitte wieder Malwarebytes Anti-Malware
  • Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM nach dem Neustart, klicke auf Berichte.
  • Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
  • Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Bitte poste in deiner nächsten Antwort also:
  • Logfile von AdwCleaner
  • Logfile von Malwarebytes
  • Frst.txt
  • Addition.txt

__________________
Mfg,
Rafael

~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~

Unterstütze uns mit einer Spende
......... Lob, Kritik oder Wünsche .........
.......... Folge uns auf Facebook ..........

Alt 17.09.2017, 12:46   #6
SLGHTRRR
 
Driver Booster unmöglich zu deinstallieren - Standard

Driver Booster unmöglich zu deinstallieren



Also jetzt geht irgendwie gar nix mehr. Ich habe AdwCleaner mit den beschriebenen Optionen scannen lassen und bin dann wie gewünscht auf löschen gegangen. Nach dem Neustart brauchte der PC relativ lange zum Booten und nun geht mein Internet nicht mehr. Das Freigabecenter zeigt keine Verbindungen mehr an. Die Problembehandlung sagt mir, dass die Proxyeinstellungen des Netzwerkes nicht automatisch ermittelt werden konnten. Ich schreibe jetzt vom Smartphone. Bekomme ich das irgendwie wieder rückgängig? Hilfe. D:

EDIT: So, nachdem ich den AdwCleaner daraufhin nochmal ausführte und cleanen ließ, bootete der Rechner wieder normal und das Problem, dass das Internet nicht mehr läuft, ist weg. Seltsam. Vielleicht ist das für dich ja alles ganz schlüssig? Bin halt Laie. Mir fiel auf jeden fall ein Stein vom Herzen. :'D

Also, hier nun die gewünschten Logfiles. Da ich das Ganze ja zwei mal gemacht habe, bekommste auch beide. Die erste ist die, die auch das seltsame Problem mit dem Internet "ausgelöst" hat.

Code:
ATTFilter
# AdwCleaner 7.0.2.1 - Logfile created on Sun Sep 17 10:04:21 2017
# Updated on 2017/29/08 by Malwarebytes 
# Database: 09-15-2017.1
# Running on Windows 7 Home Premium (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

PUP.Optional.Legacy, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\red1zlkb.default\foxydeal.sqlite
PUP.Optional.Legacy, C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\red1zlkb.default\invalidprefs.js


***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Optional.Legacy, Driver Booster Scheduler


***** [ Registry ] *****

PUP.Optional.Mail.Ru, [Key] - HKU\S-1-5-21-146311287-3911743294-2340431242-1000\Software\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKU\S-1-5-21-146311287-3911743294-2340431242-1000\Software\AppDataLow\Software\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017204210833\Software\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017204210833\Software\AppDataLow\Software\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017205517673\Software\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017205517673\Software\AppDataLow\Software\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017210053079\Software\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017210053079\Software\AppDataLow\Software\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017211439571\Software\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017211439571\Software\AppDataLow\Software\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224623236\Software\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224623236\Software\AppDataLow\Software\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224656211\Software\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09162017224656211\Software\AppDataLow\Software\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09172017023311464\Software\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09172017023311464\Software\AppDataLow\Software\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKCU\Software\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKCU\Software\AppDataLow\Software\Mail.Ru
PUP.Optional.SupTab, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID | {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
PUP.Optional.SlimCleanerPlus, [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
PUP.Optional.SlimCleanerPlus, [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************



########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########
         
Code:
ATTFilter
# AdwCleaner 7.0.2.1 - Logfile created on Sun Sep 17 11:24:45 2017
# Updated on 2017/29/08 by Malwarebytes 
# Running on Windows 7 Home Premium (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Yahoo\SS


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Prefetch files deleted
::Proxy settings cleared
::IE policies deleted
::Chrome policies deleted
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [4104 B] - [2017/9/17 10:5:38]
C:/AdwCleaner/AdwCleaner[S0].txt - [4148 B] - [2017/9/17 10:4:21]
C:/AdwCleaner/AdwCleaner[S1].txt - [1108 B] - [2017/9/17 11:24:19]


########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########
         
Eventuell kannst du mir ja auch sagen, was das da eben war mit dem Problem des Internets? Erschien mir irgendwie seltsam und scheint ja auch nicht so vorgesehen gewesen zu sein. Ansonsten hättest du mich sicher vorgewarnt. Haha.

Geändert von SLGHTRRR (17.09.2017 um 13:36 Uhr)

Alt 17.09.2017, 14:36   #7
burningice
/// Malwareteam
 
Driver Booster unmöglich zu deinstallieren - Standard

Driver Booster unmöglich zu deinstallieren



Haha, also dass der Neustart lange dauert ist normal, das mit dem Internet nicht unbedingt. Aber hat sich ja gut aufgelöst

Mach bitte mit den Schritten weiter
__________________
Mfg,
Rafael

~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~

Unterstütze uns mit einer Spende
......... Lob, Kritik oder Wünsche .........
.......... Folge uns auf Facebook ..........

Alt 18.09.2017, 12:58   #8
SLGHTRRR
 
Driver Booster unmöglich zu deinstallieren - Standard

Driver Booster unmöglich zu deinstallieren



So. Hier die fehlenden Logs.

Malwarebytes

Code:
ATTFilter
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 18.09.17
Scan-Zeit: 12:43
Protokolldatei: 391767fa-9c5e-11e7-aba3-00ff88d78c6f.json
Administrator: Ja

-Softwaredaten-
Version: 3.2.2.2029
Komponentenversion: 1.0.188
Version des Aktualisierungspakets: 1.0.2829
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Andre-PC\Andre

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 343890
Erkannte Bedrohungen: 0
(keine bösartigen Elemente erkannt)
In die Quarantäne verschobene Bedrohungen: 0
(keine bösartigen Elemente erkannt)
Abgelaufene Zeit: 8 Min., 8 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)
         
FRST

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 17-09-2017 01
durchgeführt von Andre (Administrator) auf ANDRE-PC (18-09-2017 12:53:12)
Gestartet von C:\Users\Andre\Desktop\trojanboard
Geladene Profile: Andre &  (Verfügbare Profile: Andre)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
() C:\Users\Andre\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Google, Inc) C:\Users\Andre\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe
(Discord Inc.) C:\Users\Andre\AppData\Local\Discord\app-0.0.298\Discord.exe
(Spotify Ltd) C:\Users\Andre\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(ROCCAT GmbH) D:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Discord Inc.) C:\Users\Andre\AppData\Local\Discord\app-0.0.298\Discord.exe
() D:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
() C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Discord Inc.) C:\Users\Andre\AppData\Local\Discord\app-0.0.298\Discord.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Malwarebytes) D:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) D:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17361016 2016-12-20] (Logitech Inc.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [919032 2017-08-31] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LWS] => D:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [593216 2015-08-11] (Razer Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2303152 2015-07-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-08-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ROCCAT Savu Gaming Mouse] => D:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe [872048 2012-09-10] (ROCCAT GmbH)
HKLM-x32\...\Run: [EaseUS EPM tray] => D:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.0\bin\EpmNews.exe
HKLM-x32\...\Run: [EaseUS Cleanup] => "D:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.0\bin\CleanUpUI.exe" 10 300
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5263504 2012-08-09] (VIA)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5885352 2017-06-29] (LogMeIn Inc.)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000\...\Run: [Amazon Music] => C:\Users\Andre\AppData\Local\Amazon Music\Amazon Music Helper.exe [5886784 2015-04-19] ()
HKU\S-1-5-21-146311287-3911743294-2340431242-1000\...\Run: [GalaxyClient] => D:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [5161536 2017-09-14] (GOG.com)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 6\CyberGhost.exe" /autostart /min
HKU\S-1-5-21-146311287-3911743294-2340431242-1000\...\Run: [Google Update] => C:\Users\Andre\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-28] (Google Inc.)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000\...\Run: [Google Photos Backup] => C:\Users\Andre\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3790936 2016-04-09] (Google, Inc)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000\...\Run: [Discord] => C:\Users\Andre\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000\...\Run: [Spotify Web Helper] => C:\Users\Andre\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1580144 2017-08-11] (Spotify Ltd)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-146311287-3911743294-2340431242-1000\...\MountPoints2: {bb40fb4b-66d3-11e4-b154-74d435b4f298} - G:\setup.exe
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09182017124356790\...\Run: [Amazon Music] => C:\Users\Andre\AppData\Local\Amazon Music\Amazon Music Helper.exe [5886784 2015-04-19] ()
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09182017124356790\...\Run: [GalaxyClient] => D:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [5161536 2017-09-14] (GOG.com)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09182017124356790\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 6\CyberGhost.exe" /autostart /min
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09182017124356790\...\Run: [Google Update] => C:\Users\Andre\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-28] (Google Inc.)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09182017124356790\...\Run: [Google Photos Backup] => C:\Users\Andre\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3790936 2016-04-09] (Google, Inc)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09182017124356790\...\Run: [Discord] => C:\Users\Andre\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09182017124356790\...\Run: [Spotify Web Helper] => C:\Users\Andre\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1580144 2017-08-11] (Spotify Ltd)
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09182017124356790\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09182017124356790\...\MountPoints2: {bb40fb4b-66d3-11e4-b154-74d435b4f298} - G:\setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2016-08-11]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{30541F6D-4F58-4531-AED5-F5F482CAC65A}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{602B6AA2-CDBC-436A-A711-F2C318EA6F98}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{67952031-F654-4616-9793-086A29AF8A54}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-146311287-3911743294-2340431242-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-146311287-3911743294-2340431242-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09182017124356790\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09182017124356790\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-09-16] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-16] (Oracle Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)

FireFox:
========
FF ProfilePath: C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\red1zlkb.default [2017-09-17]
FF Homepage: Mozilla\Firefox\Profiles\red1zlkb.default -> about:home
FF NetworkProxy: Mozilla\Firefox\Profiles\red1zlkb.default -> type", 0
FF Extension: (Avira Browserschutz) - C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\red1zlkb.default\Extensions\abs@avira.com.xpi [2017-08-14]
FF Extension: (Amazon-Icon) - C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\red1zlkb.default\Extensions\amazon-icon@giga.de [2014-10-02] [ist nicht signiert]
FF Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\red1zlkb.default\Extensions\firefox@zenmate.com.xpi [2017-06-08]
FF Extension: (Adblock Plus) - C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\red1zlkb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08]
FF Extension: (Tab Player Light) - C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\red1zlkb.default\Extensions\{d96f9f93-cdb4-4421-8d3c-28ad2621d5e9}.xpi [2016-06-10] [ist nicht signiert]
FF Extension: (DownThemAll!) - C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\red1zlkb.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2017-04-10]
FF Extension: (Tab Manager Plus) - C:\Users\Andre\AppData\Roaming\Mozilla\Firefox\Profiles\red1zlkb.default\Extensions\{f19c43f3-1870-45f7-bf5e-88433934799b}.xpi [2015-12-31] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_207.dll [2015-10-14] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-07-02] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_207.dll [2015-10-14] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-16] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-07-02] (Adobe Systems)
FF Plugin HKU\S-1-5-21-146311287-3911743294-2340431242-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Andre\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-146311287-3911743294-2340431242-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Andre\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-146311287-3911743294-2340431242-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-12-16] ()
FF Plugin HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09182017124356790: @tools.google.com/Google Update;version=3 -> C:\Users\Andre\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09182017124356790: @tools.google.com/Google Update;version=9 -> C:\Users\Andre\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09182017124356790: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-12-16] ()

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3321459&octid=EB_ORIGINAL_CTID&ISID=MA1CA9458-F849-401C-B3FA-4BF4E7A6441C&SearchSource=55&CUI=&UM=8&UP=SP132290FE-315E-4927-9DD6-36D8EA7647E1&SSPV=
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3321459&octid=EB_ORIGINAL_CTID&ISID=MA1CA9458-F849-401C-B3FA-4BF4E7A6441C&SearchSource=55&CUI=&UM=8&UP=SP132290FE-315E-4927-9DD6-36D8EA7647E1&SSPV="
CHR DefaultSearchURL: Default -> hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3321459&octid=EB_ORIGINAL_CTID&ISID=MA1CA9458-F849-401C-B3FA-4BF4E7A6441C&SearchSource=58&CUI=&UM=8&UP=SP132290FE-315E-4927-9DD6-36D8EA7647E1&q={searchTerms}&SSPV=
CHR DefaultSearchKeyword: Default -> trovi.search
CHR DefaultSuggestURL: Default -> hxxp://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}
CHR Session Restore: Default -> ist aktiviert.
CHR Profile: C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default [2017-09-18]
CHR Extension: (ProxFlow) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2017-02-19]
CHR Extension: (Google Präsentationen) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-15]
CHR Extension: (Google Docs) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15]
CHR Extension: (Google Drive) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-26]
CHR Extension: (YouTube) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Google-Suche) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Adobe Acrobat) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-07-23]
CHR Extension: (Google Tabellen) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-15]
CHR Extension: (Avira Browserschutz) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-06-10]
CHR Extension: (Google Docs Offline) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-20]
CHR Extension: (AdBlock) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-08-05]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-27]
CHR Extension: (Amazon) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj [2014-11-21]
CHR Extension: (Google Mail) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-12]
CHR Extension: (Chrome Media Router) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-10]
CHR Profile: C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-09-17]
CHR Profile: C:\Users\Andre\AppData\Local\Google\Chrome\User Data\System Profile [2017-09-17]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-146311287-3911743294-2340431242-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09182017124356790\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\Andre\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2014-10-02]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [680112 2015-06-09] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-03] (Advanced Micro Devices, Inc.)
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2017-04-24] (Advanced Micro Devices) [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1128432 2017-08-31] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [490968 2017-08-31] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [490968 2017-08-31] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1525240 2017-08-31] (Avira Operations GmbH & Co. KG)
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [404816 2017-08-15] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1522184 2017-06-21] ()
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [382504 2017-08-16] (EasyAntiCheat Ltd)
S3 GalaxyClientService; D:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [532544 2017-09-14] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8242752 2017-09-14] (GOG.com)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3418024 2017-06-29] (LogMeIn Inc.)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2015-09-02] (Hi-Rez Studios) [Datei ist nicht signiert]
S3 HnGSteamService; H:\Steam\steamapps\common\Heroes & Generals\hngservice.exe [777512 2017-09-15] (Reto-Moto ApS)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2016-12-20] (Logitech Inc.)
R2 MBAMService; D:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2121736 2017-01-24] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2183696 2017-01-24] (Electronic Arts)
R2 ovpnagent; C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe [949480 2016-08-29] ()
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-10-17] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-02-12] ()
S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-16] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5491984 2015-05-20] (TeamViewer GmbH)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2017-01-23] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [305544 2017-04-25] (Advanced Micro Devices)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [65248 2017-01-23] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [64504 2017-06-14] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [194912 2017-08-31] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [151128 2017-08-31] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35328 2017-03-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-02] (Avira Operations GmbH & Co. KG)
S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-31] (Windows (R) Win 7 DDK provider)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 DroidCam; C:\Windows\System32\DRIVERS\droidcam.sys [33080 2014-10-05] (Dev47Apps)
S3 DroidCamVideo; C:\Windows\System32\DRIVERS\droidcamvideo.sys [227512 2014-10-05] (Dev47Apps)
S3 E100B; C:\Windows\System32\DRIVERS\efe5b32e.sys [192256 2009-06-10] (Intel Corporation)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-08-24] ()
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-01-23] (REALiX(tm))
S3 ladfGSS; C:\Windows\System32\drivers\ladfGSS.sys [54552 2016-12-20] (Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [67736 2016-12-20] (Logitech Inc.)
S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [192960 2017-09-18] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [101824 2017-09-18] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [45472 2017-09-18] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [253888 2017-09-18] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [84256 2017-09-18] (Malwarebytes)
R3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [27136 2016-06-15] (The OpenVPN Project)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-10-08] (Razer, Inc.)
R3 ssdevfactory; C:\Windows\System32\DRIVERS\ssdevfactory.sys [32792 2015-06-30] (SteelSeries ApS)
S3 sshid; C:\Windows\System32\DRIVERS\sshid.sys [51400 2015-10-27] (SteelSeries ApS)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 tap0901_openvpn_accl; C:\Windows\System32\DRIVERS\tap0901_openvpn_accl.sys [37912 2016-11-05] (The OpenVPN Project)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
R3 VUSB3HUB; C:\Windows\system32\drivers\ViaHub3.sys [231112 2013-01-03] (VIA Technologies, Inc.)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [305664 2017-01-23] (VIA Technologies, Inc.)
S3 ALSysIO; \??\C:\Users\Andre\AppData\Local\Temp\ALSysIO64.sys [X] <==== ACHTUNG
S1 ArcCtrl; system32\drivers\ArcCtrl.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-18 12:52 - 2017-09-18 12:52 - 000001429 _____ C:\Users\Andre\Desktop\mblog.txt
2017-09-18 12:42 - 2017-09-18 12:43 - 000101824 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-09-17 18:04 - 2017-09-17 18:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfenstein The New Order
2017-09-17 12:05 - 2017-09-17 12:05 - 000004148 _____ C:\Users\Andre\Desktop\evtwichtigadwcl.txt
2017-09-17 12:00 - 2017-09-17 13:24 - 000000000 ____D C:\AdwCleaner
2017-09-17 11:59 - 2017-09-18 12:52 - 000000000 ____D C:\Users\Andre\Desktop\trojanboard
2017-09-17 02:21 - 2017-09-18 12:53 - 000000000 ____D C:\FRST
2017-09-16 22:44 - 2017-09-16 22:44 - 000012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2017-09-16 22:35 - 2017-09-17 13:15 - 000000000 ____D C:\ProgramData\HitmanPro
2017-09-16 22:34 - 2017-09-16 22:34 - 011584088 _____ (SurfRight B.V.) C:\Users\Andre\Desktop\hitmanpro_x64.exe
2017-09-16 20:21 - 2017-09-18 12:43 - 000253888 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-09-16 20:21 - 2017-09-18 12:43 - 000084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-09-16 20:21 - 2017-09-18 12:43 - 000045472 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-09-16 20:21 - 2017-09-18 12:42 - 000192960 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-09-16 20:21 - 2017-09-17 13:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-16 20:21 - 2017-09-16 20:21 - 000000939 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-16 20:21 - 2017-08-24 11:27 - 000077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-09-16 20:20 - 2017-09-16 20:20 - 068408664 _____ (Malwarebytes ) C:\Users\Andre\Desktop\mb3-setup-consumer-3.2.2.2029.exe
2017-09-16 19:47 - 2017-09-17 13:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-09-14 00:30 - 2017-09-14 00:31 - 000000000 ____D C:\Users\Andre\Desktop\arkark
2017-09-13 06:22 - 2017-08-19 17:28 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2017-09-13 06:22 - 2017-08-19 17:10 - 000180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2017-09-13 06:22 - 2017-08-16 17:29 - 000806912 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-09-13 06:22 - 2017-08-16 17:10 - 000629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-09-13 06:22 - 2017-08-16 16:57 - 003224576 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-09-13 06:22 - 2017-08-16 03:10 - 000395976 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-09-13 06:22 - 2017-08-16 02:25 - 000347336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-09-13 06:22 - 2017-08-15 17:29 - 014182400 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-09-13 06:22 - 2017-08-15 17:29 - 001867264 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-09-13 06:22 - 2017-08-15 17:10 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-09-13 06:22 - 2017-08-15 17:10 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-09-13 06:22 - 2017-08-15 16:06 - 015260160 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-09-13 06:22 - 2017-08-15 16:01 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-09-13 06:22 - 2017-08-15 16:01 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-09-13 06:22 - 2017-08-15 16:01 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-09-13 06:22 - 2017-08-15 15:58 - 013673984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-09-13 06:22 - 2017-08-14 19:35 - 003203584 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2017-09-13 06:22 - 2017-08-14 19:35 - 002150912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcndmgr.dll
2017-09-13 06:22 - 2017-08-14 19:35 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll
2017-09-13 06:22 - 2017-08-14 19:35 - 000303104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcbase.dll
2017-09-13 06:22 - 2017-08-14 19:35 - 000172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cic.dll
2017-09-13 06:22 - 2017-08-14 19:35 - 000131072 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll
2017-09-13 06:22 - 2017-08-14 19:35 - 000128512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmcshext.dll
2017-09-13 06:22 - 2017-08-14 19:34 - 000211968 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll
2017-09-13 06:22 - 2017-08-13 23:37 - 002144256 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2017-09-13 06:22 - 2017-08-13 23:30 - 001401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mmc.exe
2017-09-13 06:22 - 2017-08-13 20:58 - 025730560 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-09-13 06:22 - 2017-08-13 19:24 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-09-13 06:22 - 2017-08-13 19:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-09-13 06:22 - 2017-08-13 19:06 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-09-13 06:22 - 2017-08-13 19:05 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-09-13 06:22 - 2017-08-13 19:05 - 000417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-09-13 06:22 - 2017-08-13 19:05 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-09-13 06:22 - 2017-08-13 19:05 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-09-13 06:22 - 2017-08-13 19:04 - 002899968 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-09-13 06:22 - 2017-08-13 18:56 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-09-13 06:22 - 2017-08-13 18:55 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-09-13 06:22 - 2017-08-13 18:54 - 020269056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-09-13 06:22 - 2017-08-13 18:52 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-09-13 06:22 - 2017-08-13 18:51 - 005981696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-09-13 06:22 - 2017-08-13 18:51 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-09-13 06:22 - 2017-08-13 18:51 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-09-13 06:22 - 2017-08-13 18:50 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-09-13 06:22 - 2017-08-13 18:50 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-09-13 06:22 - 2017-08-13 18:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-09-13 06:22 - 2017-08-13 18:41 - 000968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-09-13 06:22 - 2017-08-13 18:38 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-09-13 06:22 - 2017-08-13 18:30 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-09-13 06:22 - 2017-08-13 18:29 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-09-13 06:22 - 2017-08-13 18:29 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-09-13 06:22 - 2017-08-13 18:29 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-09-13 06:22 - 2017-08-13 18:29 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-09-13 06:22 - 2017-08-13 18:29 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-09-13 06:22 - 2017-08-13 18:28 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-09-13 06:22 - 2017-08-13 18:27 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-09-13 06:22 - 2017-08-13 18:24 - 002291200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-09-13 06:22 - 2017-08-13 18:24 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-09-13 06:22 - 2017-08-13 18:23 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-09-13 06:22 - 2017-08-13 18:22 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-09-13 06:22 - 2017-08-13 18:21 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-09-13 06:22 - 2017-08-13 18:20 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-09-13 06:22 - 2017-08-13 18:19 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-09-13 06:22 - 2017-08-13 18:18 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-09-13 06:22 - 2017-08-13 18:17 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-09-13 06:22 - 2017-08-13 18:17 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-09-13 06:22 - 2017-08-13 18:17 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-09-13 06:22 - 2017-08-13 18:07 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-09-13 06:22 - 2017-08-13 18:04 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-09-13 06:22 - 2017-08-13 18:04 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-09-13 06:22 - 2017-08-13 18:02 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-09-13 06:22 - 2017-08-13 18:01 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-09-13 06:22 - 2017-08-13 18:01 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-09-13 06:22 - 2017-08-13 18:01 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-09-13 06:22 - 2017-08-13 18:00 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-09-13 06:22 - 2017-08-13 17:57 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-09-13 06:22 - 2017-08-13 17:53 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-09-13 06:22 - 2017-08-13 17:48 - 004547072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-09-13 06:22 - 2017-08-13 17:46 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-09-13 06:22 - 2017-08-13 17:44 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-09-13 06:22 - 2017-08-13 17:43 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-09-13 06:22 - 2017-08-13 17:43 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-09-13 06:22 - 2017-08-13 17:40 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-09-13 06:22 - 2017-08-13 17:27 - 001544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-09-13 06:22 - 2017-08-13 17:18 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-09-13 06:22 - 2017-08-13 17:17 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-09-13 06:22 - 2017-08-13 17:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-09-13 06:22 - 2017-08-13 17:13 - 001314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-09-13 06:22 - 2017-08-11 08:42 - 000631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-09-13 06:22 - 2017-08-11 08:38 - 005547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-09-13 06:22 - 2017-08-11 08:38 - 000706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-09-13 06:22 - 2017-08-11 08:38 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-09-13 06:22 - 2017-08-11 08:38 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-09-13 06:22 - 2017-08-11 08:36 - 001732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 002065408 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000512000 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000346112 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-09-13 06:22 - 2017-08-11 08:35 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000971776 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:34 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:24 - 004001000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-09-13 06:22 - 2017-08-11 08:24 - 003945704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-09-13 06:22 - 2017-08-11 08:21 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-09-13 06:22 - 2017-08-11 08:20 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-09-13 06:22 - 2017-08-11 08:20 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-09-13 06:22 - 2017-08-11 08:19 - 001417728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000299008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winnsi.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nsi.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 08:12 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2017-09-13 06:22 - 2017-08-11 08:09 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2017-09-13 06:22 - 2017-08-11 08:07 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-09-13 06:22 - 2017-08-11 08:07 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-09-13 06:22 - 2017-08-11 08:07 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-09-13 06:22 - 2017-08-11 08:06 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-09-13 06:22 - 2017-08-11 08:03 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-09-13 06:22 - 2017-08-11 08:03 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2017-09-13 06:22 - 2017-08-11 08:02 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-09-13 06:22 - 2017-08-11 08:01 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2017-09-13 06:22 - 2017-08-11 08:00 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-09-13 06:22 - 2017-08-11 08:00 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-09-13 06:22 - 2017-08-11 08:00 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-09-13 06:22 - 2017-08-11 07:59 - 000460800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-09-13 06:22 - 2017-08-11 07:59 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-09-13 06:22 - 2017-08-11 07:59 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-09-13 06:22 - 2017-08-11 07:59 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-09-13 06:22 - 2017-08-11 07:59 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-09-13 06:22 - 2017-08-11 07:58 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-09-13 06:22 - 2017-08-11 07:58 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-09-13 06:22 - 2017-08-11 07:58 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2017-09-13 06:22 - 2017-08-11 07:56 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-09-13 06:22 - 2017-08-11 07:56 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-09-13 06:22 - 2017-08-11 07:56 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-09-13 06:22 - 2017-08-11 07:56 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-09-13 06:22 - 2017-08-11 07:55 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-09-13 06:22 - 2017-08-11 07:55 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 07:55 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 07:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-09-13 06:22 - 2017-08-11 07:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-09-13 06:22 - 2017-07-07 17:29 - 001143296 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
2017-09-13 06:22 - 2017-07-07 17:10 - 000973312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXPTaskRingtone.dll
2017-09-09 03:23 - 2017-09-09 03:23 - 055163204 _____ C:\Users\Andre\Desktop\Orchid Mantis It Was Gone.mov
2017-09-06 17:40 - 2017-09-06 19:24 - 000000000 ____D C:\Users\Andre\AppData\Local\HyperLightDrifter
2017-08-28 00:04 - 2017-08-28 00:04 - 004282066 _____ C:\Users\Andre\Desktop\wewelsburg.rar
2017-08-28 00:02 - 2017-08-28 00:04 - 000000000 ____D C:\Users\Andre\Desktop\wewelsburg
2017-08-23 21:41 - 2017-08-23 21:41 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2017-08-23 21:41 - 2017-08-23 21:41 - 000002188 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-18 12:49 - 2014-09-30 18:13 - 000000000 ____D C:\Users\Andre\AppData\Roaming\Skype
2017-09-18 03:54 - 2009-07-14 06:45 - 000027936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-09-18 03:54 - 2009-07-14 06:45 - 000027936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-09-18 02:00 - 2014-09-30 18:30 - 000000000 ____D C:\Users\Andre\AppData\Local\Adobe
2017-09-17 13:29 - 2015-07-07 23:31 - 000000000 ____D C:\ProgramData\boost_interprocess
2017-09-17 13:28 - 2014-10-18 19:35 - 000000000 ____D C:\Users\Andre\AppData\Local\LogMeIn Hamachi
2017-09-17 13:25 - 2014-09-26 08:43 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2017-09-17 13:25 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-09-17 13:15 - 2017-01-23 23:19 - 000000000 ____D C:\Users\Andre\AppData\LocalLow\IObit
2017-09-17 13:15 - 2014-10-10 05:21 - 000000000 ____D C:\Users\Andre\AppData\Roaming\IrfanView
2017-09-17 13:15 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2017-09-17 13:15 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\registration
2017-09-17 13:15 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2017-09-17 12:54 - 2014-09-30 18:04 - 000000000 ____D C:\Users\Andre
2017-09-17 12:53 - 2011-04-12 09:54 - 000000000 ___RD C:\Users\Public\Recorded TV
2017-09-17 12:01 - 2014-09-30 18:10 - 000000000 ____D C:\Program Files (x86)\Steam
2017-09-16 22:49 - 2017-01-23 23:19 - 000002886 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Andre)
2017-09-16 20:21 - 2016-07-19 17:50 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-16 19:54 - 2017-01-23 23:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2017-09-16 19:21 - 2014-12-31 02:23 - 000000000 ____D C:\ProgramData\Steam
2017-09-16 17:41 - 2014-10-11 03:39 - 000000000 ____D C:\Users\Andre\AppData\Local\Spotify
2017-09-16 17:33 - 2016-09-30 22:27 - 000000000 ____D C:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-09-16 13:28 - 2014-10-11 03:38 - 000000000 ____D C:\Users\Andre\AppData\Roaming\Spotify
2017-09-14 06:01 - 2014-04-03 07:44 - 000000000 ____D C:\ProgramData\Package Cache
2017-09-14 04:31 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2017-09-14 03:50 - 2011-04-12 09:43 - 000713634 _____ C:\Windows\system32\perfh007.dat
2017-09-14 03:50 - 2011-04-12 09:43 - 000153750 _____ C:\Windows\system32\perfc007.dat
2017-09-14 03:50 - 2009-07-14 07:13 - 001647328 _____ C:\Windows\system32\PerfStringBackup.INI
2017-09-14 03:42 - 2009-07-14 06:45 - 004935296 _____ C:\Windows\system32\FNTCACHE.DAT
2017-09-14 03:22 - 2014-09-30 19:42 - 000000000 ____D C:\Windows\system32\MRT
2017-09-14 03:13 - 2014-09-30 19:42 - 138202976 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-09-14 03:05 - 2014-04-03 07:07 - 001620672 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-09-09 03:32 - 2014-09-30 21:57 - 000000000 ____D C:\Users\Andre\AppData\Roaming\vlc
2017-09-08 13:12 - 2014-10-01 04:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-08-31 11:11 - 2014-10-01 04:38 - 000194912 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2017-08-31 11:11 - 2014-10-01 04:38 - 000151128 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2017-08-31 05:40 - 2015-11-05 21:09 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-30 20:04 - 2014-09-30 19:24 - 000000000 ____D C:\Users\Andre\AppData\Roaming\TS3Client
2017-08-28 22:43 - 2014-11-21 02:31 - 000002203 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-27 19:07 - 2017-04-07 02:05 - 000000000 ____D C:\Users\Andre\AppData\LocalLow\Mozilla
2017-08-23 21:41 - 2014-11-21 02:30 - 000000000 ____D C:\Program Files (x86)\Google

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-10-07 03:01 - 2014-10-09 01:13 - 000000296 _____ () C:\Users\Andre\AppData\Roaming\BreakingPoint_Login.ini
2014-10-07 03:02 - 2014-10-08 04:38 - 000001408 _____ () C:\Users\Andre\AppData\Roaming\BreakingPoint_Options.ini
2016-01-06 21:53 - 2016-01-10 00:51 - 000000098 _____ () C:\Users\Andre\AppData\Roaming\LauncherSettings_live.cfg
2016-01-06 21:56 - 2016-01-06 21:56 - 000010495 _____ () C:\Users\Andre\AppData\Roaming\TheHunterSettings_live.bin
2015-10-15 05:50 - 2015-10-15 05:50 - 000003584 _____ () C:\Users\Andre\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-07-14 03:55 - 2017-08-17 23:53 - 000007624 _____ () C:\Users\Andre\AppData\Local\Resmon.ResmonCfg
2014-10-05 23:37 - 2014-10-05 23:42 - 000000017 _____ () C:\ProgramData\droidcam-settings

Einige Dateien in TEMP:
====================
2014-10-01 04:39 - 2014-10-01 04:39 - 000000000 ____D () C:\Users\Andre\AppData\Local\Temp\avgnt.exe
2017-05-24 23:56 - 2017-05-24 23:56 - 000008720 _____ () C:\Users\Andre\AppData\Local\Temp\BullseyeCoverage-2-x86.dll
2017-05-12 13:49 - 2017-05-12 13:49 - 019673080 _____ (Rockstar Games.) C:\Users\Andre\AppData\Local\Temp\GTA_V_Launcher_1_0_1011_1.exe
2017-08-24 03:08 - 2017-08-24 03:08 - 058782680 _____ (Skype Technologies S.A.) C:\Users\Andre\AppData\Local\Temp\SkypeSetup.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-09-10 04:41

==================== Ende von FRST.txt ============================
         

Alt 18.09.2017, 12:59   #9
SLGHTRRR
 
Driver Booster unmöglich zu deinstallieren - Standard

Driver Booster unmöglich zu deinstallieren



Addition

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-09-2017 01
durchgeführt von Andre (18-09-2017 12:54:17)
Gestartet von C:\Users\Andre\Desktop\trojanboard
Windows 7 Home Premium Service Pack 1 (X64) (2014-09-30 16:04:12)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-146311287-3911743294-2340431242-500 - Administrator - Disabled)
Andre (S-1-5-21-146311287-3911743294-2340431242-1000 - Administrator - Enabled) => C:\Users\Andre
Gast (S-1-5-21-146311287-3911743294-2340431242-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-146311287-3911743294-2340431242-1002 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

ACP Application (HKLM\...\{08524C4D-56DD-188E-ECD8-4D3F976AA3CF}) (Version: 2017.0424.2109.30 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.1.3.121 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.207 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.0.1 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-146311287-3911743294-2340431242-1000\...\Amazon Amazon Music) (Version: 3.9.0.795 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09182017124356790\...\Amazon Amazon Music) (Version: 3.9.0.795 - Amazon Services LLC)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassins Creed Unity (HKLM-x32\...\QXNzYXNzaW5zQ3JlZWRVbml0eQ==_is1) (Version: 1 - )
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
AunPlayer version 1.1.0.990 (HKLM-x32\...\{83AF2B1C-3F1C-4dc6-8237-5B400AAEB58B}_is1) (Version:  - )
Avira (HKLM-x32\...\{4771539a-931b-4378-8d4a-721ba62effca}) (Version: 1.2.95.14694 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{C22F76F2-AC9E-44BA-B297-71485F94022F}) (Version: 1.2.95.14694 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.30.29 - Avira Operations GmbH & Co. KG)
Awesomium Redistributable (HKLM-x32\...\{5BCB064B-9F65-4E15-BAFB-669E72E54FD9}) (Version: 1.7.4.2 - SIX Networks GmbH)
Axiom Verge (HKLM\...\Steam App 332200) (Version:  - Thomas Happ Games LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.47.30570 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Black ICE 6.21r2945 (HKLM-x32\...\{015E0577-7D4A-456C-A435-DD9EE7E72589}_is1) (Version: 6.21r2945 - Panzeroo, Inc.)
Blitzkrieg Mod MapPack version 4.8.6.0 (HKLM-x32\...\{46640F05-317B-44BA-B234-2382B39E3181}_is1) (Version: 4.8.6.0 - Blitzkrieg Mod Team)
Blitzkrieg Mod version 4.9.5 (HKLM-x32\...\{81EC7B6D-B297-4820-B5BE-5A2373725158}_is1) (Version: 4.9.5 - Blitzkrieg Mod Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{D6823E97-B396-927D-D651-AFB82BE03523}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{4B01C6D5-4693-6CA8-ECF7-A0F9E7FEC6DB}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{50DBC6DD-C2A2-2C38-FE37-A48208474155}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{BF26ACAF-6D09-023B-5FB7-8A848874A724}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{9DB37D05-F855-5D7D-08C2-25E00E2CCDBC}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{87250370-0A99-4ED9-DCE4-970DAC325FA5}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{1F815C78-D31E-53FD-C8BF-3215E4F022A3}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{79F58747-D616-4CDB-7D8B-4BC580D99153}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{02E80355-64BF-6C1E-B0B7-76857D62A86D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{77158555-E271-A561-ECDA-611639388B5C}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{97673BD1-8CA0-53EF-C4E7-282CD8748F1C}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{F1AD64B3-4114-8EF7-407C-F9F9122EDA68}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED28D75F-557C-39C9-5004-F8F17C8BC279}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{41268A73-D680-48C5-DE5E-CF67C05CBBBB}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{9655DE76-0987-9159-5A7E-FCE18409D004}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{CD73EC8B-9F04-5EA1-8FD4-AEE4DAC51267}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{397C2EE5-B514-0CC5-53C3-2FBE46CE6EDF}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{45FA39D2-8AEB-AFF8-2FA6-96891732CB80}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{B3EA6CCB-F44C-DC35-94F5-1B9CC18FE598}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{AEE4C0AE-CDAF-5D37-2DA3-A2B3FDFE6E81}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{BE064737-1F2C-ECDD-916C-798E3D18C263}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CPUID HWMonitor 1.25 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
CrystalDiskInfo 7.0.4 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.0.4 - Crystal Dew World)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DARK SOULS III (HKLM\...\Steam App 374320) (Version:  - FromSoftware, Inc.)
DEADBOLT (HKLM\...\Steam App 394970) (Version:  - Hopoo Games, LLC)
Dear Esther (HKLM\...\Steam App 203810) (Version:  - The Chinese Room)
Discord (HKU\S-1-5-21-146311287-3911743294-2340431242-1000\...\Discord) (Version: 0.0.298 - Discord Inc.)
Discord (HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09182017124356790\...\Discord) (Version: 0.0.298 - Discord Inc.)
Drawful 2 (HKLM-x32\...\7c165bbd-272d-47bd-b387-25ebca8ea6b1) (Version:  - JBCZN)
Dropsy (HKLM\...\Steam App 274350) (Version:  - Tendershoot)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Euro Truck Simulator 2 Multiplayer 0.1.1 R2 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.1.1 R2 Alpha - ETS2MP Team)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Far Cry 4 Update v1.6 (HKLM-x32\...\RmFyQ3J5NA==_is1) (Version: 1 - )
FlyVPN (HKLM-x32\...\FlyVPN) (Version: 3.6.2.2 - FlyVPN)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Photos Backup (HKU\S-1-5-21-146311287-3911743294-2340431242-1000\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
Google Photos Backup (HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09182017124356790\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Hacknet (HKLM\...\Steam App 365450) (Version:  - Team Fractal Alligator)
Hellblade: Senua's Sacrifice (HKLM\...\Steam App 414340) (Version:  - Ninja Theory)
Heroes & Generals (HKLM\...\Steam App 227940) (Version:  - Reto-Moto)
Hotline Miami (HKLM\...\Steam App 219150) (Version:  - Dennaton Games)
Hotline Miami 2: Wrong Number Digital Comic (HKLM-x32\...\Steam App 341190) (Version:  - Dennaton Games)
Hyper Light Drifter (HKLM\...\Steam App 257850) (Version:  - Heart Machine)
IL-2 Sturmovik Battle of Stalingrad (HKLM-x32\...\{66F649A9-0FA2-487E-BC0D-894BD7E89D5E}_is1) (Version:  - 1C Game Studios)
InstallShieldHiRezCurrent (HKLM-x32\...\{9433FC1C-7405-433C-A26D-81076293BBCE}) (Version: 3.0.0.0 - Hi-Rez Studios)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kentucky Route Zero (HKLM-x32\...\Steam App 231200) (Version:  - Cardboard Computer)
Killer is Dead (HKLM\...\Steam App 261110) (Version:  - KADOKAWA GAMES / GRASSHOPPER MANUFACTURE)
Leawo Blu-ray Player version  1.9.2.3 (HKLM-x32\...\{CF7F52BF-DEE0-44CD-A7E1-AADD5CCECCDD}_is1) (Version: 1.9.2.3 - leawo Software)
LIMBO (HKLM\...\Steam App 48000) (Version:  - Playdead)
Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)
Logitech Gaming Software 8.90 (HKLM\...\Logitech Gaming Software) (Version: 8.90.117 - Logitech Inc.)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\{BE82D2D7-6CA2-43B3-8C22-CCF6405806E7}) (Version: 2.2.0.579 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.579 - LogMeIn, Inc.)
Malwarebytes Version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Mass Effect™ 2 (HKLM-x32\...\{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}) (Version: 1.2.1604.0 - Electronic Arts)
Men of War: Assault Squad 2 (HKLM\...\Steam App 244450) (Version:  - Digitalmindsoft)
METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM\...\Steam App 287700) (Version:  - Konami Digital Entertainment)
Microsoft .NET Framework 4.7 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.1005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 53.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.2 (x86 de)) (Version: 53.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.2.6333 - Mozilla)
My Music Recognition (HKLM-x32\...\0FAC4B06-C222-4BE6-9118-1D893C4B05AD) (Version: 2.4 - Amir Hammoutene)
Net4Players Launcher Version 0.1 (HKLM-x32\...\{686082EC-BFF8-4C79-AA64-372A05B0662F}_is1) (Version: 0.1 - Net4Players Gaming Organization)
NO THING (HKLM\...\Steam App 444800) (Version:  - Evil Indie Games)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
One Finger Death Punch (HKLM\...\Steam App 264200) (Version:  - Silver Dollar Games)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.2.12697 - Electronic Arts, Inc.)
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.) Hidden
PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version:  - Bluehole, Inc.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.1 - Power Software Ltd)
PrivateTunnel (HKLM-x32\...\PrivateTunnel) (Version: 2.7.0.10 - OpenVPN Technologies)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
Psychonauts (HKLM\...\Steam App 3830) (Version:  - Double Fine Productions)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.7-r116720-release - Raptr, Inc)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.302 - Razer Inc.)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6650 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6767 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Rocket League (HKLM\...\Steam App 252950) (Version:  - Psyonix, Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.4 - Rockstar Games)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Savu Mouse (HKLM-x32\...\{6F4B8EA6-4546-4160-A05F-0706F7DC1EFF}) (Version: 1.1.9 - ROCCAT GmbH)
Silence of the Sleep (HKLM\...\Steam App 321870) (Version:  - Jesse Makkonen)
SIW 2013 Home Edition (HKLM-x32\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2013.05.14 - Topala Software Solutions)
Skype™ 7.37 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.37.103 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKU\S-1-5-21-146311287-3911743294-2340431242-1000\...\Spotify) (Version: 1.0.60.492.gbb40dab8 - Spotify AB)
Spotify (HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09182017124356790\...\Spotify) (Version: 1.0.60.492.gbb40dab8 - Spotify AB)
Squad (HKLM\...\Steam App 393380) (Version:  - Offworld Industries)
StarCraft (HKLM-x32\...\StarCraft) (Version:  - Blizzard Entertainment)
Stardew Valley (HKLM\...\Steam App 413150) (Version:  - ConcernedApe)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steel Division: Normandy 44 (HKLM\...\Steam App 572410) (Version:  - Eugen Systems)
SteelSeries Engine 3.4.1 (HKLM\...\SteelSeries Engine 3) (Version: 3.4.1 - SteelSeries ApS)
Stellaris (HKLM\...\Steam App 281990) (Version:  - Paradox Development Studio)
System Requirements Lab Detection (HKLM-x32\...\{DE556483-4317-4911-A6F3-E78356331AA4}) (Version: 6.1.6.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.42849 - TeamViewer)
The Binding of Isaac: Rebirth (HKLM\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Cat Lady (HKLM-x32\...\Steam App 253110) (Version:  - Harvester Games)
The Stanley Parable (HKLM\...\Steam App 221910) (Version:  - Galactic Cafe)
The Swapper (HKLM\...\Steam App 231160) (Version:  - Olli Harjola, Otto Hantula, Tom Jubert, Carlo Castellano)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.31.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Blood and Wine (HKLM-x32\...\Blood and Wine_is1) (Version: 1.24.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.24.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.24.0.0 - GOG.com)
To the Moon (HKLM\...\Steam App 206440) (Version:  - Freebird Games)
Transistor (HKLM\...\Steam App 237930) (Version:  - Supergiant Games)
Twitch Launcher (HKLM-x32\...\Twitch Launcher 1.0.0) (Version: 1.0.0 - Twitch)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Undertale (HKLM\...\Steam App 391540) (Version:  - tobyfox)
Updated Unofficial Fallout 3 Patch v1.9.3 (HKLM-x32\...\Updated Unofficial Fallout 3 Patch_is1) (Version: 1.9.3 - )
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
VA-11 Hall-A: Cyberpunk Bartender Action (HKLM\...\Steam App 447530) (Version:  - Sukeban Games)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Virtual Audio Capture Grabber uninstall (HKLM-x32\...\Virtual Audio Capture Grabber_is1) (Version:  - )
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
WhoCrashed 5.02 (HKLM\...\WhoCrashed_is1) (Version:  - Resplendence Software Projects Sp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinHTTrack Website Copier 3.48-19 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.19 - HTTrack)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Wolfenstein The New Order Version 1.0.0.2 (HKLM-x32\...\{1D725EB0-44A5-4149-9CA3-FD68D1E71DB5}_is1) (Version: 1.0.0.2 - Bethesda Softworks)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
XCOM: Enemy Unknown (HKLM\...\Steam App 200510) (Version:  - Firaxis Games)
XMedia Recode Version 3.2.3.2 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.2.3.2 - XMedia Recode)
Zup! 3 (HKLM\...\Steam App 575640) (Version:  - Quiet River)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-146311287-3911743294-2340431242-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Andre\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-146311287-3911743294-2340431242-1000_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Andre\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-146311287-3911743294-2340431242-1000_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Andre\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-146311287-3911743294-2340431242-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-146311287-3911743294-2340431242-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Andre\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-06-13] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-06-13] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-06-13] ()
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-06-13] ()
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2014-10-08] (Power Software Ltd)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2017-08-31] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-09-02] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-09-02] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2014-10-08] (Power Software Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-04-24] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-06-13] ()
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2014-10-08] (Power Software Ltd)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2017-08-31] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-09-02] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-09-02] (Alexander Roshal)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {37C92B9C-7050-4BCC-BEFF-42366A1D8290} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {44F947AF-6C6F-40B6-8D70-50B6A90419EF} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {4C52219A-F5A3-407E-BF20-17B34CBA2748} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {7846AB11-491D-4843-A62D-D6DEBBBFE5F1} - System32\Tasks\{BEE8BF74-DE32-44F8-984E-D829394C7E4F} => C:\Windows\system32\pcalua.exe -a C:\Users\Andre\Downloads\pb38setup\pbsetup.exe -d C:\Users\Andre\Downloads\pb38setup
Task: {A664BC33-2A7F-4955-A7BF-E2288D197479} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-146311287-3911743294-2340431242-1000UA => C:\Users\Andre\AppData\Local\Google\Update\GoogleUpdate.exe [2017-01-04] (Google Inc.)
Task: {D86B455E-169C-4071-A1D6-63FBA56BCA22} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {DB293ECB-C4B0-4BC4-BF78-ED87BE26D3F8} - System32\Tasks\{531F376E-28BF-41B1-872D-3E0BB69C2575} => C:\Windows\system32\pcalua.exe -a D:\DL\jxpiinstall(1).exe -d D:\DL
Task: {E15754E0-44E4-47D0-87F7-8620E856EBDB} - System32\Tasks\{DAA06107-9AD1-4820-A0B4-BDF4AD8EB1DF} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.5.64.102/de/go/help.faq.installer?LastError=1601
Task: {EC01BBD5-3ADD-441C-91AC-5EA7F14F87EB} - System32\Tasks\Driver Booster SkipUAC (Andre) => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe [2017-01-10] (IObit)
Task: {EC626A2E-84CC-409C-BA80-7FD3FF5D82C6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-146311287-3911743294-2340431242-1000Core => C:\Users\Andre\AppData\Local\Google\Update\GoogleUpdate.exe [2017-01-04] (Google Inc.)
Task: {FA7B315E-99AA-413E-B57B-1AA8DC312F3E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {FAA109F0-CADE-49C3-8542-D19ECAFE10DB} - System32\Tasks\AdobeAAMUpdater-1.0-Andre-PC-Andre => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


Shortcut: C:\Users\Andre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ\icq.com.lnk -> hxxp://www.icq.com

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-11-03 18:12 - 2015-11-03 18:12 - 000214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 000817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 003650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2015-06-13 14:17 - 2015-06-13 14:17 - 000803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-12-20 01:59 - 2016-12-20 01:59 - 001096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-12-20 01:59 - 2016-12-20 01:59 - 000241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-04-18 04:47 - 2015-04-19 03:54 - 005886784 _____ () C:\Users\Andre\AppData\Local\Amazon Music\Amazon Music Helper.exe
2012-09-13 01:38 - 2012-09-13 01:38 - 000264040 _____ () D:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2016-08-29 19:31 - 2016-08-29 19:31 - 000949480 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe
2014-10-01 04:58 - 2016-02-12 02:31 - 000076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 002013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2015-06-13 14:16 - 2015-06-13 14:16 - 031404192 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2017-08-28 22:43 - 2017-08-23 10:48 - 003824472 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libglesv2.dll
2017-08-28 22:43 - 2017-08-23 10:48 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libegl.dll
2017-09-16 20:21 - 2017-08-24 11:27 - 002264528 _____ () D:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-04-09 00:35 - 2016-04-09 00:35 - 003481600 _____ () C:\Users\Andre\AppData\Local\Programs\Google\Google Photos Backup\gpuploader_i18n.dll
2017-08-09 03:34 - 2017-08-08 15:13 - 001893880 _____ () C:\Users\Andre\AppData\Local\Discord\app-0.0.298\ffmpeg.dll
2014-05-24 07:44 - 2014-05-24 07:44 - 000151552 _____ () C:\Program Files (x86)\DroidCam\lib\DroidCam.dll
2014-05-23 06:56 - 2014-05-23 06:56 - 000077824 _____ () C:\Program Files (x86)\DroidCam\lib\DroidCamFilter.ax
2014-05-25 20:55 - 2014-05-25 20:55 - 000086016 _____ () C:\Program Files (x86)\DroidCam\lib\DroidCamFilter240p.ax
2015-09-05 03:42 - 2015-09-05 03:42 - 000137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2015-06-09 22:36 - 2015-06-09 22:36 - 036732592 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2017-08-09 03:34 - 2017-08-08 15:13 - 001938424 _____ () C:\Users\Andre\AppData\Local\Discord\app-0.0.298\libglesv2.dll
2017-08-09 03:34 - 2017-08-08 15:13 - 000095736 _____ () C:\Users\Andre\AppData\Local\Discord\app-0.0.298\libegl.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 002144104 _____ () D:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 007955304 _____ () D:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 000341352 _____ () D:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 000028008 _____ () D:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 01:38 - 2012-09-13 01:38 - 000127336 _____ () D:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-09-13 01:39 - 2012-09-13 01:39 - 000336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2017-08-09 03:34 - 2017-09-14 06:05 - 009622008 _____ () \\?\C:\Users\Andre\AppData\Roaming\discord\0.0.298\modules\discord_voice\discord_voice.node
2017-08-09 03:34 - 2017-08-09 03:34 - 001440248 _____ () \\?\C:\Users\Andre\AppData\Roaming\discord\0.0.298\modules\discord_utils\discord_utils.node
2017-09-17 13:29 - 2017-09-17 13:29 - 000148992 _____ () \\?\C:\Users\Andre\AppData\Local\Temp\E6D5.tmp.node
2017-08-09 03:34 - 2017-08-09 03:34 - 002658296 _____ () \\?\C:\Users\Andre\AppData\Roaming\discord\0.0.298\modules\discord_rpc\discord_rpc.node
2017-08-09 03:35 - 2017-08-09 03:35 - 002673656 _____ () \\?\C:\Users\Andre\AppData\Roaming\discord\0.0.298\modules\discord_contact_import\discord_contact_import.node
2017-05-31 11:41 - 2017-05-31 11:41 - 001982976 ____R () C:\Program Files (x86)\skype\phone\skypert.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Windows\Temp:$DATA [16]
AlternateDataStreams: C:\Users\Andre:Heroes & Generals [38]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-146311287-3911743294-2340431242-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Andre\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09182017124356790\Control Panel\Desktop\\Wallpaper -> C:\Users\Andre\AppData\Roaming\IrfanView\IrfanView_Wallpaper.bmp
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{C2FAC69C-40FC-4E56-93E2-4ECB1D8D999F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0B76BED3-8BAF-4B4A-91F8-D355859857EB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9E19944B-760C-48A2-8275-389B95A43D57}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AF6E4CEB-46FF-40E2-8F4A-E7305599F612}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{94DC5D9D-6C4C-4E79-BE41-7638F6906BA1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C2057AC8-2A64-4E1C-89D6-3CDDA7561A3A}] => (Allow) D:\SteamLibrary\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{BEFC7A58-862E-4060-801B-DB4F874B842B}] => (Allow) D:\SteamLibrary\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [TCP Query User{34AE263B-26B7-450F-96EB-80FF0CEA25A7}C:\program files (x86)\arcsoft\totalmedia theatre 6\totalmedia server\tm server.exe] => (Allow) C:\program files (x86)\arcsoft\totalmedia theatre 6\totalmedia server\tm server.exe
FirewallRules: [UDP Query User{3DE1FA43-E972-4FC1-AA01-377E77800CE4}C:\program files (x86)\arcsoft\totalmedia theatre 6\totalmedia server\tm server.exe] => (Allow) C:\program files (x86)\arcsoft\totalmedia theatre 6\totalmedia server\tm server.exe
FirewallRules: [{16EB805B-0BC6-4D21-A45A-FCB5D9483D1C}] => (Allow) D:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{A7FBE293-5D3F-4D11-99AF-1F23AE04EE48}] => (Allow) D:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E0EE4911-7A41-4CF0-B00A-1BAC6F4C90A7}] => (Allow) D:\SteamLibrary\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{6165FEC5-A0D8-465E-8CFC-C90A2A48F9C6}] => (Allow) D:\SteamLibrary\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [TCP Query User{725D5B2B-3B88-4421-B21F-8C9AD6DECAE8}D:\users\andre\documents\starcitizen\citizenclient\bin64\starcitizen.exe] => (Allow) D:\users\andre\documents\starcitizen\citizenclient\bin64\starcitizen.exe
FirewallRules: [UDP Query User{2371A017-41F8-47B1-BCED-F4E96F3F7C4C}D:\users\andre\documents\starcitizen\citizenclient\bin64\starcitizen.exe] => (Allow) D:\users\andre\documents\starcitizen\citizenclient\bin64\starcitizen.exe
FirewallRules: [{AB97D161-DDDC-4998-94F6-5C59217FDC81}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe
FirewallRules: [{AAE2E4EA-7C9E-4F11-9847-2295739CCB07}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe
FirewallRules: [{CB572621-A223-41B0-B60D-7CF4FFE9F2AA}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{8EE3F803-3C56-49F0-8BF3-C227A56F41A0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [TCP Query User{E5B89517-EBBF-4E84-BA47-550E9BF21D36}C:\users\andre\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\andre\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{CBBA3F09-0F37-46B0-AD9D-CBF091B695BB}C:\users\andre\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\andre\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{BEF0C3DC-3F5A-4CFF-897F-C3C4B18CAEE6}C:\users\andre\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\andre\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{E6D01DCC-6C93-408E-9E33-DFFE68E5B022}C:\users\andre\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\andre\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{96110CDB-4F15-483A-A8AA-F3492C0E5871}C:\users\andre\desktop\przoeaacstbebu27\project.zomboid.early.access.steam.beta.build.v29-raf\projectzomboid64.exe] => (Allow) C:\users\andre\desktop\przoeaacstbebu27\project.zomboid.early.access.steam.beta.build.v29-raf\projectzomboid64.exe
FirewallRules: [UDP Query User{B2AACA04-7619-4F2F-8125-1276A2531B28}C:\users\andre\desktop\przoeaacstbebu27\project.zomboid.early.access.steam.beta.build.v29-raf\projectzomboid64.exe] => (Allow) C:\users\andre\desktop\przoeaacstbebu27\project.zomboid.early.access.steam.beta.build.v29-raf\projectzomboid64.exe
FirewallRules: [TCP Query User{8DEB902C-52FA-446C-8EED-4542925406EF}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{A9B06A69-E59D-4DEC-8181-B2C41693314F}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{3AF0CAFF-8724-4D20-8A86-4282769F2186}] => (Allow) D:\SteamLibrary\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{D9F879F0-BE98-4B1B-9887-226E43374A6F}] => (Allow) D:\SteamLibrary\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [TCP Query User{3651962B-0645-4E7E-9011-29495147780D}F:\far cry 4\bin\farcry4.exe] => (Block) F:\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{7DDDDA87-A348-4848-9E1E-7BE5E459D963}F:\far cry 4\bin\farcry4.exe] => (Block) F:\far cry 4\bin\farcry4.exe
FirewallRules: [{21194D24-FCF1-4AFD-B967-20138FED04C1}] => (Allow) D:\SteamLibrary\SteamApps\common\KentuckyRouteZero\KentuckyRouteZero.exe
FirewallRules: [{72DD1A2A-AE4D-48F2-8630-5A8D2A250F3D}] => (Allow) D:\SteamLibrary\SteamApps\common\KentuckyRouteZero\KentuckyRouteZero.exe
FirewallRules: [{91E7DC56-0E45-4ED5-B48D-F8AFA89850BB}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{FECA188C-812D-4BDB-9E9F-ACC337BE2D62}] => (Allow) LPort=2869
FirewallRules: [{4638ED2E-0579-42FE-B371-69A7134CC7A1}] => (Allow) LPort=1900
FirewallRules: [{42368F2B-023F-499B-B74E-8534EB7BCD29}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{30563856-A6EB-4186-AE11-954E10C9A273}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{76E5C045-F125-4430-B350-3593E9DA9CD7}] => (Allow) D:\Battle.net\Battle.net.exe
FirewallRules: [{6CCB1678-A033-4ADE-8F1E-97A8213DC179}] => (Allow) D:\Battle.net\Battle.net.exe
FirewallRules: [{9EC48815-A646-4D70-B559-37742A9981DC}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{C7108AF7-21C5-4310-B77D-0901D7495788}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{3BC1A4E2-9B75-449D-A8D0-126A2A70CCBB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{978618C8-6C7E-494C-B5B3-CB9A0DD17FE8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6C09DA19-993A-4D7A-A60F-27B495178299}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{56DA53F8-872E-43B8-AA66-22A261E98E7C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D4A4E1DB-9225-4485-B1DB-B0EC10E4D5F5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{6362C7DC-6B56-4D18-8F7D-E43F9497D0AE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{4A179002-7F1C-4773-B9FE-2BA7FACA3676}] => (Allow) D:\Hearthstone\Hearthstone.exe
FirewallRules: [{14CF6587-3130-4374-9F2E-02A2929B612C}] => (Allow) D:\Hearthstone\Hearthstone.exe
FirewallRules: [{75F41A19-F0E8-4DAE-A955-24CEE0B30BD5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{51F17CDF-FCEB-4FC0-A893-9A875581C7FB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{4C449F94-9CC3-4D9A-85BF-403BCE68EAF1}] => (Allow) D:\SteamLibrary\SteamApps\common\TheCatLady\TheCatLady.exe
FirewallRules: [{EFB77C54-0138-4377-A629-5989E1D55771}] => (Allow) D:\SteamLibrary\SteamApps\common\TheCatLady\TheCatLady.exe
FirewallRules: [{8BA409E6-B78A-483E-814E-3263A5D9DF6A}] => (Allow) D:\SteamLibrary\SteamApps\common\Hotline Miami 2 Wrong Number Digital Comic\hlm2comics.exe
FirewallRules: [{1E914A06-BCEF-4DA4-B605-D1C320AFA797}] => (Allow) D:\SteamLibrary\SteamApps\common\Hotline Miami 2 Wrong Number Digital Comic\hlm2comics.exe
FirewallRules: [{6AAD9491-A2CE-4141-A305-573938FB5AD2}] => (Allow) D:\StarCraft II\StarCraft II.exe
FirewallRules: [{CAAA22D6-B84A-434D-8078-7C1AEAD0E39D}] => (Allow) D:\StarCraft II\StarCraft II.exe
FirewallRules: [TCP Query User{7C8D008C-FE61-4F33-B33F-5FCD738EECB5}D:\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{F19CEFD5-44DC-44BC-9AAD-716719BDEBA1}D:\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [TCP Query User{C984F5F6-C71D-4A89-A6DC-062AED429199}D:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{A801B756-814D-48BB-AE16-DFF19E4074E3}D:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{6479B97B-DC03-4EEE-B717-B4342A17E326}D:\steamlibrary\steamapps\common\war thunder\aces.exe] => (Allow) D:\steamlibrary\steamapps\common\war thunder\aces.exe
FirewallRules: [UDP Query User{1F5F1622-B813-4A31-9F50-53EF8F04A297}D:\steamlibrary\steamapps\common\war thunder\aces.exe] => (Allow) D:\steamlibrary\steamapps\common\war thunder\aces.exe
FirewallRules: [{8E90806F-0AF6-49B1-8E78-1AB9163C6B41}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{7CE23BAE-6482-48D4-9042-725B9A00B941}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{70A00908-A1BC-4193-8910-CB9D7EA415C5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{5A89FEC4-D232-4193-AF6B-B435A489F1EA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{6B365EAC-FD4E-446F-9E93-C224FCF44517}D:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) D:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{15F7A1F8-ADA2-4954-8D2A-1C2E5736C2BB}D:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) D:\steamlibrary\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [TCP Query User{10752EEC-0D84-4D67-B34B-3B6243C38837}F:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe] => (Allow) F:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [UDP Query User{32ED971F-AA35-4B77-8EDF-DFE28D7DE2DF}F:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe] => (Allow) F:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [{2B80EDBC-4180-4162-826C-87D559CD97C6}] => (Allow) D:\SteamLibrary\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{5AD9B50D-79FF-4F6D-93A0-4C9F355FA8DD}] => (Allow) D:\SteamLibrary\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{A58C75FD-857D-4F33-9AA1-C9E33211DB3E}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [TCP Query User{25AAA633-D28E-4E85-9C68-6444795DC988}D:\steamlibrary\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe
FirewallRules: [UDP Query User{7F5AA872-626B-465F-9C9C-96B1C8E1FC84}D:\steamlibrary\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe] => (Allow) D:\steamlibrary\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe
FirewallRules: [{9F40FF65-A072-4E1B-9BF0-F5AB3A987644}] => (Allow) D:\SteamLibrary\SteamApps\common\Luftrausers\bin\Luftrausers.exe
FirewallRules: [{65AC17C5-6E5E-405D-A644-B25E886BB183}] => (Allow) D:\SteamLibrary\SteamApps\common\Luftrausers\bin\Luftrausers.exe
FirewallRules: [TCP Query User{D01E2CC0-FDC7-4B00-88B3-5F0A2D965C43}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{1EB63D1F-B35C-4CF9-9413-A97AA8A19CB1}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{4A103B1D-61E6-4FEA-AF16-EF936ADE5BF9}] => (Allow) D:\Rainbow Six Siege - Closed Beta\RainbowSix.exe
FirewallRules: [{B7CE41DF-91CE-46FA-B001-12284BC583F9}] => (Allow) D:\Rainbow Six Siege - Closed Beta\RainbowSix.exe
FirewallRules: [{938C600D-CB4B-48F1-87B3-F890F28F4C5A}] => (Allow) D:\SteamLibrary\SteamApps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{C772A154-D985-4D6D-850E-7036D8CD9008}] => (Allow) D:\SteamLibrary\SteamApps\common\The Talos Principle\Bin\Talos.exe
FirewallRules: [{AE7FA736-A286-4822-A1B7-D728D7BF7B95}] => (Allow) D:\SteamLibrary\SteamApps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{66C02627-B77F-419A-B531-116440ADE725}] => (Allow) D:\SteamLibrary\SteamApps\common\The Talos Principle\Bin\Talos_Unrestricted.exe
FirewallRules: [{58CA2678-589E-42C7-86EB-80CF7AA3BD19}] => (Block) D:\Program Files (x86)\Jotun\Jotun.exe
FirewallRules: [{BD0EBF8E-E786-48B7-BEC0-608CF02224C0}] => (Allow) D:\SteamLibrary\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{0204B525-3889-4C4F-9742-21226A07A119}] => (Allow) D:\SteamLibrary\SteamApps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [TCP Query User{4401F80D-C72D-4A13-BF0B-DA30145C36DB}D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{BA1DCEA8-22DB-4626-8F78-93650649BD70}D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) D:\steamlibrary\steamapps\common\smite\binaries\win32\smite.exe
FirewallRules: [{4B290E05-A129-408C-94D6-9B2AF1A2031A}] => (Allow) D:\SteamLibrary\SteamApps\common\Bloodbath Kavkaz\nw.exe
FirewallRules: [{F3F59DF7-5669-45F3-A2A5-3042127AE3F4}] => (Allow) D:\SteamLibrary\SteamApps\common\Bloodbath Kavkaz\nw.exe
FirewallRules: [{B35B066E-248A-48DE-9423-823A78D25016}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{AF88C2E0-DF57-4177-992C-A042C35A75F6}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{F84512FD-535C-41EC-9185-5C376CBB286C}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{7CF7589E-A590-4E8F-AE67-0FAEB8A3FEB7}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{8C1E29F6-D81F-4FA8-9E94-9AE0806DCB60}] => (Allow) D:\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{82C6DD6C-47C7-4309-B5B5-33421D476477}] => (Allow) D:\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [TCP Query User{1CF227C4-27C6-43E7-8E09-0C200889003B}D:\steamlibrary\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\steamlibrary\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{57F6379C-6FA2-4AC2-A82F-4568A0ECE28B}D:\steamlibrary\steamapps\common\h1z1\h1z1.exe] => (Allow) D:\steamlibrary\steamapps\common\h1z1\h1z1.exe
FirewallRules: [TCP Query User{180A84F7-EB5D-41D9-8AA9-10D25700DA21}D:\steamlibrary\steamapps\common\thehunter\game\thehunter.exe] => (Allow) D:\steamlibrary\steamapps\common\thehunter\game\thehunter.exe
FirewallRules: [UDP Query User{38235B5B-957E-4B11-B4E2-5292E03165F0}D:\steamlibrary\steamapps\common\thehunter\game\thehunter.exe] => (Allow) D:\steamlibrary\steamapps\common\thehunter\game\thehunter.exe
FirewallRules: [{934688D1-3D32-4125-B0FE-B223F6A59AA1}] => (Allow) D:\SteamLibrary\SteamApps\common\How to Survive 2\Exe\HowToSurvive2.exe
FirewallRules: [{914092BA-7FD7-4129-AABA-EBA0849D0E5A}] => (Allow) D:\SteamLibrary\SteamApps\common\How to Survive 2\Exe\HowToSurvive2.exe
FirewallRules: [{2CE2BCBE-9376-45A5-A8F5-2584BD600F63}] => (Allow) D:\SteamLibrary\SteamApps\common\How to Survive 2\Exe\Detect.exe
FirewallRules: [{40CB3B41-298A-4861-8C94-486386B0C53F}] => (Allow) D:\SteamLibrary\SteamApps\common\How to Survive 2\Exe\Detect.exe
FirewallRules: [{7551BAFF-BA18-470C-AE77-75D82C9D7F82}] => (Allow) D:\SteamLibrary\SteamApps\common\theHunter\launcher\launcher.exe
FirewallRules: [{DFB2A976-221F-4EF0-8F3B-9EC57CBAA20D}] => (Allow) D:\SteamLibrary\SteamApps\common\theHunter\launcher\launcher.exe
FirewallRules: [TCP Query User{8CC73C3D-E5AF-4DEC-BFE0-71E4C017DCEA}D:\program files (x86)\firewatch\firewatch.exe] => (Block) D:\program files (x86)\firewatch\firewatch.exe
FirewallRules: [UDP Query User{65E73BAA-3B1A-4773-8494-9FC6FD457D12}D:\program files (x86)\firewatch\firewatch.exe] => (Block) D:\program files (x86)\firewatch\firewatch.exe
FirewallRules: [{A4A2F85A-D231-426F-B4A2-62CE1D1EC52E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{FFD537F4-36F1-455A-BFE3-2CE654363B0E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{9D849522-5371-42B7-A197-C2084586B5D3}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{45B5B145-83AE-4998-88BB-9F00516FBF7D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4CD88895-F298-40DF-9A40-8C5BD3D4AAC3}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{7887A2A1-7EAF-4B92-AF68-C534908B6067}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [TCP Query User{EB1A2B12-7DC5-40DC-91BE-ADA1DC773574}D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [UDP Query User{83AA159B-D7FC-449F-8114-3A5A843FA495}D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) D:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [TCP Query User{AAAE5867-1B50-4D8C-8EC7-454FE4DF4DE9}D:\steamlibrary\steamapps\common\hearts of iron 3\hoi3_tfh.exe] => (Allow) D:\steamlibrary\steamapps\common\hearts of iron 3\hoi3_tfh.exe
FirewallRules: [UDP Query User{41302F01-F510-4604-AAAC-892CB7AC850D}D:\steamlibrary\steamapps\common\hearts of iron 3\hoi3_tfh.exe] => (Allow) D:\steamlibrary\steamapps\common\hearts of iron 3\hoi3_tfh.exe
FirewallRules: [TCP Query User{AA08C483-A496-4AD6-9834-63B5DF7D8128}D:\steamlibrary\steamapps\common\the vanishing of ethan carter redux\ethancarter\binaries\win64\ethancarter-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\the vanishing of ethan carter redux\ethancarter\binaries\win64\ethancarter-win64-shipping.exe
FirewallRules: [UDP Query User{B9909487-5B79-4E3C-AD9B-FC3BCF96F870}D:\steamlibrary\steamapps\common\the vanishing of ethan carter redux\ethancarter\binaries\win64\ethancarter-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\the vanishing of ethan carter redux\ethancarter\binaries\win64\ethancarter-win64-shipping.exe
FirewallRules: [{73096A2D-4ECA-40DC-B89A-8041F08298E0}] => (Allow) D:\SteamLibrary\SteamApps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{5063C28A-FB06-4C24-A9F2-B330DD2826FE}] => (Allow) D:\SteamLibrary\SteamApps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{10AB8253-BCBC-4A9C-841C-1288157DE997}] => (Allow) D:\SteamLibrary\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{0C862E9B-B166-4981-8473-9499AB457214}] => (Allow) D:\SteamLibrary\SteamApps\common\ShadowOfMordor\x64\ShadowOfMordor.exe
FirewallRules: [{825C0E61-6A25-4584-80E3-8D9D5833AB8F}] => (Allow) D:\SteamLibrary\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{93DA54F9-100A-4811-902A-6B299DEBAECF}] => (Allow) D:\SteamLibrary\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{B0822B4A-6A4F-4E28-87C5-2BEDD3233D57}] => (Allow) D:\SteamLibrary\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{723407BB-E2BB-4951-9334-6A262E3500E6}] => (Allow) D:\SteamLibrary\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{FD6632AB-4FD7-4F7F-B6EC-2F2C0319498D}] => (Allow) D:\SteamLibrary\SteamApps\common\Dropsy\Dropsy.exe
FirewallRules: [{06D8186D-8E3D-4E1B-A09B-4EEC1B4478CB}] => (Allow) D:\SteamLibrary\SteamApps\common\Dropsy\Dropsy.exe
FirewallRules: [TCP Query User{9FA64384-9CEB-4E02-8293-5CFD47AB97CF}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{18791EE8-738B-4CEB-B57E-EB9841328956}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [{ACC7D05C-F1BE-4AA8-9CF9-E481918FD532}] => (Allow) D:\SteamLibrary\SteamApps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{D53D5250-37F5-42CD-AC15-1547729298D2}] => (Allow) D:\SteamLibrary\SteamApps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{9D5CDEC9-8E0C-4254-A64F-C3A7F75DDDDB}] => (Allow) D:\SteamLibrary\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{CB9FFF4D-5986-4F84-BEAF-90911DC6ABEE}] => (Allow) D:\SteamLibrary\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{5914227A-7D4A-4A3D-B063-6836864A18B6}] => (Allow) D:\SteamLibrary\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{52D68170-AAD3-4228-9C2E-79166E5E6EC0}] => (Allow) D:\SteamLibrary\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{7B1D5410-F690-4162-9FA9-1DFDFA2D05BB}] => (Allow) D:\SteamLibrary\SteamApps\common\Limbo\limbo.exe
FirewallRules: [{CA985A5F-E419-46B4-B6F4-9FD205495D27}] => (Allow) D:\SteamLibrary\SteamApps\common\Limbo\limbo.exe
FirewallRules: [{26CC1832-B374-4FEC-BCF2-F00EE235EB55}] => (Allow) D:\SteamLibrary\SteamApps\common\Psychonauts\Psychonauts.exe
FirewallRules: [{BD3A5BF7-8AE7-47F8-8367-4EB0EEC23A4A}] => (Allow) D:\SteamLibrary\SteamApps\common\Psychonauts\Psychonauts.exe
FirewallRules: [{1CB5E6DA-8303-4A12-BF2A-D6183D74E3DD}] => (Allow) D:\SteamLibrary\SteamApps\common\Hacknet\Hacknet.exe
FirewallRules: [{B224888A-15C7-4CAD-8B15-EA0BA0E91D82}] => (Allow) D:\SteamLibrary\SteamApps\common\Hacknet\Hacknet.exe
FirewallRules: [{87352C7F-5E34-481C-9328-F5BAF67C3FA6}] => (Allow) D:\SteamLibrary\SteamApps\common\Transistor\x64\Transistor.exe
FirewallRules: [{BF16C83D-87F4-4E06-9AF1-655E17EB1E27}] => (Allow) D:\SteamLibrary\SteamApps\common\Transistor\x64\Transistor.exe
FirewallRules: [{2F88E092-A4CE-4BD0-9EF0-036355FA95E7}] => (Allow) D:\SteamLibrary\SteamApps\common\Shadow Warrior\dx11\launcher.exe
FirewallRules: [{A9009DF7-2808-4518-93B8-736C80F69C9F}] => (Allow) D:\SteamLibrary\SteamApps\common\Shadow Warrior\dx11\launcher.exe
FirewallRules: [{0D26C32B-C1E9-4504-9D93-A3BE447DFD2E}] => (Allow) D:\Games\Rayman Origins\gu.exe
FirewallRules: [{EDC7CE51-F718-4190-A45B-4D18DE987B58}] => (Allow) D:\Games\Rayman Origins\gu.exe
FirewallRules: [{5A4505CE-2E51-498A-BF53-40ED19CC9F0D}] => (Allow) D:\Games\Rayman Origins\Rayman Origins.exe
FirewallRules: [{F455FBBB-52A4-4B07-B36E-FE7BE7410600}] => (Allow) D:\Games\Rayman Origins\Rayman Origins.exe
FirewallRules: [{1901167E-4196-4819-8D2D-C1D659E31A01}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{4CE3A17C-127F-4FB4-8290-547A6149081D}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{9F98F01F-90DE-40DC-8C0C-7C03BA6B2A6E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5B81AA0D-C902-424D-ADBF-3608A036E3EF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{751E1B5C-E143-429D-8D0D-FF26E3022025}D:\steamlibrary\steamapps\common\killerisdead\binaries\win32\kidgame.exe] => (Allow) D:\steamlibrary\steamapps\common\killerisdead\binaries\win32\kidgame.exe
FirewallRules: [UDP Query User{90B74C2A-E390-4161-BB34-EEDA8AB5A721}D:\steamlibrary\steamapps\common\killerisdead\binaries\win32\kidgame.exe] => (Allow) D:\steamlibrary\steamapps\common\killerisdead\binaries\win32\kidgame.exe
FirewallRules: [{0C9EB28D-DD89-4772-8963-11017F9CC5B7}] => (Allow) D:\SteamLibrary\SteamApps\common\Commandos Behind Enemy Lines\Legacy\Comandos.exe
FirewallRules: [{A8C2A354-4BC9-4102-895F-1B4E1E9B9BD7}] => (Allow) D:\SteamLibrary\SteamApps\common\Commandos Behind Enemy Lines\Legacy\Comandos.exe
FirewallRules: [{8F8C5235-67C9-41B2-9723-E1A23B2564F6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Oxenfree\Oxenfree.exe
FirewallRules: [{960C036C-3E26-465F-8071-C5A94C9A8438}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Oxenfree\Oxenfree.exe
FirewallRules: [{307F21CA-79CA-4B38-B482-6CADD139E679}] => (Allow) C:\Program Files (x86)\FlyVPN\FlyVPN.exe
FirewallRules: [{3556F4DE-D930-4535-B498-45DE49D5CF86}] => (Allow) D:\SteamLibrary\SteamApps\common\Stellaris\stellaris.exe
FirewallRules: [{FA4EE65D-D337-4CFD-A068-39B4F9EAE3CF}] => (Allow) D:\SteamLibrary\SteamApps\common\Stellaris\stellaris.exe
FirewallRules: [TCP Query User{1C79F4B3-1FE4-4CCD-8468-1FED4B1291C3}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe
FirewallRules: [UDP Query User{3B267D48-F71D-4B67-A300-C0021364D30D}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe
FirewallRules: [{91293530-A823-4672-826E-63EF3082181D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{8180F50F-1071-4595-A904-E38C5FEFC8B7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{71B181F5-E1D9-42EB-8A80-27910291979E}] => (Allow) D:\SteamLibrary\SteamApps\common\Undertale\UNDERTALE.exe
FirewallRules: [{087F2906-2724-4D77-98E2-0C976A68D994}] => (Allow) D:\SteamLibrary\SteamApps\common\Undertale\UNDERTALE.exe
FirewallRules: [{278905C8-27C3-4140-B5B6-3BDA97E4D615}] => (Allow) D:\SteamLibrary\SteamApps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{FAEF7861-4F41-4D7A-B2C2-5FB50A131FAD}] => (Allow) D:\SteamLibrary\SteamApps\common\tbs\win32\The Banner Saga.exe
FirewallRules: [{E8803789-3176-4C9A-ACC5-B2EAE66DDF4C}] => (Allow) D:\SteamLibrary\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{F64A876C-30EE-4514-A23C-40CD7A86750E}] => (Allow) D:\SteamLibrary\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{F57A6CD7-DEF4-46B1-9A69-D1A391F8905C}] => (Allow) D:\SteamLibrary\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{EE190FA2-9ED4-4501-BC50-4F8416050FDD}] => (Allow) D:\SteamLibrary\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{A9CCCC88-C63B-4C4F-B173-7EC34876D2DE}] => (Allow) D:\SteamLibrary\SteamApps\common\Silence of the Sleep\sots.exe
FirewallRules: [{6194AC7B-5423-454A-8782-E3748BE5ABAF}] => (Allow) D:\SteamLibrary\SteamApps\common\Silence of the Sleep\sots.exe
FirewallRules: [TCP Query User{C417D2F5-D9E0-4A62-85D8-333C05FE99B7}D:\steamlibrary\steamapps\common\squad\squad\binaries\win64\squad.exe] => (Allow) D:\steamlibrary\steamapps\common\squad\squad\binaries\win64\squad.exe
FirewallRules: [UDP Query User{E2B66D78-1886-4389-92D6-7848400F458E}D:\steamlibrary\steamapps\common\squad\squad\binaries\win64\squad.exe] => (Allow) D:\steamlibrary\steamapps\common\squad\squad\binaries\win64\squad.exe
FirewallRules: [{FA96B100-5007-4D27-8559-2C20DDCE4B36}] => (Allow) D:\SteamLibrary\SteamApps\common\VA-11 HALL-A\VA-11 Hall A.exe
FirewallRules: [{6909A5B8-89EA-4AED-9B39-762AB5AE107A}] => (Allow) D:\SteamLibrary\SteamApps\common\VA-11 HALL-A\VA-11 Hall A.exe
FirewallRules: [{791C38F5-856C-4A8C-8567-4A1AE086CAC6}] => (Allow) D:\SteamLibrary\SteamApps\common\DEADBOLT\deadbolt_game.exe
FirewallRules: [{E46D7A1F-1D90-47F1-9534-7BCE1074DEE8}] => (Allow) D:\SteamLibrary\SteamApps\common\DEADBOLT\deadbolt_game.exe
FirewallRules: [{45B633CD-1AFE-49FB-A0E7-7A6CF2029556}] => (Allow) D:\SteamLibrary\SteamApps\common\Starbound\win64\starbound.exe
FirewallRules: [{243C6683-DB7F-4EFF-A19C-CCC9218E417E}] => (Allow) D:\SteamLibrary\SteamApps\common\Starbound\win64\starbound.exe
FirewallRules: [{7299C000-8713-4298-9EAC-EF4C3E794066}] => (Allow) D:\SteamLibrary\SteamApps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{62AD6B34-C774-4178-B691-F4CA16E8F5D4}] => (Allow) D:\SteamLibrary\SteamApps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{A97485F1-A9BA-4F33-AB93-160BA3E8D803}] => (Allow) D:\SteamLibrary\SteamApps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{EFAEA61A-DC82-45C3-901D-847D7D2EEE84}] => (Allow) D:\SteamLibrary\SteamApps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{2798D427-C876-4A79-90F0-8C30D1CA1A61}] => (Allow) D:\SteamLibrary\SteamApps\common\Starbound\win32\starbound.exe
FirewallRules: [{13DA06C1-8C59-446B-963D-73677F6614BC}] => (Allow) D:\SteamLibrary\SteamApps\common\Starbound\win32\starbound.exe
FirewallRules: [{2D44DDD5-442F-4216-8B22-99CE34A6A389}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe
FirewallRules: [{4EC6E39A-60BC-431E-9190-00B5FF4FAD26}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe
FirewallRules: [{22E496BB-1D68-476B-8DCF-25AAD871CBD3}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DBDownloader.exe
FirewallRules: [{7CAFC905-9292-4259-90B9-8F3EF446C68E}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DBDownloader.exe
FirewallRules: [{4276D919-E52F-4CA4-B189-3FC44426AC8C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\AutoUpdate.exe
FirewallRules: [{72C66339-714D-4FA8-9A58-8E0B7E3D5480}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\AutoUpdate.exe
FirewallRules: [{2942F653-66C4-43AE-B15C-0DADCAE58A56}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{EF66CE43-17E7-46FC-A01C-E04D6C3B6CE5}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{50BC9B87-A4B2-42DA-9368-32481583C9BB}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{9C7C03DD-D047-41F9-B04A-061D2F770B56}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{37F49F6A-5CAD-44F5-9AF7-45E811576717}] => (Allow) D:\OriginSpiele\Battlefield 1\bf1Trial.exe
FirewallRules: [{78BB7A67-475A-4E2C-9981-B339203E9049}] => (Allow) D:\OriginSpiele\Battlefield 1\bf1Trial.exe
FirewallRules: [{21F31D07-1240-4624-BB50-E80D56543D57}] => (Allow) D:\OriginSpiele\Battlefield 1\bf1.exe
FirewallRules: [{C5C61358-F155-4523-87AC-D4512BCA3B73}] => (Allow) D:\OriginSpiele\Battlefield 1\bf1.exe
FirewallRules: [{9CA0FF72-0E91-46EF-BFE6-2C3010BD5B6E}] => (Allow) D:\OriginSpiele\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{831D44F9-A475-48EB-815C-E42778C6B684}] => (Allow) D:\OriginSpiele\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [TCP Query User{A2B39FF8-CF8E-49BD-97B5-D9AE83FEE6BA}D:\originspiele\mass effect 2\binaries\me2game.exe] => (Allow) D:\originspiele\mass effect 2\binaries\me2game.exe
FirewallRules: [UDP Query User{3181E566-00AA-4F6E-9539-5550FD0B3C6F}D:\originspiele\mass effect 2\binaries\me2game.exe] => (Allow) D:\originspiele\mass effect 2\binaries\me2game.exe
FirewallRules: [{E77E10D0-9E2B-4F19-B99E-D5A561E53363}] => (Allow) D:\SteamLibrary\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{8CDED4C9-8F44-4CE9-948D-F1BC2BA1A499}] => (Allow) D:\SteamLibrary\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{C08C6A8B-3F59-4BA2-8B9D-26506722E8CF}] => (Allow) D:\SteamLibrary\SteamApps\common\Men of War Assault Squad 2\mowas_2.exe
FirewallRules: [{B6A4E769-8E69-4A7C-BD78-984632BF5C24}] => (Allow) D:\SteamLibrary\SteamApps\common\Men of War Assault Squad 2\mowas_2.exe
FirewallRules: [{7433F307-F861-4F75-9524-C44D3F411252}] => (Allow) D:\SteamLibrary\SteamApps\common\Men of War Assault Squad 2\mowas_2_ed.exe
FirewallRules: [{C316829C-1610-48E8-BE9E-498F18B8CEAE}] => (Allow) D:\SteamLibrary\SteamApps\common\Men of War Assault Squad 2\mowas_2_ed.exe
FirewallRules: [{78AA8B2C-04A9-433F-AFBF-BE4C1E3461F1}] => (Allow) D:\SteamLibrary\SteamApps\common\Dear Esther\dearesther.exe
FirewallRules: [{70654E9C-D1FB-4131-8802-46CB15B38324}] => (Allow) D:\SteamLibrary\SteamApps\common\Dear Esther\dearesther.exe
FirewallRules: [TCP Query User{ABF5B990-E6B0-4BBE-BBCA-7ADCB49D41F7}D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\launcher.exe] => (Allow) D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\launcher.exe
FirewallRules: [UDP Query User{D23E8369-5B32-4891-A493-2F9FBAC2276A}D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\launcher.exe] => (Allow) D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\launcher.exe
FirewallRules: [TCP Query User{8F9542E3-4424-4DAD-BE55-89E7DCAF2120}D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\il-2.exe] => (Allow) D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\il-2.exe
FirewallRules: [UDP Query User{A6C55AE4-7252-4F50-8EE5-D41D5C5EB259}D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\il-2.exe] => (Allow) D:\program files (x86)\1c game studios\il-2 sturmovik battle of stalingrad\bin\game\il-2.exe
FirewallRules: [{E6789A0A-A36F-4B83-B68F-28CD487FC1DE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5493D350-DA78-47BF-ACE8-BFCABAA99A3C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D79F1DAD-F92E-494C-B19D-F20D246B0844}] => (Allow) H:\tether\win32\node.exe
FirewallRules: [{EB83BD11-723D-44F3-A14F-BCEF89188227}] => (Allow) H:\tether\win32\node.exe
FirewallRules: [{F1B5FF84-3C17-4B5C-93CD-5126477CDAAF}] => (Allow) H:\GTAV\GTA5.exe
FirewallRules: [{B707F6A3-172E-4655-A4C9-BF5F18434D31}] => (Allow) H:\GTAV\GTA5.exe
FirewallRules: [TCP Query User{C695F77D-62AB-450A-A6B1-96D9F1568DD7}D:\steamlibrary\steamapps\common\arma 3\arma3_x64.exe] => (Allow) D:\steamlibrary\steamapps\common\arma 3\arma3_x64.exe
FirewallRules: [UDP Query User{3E79334F-56BA-4B54-AE26-7D36E9DD31AB}D:\steamlibrary\steamapps\common\arma 3\arma3_x64.exe] => (Allow) D:\steamlibrary\steamapps\common\arma 3\arma3_x64.exe
FirewallRules: [{234842A4-3D8E-4AF0-B047-A2C0068962D1}] => (Allow) H:\Steam\steamapps\common\Steel Division\SteelDivision.exe
FirewallRules: [{2C4C4D12-AFAD-4082-A07A-B56935C1C419}] => (Allow) H:\Steam\steamapps\common\Steel Division\SteelDivision.exe
FirewallRules: [{29D71D6F-F861-438C-9F3E-AC71627DE80E}] => (Allow) H:\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{608EA6E9-E480-4B61-9137-990A900E0151}] => (Allow) H:\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{8748D21A-868D-4D72-A90D-64E89DCD1476}] => (Allow) H:\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{31BD2A9F-8036-4026-BF67-43F78E98BCD7}] => (Allow) H:\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [TCP Query User{1C521185-0A9D-41BD-9057-84139ED0D8E1}H:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) H:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{BC1FEB08-ACFC-41B5-B154-D92E5458D7B7}H:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) H:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{D4F5E943-CEF1-471A-A19A-1AE9E6B29910}] => (Allow) H:\Steam\steamapps\common\NO THING\no_thing.exe
FirewallRules: [{B59D1587-E45D-45B4-8CC9-4E401EB96A10}] => (Allow) H:\Steam\steamapps\common\NO THING\no_thing.exe
FirewallRules: [{F2D1BED8-1670-4147-A9AA-9C6FE42D9CB6}] => (Allow) H:\Steam\steamapps\common\The Swapper\TheSwapper.exe
FirewallRules: [{E60CCDD6-BF4D-4E80-B408-4A018186A0E9}] => (Allow) H:\Steam\steamapps\common\The Swapper\TheSwapper.exe
FirewallRules: [{E0A2E103-3A59-4154-91FB-EB19952FB50C}] => (Allow) H:\Steam\steamapps\common\Zup! 3\Zup! 3.exe
FirewallRules: [{0256113E-4A5A-4078-8C9E-05506350CCC6}] => (Allow) H:\Steam\steamapps\common\Zup! 3\Zup! 3.exe
FirewallRules: [{EA302952-0AF7-42FC-A645-AA4B2BECA4A4}] => (Allow) H:\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{A9F1DC4D-B3CD-477E-8A04-4119721EA15F}] => (Allow) H:\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{ACEFDB44-BB7D-43FA-8D3D-E5F46AE49282}] => (Allow) H:\Steam\steamapps\common\Axiom Verge\AxiomVerge.exe
FirewallRules: [{E0F21174-917E-4130-AC86-CB9F52C19B93}] => (Allow) H:\Steam\steamapps\common\Axiom Verge\AxiomVerge.exe
FirewallRules: [{3F66DB11-50DC-4CE8-BC7C-11ACC552857F}] => (Allow) H:\Steam\steamapps\common\To the Moon\To the Moon\To the Moon.exe
FirewallRules: [{015F9A22-4424-4421-A9BF-A6F5C8C72BB4}] => (Allow) H:\Steam\steamapps\common\To the Moon\To the Moon\To the Moon.exe
FirewallRules: [{60155F17-FFD3-4FDE-AA7B-A628E70CDF3C}] => (Allow) H:\Steam\steamapps\common\To the Moon\Minisode_1\Sigmund Holiday Special 1\Siggy - Holiday Special.exe
FirewallRules: [{7079F4B3-7CA7-49B3-BF3E-865D9C6059EE}] => (Allow) H:\Steam\steamapps\common\To the Moon\Minisode_1\Sigmund Holiday Special 1\Siggy - Holiday Special.exe
FirewallRules: [{83164A87-72A8-4A0F-A77C-D5749064F15D}] => (Allow) H:\Steam\steamapps\common\To the Moon\Minisode_2\Sigmund Holiday Special 2\SigCorp Minisode 2.exe
FirewallRules: [{360C1853-25B1-4ABC-B1D1-88EBD1355DF3}] => (Allow) H:\Steam\steamapps\common\To the Moon\Minisode_2\Sigmund Holiday Special 2\SigCorp Minisode 2.exe
FirewallRules: [{0E555580-47B3-48F4-855C-F9495847153A}] => (Allow) H:\Steam\steamapps\common\The Stanley Parable\stanley.exe
FirewallRules: [{B5CFB90D-34AC-4564-9757-8F92E80B9E85}] => (Allow) H:\Steam\steamapps\common\The Stanley Parable\stanley.exe
FirewallRules: [{7BD979D4-EA12-434C-8958-E40EF46D0921}] => (Allow) H:\Steam\steamapps\common\Hellblade\HellbladeGame.exe
FirewallRules: [{8D8BEFD0-C035-4428-ABAE-B9C7EA526294}] => (Allow) H:\Steam\steamapps\common\Hellblade\HellbladeGame.exe
FirewallRules: [TCP Query User{989AECB0-300E-4914-A5A7-B57769B424AD}H:\steam\steamapps\common\hellblade\hellbladegame\binaries\win64\hellbladegame-win64-shipping.exe] => (Allow) H:\steam\steamapps\common\hellblade\hellbladegame\binaries\win64\hellbladegame-win64-shipping.exe
FirewallRules: [UDP Query User{ED538195-C0DC-4D74-BF09-2A4AAB6F4243}H:\steam\steamapps\common\hellblade\hellbladegame\binaries\win64\hellbladegame-win64-shipping.exe] => (Allow) H:\steam\steamapps\common\hellblade\hellbladegame\binaries\win64\hellbladegame-win64-shipping.exe
FirewallRules: [{01526803-2AF0-483A-B0F6-CF984B632628}] => (Allow) H:\Steam\steamapps\common\Squad\squad_launcher.exe
FirewallRules: [{D169830F-0506-4955-B543-648717040D12}] => (Allow) H:\Steam\steamapps\common\Squad\squad_launcher.exe
FirewallRules: [TCP Query User{99115819-BDD9-4D54-A9EA-371D27479702}H:\steam\steamapps\common\squad\squad\binaries\win64\squad.exe] => (Allow) H:\steam\steamapps\common\squad\squad\binaries\win64\squad.exe
FirewallRules: [UDP Query User{44C2E0C1-987B-4456-BCCB-A7E1C38B8E12}H:\steam\steamapps\common\squad\squad\binaries\win64\squad.exe] => (Allow) H:\steam\steamapps\common\squad\squad\binaries\win64\squad.exe
FirewallRules: [{018A806C-C04C-46B6-94E3-37DB6C360B7D}] => (Allow) D:\SteamLibrary\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{1FFD48BF-137B-4FF2-973A-EA7F23F50077}] => (Allow) D:\SteamLibrary\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{5360C832-B2B3-4249-BAAA-7D76E3EEE8D3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8065A110-DE18-474D-886B-22912871C3C0}] => (Allow) H:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{5BF3E37D-77BC-4401-B65C-7C2CBA70B1CC}] => (Allow) H:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{2CC49BCA-F64F-488B-9F28-32F861D88E37}] => (Allow) H:\Steam\steamapps\common\HyperLightDrifter\HyperLightDrifter.exe
FirewallRules: [{B037865A-F8EE-44E8-BA79-B5114399566B}] => (Allow) H:\Steam\steamapps\common\HyperLightDrifter\HyperLightDrifter.exe
FirewallRules: [{97F3B2F4-DC55-4392-88BF-3400B0EF8285}] => (Allow) H:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{747B6E09-CEB1-4360-826D-566F515EFC67}] => (Allow) H:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{549BF1B5-7869-40D2-8DD6-5CFE42F325C9}] => (Allow) H:\Steam\steamapps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [{830390BA-0228-48E0-8A62-818B4C46D29B}] => (Allow) H:\Steam\steamapps\common\hotline_miami\HotlineMiami.exe
FirewallRules: [TCP Query User{0E2AE35A-1040-4721-907E-8500DD92A478}D:\program files (x86)\wolfenstein the new order\wolfneworder_x32.exe] => (Allow) D:\program files (x86)\wolfenstein the new order\wolfneworder_x32.exe
FirewallRules: [UDP Query User{56BD1C61-69E6-4EBE-8A66-E7AE08558F4F}D:\program files (x86)\wolfenstein the new order\wolfneworder_x32.exe] => (Allow) D:\program files (x86)\wolfenstein the new order\wolfneworder_x32.exe

==================== Wiederherstellungspunkte =========================

17-09-2017 12:20:23 Wiederherstellungsvorgang

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: DroidCam Source 3
Description: DroidCam Source 3
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Dev47Apps.com
Service: DroidCamVideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: DroidCam Virtual Audio
Description: DroidCam Virtual Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Dev47Apps.com
Service: DroidCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Hamachi Network Interface
Description: Hamachi Network Interface
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: TAP-Win32 Adapter V9 for OpenVPN Accelerator
Description: TAP-Win32 Adapter V9 for OpenVPN Accelerator
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Win32 Provider V9 for OpenVPN Accelerator
Service: tap0901_openvpn_accl
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/18/2017 12:43:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbamtray.exe, Version: 3.0.0.1169, Zeitstempel: 0x5997224a
Name des fehlerhaften Moduls: Qt5Core.dll, Version: 5.6.2.0, Zeitstempel: 0x59a63e00
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001aa3b6
ID des fehlerhaften Prozesses: 0x202c
Startzeit der fehlerhaften Anwendung: 0x01d3306ae78e98e2
Pfad der fehlerhaften Anwendung: D:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Pfad des fehlerhaften Moduls: D:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Berichtskennung: 26f12734-9c5e-11e7-b840-74d435b4f298

Error: (09/18/2017 12:43:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 3.0.0.1169, Zeitstempel: 0x599723f1
Name des fehlerhaften Moduls: Qt5Core.dll, Version: 5.6.2.0, Zeitstempel: 0x59a63e00
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001aa3b6
ID des fehlerhaften Prozesses: 0x16f4
Startzeit der fehlerhaften Anwendung: 0x01d3306ae0c4ac9f
Pfad der fehlerhaften Anwendung: D:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Pfad des fehlerhaften Moduls: D:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Berichtskennung: 26eba8e0-9c5e-11e7-b840-74d435b4f298

Error: (09/18/2017 12:43:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbamservice.exe, Version: 3.1.0.556, Zeitstempel: 0x5988c3f1
Name des fehlerhaften Moduls: mbamservice.exe, Version: 3.1.0.556, Zeitstempel: 0x5988c3f1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000001b6596
ID des fehlerhaften Prozesses: 0xb3c
Startzeit der fehlerhaften Anwendung: 0x01d3306ae1406e1f
Pfad der fehlerhaften Anwendung: D:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Pfad des fehlerhaften Moduls: D:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Berichtskennung: 23c2e5c8-9c5e-11e7-b840-74d435b4f298

Error: (09/18/2017 03:48:19 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\Adobe\adobe creative cloud\Utils\Creative Cloud Uninstaller.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (09/17/2017 06:08:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 3.0.0.1169, Zeitstempel: 0x599723f1
Name des fehlerhaften Moduls: Qt5Core.dll, Version: 5.6.2.0, Zeitstempel: 0x59a63e00
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001aa3b6
ID des fehlerhaften Prozesses: 0x1d78
Startzeit der fehlerhaften Anwendung: 0x01d32fcf2e04364b
Pfad der fehlerhaften Anwendung: D:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Pfad des fehlerhaften Moduls: D:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Berichtskennung: 7ca8efaf-9bc2-11e7-b840-74d435b4f298

Error: (09/17/2017 06:08:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbamservice.exe, Version: 3.1.0.556, Zeitstempel: 0x5988c3f1
Name des fehlerhaften Moduls: mbamservice.exe, Version: 3.1.0.556, Zeitstempel: 0x5988c3f1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000001b6596
ID des fehlerhaften Prozesses: 0x13d8
Startzeit der fehlerhaften Anwendung: 0x01d32fcf2e40a3ed
Pfad der fehlerhaften Anwendung: D:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Pfad des fehlerhaften Moduls: D:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Berichtskennung: 6e1e306d-9bc2-11e7-b840-74d435b4f298

Error: (09/17/2017 01:27:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (09/17/2017 12:05:52 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
   bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
   bei System.ComponentModel.Composition.Primitives.Export.get_Value()
   bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
   bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValueCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String, System.ComponentModel.Composition.Primitives.ImportCardinality)
   bei Avira.OE.ServiceHost.ServiceHost.Initialize()
   bei Avira.OE.ServiceHost.Program+<>c__DisplayClass7_0.<OnServiceStart>b__0(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (09/17/2017 12:05:39 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
   bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
   bei System.ComponentModel.Composition.Primitives.Export.get_Value()
   bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
   bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValueCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String, System.ComponentModel.Composition.Primitives.ImportCardinality)
   bei Avira.OE.ServiceHost.ServiceHost.Initialize()
   bei Avira.OE.ServiceHost.Program+<>c__DisplayClass7_0.<OnServiceStart>b__0(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (09/17/2017 05:07:20 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\Adobe\adobe creative cloud\Utils\Creative Cloud Uninstaller.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.


Systemfehler:
=============
Error: (09/18/2017 12:43:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Malwarebytes Service" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/17/2017 06:08:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Malwarebytes Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/17/2017 01:28:18 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
ArcCtrl

Error: (09/17/2017 01:27:33 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.

Error: (09/17/2017 01:26:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Razer Game Scanner" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (09/17/2017 01:26:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Razer Game Scanner erreicht.

Error: (09/17/2017 01:26:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (09/17/2017 01:26:21 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (09/17/2017 01:26:06 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (09/17/2017 01:26:04 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.


CodeIntegrity:
===================================
  Date: 2016-01-15 16:55:46.971
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\Andre\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-01-15 16:55:46.927
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\Andre\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-01-15 16:55:46.213
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-01-15 16:55:46.167
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: AMD FX(tm)-8350 Eight-Core Processor 
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 8173.53 MB
Verfügbarer physikalischer RAM: 4112.78 MB
Summe virtueller Speicher: 16345.24 MB
Verfügbarer virtueller Speicher: 11292.06 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:160 GB) (Free:17.82 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Data) (Fixed) (Total:771.51 GB) (Free:452.09 GB) NTFS
Drive f: (WTNewOrder) (CDROM) (Total:41.78 GB) (Free:0 GB) UDF
Drive h: (Volume) (Fixed) (Total:931.51 GB) (Free:513.34 GB) NTFS
Drive j: (EXTERN) (Fixed) (Total:931.51 GB) (Free:466.35 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: CE4B2957)
Partition 1: (Active) - (Size=160 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=771.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 738A5F22)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 000D8F54)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 18.09.2017, 20:15   #10
burningice
/// Malwareteam
 
Driver Booster unmöglich zu deinstallieren - Standard

Driver Booster unmöglich zu deinstallieren



Schritt: 1
Lade SystemLook von jpshortstuff von einem der folgenden Spiegel herunter und speichere das Tool auf dem Desktop.
SystemLook (64 bit)
  • Doppelklicke auf die SystemLook_x64.exe, um das Tool zu starten.
  • Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:
    Code:
    ATTFilter
    :folderfind 
    *driver booster*
    :filefind
    *driver booster*
    :regfind 
    *driver booster*
             
  • Klicke nun auf den Button Look, um den Scan zu starten.
  • Der Suchlauf kann einige Zeit dauern.
  • Wenn der Suchlauf beendet ist, wird sich Dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
  • Die Ergebnisse werden auf dem Desktop als SystemLook.txt gespeichert.

Schritt: 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Hinweis: Dieser Scan kann schon einmal mehrere Stunden dauern...
__________________
Mfg,
Rafael

~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~

Unterstütze uns mit einer Spende
......... Lob, Kritik oder Wünsche .........
.......... Folge uns auf Facebook ..........

Alt 20.09.2017, 01:56   #11
SLGHTRRR
 
Driver Booster unmöglich zu deinstallieren - Standard

Driver Booster unmöglich zu deinstallieren



Code:
ATTFilter
SystemLook 30.07.11 by jpshortstuff
Log created at 21:22 on 18/09/2017 by Andre
Administrator - Elevation successful

========== folderfind ==========

Searching for "*driver booster*"
C:\Program Files (x86)\IObit\Driver Booster	d------	[21:19 23/01/2017]
C:\ProgramData\IObit\Driver Booster	d------	[21:19 23/01/2017]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4	d------	[21:19 23/01/2017]
C:\Users\All Users\IObit\Driver Booster	d------	[21:19 23/01/2017]
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Driver Booster 4	d------	[21:19 23/01/2017]
C:\Users\Andre\AppData\Roaming\IObit\Driver Booster	d------	[21:18 23/01/2017]

========== filefind ==========

Searching for "*driver booster*"
C:\Program Files (x86)\IObit\Driver Booster\4.2.0\Driver Booster 4.lnk	--a---- 1274 bytes	[21:19 23/01/2017]	[21:19 23/01/2017] BDAD42ED9E7DA5F24A4F45DD3D6675CF
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4\Driver Booster 4.lnk	--a---- 1400 bytes	[21:19 23/01/2017]	[21:19 23/01/2017] 55D742BFD2A2C501789C9EDAE4EFBE77
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Driver Booster 4\Driver Booster 4.lnk	--a---- 1400 bytes	[21:19 23/01/2017]	[21:19 23/01/2017] 55D742BFD2A2C501789C9EDAE4EFBE77
C:\Users\Public\Desktop\Driver Booster 4.lnk	--a---- 2306 bytes	[21:19 23/01/2017]	[23:27 23/01/2017] 04FFE308E3E80D2F4347FC1E3B19C25A
C:\Windows\System32\Tasks\Driver Booster SkipUAC (Andre)	--a---- 2886 bytes	[21:19 23/01/2017]	[20:49 16/09/2017] 5E6FDC3BB2DB091F47C781DF53A8497E

========== regfind ==========

Searching for "*driver booster*"
No data found.

-= EOF =-
         
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=061f3df3bfe6ca4fb5d8ecec658476fc
# end=init
# utc_time=2017-09-18 07:28:50
# local_time=2017-09-18 09:28:50 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=41221
Update Finalize
Updated modules version: 0
Old modules - leave modules
Update Init
Update Download
Update Init
Update Download
Update Finalize
Updated modules version: 34781
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=061f3df3bfe6ca4fb5d8ecec658476fc
# end=updated
# utc_time=2017-09-18 07:40:54
# local_time=2017-09-18 09:40:54 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=061f3df3bfe6ca4fb5d8ecec658476fc
# engine=34781
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-09-18 10:57:24
# local_time=2017-09-19 12:57:24 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Antivirus'
# compatibility_mode=1815 16777213 100 97 13548 57835396 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 93674629 257405294 0 0
# scanned=596529
# found=2
# cleaned=0
# scan_time=11789
sh=44D503086FA259F9020590C385D291AF1544A5F5 ft=1 fh=984b85e9a3ae25e9 vn="Win32/FusionCore.L eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Andre\AppData\Roaming\PowerISO\Upgrade\PowerISO6-x64.exe"
sh=46EF1DAF04CA4A8A5D8BE7E962870451D46C0295 ft=1 fh=89e7fc79b2dabb4d vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung" ac=I fn="D:\Driver Booster Free - CHIP-Installer.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=061f3df3bfe6ca4fb5d8ecec658476fc
# end=init
# utc_time=2017-09-19 11:31:31
# local_time=2017-09-19 01:31:31 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 34787
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=061f3df3bfe6ca4fb5d8ecec658476fc
# end=updated
# utc_time=2017-09-19 11:32:16
# local_time=2017-09-19 01:32:16 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=061f3df3bfe6ca4fb5d8ecec658476fc
# engine=34787
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-09-19 02:41:52
# local_time=2017-09-19 04:41:52 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Antivirus'
# compatibility_mode=1815 16777213 100 97 12456 57892064 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 93731297 257461962 0 0
# scanned=647160
# found=2
# cleaned=2
# scan_time=11375
sh=44D503086FA259F9020590C385D291AF1544A5F5 ft=1 fh=984b85e9a3ae25e9 vn="Win32/FusionCore.L eventuell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="C:\Users\Andre\AppData\Roaming\PowerISO\Upgrade\PowerISO6-x64.exe"
sh=46EF1DAF04CA4A8A5D8BE7E962870451D46C0295 ft=1 fh=89e7fc79b2dabb4d vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung (Gesäubert durch Löschen)" ac=C fn="D:\Driver Booster Free - CHIP-Installer.exe"
         

Alt 20.09.2017, 05:17   #12
burningice
/// Malwareteam
 
Driver Booster unmöglich zu deinstallieren - Standard

Driver Booster unmöglich zu deinstallieren



Schritt: 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
HKU\S-1-5-21-146311287-3911743294-2340431242-1000\...\MountPoints2: F - F:\setup.exe
HKU\S-1-5-21-146311287-3911743294-2340431242-1000\...\MountPoints2: {bb40fb4b-66d3-11e4-b154-74d435b4f298} - G:\setup.exe
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-146311287-3911743294-2340431242-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-146311287-3911743294-2340431242-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09182017124356790\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-146311287-3911743294-2340431242-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-09182017124356790\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [Keine Datei]
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3321459&octid=EB_ORIGINAL_CTID&ISID=MA1CA9458-F849-401C-B3FA-4BF4E7A6441C&SearchSource=55&CUI=&UM=8&UP=SP132290FE-315E-4927-9DD6-36D8EA7647E1&SSPV=
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3321459&octid=EB_ORIGINAL_CTID&ISID=MA1CA9458-F849-401C-B3FA-4BF4E7A6441C&SearchSource=55&CUI=&UM=8&UP=SP132290FE-315E-4927-9DD6-36D8EA7647E1&SSPV="
CHR DefaultSearchURL: Default -> hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3321459&octid=EB_ORIGINAL_CTID&ISID=MA1CA9458-F849-401C-B3FA-4BF4E7A6441C&SearchSource=58&CUI=&UM=8&UP=SP132290FE-315E-4927-9DD6-36D8EA7647E1&q={searchTerms}&SSPV=
CHR DefaultSearchKeyword: Default -> trovi.search
CHR DefaultSuggestURL: Default -> hxxp://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}
CHR Extension: (Amazon) - C:\Users\Andre\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj [2014-11-21]
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\Andre\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2014-10-02]
S3 ALSysIO; \??\C:\Users\Andre\AppData\Local\Temp\ALSysIO64.sys [X] <==== ACHTUNG
Task: {EC01BBD5-3ADD-441C-91AC-5EA7F14F87EB} - System32\Tasks\Driver Booster SkipUAC (Andre) => C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe [2017-01-10] (IObit)
AlternateDataStreams: C:\Windows\Temp:$DATA [16]
FirewallRules: [{2D44DDD5-442F-4216-8B22-99CE34A6A389}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe
FirewallRules: [{4EC6E39A-60BC-431E-9190-00B5FF4FAD26}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DriverBooster.exe
FirewallRules: [{22E496BB-1D68-476B-8DCF-25AAD871CBD3}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DBDownloader.exe
FirewallRules: [{7CAFC905-9292-4259-90B9-8F3EF446C68E}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\DBDownloader.exe
FirewallRules: [{4276D919-E52F-4CA4-B189-3FC44426AC8C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\AutoUpdate.exe
FirewallRules: [{72C66339-714D-4FA8-9A58-8E0B7E3D5480}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.2.0\AutoUpdate.exe
C:\Program Files (x86)\IObit\Driver Booster
C:\ProgramData\IObit\Driver Booster
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
C:\Users\All Users\IObit\Driver Booster
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
C:\Users\Andre\AppData\Roaming\IObit\Driver Booster
C:\Users\Public\Desktop\Driver Booster 4.lnk
emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Schritt: 2
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Schritt: Frage
Hast du noch irgendwelche Probleme mit deinem Rechner?
__________________
Mfg,
Rafael

~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~

Unterstütze uns mit einer Spende
......... Lob, Kritik oder Wünsche .........
.......... Folge uns auf Facebook ..........

Alt 26.09.2017, 03:09   #13
burningice
/// Malwareteam
 
Driver Booster unmöglich zu deinstallieren - Standard

Driver Booster unmöglich zu deinstallieren



Hallo,
benötigst Du noch weiterhin Hilfe ?

Sollte ich innerhalb der nächsten 24 Stunden keine Antwort von dir erhalten, werde ich dein Thema aus meinen Abos nehmen und bekomme dadurch keine Nachricht über neue Antworten.

Das Verschwinden der Symptome bedeutet nicht, dass dein System schon sauber ist
__________________
Mfg,
Rafael

~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~

Unterstütze uns mit einer Spende
......... Lob, Kritik oder Wünsche .........
.......... Folge uns auf Facebook ..........

Antwort

Themen zu Driver Booster unmöglich zu deinstallieren
antivir, avira, avira antivir, deinstallieren, driver, einfach, forum, freund, funktionen, guten, heute, lange, lösung, namens, nicht mehr, ordner, problem, programm, programme, quarantäne, rechner, systemsteuerung, thema, unmöglich, wirklich



Ähnliche Themen: Driver Booster unmöglich zu deinstallieren


  1. Trojaner TR/Decep.IObit.EM aus Driver Booster, in Avira Quarantäne oder "False positive"? (Identisches Problem wie Elenya (heute, 20:20))
    Mülltonne - 22.03.2017 (10)
  2. Automatische Updates/Driver Booster--- GUT/SCHLECHT
    Diskussionsforum - 02.03.2017 (9)
  3. Iolo Energy Booster Service
    Plagegeister aller Art und deren Bekämpfung - 12.03.2015 (1)
  4. Win7 bootet nicht/ driver aswrvrt.sys / driver CLASSPNP.SYS
    Log-Analyse und Auswertung - 08.01.2015 (31)
  5. Windows Protection Booster entfernen
    Anleitungen, FAQs & Links - 05.03.2014 (2)
  6. Windows AntiVirus Booster entfernen
    Anleitungen, FAQs & Links - 01.03.2014 (2)
  7. Windows Ultimate Booster entfernen
    Anleitungen, FAQs & Links - 27.01.2014 (2)
  8. Windows Activity Booster entfernen
    Anleitungen, FAQs & Links - 09.12.2013 (2)
  9. Pando Media Booster lässt sich nich deinstallieren
    Mülltonne - 18.09.2012 (0)
  10. Windows Internet Booster entfernen
    Anleitungen, FAQs & Links - 05.05.2012 (2)
  11. Pando Media Booster
    Alles rund um Windows - 15.04.2012 (3)
  12. Frage zu Game Booster
    Diskussionsforum - 22.07.2011 (14)
  13. pando media booster - Ist das gefährlich?
    Plagegeister aller Art und deren Bekämpfung - 19.10.2009 (1)
  14. Worm win32 Net booster
    Plagegeister aller Art und deren Bekämpfung - 05.09.2008 (3)
  15. booster Win32 wurm
    Plagegeister aller Art und deren Bekämpfung - 02.08.2008 (14)
  16. Mein Plagegeist ist ein Booster
    Plagegeister aller Art und deren Bekämpfung - 08.04.2005 (1)
  17. Booster verwirrt Windows?
    Mülltonne - 08.04.2005 (1)

Zum Thema Driver Booster unmöglich zu deinstallieren - Guten Tag erstmal! So. Da ich mich nun lange genug mit dem Thema gequält habe und einfach keine Lösung finde, wende ich mich nun hier an dieses Forum und hoffe, - Driver Booster unmöglich zu deinstallieren...
Archiv
Du betrachtest: Driver Booster unmöglich zu deinstallieren auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.