Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: katie.runtnc.net erschien in Firefox, geblockt von Malwarebytes, komisches benehmen?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 30.06.2018, 09:55   #1
ToLiNoLi
 
katie.runtnc.net erschien in Firefox, geblockt von Malwarebytes, komisches benehmen? - Frage

katie.runtnc.net erschien in Firefox, geblockt von Malwarebytes, komisches benehmen?



Guten Tag alle,

Bin jetzt nicht komplett Leie und hatte bisjetzt keine Infektionen auf meinem PC (denke ich mal), jedoch nachdem ich katie.runtnc.net als Meldung bekam, geblockt von Malwarebytes Premium (endless Lizenz) und ich mal herumgeforscht hatte, so bei euch aufs Board kam und mir eueren Artikel gelesen hatte, wo ein anderer User das auch hatte, habe ich selber erstmal versucht herauszufinden ob und was da im Firefox los war.

Ich weiss nicht ob ich nun infiziert bin oder nicht, und eure Hilfe waere super, um herauszufinden ob ich bin, zu lernen wie ich meine Logs lese und wenn es ein Plagegeist gibt ihn zu entfernen (damit ich in Zukunft auch analysieren kann und so vielleicht michselber aber auch anderen helfen kann) und ich wieder sicher meinen PC nutzen kann.

System: Windows 7 Ultimate 64 bit, alle Updates gemacht
Sicherheitssoftware: Kaspersky Total Security, Malwarebytes Premium

Was is geschehen?

Das Problem trat auf einmal auf als ich Firefox offnete, die Webseite www.wealthyaffiliate.com eingab und Malwarebytes katie.runtnc.net blockierte da diese Webseite als Erste erschien (umgeleitet), da ist ja ein Infekt, denn ich kenne diese Webseite nicht, noch hatte ich diesen hinzugefuegt noch eingegeben.

Einen Scan mit Kaspersky, Malwarebytes und Malwarebytes Anti Rootkit ergab nichts.

Einige Tage davor, hatte ich einen USB Stick von einem Freund eingesteckt, dass sich jedoch als ein Mauskontroller Stick herausstellte, der Stick wurde nicht als Laufwerk erkannt sondern als Remote Stick.

Mein PC hatte ich heruntergefahren da ich meine Wohnung umgebaut hatte, nach Anschluss und Start, eben Firefox, kam dann diese Meldung. Ob es mit dem Stick zusammenhangt kann ich nicht sagen.

Desweiteren ist folgendes geschehen (gestern), komische Meldung auf Facebook (you have not sufficient rights to do this) obwohl ich gar nichts machte, Outlook Meldung (gebe Passwort ein von meine Email Konten (nicht gemacht)), Outlook Meldung: Fehler konnte Nachricht nicht in einer meiner pst files verschieben.

Hatte dann mit Kaspersky, Malwarebytes und Malwarebytes Rootkit gescannt aber nichts gefunden, hatte dann Router, DSL Modem ausgeschaltet und heutemorgen wieder eingeschaltet. Nun erschienen 2 Nachrichten in Outlook auf mein Haupt Einbox. Die PST hatte ich dann mit Scanpst ueberprueft und es ergab sich einige leichte Fehler die ich behoben hatte. Ob da eine Infektion ist, keine Ahnung.

Bei euch angemeldet, jedoch bekam ich keine Email von euch, auch nicht im Spamfolder, selbsttest mir eine Email zu schicken funktionierte aber, habe dann Email Addresse geandert und auf meien Webseite Email Konto geandert damit ich mein Konto hier aktivieren konnte.


Mein PC benimmt sich jetzt normal, aber nun zur Frage, bin ich infiziert oder doch nicht?

Hatte vorgestern den FRST scan durchgefuehrt und haenge die mit an.

Schon mal Danke fuer eure Hilfe, waere Super neues dazu zu lernen und meinen PC zu cleanen sollte sich doch herausstellen dass ich infiziert bin.

Mit den Besten Gruessen,
ToLiNoLi
Angehängte Dateien
Dateityp: txt FRST.txt (78,1 KB, 22x aufgerufen)
Dateityp: txt Addition.txt (91,6 KB, 24x aufgerufen)
Dateityp: txt malwarebytes katie.txt (685 Bytes, 15x aufgerufen)
Dateityp: txt malwarebytes scan 30-06.txt (1,3 KB, 14x aufgerufen)

Geändert von ToLiNoLi (30.06.2018 um 10:29 Uhr)

Alt 30.06.2018, 14:59   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
katie.runtnc.net erschien in Firefox, geblockt von Malwarebytes, komisches benehmen? - Standard

katie.runtnc.net erschien in Firefox, geblockt von Malwarebytes, komisches benehmen?



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 30.06.2018, 15:23   #3
ToLiNoLi
 
katie.runtnc.net erschien in Firefox, geblockt von Malwarebytes, komisches benehmen? - Icon17

katie.runtnc.net erschien in Firefox, geblockt von Malwarebytes, komisches benehmen?



ups, konnte den # nicht finden und dachte haenge es dann als Datei an da es als Option angeboten wurde.

Hier ist die erste Datei


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.06.2018
Ran by Maci (administrator) on CUKI (28-06-2018 02:19:20)
Running from C:\Users\Maci\Desktop\Downloads
Loaded Profiles: Maci (Available Profiles: Maci & Work & Joker)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\avp.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
(Genie9) C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Livescribe) C:\Program Files (x86)\Common Files\Livescribe\PenComm\PenCommService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
() C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimeLineAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\avpui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Opera Software) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
(Microsoft Corporation) C:\Windows\System32\calc.exe
(Opera Software) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
(Opera Software) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Opera Software) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
(VS Revo Group) C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [281776 2014-09-16] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3784400 2018-06-06] (Malwarebytes)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2184708151-3983908632-3959256547-1000\...\Run: [MindMaster] => D:\MindMaster\MindMasterV2.exe [3867648 2012-07-25] (-)
HKU\S-1-5-21-2184708151-3983908632-3959256547-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2184708151-3983908632-3959256547-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2184708151-3983908632-3959256547-1000\...\MountPoints2: {a8d11759-945e-11e5-a3be-806e6f6e6963} - H:\PWAutoRun.exe
HKU\S-1-5-21-2184708151-3983908632-3959256547-1000\...\MountPoints2: {ae5a3432-5b44-11e4-b1d7-14dae91528d9} - J:\Setup.exe
HKU\S-1-5-21-2184708151-3983908632-3959256547-1000\...\MountPoints2: {bb5a1d2f-4bcb-11e3-b4ae-14dae91528d9} - I:\Imageviewer.exe
HKU\S-1-5-21-2184708151-3983908632-3959256547-1000\...\MountPoints2: {ce69c65f-dbde-11e0-8913-806e6f6e6963} - H:\tatu.exe
HKU\S-1-5-21-2184708151-3983908632-3959256547-1000\...\MountPoints2: {dfe7125f-4fcc-11e3-b72d-14dae91528d9} - I:\setup.exe
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => D:\garmin 2595\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-18\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{C5C6D041-FC80-4D70-BB4B-3B7E97B19FB3}: [DhcpNameServer] 10.0.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
URLSearchHook: HKU\S-1-5-21-2184708151-3983908632-3959256547-1000 - (No Name) - {9d81af43-de53-48d0-a199-42c2a226b24c} - No File
SearchScopes: HKLM-x32 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = 
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = 
SearchScopes: HKU\S-1-5-21-2184708151-3983908632-3959256547-1000 -> DefaultScope {EEA7C303-D65A-448B-AAF5-C3F5A19BEC91} URL = 
SearchScopes: HKU\S-1-5-21-2184708151-3983908632-3959256547-1000 -> {EEA7C303-D65A-448B-AAF5-C3F5A19BEC91} URL = 
BHO: Kaspersky Protection -> {0E2877D3-2641-4970-B794-A553E295428D} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\IEExt\ie_plugin.dll [2018-03-03] (AO Kaspersky Lab)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Kaspersky Protection -> {0E2877D3-2641-4970-B794-A553E295428D} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\IEExt\ie_plugin.dll [2018-03-03] (AO Kaspersky Lab)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (CANON INC.)
BHO-x32: PDFXChange 4.0 -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} -> C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll [2011-09-16] (Tracker Softaware)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-21] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-21] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\IEExt\ie_plugin.dll [2018-03-03] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - PDFXChange 4.0 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} - C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll [2011-09-16] (Tracker Softaware)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\IEExt\ie_plugin.dll [2018-03-03] (AO Kaspersky Lab)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab

FireFox:
========
FF ProfilePath: C:\Users\Maci\AppData\Roaming\Mozilla\Firefox\Profiles\8bdexv0s.default [2018-06-28]
FF user.js: detected! => C:\Users\Maci\AppData\Roaming\Mozilla\Firefox\Profiles\8bdexv0s.default\user.js [2015-05-11]
FF Homepage: Mozilla\Firefox\Profiles\8bdexv0s.default -> about:home
FF NetworkProxy: Mozilla\Firefox\Profiles\8bdexv0s.default -> type", 0
FF Extension: (about:addons-memory 2016) - C:\Users\Maci\AppData\Roaming\Mozilla\Firefox\Profiles\8bdexv0s.default\Extensions\about-addons-memory@sturdiguns.org.xpi [2016-10-16] [Legacy]
FF Extension: (DoubleClick Save Picture) - C:\Users\Maci\AppData\Roaming\Mozilla\Firefox\Profiles\8bdexv0s.default\Extensions\doubleclick-picture@windpr.tw.xpi [2016-04-27] [Legacy]
FF Extension: (YouTube Video and Audio Downloader) - C:\Users\Maci\AppData\Roaming\Mozilla\Firefox\Profiles\8bdexv0s.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2017-05-21] [Legacy]
FF Extension: (Firebug) - C:\Users\Maci\AppData\Roaming\Mozilla\Firefox\Profiles\8bdexv0s.default\Extensions\firebug@software.joehewitt.com.xpi [2017-06-11] [Legacy]
FF Extension: (HTML5 Video Everywhere) - C:\Users\Maci\AppData\Roaming\Mozilla\Firefox\Profiles\8bdexv0s.default\Extensions\html5-video-everywhere@lejenome.me.xpi [2017-10-01]
FF Extension: (HTTPS Everywhere) - C:\Users\Maci\AppData\Roaming\Mozilla\Firefox\Profiles\8bdexv0s.default\Extensions\https-everywhere@eff.org.xpi [2018-06-28]
FF Extension: (Tab Memory Usage) - C:\Users\Maci\AppData\Roaming\Mozilla\Firefox\Profiles\8bdexv0s.default\Extensions\jid1-fRvgLzKONCsPew@jetpack.xpi [2016-10-16] [Legacy]
FF Extension: (uBlock Origin) - C:\Users\Maci\AppData\Roaming\Mozilla\Firefox\Profiles\8bdexv0s.default\Extensions\uBlock0@raymondhill.net.xpi [2018-06-28]
FF Extension: (UnPlug) - C:\Users\Maci\AppData\Roaming\Mozilla\Firefox\Profiles\8bdexv0s.default\Extensions\unplug@compunach.xpi [2017-06-10] [Legacy]
FF Extension: (Webutation) - C:\Users\Maci\AppData\Roaming\Mozilla\Firefox\Profiles\8bdexv0s.default\Extensions\{15fe27f3-e5ab-2d59-4c5c-dadc7945bdbd}.xpi [2016-04-27] [Legacy]
FF Extension: (NoScript) - C:\Users\Maci\AppData\Roaming\Mozilla\Firefox\Profiles\8bdexv0s.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2018-05-30]
FF Extension: (ImTranslator: Translator, Dictionary, TTS) - C:\Users\Maci\AppData\Roaming\Mozilla\Firefox\Profiles\8bdexv0s.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2018-06-06]
FF Extension: (Adblock Plus) - C:\Users\Maci\AppData\Roaming\Mozilla\Firefox\Profiles\8bdexv0s.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-05-16]
FF SearchPlugin: C:\Users\Maci\AppData\Roaming\Mozilla\Firefox\Profiles\8bdexv0s.default\searchplugins\ixquick-https.xml [2012-03-06]
FF SearchPlugin: C:\Users\Maci\AppData\Roaming\Mozilla\Firefox\Profiles\8bdexv0s.default\searchplugins\ixquick.xml [2012-03-06]
FF HKLM\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi [2018-05-05]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_A07576A3CEBC4A72A8CF2C925907DB05@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2013-08-29] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2013-08-29] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-04-20] (CANON INC.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2013-08-29] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.116.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [2014-04-10] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2013-08-29] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin HKU\S-1-5-21-2184708151-3983908632-3959256547-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Maci\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2013-11-20] (Citrix Online)
FF Plugin HKU\S-1-5-21-2184708151-3983908632-3959256547-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2013-08-29] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2184708151-3983908632-3959256547-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-05-05] ()

Chrome: 
=======
CHR Profile: C:\Users\Maci\AppData\Local\Google\Chrome\User Data\Default [2018-04-27]
CHR Extension: (Slides) - C:\Users\Maci\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-20]
CHR Extension: (Docs) - C:\Users\Maci\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-20]
CHR Extension: (Google Drive) - C:\Users\Maci\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-20]
CHR Extension: (YouTube) - C:\Users\Maci\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-20]
CHR Extension: (Sheets) - C:\Users\Maci\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-20]
CHR Extension: (Google Docs Offline) - C:\Users\Maci\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-01-20]
CHR Extension: (Jimdo-Devkit) - C:\Users\Maci\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpcpccfapidnllgbpkaliknnlmiihacp [2018-01-20]
CHR Extension: (Kaspersky Protection) - C:\Users\Maci\AppData\Local\Google\Chrome\User Data\Default\Extensions\mchjnmdbdlkdbfliogedbnpnanfjnolk [2018-03-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Maci\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-26]
CHR Extension: (Gmail) - C:\Users\Maci\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-01-20]
CHR Extension: (Chrome Media Router) - C:\Users\Maci\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-17]
CHR HKLM\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk
CHR HKLM-x32\...\Chrome\Extension: [mchjnmdbdlkdbfliogedbnpnanfjnolk] - hxxps://chrome.google.com/webstore/detail/mchjnmdbdlkdbfliogedbnpnanfjnolk

Opera: 
=======
OPR Extension: (Video Downloader Multiformat) - C:\Users\Maci\AppData\Roaming\Opera Software\Opera Stable\Extensions\beemgnphifpbdehfmohojkhlklfaddih [2017-09-23]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\avp.exe [354672 2017-01-24] (AO Kaspersky Lab)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2012-12-07] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2011-09-03] (Creative Labs) [File not signed]
S3 Creative Media Toolbox 6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [79360 2012-11-11] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
S4 DDJ-SZ_AutoSetup; C:\Program Files (x86)\Pioneer\DDJ-SZ\DDJ-SZ_AutoSetup.exe [79856 2014-01-06] ()
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [138032 2012-04-13] (Portrait Displays, Inc.)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S4 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [163840 2013-02-13] (Brio) [File not signed]
S4 Garmin Device Interaction Service; D:\garmin 2595\Garmin\Device Interaction Service\GarminService.exe [1099280 2017-03-28] (Garmin Ltd. or its subsidiaries)
R2 GenieTimelineService; C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe [673856 2014-06-18] (Genie9)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
S3 klvssbridge64_18.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\vssbridge64.exe [426416 2018-03-03] (AO Kaspersky Lab)
S3 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-03] (Malwarebytes)
S3 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2016-03-09] (NETGEAR)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518264 2017-10-27] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518264 2017-10-27] (NVIDIA Corporation)
R2 PenCommService; C:\Program Files (x86)\Common Files\Livescribe\PenComm\PenCommService.exe [473088 2015-01-13] (Livescribe) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-05-16] ()
R2 RapiMgr; C:\Windows\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation)
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28848 2014-09-16] (Samsung Electronics Co., Ltd.)
S4 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [776848 2012-02-21] (Mister Group)
S4 VyprVPN; C:\Program Files (x86)\VyprVPN\VyprVPNService.exe [242176 2016-04-25] (Golden Frog, GmbH.) [File not signed]
R2 WcesComm; C:\Windows\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2015-05-05] ()
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [247008 2016-12-26] (AO Kaspersky Lab)
S3 DDJ-SZAudio; C:\Windows\System32\drivers\DDJ-SZAudio64.sys [41968 2014-01-06] (Pioneer Corporation.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152184 2018-06-06] (Malwarebytes)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [129448 2017-09-19] (Future Technology Devices International Ltd.)
S3 FTSER2K; C:\Windows\System32\drivers\ftser2k.sys [89800 2017-08-24] (Future Technology Devices International Ltd.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554408 2016-10-01] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [70880 2017-12-24] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [119496 2018-05-05] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78216 2016-06-01] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [206024 2018-05-05] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [1192128 2018-05-05] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1073344 2018-05-05] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [56520 2018-05-05] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [57568 2016-12-23] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [58592 2016-12-07] (AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [50672 2017-12-24] (AO Kaspersky Lab)
S3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [81904 2017-12-24] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [142024 2018-05-05] (AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [199392 2017-12-24] (AO Kaspersky Lab)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2017-08-18] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2017-08-18] (Logitech Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2015-05-05] ()
R0 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [190696 2018-06-06] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [112872 2018-06-27] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [44768 2018-06-27] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-06-27] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [94840 2018-06-28] (Malwarebytes)
R2 NPF; C:\Windows\system32\drivers\npf.sys [35344 2016-05-16] (CACE Technologies, Inc.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50808 2017-10-27] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-05-18] (NVIDIA Corporation)
R3 PdiPorts; C:\Windows\System32\DRIVERS\PdiPorts.sys [20784 2012-04-13] (Portrait Displays, Inc.)
S3 PulseUsb; C:\Windows\System32\DRIVERS\PulseUsb.sys [26112 2015-01-13] (Windows (R) Win 7 DDK provider)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [268976 2014-09-16] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111280 2014-09-16] (Samsung Electronics Co., Ltd.)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [163644 2017-06-03] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 tapvyprvpn; C:\Windows\System32\DRIVERS\tapvyprvpn.sys [44896 2016-04-25] (The OpenVPN Project)
R0 vidsflt58; C:\Windows\System32\DRIVERS\vsflt58.sys [142944 2011-09-06] (Acronis)
S3 NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-28 02:04 - 2018-06-28 02:04 - 000001034 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2018-06-28 02:04 - 2018-06-28 02:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2018-06-28 02:04 - 2018-06-28 02:04 - 000000000 ____D C:\Program Files\VS Revo Group
2018-06-28 01:53 - 2018-06-28 02:19 - 000000000 ____D C:\FRST
2018-06-28 01:39 - 2018-06-28 01:39 - 000384062 _____ C:\Users\Maci\Desktop\iyfnzgb.com und katie.runtnc.net erscheinen einfach im Browser Betreff - Seite 2.pdf
2018-06-25 17:24 - 2018-06-25 17:24 - 001056200 _____ C:\Users\Maci\Desktop\Goran Nadj - Google+ does not follow back promiser WA.pdf
2018-06-22 18:41 - 2018-06-22 18:41 - 000411393 _____ C:\Users\Maci\Desktop\Eladó használt OLDSMOBILE CUTLASS Brougham Ciera 3.0 V6 Gyári ál, 1983, Óceánkék színű - Használtautó.hu.pdf
2018-06-20 13:36 - 2018-06-20 13:36 - 000119251 _____ C:\Users\Maci\Desktop\5000-year-old stone balls continue to baffle archaeologists -- Secret History -- Sott.pdf
2018-06-20 13:36 - 2018-06-20 13:36 - 000075031 _____ C:\Users\Maci\Desktop\14 thought-control tactics narcissists use to dominate and confuse people -- Science of the Spirit -- Sott.pdf
2018-06-20 13:36 - 2018-06-20 13:36 - 000054479 _____ C:\Users\Maci\Desktop\The effects of sexy people on your intelligence -- Science & Technology -- Sott.pdf
2018-06-19 22:08 - 2018-06-19 22:08 - 000072894 _____ C:\Users\Maci\Desktop\How a Ouija Board influenced a modern murder trial -- High Strangeness -- Sott.pdf
2018-06-19 21:00 - 2018-06-19 21:00 - 004255521 _____ C:\Users\Maci\Desktop\Link Building Case Study_ How I Increased My Search Traffic by 110% in 14 Days.pdf
2018-06-19 20:54 - 2018-06-19 20:54 - 000892798 _____ C:\Users\Maci\Desktop\How to Start a Podcast_ Step by Step.pdf
2018-06-19 20:20 - 2018-06-19 20:20 - 005639179 _____ C:\Users\Maci\Desktop\17 Places to Learn Google Analytics Free in 2018 (From Beginner to Pro).pdf
2018-06-19 19:14 - 2018-06-19 19:14 - 000799283 _____ C:\Users\Maci\Desktop\The Skeptic's Guide to Getting Targeted Traffic from Google+.pdf
2018-06-19 15:32 - 2018-06-19 15:32 - 000115871 _____ C:\Users\Maci\Desktop\Manage Domains expire goldlikehunters and save 15 dollar.pdf
2018-06-17 10:02 - 2018-06-17 10:02 - 000372430 _____ C:\Users\Maci\Desktop\Eladó használt CHEVROLET MALIBU CLASSIC POLICE V8, 1980 - Használtautó.hu.pdf
2018-06-13 06:57 - 2018-06-24 07:19 - 000390320 _____ C:\Users\Maci\Desktop\Inventory list Multimedia Medium 2018 06.xlsx
2018-06-13 05:30 - 2018-05-29 22:36 - 000396960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-06-13 05:30 - 2018-05-29 21:40 - 000348824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-06-13 05:30 - 2018-05-29 04:43 - 000631640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-06-13 05:30 - 2018-05-29 04:41 - 005577408 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-06-13 05:30 - 2018-05-29 04:41 - 000708288 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-06-13 05:30 - 2018-05-29 04:41 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-06-13 05:30 - 2018-05-29 04:41 - 000154816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-06-13 05:30 - 2018-05-29 04:41 - 000095424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-06-13 05:30 - 2018-05-29 04:35 - 001665336 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 004050624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-06-13 05:30 - 2018-05-29 04:32 - 003962048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-06-13 05:30 - 2018-05-29 04:32 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:32 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:25 - 001314064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:22 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 04:03 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-06-13 05:30 - 2018-05-29 04:03 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-06-13 05:30 - 2018-05-29 04:03 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-06-13 05:30 - 2018-05-29 04:03 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-06-13 05:30 - 2018-05-29 04:03 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-06-13 05:30 - 2018-05-29 03:59 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-06-13 05:30 - 2018-05-29 03:59 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-06-13 05:30 - 2018-05-29 03:59 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-06-13 05:30 - 2018-05-29 03:59 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-06-13 05:30 - 2018-05-29 03:59 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-06-13 05:30 - 2018-05-29 03:59 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-06-13 05:30 - 2018-05-29 03:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-06-13 05:30 - 2018-05-29 03:58 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-06-13 05:30 - 2018-05-29 03:58 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 03:58 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 03:58 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 03:58 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-06-13 05:30 - 2018-05-29 03:56 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-06-13 05:30 - 2018-05-29 03:55 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-06-13 05:30 - 2018-05-29 03:55 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-06-13 05:30 - 2018-05-29 03:54 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-06-13 05:30 - 2018-05-29 03:54 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-06-13 05:30 - 2018-05-29 02:04 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-06-13 05:30 - 2018-05-25 07:10 - 025742848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-06-13 05:30 - 2018-05-25 06:59 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-06-13 05:30 - 2018-05-25 06:59 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-06-13 05:30 - 2018-05-25 06:46 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-06-13 05:30 - 2018-05-25 06:45 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-06-13 05:30 - 2018-05-25 06:44 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-06-13 05:30 - 2018-05-25 06:44 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-06-13 05:30 - 2018-05-25 06:44 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-06-13 05:30 - 2018-05-25 06:43 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-06-13 05:30 - 2018-05-25 06:38 - 005779968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-06-13 05:30 - 2018-05-25 06:37 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-06-13 05:30 - 2018-05-25 06:36 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-06-13 05:30 - 2018-05-25 06:34 - 020286976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-06-13 05:30 - 2018-05-25 06:33 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-06-13 05:30 - 2018-05-25 06:32 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-06-13 05:30 - 2018-05-25 06:32 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-06-13 05:30 - 2018-05-25 06:32 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-06-13 05:30 - 2018-05-25 06:32 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-06-13 05:30 - 2018-05-25 06:28 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-06-13 05:30 - 2018-05-25 06:24 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-06-13 05:30 - 2018-05-25 06:21 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-06-13 05:30 - 2018-05-25 06:16 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-06-13 05:30 - 2018-05-25 06:16 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-06-13 05:30 - 2018-05-25 06:15 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-06-13 05:30 - 2018-05-25 06:15 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-06-13 05:30 - 2018-05-25 06:14 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-06-13 05:30 - 2018-05-25 06:14 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-06-13 05:30 - 2018-05-25 06:14 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-06-13 05:30 - 2018-05-25 06:13 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-06-13 05:30 - 2018-05-25 06:12 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-06-13 05:30 - 2018-05-25 06:10 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-06-13 05:30 - 2018-05-25 06:10 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-06-13 05:30 - 2018-05-25 06:09 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-06-13 05:30 - 2018-05-25 06:08 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-06-13 05:30 - 2018-05-25 06:08 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-06-13 05:30 - 2018-05-25 06:07 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-06-13 05:30 - 2018-05-25 06:06 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-06-13 05:30 - 2018-05-25 06:06 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-06-13 05:30 - 2018-05-25 06:05 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-06-13 05:30 - 2018-05-25 06:05 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-06-13 05:30 - 2018-05-25 05:57 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-06-13 05:30 - 2018-05-25 05:57 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-06-13 05:30 - 2018-05-25 05:55 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-06-13 05:30 - 2018-05-25 05:55 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-06-13 05:30 - 2018-05-25 05:53 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-06-13 05:30 - 2018-05-25 05:53 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-06-13 05:30 - 2018-05-25 05:53 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-06-13 05:30 - 2018-05-25 05:52 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-06-13 05:30 - 2018-05-25 05:52 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-06-13 05:30 - 2018-05-25 05:51 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-06-13 05:30 - 2018-05-25 05:49 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-06-13 05:30 - 2018-05-25 05:48 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-06-13 05:30 - 2018-05-25 05:47 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-06-13 05:30 - 2018-05-25 05:45 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-06-13 05:30 - 2018-05-25 05:42 - 004496896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-06-13 05:30 - 2018-05-25 05:40 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-06-13 05:30 - 2018-05-25 05:39 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-06-13 05:30 - 2018-05-25 05:39 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-06-13 05:30 - 2018-05-25 05:38 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-06-13 05:30 - 2018-05-25 05:38 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-06-13 05:30 - 2018-05-25 05:37 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-06-13 05:30 - 2018-05-25 05:29 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-06-13 05:30 - 2018-05-25 05:19 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-06-13 05:30 - 2018-05-25 05:17 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-06-13 05:30 - 2018-05-25 05:15 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-06-13 05:30 - 2018-05-25 05:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-06-13 05:30 - 2018-05-15 06:16 - 001681088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-06-13 05:30 - 2018-05-15 05:44 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2018-06-13 05:30 - 2018-05-15 05:44 - 001159680 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2018-06-13 05:30 - 2018-05-15 05:44 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2018-06-13 05:30 - 2018-05-15 05:44 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2018-06-13 05:30 - 2018-05-15 05:24 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2018-06-13 05:30 - 2018-05-15 05:23 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2018-06-13 05:30 - 2018-05-15 05:13 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2018-06-13 05:30 - 2018-05-15 05:13 - 000782848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2018-06-13 05:30 - 2018-05-15 05:13 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2018-06-13 05:30 - 2018-05-15 05:13 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2018-06-13 05:30 - 2018-05-15 05:01 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2018-06-13 05:30 - 2018-05-15 05:01 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2018-06-13 05:30 - 2018-05-15 03:20 - 000467856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-06-13 05:30 - 2018-05-15 03:20 - 000459632 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2018-06-13 05:30 - 2018-05-12 04:07 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2018-06-13 05:30 - 2018-05-12 04:07 - 000033152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-06-13 05:30 - 2018-05-12 04:07 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2018-06-13 05:30 - 2018-05-11 23:19 - 000977408 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-06-13 05:30 - 2018-05-11 23:19 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-06-13 05:30 - 2018-05-11 23:19 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2018-06-13 05:30 - 2018-05-11 02:40 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-06-13 05:30 - 2018-05-11 02:40 - 000084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2018-06-13 05:30 - 2018-05-11 02:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-06-13 05:30 - 2018-04-06 18:39 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-06-13 05:30 - 2018-04-06 18:38 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-06-11 05:11 - 2018-06-11 05:11 - 000554335 _____ C:\Users\Maci\Desktop\Gamingelite's Profile at WealthyAffiliate.com.pdf
2018-06-11 05:07 - 2018-06-11 05:07 - 000701191 _____ C:\Users\Maci\Desktop\gaming elite - Google+.pdf
2018-06-10 16:57 - 2018-06-10 16:57 - 001945812 _____ C:\Users\Maci\Desktop\Darsh Singh - Google gave a spam answer.pdf
2018-06-08 17:30 - 2018-06-08 17:30 - 002054780 _____ C:\Users\Maci\Desktop\Buy & Sell - Pápa 08062018.pdf
2018-06-08 11:07 - 2018-06-08 11:07 - 007708886 _____ C:\Users\Maci\Desktop\Vitafit Étterem és Kávézó, Pápa.pdf
2018-06-08 04:41 - 2018-06-08 04:41 - 000185512 _____ C:\Users\Maci\Desktop\2 x Silbergrafiken Barbara Design Lüdinghausen _ eBay.pdf
2018-06-07 15:45 - 2018-06-07 15:45 - 000841708 _____ C:\Users\Maci\Desktop\Y739A.pdf
2018-06-06 12:28 - 2018-06-28 00:16 - 000094840 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-06-06 07:41 - 2018-06-06 07:42 - 000000000 ____D C:\Users\Maci\AppData\Roaming\slobs-client
2018-06-06 07:41 - 2018-06-06 07:41 - 000002012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Streamlabs OBS.lnk
2018-06-06 07:41 - 2018-06-06 07:41 - 000002000 _____ C:\Users\Public\Desktop\Streamlabs OBS.lnk
2018-06-06 07:41 - 2018-06-06 07:41 - 000000000 ____D C:\Users\Maci\AppData\Roaming\Streamlabs OBS
2018-06-06 07:41 - 2018-06-06 07:41 - 000000000 ____D C:\ProgramData\Streamlabs OBS
2018-06-06 07:40 - 2018-06-06 07:41 - 000000000 ____D C:\Program Files\Streamlabs OBS
2018-06-05 17:24 - 2018-06-05 17:27 - 223817800 _____ (General Workings, Inc.) C:\Users\Maci\Desktop\Streamlabs+OBS+Setup+0.9.1-0JhetdYrbEOofVl.exe
2018-06-03 00:38 - 2018-06-03 00:38 - 014027118 _____ C:\Users\Maci\Desktop\Followers.pdf
2018-06-02 13:48 - 2018-06-02 13:48 - 000580226 _____ C:\Users\Maci\Desktop\Outstanding Sculptural Mid Century Candle Holder PAPZ.pdf
2018-06-02 13:44 - 2018-06-02 13:44 - 000250592 _____ C:\Users\Maci\Desktop\Vtg Mid Century Bronze Brutalist Candlestick, Abstract PAPZ Numbered _ eBay.pdf
2018-06-02 03:27 - 2018-06-02 03:27 - 000428504 _____ C:\Windows\Minidump\060218-14539-01.dmp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-28 02:17 - 2018-01-20 03:24 - 000000000 ____D C:\Users\Maci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
2018-06-28 02:17 - 2012-03-07 16:21 - 000000000 ____D C:\Program Files (x86)\VirtualDJ
2018-06-28 02:11 - 2018-01-20 03:24 - 000000000 ____D C:\Users\Maci\AppData\Roaming\Microsoft Game Studios
2018-06-28 02:11 - 2018-01-20 03:24 - 000000000 ____D C:\Users\Maci\AppData\Local\Microsoft Game Studios
2018-06-28 02:11 - 2017-10-07 19:21 - 000000000 ____D C:\ProgramData\Microsoft Games
2018-06-28 02:11 - 2016-12-12 22:02 - 000000000 ____D C:\Program Files (x86)\Microsoft Games
2018-06-28 02:11 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-06-28 02:04 - 2018-01-20 03:23 - 000000000 ____D C:\Users\Maci\AppData\LocalLow\Mozilla
2018-06-28 01:27 - 2015-05-11 13:43 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-06-28 00:50 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\tracing
2018-06-27 13:20 - 2009-07-14 06:45 - 000015344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-06-27 13:20 - 2009-07-14 06:45 - 000015344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-06-27 13:17 - 2011-09-07 13:41 - 000000000 ____D C:\ProgramData\NVIDIA
2018-06-27 13:11 - 2017-02-22 11:40 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-27 13:11 - 2009-07-14 07:13 - 000786854 _____ C:\Windows\system32\PerfStringBackup.INI
2018-06-27 13:11 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-06-27 13:05 - 2018-05-24 15:36 - 000044768 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-06-27 13:05 - 2011-12-23 22:56 - 000018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2018-06-27 13:04 - 2018-05-24 15:36 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-06-27 13:04 - 2018-05-24 15:36 - 000112872 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-06-27 13:04 - 2017-09-21 08:57 - 000065536 _____ C:\Windows\system32\Ikeext.etl
2018-06-27 13:04 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-06-26 16:51 - 2015-02-10 18:06 - 000061852 _____ C:\Windows\system32\BMXStateBkp-{00000004-00000000-00000000-00001102-0000000B-00431102}.rfx
2018-06-26 16:51 - 2015-02-10 18:06 - 000061852 _____ C:\Windows\system32\BMXState-{00000004-00000000-00000000-00001102-0000000B-00431102}.rfx
2018-06-26 16:51 - 2015-02-10 18:06 - 000000820 _____ C:\Windows\system32\DVCState-{00000004-00000000-00000000-00001102-0000000B-00431102}.rfx
2018-06-26 16:50 - 2018-01-20 03:24 - 000000000 ____D C:\Users\Maci\AppData\Roaming\vlc
2018-06-26 16:50 - 2018-01-20 03:24 - 000000000 ____D C:\Users\Maci\AppData\Local\Newsbin
2018-06-24 17:41 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2018-06-24 16:30 - 2016-06-10 15:37 - 000000398 __RSH C:\ProgramData\ntuser.pol
2018-06-24 16:27 - 2018-05-11 20:02 - 000035581 _____ C:\Users\Maci\Desktop\sales list 21.xlsx
2018-06-22 23:02 - 2013-08-15 08:57 - 000000000 ____D C:\Windows\system32\MRT
2018-06-22 22:57 - 2017-10-13 21:25 - 133315992 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-06-22 22:57 - 2011-09-02 21:04 - 133315992 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-06-21 23:42 - 2012-10-27 21:47 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-06-21 23:42 - 2012-04-25 20:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-06-21 09:29 - 2018-05-11 20:02 - 000031131 _____ C:\Users\Maci\Desktop\2B31DF97.tmp
2018-06-19 10:50 - 2015-05-24 01:50 - 000000000 ____D C:\Program Files\Recuva
2018-06-17 18:29 - 2012-02-13 15:21 - 000000000 ____D C:\ProgramData\Roxio
2018-06-17 10:38 - 2018-05-11 20:02 - 000026703 _____ C:\Users\Maci\Desktop\16BD27D2.tmp
2018-06-15 15:54 - 2018-01-20 03:24 - 000000000 ____D C:\Users\Maci\AppData\Roaming\Ableton
2018-06-15 02:17 - 2011-09-03 11:27 - 000000000 ____D C:\Users\Maci\AppData\Local\QuickPar
2018-06-07 09:08 - 2018-05-21 20:28 - 000000000 ____D C:\Users\Maci\Desktop\New folder
2018-06-06 12:28 - 2018-05-24 15:36 - 000190696 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-06-06 12:28 - 2018-05-24 15:36 - 000152184 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-06-02 17:55 - 2015-02-17 15:26 - 000000000 ____D C:\ProgramData\CanonIJPLM
2018-06-02 17:38 - 2018-01-20 03:24 - 000000000 ____D C:\Users\Maci\AppData\Roaming\Skype
2018-06-02 03:27 - 2018-05-06 13:31 - 3225318066 _____ C:\Windows\MEMORY.DMP
2018-06-02 03:27 - 2012-11-01 20:06 - 000000000 ____D C:\Windows\Minidump
2018-06-01 17:21 - 2018-05-27 16:19 - 000000165 ____H C:\Users\Maci\Desktop\~$sales list 21.xlsx
2018-06-01 08:04 - 2018-01-20 03:24 - 000000000 ____D C:\Users\Maci\AppData\Local\CrashDumps
2018-05-29 14:01 - 2018-05-11 20:02 - 000013179 _____ C:\Users\Maci\Desktop\3978C59.tmp

==================== Files in the root of some directories =======

2012-03-07 13:05 - 2001-01-11 04:37 - 000057856 _____ (DAMN) C:\Program Files\DAMN_NFO_Viewer.exe
2018-01-20 05:36 - 2018-01-21 06:47 - 000000600 _____ () C:\Users\Maci\AppData\Roaming\winscp.rnd
2018-01-20 03:24 - 2016-10-20 08:28 - 000003584 _____ () C:\Users\Maci\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-01-20 03:24 - 2011-12-05 10:26 - 000004096 ____H () C:\Users\Maci\AppData\Local\keyfile3.drm
2018-01-20 03:24 - 2017-11-19 03:21 - 000007605 _____ () C:\Users\Maci\AppData\Local\resmon.resmoncfg
2018-01-20 03:24 - 2017-01-19 01:48 - 000845308 _____ () C:\Users\Maci\AppData\Local\rx_audio.Cache
2018-01-20 03:24 - 2014-05-09 19:38 - 000000000 _____ () C:\Users\Maci\AppData\Local\rx_image32.Cache
2018-01-20 03:24 - 2008-02-05 13:28 - 000000051 _____ () C:\Users\Maci\AppData\Local\setup.txt
2018-01-20 03:24 - 2011-09-02 20:55 - 000017408 _____ () C:\Users\Maci\AppData\Local\WebpageIcons.db

Some files in TEMP:
====================
2018-01-20 03:34 - 2016-12-24 02:11 - 004076488 _____ () C:\Users\Joker\AppData\Local\Temp\Ableton Swapper.exe
2018-01-20 03:34 - 2017-02-01 11:36 - 000066048 _____ () C:\Users\Joker\AppData\Local\Temp\Execute2App.exe
2018-01-20 03:34 - 2015-08-08 20:11 - 000134656 _____ (Irfan Skiljan, IrfanView) C:\Users\Joker\AppData\Local\Temp\iv_uninstall.exe
2018-01-20 03:34 - 2016-11-14 18:01 - 000737856 _____ (Oracle Corporation) C:\Users\Joker\AppData\Local\Temp\jre-8u111-windows-au.exe
2018-01-20 03:34 - 2017-01-21 04:00 - 000739904 _____ (Oracle Corporation) C:\Users\Joker\AppData\Local\Temp\jre-8u121-windows-au.exe
2018-01-20 03:34 - 2017-05-27 18:48 - 000739904 _____ (Oracle Corporation) C:\Users\Joker\AppData\Local\Temp\jre-8u131-windows-au.exe
2018-01-20 03:34 - 2017-08-07 12:06 - 000740416 _____ (Oracle Corporation) C:\Users\Joker\AppData\Local\Temp\jre-8u144-windows-au.exe
2018-01-20 03:34 - 2017-10-25 18:08 - 001856576 _____ (Oracle Corporation) C:\Users\Joker\AppData\Local\Temp\jre-8u151-windows-au.exe
2018-01-20 03:34 - 2016-03-28 18:42 - 000736320 _____ (Oracle Corporation) C:\Users\Joker\AppData\Local\Temp\jre-8u77-windows-au.exe
2018-01-20 03:34 - 2016-04-22 15:35 - 000739904 _____ (Oracle Corporation) C:\Users\Joker\AppData\Local\Temp\jre-8u91-windows-au.exe
2018-01-20 03:34 - 2014-06-18 10:46 - 000028736 _____ () C:\Users\Joker\AppData\Local\Temp\ModelCheckUtility.exe
2018-01-20 03:34 - 2014-05-07 18:43 - 000568832 _____ (Microsoft Corporation) C:\Users\Joker\AppData\Local\Temp\msvcp90.dll
2018-01-20 03:34 - 2013-03-20 15:16 - 000068608 _____ (Netgear Inc.) C:\Users\Joker\AppData\Local\Temp\NASUPnP.dll
2018-01-20 03:34 - 2016-02-23 22:39 - 000720928 _____ (NVIDIA Corporation) C:\Users\Joker\AppData\Local\Temp\nvSCPAPI.dll
2017-11-11 00:50 - 2015-11-02 15:17 - 000835776 _____ (NVIDIA Corporation) C:\Users\Joker\AppData\Local\Temp\nvSCPAPI64.dll
2017-11-10 22:43 - 2015-03-13 17:38 - 000840336 _____ (NVIDIA Corporation) C:\Users\Joker\AppData\Local\Temp\nvStInst.exe
2018-01-20 03:34 - 2017-10-12 02:12 - 044809728 _____ (Logitech, Inc.) C:\Users\Joker\AppData\Local\Temp\qc_a402013b_7656_4f6f_b57f_5a8ef69f5fc4_32.exe
2018-01-20 03:34 - 2009-10-06 14:49 - 009357573 _____ (Macrovision Corporation) C:\Users\Joker\AppData\Local\Temp\Samsung_MonSetup_091006.exe
2018-01-20 03:34 - 2017-09-21 15:30 - 042669056 _____ () C:\Users\Joker\AppData\Local\Temp\SkypeSetup.exe
2018-01-20 03:34 - 2016-02-22 22:28 - 007194312 _____ (Microsoft Corporation) C:\Users\Joker\AppData\Local\Temp\vcredist_x64.exe
2018-01-20 03:34 - 2016-02-22 22:28 - 006503984 _____ (Microsoft Corporation) C:\Users\Joker\AppData\Local\Temp\vcredist_x86.exe
2018-01-20 03:34 - 2015-08-16 08:48 - 028849904 _____ () C:\Users\Joker\AppData\Local\Temp\vlc-2.2.1-win32.exe
2018-01-20 03:34 - 2015-08-03 01:58 - 000118784 _____ () C:\Users\Joker\AppData\Local\Temp\xmlUpdater.exe
2018-01-20 03:34 - 2015-09-09 15:49 - 000000000 _____ () C:\Users\Joker\AppData\Local\Temp\zyed4jql.dll
2018-01-20 03:34 - 2007-01-20 14:46 - 000455600 ____R (Macrovision Corporation) C:\Users\Joker\AppData\Local\Temp\_is7771.exe
2016-06-10 22:02 - 2018-06-14 13:16 - 004094088 _____ () C:\Users\Maci\AppData\Local\Temp\Ableton Swapper.exe
2016-11-02 21:07 - 2017-02-01 11:36 - 000066048 _____ () C:\Users\Maci\AppData\Local\Temp\Execute2App.exe
2018-06-28 02:05 - 2001-09-28 18:00 - 000164864 _____ () C:\Users\Maci\AppData\Local\Temp\GLB1A2B.EXE
2017-10-31 23:01 - 2015-08-08 20:11 - 000134656 _____ (Irfan Skiljan, IrfanView) C:\Users\Maci\AppData\Local\Temp\iv_uninstall.exe
2016-11-14 18:01 - 2016-11-14 18:01 - 000737856 _____ (Oracle Corporation) C:\Users\Maci\AppData\Local\Temp\jre-8u111-windows-au.exe
2017-01-21 04:00 - 2017-01-21 04:00 - 000739904 _____ (Oracle Corporation) C:\Users\Maci\AppData\Local\Temp\jre-8u121-windows-au.exe
2017-05-27 18:48 - 2017-05-27 18:48 - 000739904 _____ (Oracle Corporation) C:\Users\Maci\AppData\Local\Temp\jre-8u131-windows-au.exe
2017-08-07 12:06 - 2017-08-07 12:06 - 000740416 _____ (Oracle Corporation) C:\Users\Maci\AppData\Local\Temp\jre-8u144-windows-au.exe
2017-10-25 18:08 - 2017-10-25 18:08 - 001856576 _____ (Oracle Corporation) C:\Users\Maci\AppData\Local\Temp\jre-8u151-windows-au.exe
2018-04-21 12:51 - 2018-04-21 12:51 - 001884616 _____ (Oracle Corporation) C:\Users\Maci\AppData\Local\Temp\jre-8u171-windows-au.exe
2016-03-28 18:42 - 2016-03-28 18:42 - 000736320 _____ (Oracle Corporation) C:\Users\Maci\AppData\Local\Temp\jre-8u77-windows-au.exe
2016-04-22 15:35 - 2016-04-22 15:35 - 000739904 _____ (Oracle Corporation) C:\Users\Maci\AppData\Local\Temp\jre-8u91-windows-au.exe
2014-06-18 10:46 - 2014-06-18 10:46 - 000028736 _____ () C:\Users\Maci\AppData\Local\Temp\ModelCheckUtility.exe
2016-11-02 21:07 - 2014-05-07 18:43 - 000568832 _____ (Microsoft Corporation) C:\Users\Maci\AppData\Local\Temp\msvcp90.dll
2013-03-20 15:16 - 2013-03-20 15:16 - 000068608 _____ (Netgear Inc.) C:\Users\Maci\AppData\Local\Temp\NASUPnP.dll
2015-04-02 12:53 - 2016-02-23 22:39 - 000720928 _____ (NVIDIA Corporation) C:\Users\Maci\AppData\Local\Temp\nvSCPAPI.dll
2015-11-08 23:46 - 2015-11-02 15:17 - 000835776 _____ (NVIDIA Corporation) C:\Users\Maci\AppData\Local\Temp\nvSCPAPI64.dll
2015-08-04 13:11 - 2015-03-13 17:38 - 000840336 _____ (NVIDIA Corporation) C:\Users\Maci\AppData\Local\Temp\nvStInst.exe
2018-04-21 11:20 - 2018-04-21 11:20 - 001876480 _____ (Opera Software) C:\Users\Maci\AppData\Local\Temp\Opera_installer_180421092032720.dll
2018-04-21 11:20 - 2018-04-21 11:20 - 001876480 _____ (Opera Software) C:\Users\Maci\AppData\Local\Temp\Opera_installer_180421092033095.dll
2018-04-21 11:20 - 2018-04-21 11:20 - 001876480 _____ (Opera Software) C:\Users\Maci\AppData\Local\Temp\Opera_installer_180421092033455.dll
2018-04-21 11:20 - 2018-04-21 11:20 - 001876480 _____ (Opera Software) C:\Users\Maci\AppData\Local\Temp\Opera_installer_180421092033486.dll
2018-04-21 11:20 - 2018-04-21 11:20 - 001876480 _____ (Opera Software) C:\Users\Maci\AppData\Local\Temp\Opera_installer_180421092033860.dll
2018-04-21 11:20 - 2018-04-21 11:20 - 001876480 _____ (Opera Software) C:\Users\Maci\AppData\Local\Temp\Opera_installer_180421092034203.dll
2018-04-21 11:20 - 2018-04-21 11:20 - 001876480 _____ (Opera Software) C:\Users\Maci\AppData\Local\Temp\Opera_installer_180421092036546.dll
2017-10-12 02:12 - 2017-10-12 02:12 - 044809728 _____ (Logitech, Inc.) C:\Users\Maci\AppData\Local\Temp\qc_a402013b_7656_4f6f_b57f_5a8ef69f5fc4_32.exe
2009-10-06 14:49 - 2009-10-06 14:49 - 009357573 _____ (Macrovision Corporation) C:\Users\Maci\AppData\Local\Temp\Samsung_MonSetup_091006.exe
2018-05-12 15:20 - 2018-05-12 15:21 - 058834376 _____ (Skype Technologies S.A.) C:\Users\Maci\AppData\Local\Temp\SkypeSetup.exe
2018-06-28 02:11 - 2017-10-07 19:21 - 000815480 _____ (Microsoft Corporation) C:\Users\Maci\AppData\Local\Temp\sldlext.dll
2018-06-28 02:11 - 2017-10-07 19:21 - 003072376 _____ (Microsoft Corporation) C:\Users\Maci\AppData\Local\Temp\SLDL_DLL.dll
2018-06-28 02:11 - 2017-10-07 19:21 - 001705336 _____ (Microsoft Corporation) C:\Users\Maci\AppData\Local\Temp\StartUp.exe
2018-06-28 02:11 - 2017-10-07 19:21 - 000185720 _____ (Microsoft Corporation) C:\Users\Maci\AppData\Local\Temp\TnPCacheEngine.exe
2018-06-28 02:11 - 2017-10-07 19:21 - 000775544 _____ () C:\Users\Maci\AppData\Local\Temp\TnPUI.dll
2016-02-22 22:28 - 2016-02-22 22:28 - 007194312 _____ (Microsoft Corporation) C:\Users\Maci\AppData\Local\Temp\vcredist_x64.exe
2016-02-22 22:28 - 2016-02-22 22:28 - 006503984 _____ (Microsoft Corporation) C:\Users\Maci\AppData\Local\Temp\vcredist_x86.exe
2015-08-16 08:43 - 2015-08-16 08:48 - 028849904 _____ () C:\Users\Maci\AppData\Local\Temp\vlc-2.2.1-win32.exe
2015-08-03 01:58 - 2015-08-03 01:58 - 000118784 _____ () C:\Users\Maci\AppData\Local\Temp\xmlUpdater.exe
2015-09-09 15:49 - 2015-09-09 15:49 - 000000000 _____ () C:\Users\Maci\AppData\Local\Temp\zyed4jql.dll
2007-01-20 14:46 - 2007-01-20 14:46 - 000455600 ____R (Macrovision Corporation) C:\Users\Maci\AppData\Local\Temp\_is7771.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-06-27 21:09

==================== End of FRST.txt ============================
         
--- --- ---
__________________

Alt 30.06.2018, 15:27   #4
ToLiNoLi
 
katie.runtnc.net erschien in Firefox, geblockt von Malwarebytes, komisches benehmen? - Icon24

katie.runtnc.net erschien in Firefox, geblockt von Malwarebytes, komisches benehmen?



und die naechste Datei:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018
Ran by Maci (28-06-2018 02:20:00)
Running from C:\Users\Maci\Desktop\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2011-09-02 08:33:15)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2184708151-3983908632-3959256547-500 - Administrator - Disabled)
Guest (S-1-5-21-2184708151-3983908632-3959256547-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2184708151-3983908632-3959256547-1009 - Limited - Enabled)
Joker (S-1-5-21-2184708151-3983908632-3959256547-1010 - Administrator - Enabled) => C:\Users\Joker
Maci (S-1-5-21-2184708151-3983908632-3959256547-1000 - Administrator - Enabled) => C:\Users\Maci
Work (S-1-5-21-2184708151-3983908632-3959256547-1007 - Administrator - Enabled) => C:\Users\Work.Cuki

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Total Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Ableton Live 9 Suite (HKLM\...\{7597F2DC-003A-476E-9281-774AB112B7BE}) (Version: 9.0.0.0 - Ableton)
Acer eDisplay Management (HKLM-x32\...\{A586DC50-B18D-48FB-B7CC-A598200457C2}) (Version: 1.37.007 - Portrait Displays, Inc.)
Acronis Sync Agent (HKLM-x32\...\{7EFA9A78-797E-4567-A49C-D9E5F26E9AB4}) (Version: 15.0.5583 - Acronis)
Acronis*True*Image*Home 2012 (HKLM-x32\...\{47A0C382-35D7-4A3A-B9AF-B2D38827A8A7}) (Version: 15.0.5545 - Acronis) Hidden
Acronis*True*Image*Home 2012 (HKLM-x32\...\{47A0C382-35D7-4A3A-B9AF-B2D38827A8A7}Visible) (Version: 15.0.5545 - Acronis)
adbLink version 3.5 (HKLM-x32\...\{05CF1DD3-4A94-4219-B176-BB1796680A6C}_is1) (Version: 3.5 - jocala.com)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.127 - Adobe Systems Incorporated)
Adobe Photoshop Elements 2.0 (HKLM-x32\...\Adobe Photoshop Elements 2.0) (Version: 2.0 - Adobe Systems, Inc.)
Alamandi (HKLM-x32\...\Alamandi) (Version: 0.0.0.0 - INTENIUM GmbH)
ANT Drivers Installer x64 (HKLM\...\{7664AF65-7B0D-4171-9F0F-50455278B428}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ArcSoft PhotoStudio 5.5 (HKLM-x32\...\{85309D89-7BE9-4094-BB17-24999C6118FC}) (Version:  - ArcSoft)
Art Effects for Magix (HKLM-x32\...\NewBlue Art Effects for Magix) (Version: 1.4 - NewBlue)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.4.5.0 - Asmedia Technology)
Avery Wizard 4.0 (HKLM-x32\...\{F5D84887-8A6F-4993-8560-B3AA44CB620D}) (Version: 4.0.201 - Avery)
Balsamiq Mockups 3 (HKLM-x32\...\{0FEA76E2-E6C0-2B5C-8447-8A510E0488D2}) (Version: 3.5.7 - Balsamiq SRL) Hidden
Balsamiq Mockups 3 (HKLM-x32\...\BalsamiqMockups3.EDE15CF69E11F7F7D45B5430C7D37CC6C3545E3C.1) (Version: 3.5.7 - Balsamiq SRL)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.2.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
Big Fish Games: Game Manager (HKLM-x32\...\BFGC) (Version: 2.0.0.8 - )
Bitnami Drupal Module (HKLM-x32\...\Bitnami Drupal Module 8.1.0-0) (Version: 8.1.0-0 - Bitnami)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version:  - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - Canon Inc.)
Canon MG5300 series On-screen Manual (HKLM-x32\...\Canon MG5300 series On-screen Manual) (Version:  - )
Canon MG5300 series User Registration (HKLM-x32\...\Canon MG5300 series User Registration) (Version:  - )
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version:  - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
CanoScan 5600F Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4808) (Version:  - )
Citrix Online Launcher (HKLM-x32\...\{307ECD26-43D7-4AD4-82CF-794B63EDF096}) (Version: 1.0.141 - Citrix)
Command & Conquer 3 (HKLM-x32\...\{B0C30E93-D3D9-4F04-A2AC-54749B573275}) (Version: 1.00.0000 - Electronic Arts Inc.)
Creative 3DMIDI Player (HKLM-x32\...\3DMIDI) (Version: 1.11 - Creative Technology Limited)
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.43 - Creative Technology Limited)
Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited)
Creative Console Launcher (HKLM-x32\...\Console Launcher) (Version: 2.61 - Creative Technology Limited)
Creative Diagnostics (HKLM-x32\...\Diagnostics 4_5) (Version: 5.11 - Creative Technology Limited)
Creative Media Toolbox 6 (HKLM-x32\...\{F1A14CB2-A048-45A6-AFDA-3571296E1D76}) (Version: 6.02 - Creative Technology Limited)
Creative Media Toolbox 6 (Shared Components) (HKLM-x32\...\Uninstaller_B4736000_Creative Media Toolbox 6) (Version: 2.80.12 - Creative Labs)
Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.26 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: 1.02 - Creative Technology Limited)
Creative WaveStudio 7 (HKLM-x32\...\WaveStudio 7) (Version: 7.14 - Creative Technology Limited)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Daum PotPlayer 1.5.44465 (HKLM-x32\...\PotPlayer) (Version:  - )
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: 1.2010.6.23 - INTENIUM GmbH)
Die Wiege Roms 2 (HKLM-x32\...\Die Wiege Roms 2) (Version: 1.0.0.0 - INTENIUM GmbH)
DirectX 9 Runtime (HKLM-x32\...\{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}) (Version: 1.00.0000 - Sonic Solutions) Hidden
Discord (HKU\S-1-5-21-2184708151-3983908632-3959256547-1000\...\Discord) (Version: 0.0.300 - Discord Inc.)
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.00 - Creative Technology Limited)
DTS Connect Pack (HKLM-x32\...\DTS Connect Pack) (Version: 1.00 - Creative Technology Limited)
Echo Desktop (HKLM-x32\...\Echo Desktop 3.0.2) (Version: 3.0.2 - Livescribe Inc)
Elevated Installer (HKLM-x32\...\{1052502B-4C91-43F9-B160-AE39ED57C9F0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Empress of the Deep 2 (HKLM-x32\...\Empress of the Deep 2) (Version: 1.0.0.0 - INTENIUM GmbH)
Eraser 6.2.0.2963 (HKLM\...\{3A8889E5-9EA0-4C32-ABF4-FA1B59C0B08B}) (Version: 6.2.2963 - The Eraser Project)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
EuroTalk Talk Now Multi-Language (HKLM-x32\...\EuroTalk Talk Now Multi-Language) (Version: 1.6.6.1 - EuroTalk Ltd.)
EZ Vinyl/Tape Converter by Ion Audio 11.6.0 (HKLM-x32\...\EZ Vinyl/Tape Converter by Ion Audio_is1) (Version: 11.6.0 - Ion Audio LLC)
FastStone Photo Resizer 3.8 (HKLM-x32\...\FastStone Photo Resizer) (Version: 3.8 - FastStone Soft.)
FileZilla Client 3.28.0 (HKLM-x32\...\FileZilla Client) (Version: 3.28.0 - Tim Kosse)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
Folder Size (64-bit) (HKLM\...\{F24FF688-7138-4CCF-A83F-71E9FB01170E}) (Version: 2.6 - Brio)
foobar2000 v1.3.13 (HKLM-x32\...\foobar2000) (Version: 1.3.13 - Peter Pawlowski)
FormatFactory 2.60 (HKLM-x32\...\FormatFactory) (Version: 2.60 - Free Time)
Free Grids for Word 2007 (HKLM-x32\...\{CA8AC9B9-AEEA-4078-9B34-5E7A160E6861}) (Version: 1.00.0000 - Alfac)
Garmin BaseCamp (HKLM-x32\...\{23A4DBD1-D847-4957-995D-8B1CC527E2E2}) (Version: 4.6.2.0 - Garmin Ltd or its subsidiaries)
Garmin City Navigator Europe NTU 2016.10 (HKLM-x32\...\{4DE11D48-DC9D-46FD-9CDA-314BFF6145AD}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin City Navigator Europe NTU 2016.30 (HKLM-x32\...\{5E97BCC6-2F84-4966-9BC4-6CD97D6D3DC2}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{BCC7CA85-E57F-452D-BB44-15A1CE018BD0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{bd8bd200-9a60-4969-b267-6b565f36e3da}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express Tray (HKLM-x32\...\{DA9C865D-6762-4931-8588-0B13B7A0796B}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Giganews Accelerator (HKLM-x32\...\{20187EBD-71B1-4913-AEFF-6E2E2A444434}) (Version: 1.0.111 - Giganews)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
GoToMeeting 6.0.0.1259 (HKU\S-1-5-21-2184708151-3983908632-3959256547-1000\...\GoToMeeting) (Version: 6.0.0.1259 - CitrixOnline)
HD Writer AE 3.0 (HKLM-x32\...\{5678B15A-504C-4A79-8554-05488A206E41}) (Version: 3.00.019.1033 - Panasonic Corporation)
Hellgate: London (HKLM\...\{A2B4455D-1046-4732-BFBC-0821BEFC07BC}) (Version: 1.10.180.3416 - Flagship Studios)
HumanConcepts OrgPlus 4.0 (HKLM-x32\...\HumanConcepts OrgPlus 4.0) (Version:  - )
Inkjet Printer/Scanner Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Network Connections 15.6.25.0 (HKLM\...\PROSetDX) (Version: 15.6.25.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
Internet Explorer Toolbar 4.6 by SweetPacks (HKLM-x32\...\{774C0434-9948-4DEE-A14E-69CDD316E36C}) (Version: 4.6.0003 - SweetIM Technologies Ltd.) <==== ATTENTION
IrfanView 4.50 (64-bit) (HKLM\...\IrfanView64) (Version: 4.50 - Irfan Skiljan)
iTeddy File Converter v. 0.2 (HKLM-x32\...\{BE3497CB-7278-4526-8918-9A3FD77AE790}}_is1) (Version:  - Bailworth Solutions)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Kaspersky Secure Connection (HKLM-x32\...\{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Total Security (HKLM-x32\...\{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{5AAE61FF-858E-453E-B8F3-944618149975}) (Version: 18.0.0.405 - Kaspersky Lab)
Lander (HKLM-x32\...\Lander) (Version:  - )
Logitech Gaming Software 8.20 (HKLM\...\Logitech Gaming Software) (Version: 8.20.74 - Logitech Inc.)
Magic Bullet Quick Looks (MAGIX) (HKLM-x32\...\{B2CF1869-8727-4F9C-BA7D-807CA9F7C528}) (Version: 1.0.0 - Red Giant)
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version:  - )
MAGIX Online Print Service (HKLM-x32\...\{A95EBFF3-216A-4EA6-B6EB-011F5EBA473A}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Photo Manager 10 Deluxe (HKLM-x32\...\{D41A5983-430C-460E-93E5-049953247E98}) (Version: 8.0.0.111 - MAGIX AG) Hidden
MAGIX Photo Manager 10 Deluxe (HKLM-x32\...\MAGIX_MSI_Digital_Foto_Maker_10) (Version: 8.0.0.111 - MAGIX AG)
MAGIX Screenshare (HKLM-x32\...\{BEEE0ED7-FBAD-4BBB-BF0B-884CA40510E2}) (Version: 4.3.6.1987 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM-x32\...\MAGIX_{BEEE0ED7-FBAD-4BBB-BF0B-884CA40510E2}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (MSI) (HKLM-x32\...\{CAE6AB4A-5141-456A-8EC6-D4DF64E24A5C}) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{CAE6AB4A-5141-456A-8EC6-D4DF64E24A5C}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Video deluxe MX Plus Download-Version (HKLM-x32\...\{C960FB07-BBAA-4D26-BE81-D119A15A6E84}) (Version: 11.0.0.42 - MAGIX AG) Hidden
MAGIX Video deluxe MX Plus Download-Version (HKLM-x32\...\MAGIX_MSI_Videodeluxe18_plus) (Version: 11.0.0.42 - MAGIX AG)
MAGIX Video deluxe MX Premium Sonderedition (Demo) (HKLM-x32\...\{0C66E1AE-155D-4F1D-B342-C38709DF3BFE}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe MX Premium Sonderedition (Demo) (HKLM-x32\...\MAGIX_{0C66E1AE-155D-4F1D-B342-C38709DF3BFE}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe MX Premium Sonderedition (Designelemente) (HKLM-x32\...\{A8B8AB0A-3819-4DB7-9CB6-7F4C4A0C91AD}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe MX Premium Sonderedition (Designelemente) (HKLM-x32\...\MAGIX_{A8B8AB0A-3819-4DB7-9CB6-7F4C4A0C91AD}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe MX Premium Sonderedition (Filmvorlagen) (HKLM-x32\...\{6ABAFE68-F02E-4B18-9E07-B3108A00A76C}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe MX Premium Sonderedition (Filmvorlagen) (HKLM-x32\...\MAGIX_{6ABAFE68-F02E-4B18-9E07-B3108A00A76C}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe MX Premium Sonderedition (Fotoshow Maker-Stile 1) (HKLM-x32\...\{DF4D51B9-9C93-4198-A264-C2DE30849D35}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe MX Premium Sonderedition (Fotoshow Maker-Stile 1) (HKLM-x32\...\MAGIX_{DF4D51B9-9C93-4198-A264-C2DE30849D35}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe MX Premium Sonderedition (Fotoshow Maker-Stile 2) (HKLM-x32\...\{BDF81CCC-815B-4ED3-899D-FCC0DD1EE313}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe MX Premium Sonderedition (Fotoshow Maker-Stile 2) (HKLM-x32\...\MAGIX_{BDF81CCC-815B-4ED3-899D-FCC0DD1EE313}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe MX Premium Sonderedition (HKLM-x32\...\{B7B84970-F129-4529-9A6B-EB19F76CDBE3}) (Version: 11.0.5.0 - MAGIX AG) Hidden
MAGIX Video deluxe MX Premium Sonderedition (HKLM-x32\...\MAGIX_{B7B84970-F129-4529-9A6B-EB19F76CDBE3}) (Version: 11.0.5.0 - MAGIX AG)
MAGIX Video deluxe MX Premium Sonderedition (Individuelle Menüvorlagen) (HKLM-x32\...\{9904831C-EA01-422C-A4AC-4AD4B6652F67}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe MX Premium Sonderedition (Individuelle Menüvorlagen) (HKLM-x32\...\MAGIX_{9904831C-EA01-422C-A4AC-4AD4B6652F67}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe MX Premium Sonderedition (Menüvorlagen 1) (HKLM-x32\...\{92A24899-49F5-4EBD-864F-6498D39A2EE2}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe MX Premium Sonderedition (Menüvorlagen 1) (HKLM-x32\...\MAGIX_{92A24899-49F5-4EBD-864F-6498D39A2EE2}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe MX Premium Sonderedition (Menüvorlagen 2) (HKLM-x32\...\{84CC007E-3907-4786-94A0-78BA0CDFD014}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe MX Premium Sonderedition (Menüvorlagen 2) (HKLM-x32\...\MAGIX_{84CC007E-3907-4786-94A0-78BA0CDFD014}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe MX Premium Sonderedition (NewBlueFX Art Effects) (HKLM-x32\...\{400A8665-D505-4E8F-A5F3-F0AE1F47E477}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe MX Premium Sonderedition (NewBlueFX Art Effects) (HKLM-x32\...\MAGIX_{400A8665-D505-4E8F-A5F3-F0AE1F47E477}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe MX Premium Sonderedition (NewBlueFX Light Blends) (HKLM-x32\...\{FCE63E73-11F6-4C91-BD6C-83EF0E4AB2EC}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe MX Premium Sonderedition (NewBlueFX Light Blends) (HKLM-x32\...\MAGIX_{FCE63E73-11F6-4C91-BD6C-83EF0E4AB2EC}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe MX Premium Sonderedition (proDAD Adorage Starter Paket) (HKLM-x32\...\{8DEB9117-680F-4485-9318-3CA76C4BEB09}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe MX Premium Sonderedition (proDAD Adorage Starter Paket) (HKLM-x32\...\MAGIX_{8DEB9117-680F-4485-9318-3CA76C4BEB09}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe MX Premium Sonderedition (proDAD VitaScene 2 MAGIX Edition) (HKLM-x32\...\{8EDFDCE3-5D60-46B1-B80D-A8E78C3722AC}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe MX Premium Sonderedition (proDAD VitaScene 2 MAGIX Edition) (HKLM-x32\...\MAGIX_{8EDFDCE3-5D60-46B1-B80D-A8E78C3722AC}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe MX Premium Sonderedition (Red Giant Magic Bullet Quick Looks) (HKLM-x32\...\{7079DFD0-20D5-429D-910E-76E2F83E9DFE}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe MX Premium Sonderedition (Red Giant Magic Bullet Quick Looks) (HKLM-x32\...\MAGIX_{7079DFD0-20D5-429D-910E-76E2F83E9DFE}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe MX Premium Sonderedition (Red Giant Movie Makers Look Pack) (HKLM-x32\...\{EAE2F608-89AD-481A-98A3-32A0D9C0C2F6}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe MX Premium Sonderedition (Red Giant Movie Makers Look Pack) (HKLM-x32\...\MAGIX_{EAE2F608-89AD-481A-98A3-32A0D9C0C2F6}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe MX Premium Sonderedition (Soundtrack Maker-Stile) (HKLM-x32\...\{A000AFE6-CF54-4721-A453-5927B675CD36}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe MX Premium Sonderedition (Soundtrack Maker-Stile) (HKLM-x32\...\MAGIX_{A000AFE6-CF54-4721-A453-5927B675CD36}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe MX Premium Sonderedition (Titeleffekte) (HKLM-x32\...\{7F43056B-4140-4E3A-82EE-B301019FDE71}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe MX Premium Sonderedition (Titeleffekte) (HKLM-x32\...\MAGIX_{7F43056B-4140-4E3A-82EE-B301019FDE71}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe MX Premium Sonderedition (Tutorials) (HKLM-x32\...\{3B5BD380-FDD0-4F64-9865-753C12C3A198}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe MX Premium Sonderedition (Tutorials) (HKLM-x32\...\MAGIX_{3B5BD380-FDD0-4F64-9865-753C12C3A198}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe MX Premium Sonderedition (Überblendeffekte) (HKLM-x32\...\{97F43E74-EA3E-4CE6-B9D7-64159299BF68}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe MX Premium Sonderedition (Überblendeffekte) (HKLM-x32\...\MAGIX_{97F43E74-EA3E-4CE6-B9D7-64159299BF68}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe MX Premium Sonderedition (Video Plugins) (HKLM-x32\...\{D6B0B1FF-1F80-4219-BA82-4E387C58D4DC}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe MX Premium Sonderedition (Video Plugins) (HKLM-x32\...\MAGIX_{D6B0B1FF-1F80-4219-BA82-4E387C58D4DC}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Web Designer 6 Content (HKLM-x32\...\{6609A4EB-CB71-422C-AA43-BBE75705D049}) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Web Designer 6 DLV Update (HKLM-x32\...\{95CB9817-142E-48AC-B546-226467C3856E}) (Version: 6.0.1.16336 - MAGIX AG) Hidden
MAGIX Web Designer 6 Download-Version (HKLM-x32\...\{0DEE907D-C36B-40F8-A205-DB86B6BFB5DA}) (Version: 6.0.1.12244 - MAGIX AG) Hidden
MAGIX Web Designer 6 Download-Version (HKLM-x32\...\MAGIX_MSI_Web_Designer_6) (Version: 6.0.1.12244 - MAGIX AG)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Mandelbulber v2 (HKLM-x32\...\35A39AB0-5E9F-4B70-98DA-4B8158C89C4B) (Version: 2.02 - )
Market Samurai (HKLM-x32\...\{92B537D0-FF1A-033E-D2F3-5765847CCF6F}) (Version: 0.94.19 - Alliance Software Pty Ltd) Hidden
Market Samurai (HKLM-x32\...\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1) (Version: 0.94.19 - Alliance Software Pty Ltd)
MAUS MasterPlan Evaluation (HKLM-x32\...\{D665FCC1-A460-4538-B346-9646789ED23D}) (Version: 11.4.0.0 - MAUS Business Systems)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F97E3841-CA9D-4964-9D64-26066241D26F}) (Version: 3.3.24.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{8FB1B528-E260-451E-9B55-E9152F94B80B}) (Version: 3.2.3.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Project 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-003A-0000-0000-0000000FF1CE}_PRJSTDR_{8446EB22-A746-46DC-B1BD-E0DFA1F3CDDA}) (Version:  - Microsoft)
Microsoft Office Project Standard 2007 (HKLM-x32\...\PRJSTDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0051-0000-0000-0000000FF1CE}_VISPROR_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version:  - Microsoft)
Microsoft Office Visio Professional 2007 (HKLM-x32\...\VISPROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Mimo (HKLM-x32\...\Mimo) (Version: 0.2.5 - Mimo, Inc.)
MindMaster (HKLM-x32\...\{D5A2C78C-5D8F-40D2-A130-7696D4F22953}) (Version: 2.2.9 - MindMaster)
Mozilla Firefox 60.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 60.0.2 (x64 en-US)) (Version: 60.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0 - Mozilla)
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-2184708151-3983908632-3959256547-1000\...\MyFreeCodec) (Version:  - )
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.4.15.07 - NETGEAR Inc.)
NewBlue 3D Explosions for Windows (HKLM-x32\...\NewBlue 3D Explosions for Windows) (Version: 1.4 - NewBlue)
NewBlue 3D Transformations for Windows (HKLM-x32\...\NewBlue 3D Transformations for Windows) (Version: 1.4 - NewBlue)
NewBlue Art Blends for Windows (HKLM-x32\...\NewBlue Art Blends for Windows) (Version: 1.4 - NewBlue)
NewBlue Art Effects for Windows (HKLM-x32\...\NewBlue Art Effects for Windows) (Version: 1.4 - NewBlue)
NewBlue Film Effects for Windows (HKLM-x32\...\NewBlue Film Effects for Windows) (Version: 1.4 - NewBlue)
NewBlue Motion Blends for Windows (HKLM-x32\...\NewBlue Motion Blends for Windows) (Version: 1.4 - NewBlue)
NewBlue Motion Effects for Windows (HKLM-x32\...\NewBlue Motion Effects for Windows) (Version: 1.4 - NewBlue)
NewBlue Paint Blends for Windows (HKLM-x32\...\NewBlue Paint Blends for Windows) (Version: 1.4 - NewBlue)
NewBlue Paint Effects for Windows (HKLM-x32\...\NewBlue Paint Effects for Windows) (Version: 1.4 - NewBlue)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 1.4 - NewBlue)
NewBlue Video Essentials II for Windows (HKLM-x32\...\NewBlue Video Essentials II for Windows) (Version: 1.4 - NewBlue)
NewBlue Video Essentials III for Windows (HKLM-x32\...\NewBlue Video Essentials III for Windows) (Version: 1.4 - NewBlue)
NewBlueFX Light Blends (HKLM-x32\...\NewBlueFX Light Blends) (Version: 1.4 - NewBlue)
Newsbin Pro (HKLM\...\Newsbin6) (Version: 6.72 - DJI Interprises, LLC)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version:  - )
Noise Reduction Plug-In 2.0 (HKLM-x32\...\{847C6940-D852-11E2-81D2-F04DA23A5C58}) (Version: 2.0.596 - Sony)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.1 - Notepad++ Team)
NR Deluxe for Windows Mobile (HKLM-x32\...\NR Deluxe for Windows Mobile) (Version:  - NoviiMedia)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA 3D Vision Video Player (HKLM-x32\...\{594F6A23-9FF2-4D03-8761-97483E55CE79}) (Version: 1.5.5 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA Graphics Driver 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 20.1.3 - OBS Project)
office dictionary pro (HKLM-x32\...\office dictionary pro) (Version:  - )
ON1 Effects 10 (HKLM\...\ON1 Effects 10 PE) (Version: 10.5.2 - ON1)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera Stable 52.0.2871.64 (HKLM-x32\...\Opera 52.0.2871.64) (Version: 52.0.2871.64 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4554 - Electronic Arts, Inc.)
paint.net (HKLM\...\{E8FA8815-3817-4128-A814-E2EAC456ADF0}) (Version: 4.0.21 - dotPDN LLC)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 0.9.13.21925 - Grinding Gear Games)
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.212.0 - Tracker Software Products Ltd)
PDF-XChange 4 Pro (HKLM\...\{E38531EE-318C-4EFB-A36B-1A57BFBDAB3C}_is1) (Version: 4.198.198.0 - Tracker Software Products Ltd)
Pflanzen gegen Zombies (HKLM-x32\...\Pflanzen gegen Zombies) (Version:  - PopCap Games)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Pioneer DDJ-SZ Driver (HKLM-x32\...\DDJ-SZ) (Version: 1.000.000.000 - Pioneer Corporation.)
Pivot Pro Plugin (HKLM-x32\...\{0217E1D1-BCEF-4A61-AF6D-F7740F65A066}) (Version: 9.50.110 - Portrait Displays, Inc.) Hidden
proDAD Adorage 3.0 (HKLM-x32\...\proDAD-Adorage-3.0) (Version: 3.0.92 - proDAD GmbH)
proDAD Vitascene 2.0 (HKLM-x32\...\proDAD-Vitascene-2.0) (Version: 2.0.113 - proDAD GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Quake 4(TM) (HKLM-x32\...\{152B782A-05F3-48EC-9AAC-4D3EB68D9E20}) (Version: 1.0 - Activision) Hidden
Quake 4(TM) (HKLM-x32\...\InstallShield_{152B782A-05F3-48EC-9AAC-4D3EB68D9E20}) (Version: 1.0 - Activision)
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
RAPID Mode (HKLM\...\{34EF1328-6F71-4077-99AA-E44690F42043}) (Version: 1.0.1.81 - Samsung Electronics Co., Ltd.) Hidden
ReadySHARE Vault (HKLM-x32\...\ReadySHARE Vault) (Version: 3.0 - Genie9)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Reddcoin Core (64-bit) (HKU\S-1-5-21-2184708151-3983908632-3959256547-1000\...\Reddcoin Core (64-bit)) (Version: 2.0.1 - Reddcoin Project)
Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.)
Rise Of Legends (HKLM-x32\...\{CADDE354-C78C-46CB-A006-E2B178EFC271}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
Rise Of Legends (HKLM-x32\...\InstallShield_{CADDE354-C78C-46CB-A006-E2B178EFC271}) (Version: 1.00.0000 - Microsoft Game Studios)
RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder)
Roadkil's Unstoppable Copier Version 5.2 (HKLM-x32\...\{A306FD29-7D3A-4287-91AC-9A0180931395}_is1) (Version:  - Roadkil.Net)
Roxio Creator 2010 (HKLM-x32\...\{89A15676-78AE-4D51-BF5B-DEE3E0D46C94}) (Version: 12.0 - Roxio)
Roxio File Backup (HKLM\...\{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}) (Version: 1.3.0 - Roxio) Hidden
Roxio PhotoShow (HKLM-x32\...\Roxio PhotoShow) (Version: 6.0 - Roxio)
SampleTank 2 LE (HKLM-x32\...\SampleTank 2 LE) (Version:  - )
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.0 - Samsung)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
Samsung Story Album Viewer (HKLM-x32\...\{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Schatz der Azteken (HKLM-x32\...\Schatz der Azteken) (Version:  - )
SDK (HKLM-x32\...\{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}) (Version: 2.32.010 - Portrait Displays, Inc.) Hidden
Security Task Manager 1.8d (HKLM-x32\...\Security Task Manager) (Version: 1.8d - Neuber Software)
Serato DJ  (HKLM-x32\...\{cff70cd3-29c4-4043-b20c-e085773b05e0}) (Version: 1.6.3.7539 - )
Serato DJ  (HKLM-x32\...\{E1DEF4F2-6C31-428E-9B3E-BA5F367FD220}) (Version: 1.6.3.7539 - Serato) Hidden
Skype™ 7.41 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.41.101 - Skype Technologies S.A.)
SmartSound Quicktracks Plugin (HKLM-x32\...\{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.8.0 - SmartSound Software Inc) Hidden
SmartSound Quicktracks Plugin (HKLM-x32\...\InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.8.0 - SmartSound Software Inc)
Sound Forge Pro 11.0 (HKLM-x32\...\{437C8730-3505-11E3-9509-F04DA23A5C58}) (Version: 11.0.272 - Sony)
SoundFont Bank Manager (HKLM-x32\...\SFBM) (Version: 3.21 - Creative Technology Limited)
Star Wars Republic Commando (HKLM-x32\...\{DFAE9340-E8BB-4433-9A08-C8334DAFE1B9}) (Version: 1.0 - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Streamlabs OBS 0.9.1 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.9.1 - General Workings, Inc.)
System Explorer 3.8.5 (HKLM-x32\...\System Explorer_is1) (Version:  - Mister Group)
SysTools BKF Recovery 5.8 version 5.8 (HKLM-x32\...\{0B221C7C-7ECE-4D2E-B425-9AAAEEA5BAC3}_is1) (Version: 5.8 - Coredatatree Technology Pvt. Ltd.)
Terrafarmers (HKLM-x32\...\Terrafarmers) (Version: 1.0.0.0 - INTENIUM GmbH)
The Gladiators (HKLM-x32\...\The Gladiators_is1) (Version:  - )
The Longest Journey (HKLM-x32\...\The Longest Journey) (Version:  - )
TSR Watermark Image software version 2.3.2.2 - Free version (HKLM-x32\...\TSR Watermark Image - Free version_is1) (Version:  - )
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-003A-0000-0000-0000000FF1CE}_PRJSTDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0051-0000-0000-0000000FF1CE}_VISPROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update Manager for SweetPacks 1.0 (HKLM-x32\...\{FB697452-8CA4-46B4-98B1-165C922A2EF3}) (Version: 1.0.0005 - SweetIM Technologies Ltd.) <==== ATTENTION
VD64Inst (HKLM\...\{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}) (Version: 1.00.0000 - Roxio, Inc.) Hidden
VirtualDJ 8 (HKLM-x32\...\{B7D6C720-CB38-41AA-9804-0AA2090BE1B5}) (Version: 8.2.3573.0 - Atomix Productions)
Visitenkarten, Briefbögen & Faxvorlagen (HKLM-x32\...\{3DEDEEC9-B478-4D79-BE35-6890C6094CFE}) (Version:  - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.5.1 (HKLM\...\VulkanRT1.0.5.1) (Version: 1.0.5.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
VyprVPN (HKLM\...\{526B3DDC-6891-4F43-8F64-8B83DC9E4848}) (Version: 2.8.1.6658 - Golden Frog, GmbH.)
Waves Client 1.0.0-beta.21 (only current user) (HKU\S-1-5-21-2184708151-3983908632-3959256547-1000\...\f077d7c1-dd13-50a1-8533-9deb9aba8648) (Version: 1.0.0-beta.21 - Waves Platform)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 3.6 - Bazis)
WinDirStat 1.1.2 (HKU\S-1-5-21-2184708151-3983908632-3959256547-1000\...\WinDirStat) (Version:  - )
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Driver Package - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Mobile Device Center (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
WineBee 2.2 (HKLM-x32\...\WineBee 2.2) (Version:  - )
WinSCP 5.11.3 (HKLM-x32\...\winscp3_is1) (Version: 5.11.3 - Martin Prikryl)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2184708151-3983908632-3959256547-1000_Classes\CLSID\{57B13C80-C59C-4981-8870-4A209C1B7589}\InprocServer32 -> C:\Program Files\Roxio 2010\Virtual Drive 10\DC_ShellExt64.dll (Sonic Solutions)
CustomCLSID: HKU\S-1-5-21-2184708151-3983908632-3959256547-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Maci\AppData\Local\Citrix\GoToMeeting\1259\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
ShellIconOverlayIdentifiers: [0GenieTimeLine-BackedUp] -> {88A8B1ED-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] ()
ShellIconOverlayIdentifiers: [0GenieTimeLine-Excluded] -> {B77E8651-93B1-40CD-8ECF-6F33DAC805A0} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] ()
ShellIconOverlayIdentifiers: [0GenieTimeLine-Folder] -> {CEAF16CE-C11C-4081-BE29-DDE7F45A59DB} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] ()
ShellIconOverlayIdentifiers: [0GenieTimeLine-NotBackedUp] -> {88A8B1EE-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] ()
ShellIconOverlayIdentifiers: [0GenieTimeLine-Pending ] -> {88A8B1EF-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] ()
ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-BackedUp] -> {88A8B1ED-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] ()
ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-Excluded] -> {B77E8651-93B1-40CD-8ECF-6F33DAC805A0} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] ()
ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-Folder] -> {CEAF16CE-C11C-4081-BE29-DDE7F45A59DB} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] ()
ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-NotBackedUp] -> {88A8B1EE-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] ()
ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-Pending ] -> {88A8B1EF-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2013-08-29] ()
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-03-28] ()
ContextMenuHandlers1: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2015-01-19] (The Eraser Project)
ContextMenuHandlers1: [Genie-Soft Timeline Backup Context Menu Extension] -> {D821600B-0B5D-4D7E-B1CC-034C652E8288} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineContextMenu.gtl [2013-08-29] (Genie9)
ContextMenuHandlers1: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2018-05-05] (AO Kaspersky Lab)
ContextMenuHandlers1: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll [2011-08-21] (Acronis)
ContextMenuHandlers2: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2015-01-19] (The Eraser Project)
ContextMenuHandlers2: [Genie-Soft Timeline Backup Context Menu Extension] -> {D821600B-0B5D-4D7E-B1CC-034C652E8288} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineContextMenu.gtl [2013-08-29] (Genie9)
ContextMenuHandlers2: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2018-05-05] (AO Kaspersky Lab)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-03] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers4: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2015-01-19] (The Eraser Project)
ContextMenuHandlers4: [Genie-Soft Timeline Backup Context Menu Extension] -> {D821600B-0B5D-4D7E-B1CC-034C652E8288} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineContextMenu.gtl [2013-08-29] (Genie9)
ContextMenuHandlers4: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2018-05-05] (AO Kaspersky Lab)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd)
ContextMenuHandlers5: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2015-01-19] (The Eraser Project)
ContextMenuHandlers5: [Genie-Soft Timeline Backup Context Menu Extension] -> {D821600B-0B5D-4D7E-B1CC-034C652E8288} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineContextMenu.gtl [2013-08-29] (Genie9)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-10-10] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers5: [PortraitDisplaysContextMenu] -> {8602BDD8-9780-4717-B89A-7F89AF75B2AB} => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\shellmenu64.dll [2010-05-13] (Portrait Displays, Inc.)
ContextMenuHandlers6: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2015-01-19] (The Eraser Project)
ContextMenuHandlers6: [Kaspersky Anti-Virus 18.0.0] -> {FF48AD48-74C7-4260-B385-FAEB80947450} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\x64\ShellEx.dll [2018-05-05] (AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-03] (Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2015-04-08] (Piriform Ltd)
ContextMenuHandlers6: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\x64\versions_page.dll [2011-08-21] (Acronis)
ContextMenuHandlers1_S-1-5-21-2184708151-3983908632-3959256547-1000: [RXDCExtSvr] -> {57B13C80-C59C-4981-8870-4A209C1B7589} => C:\Program Files\Roxio 2010\Virtual Drive 10\DC_ShellExt64.dll [2009-07-07] (Sonic Solutions)
ContextMenuHandlers2_S-1-5-21-2184708151-3983908632-3959256547-1000: [RXDCExtSvr] -> {57B13C80-C59C-4981-8870-4A209C1B7589} => C:\Program Files\Roxio 2010\Virtual Drive 10\DC_ShellExt64.dll [2009-07-07] (Sonic Solutions)
ContextMenuHandlers6_S-1-5-21-2184708151-3983908632-3959256547-1000: [RXDCExtSvr] -> {57B13C80-C59C-4981-8870-4A209C1B7589} => C:\Program Files\Roxio 2010\Virtual Drive 10\DC_ShellExt64.dll [2009-07-07] (Sonic Solutions)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00FF2BCC-505B-49C8-966E-C865F5E43B61} - System32\Tasks\{E523DE38-486E-4E15-82A9-5F84EE93096E} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/90530
Task: {1230C07B-EAEF-42DE-9CD7-86511E8DA5EE} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-10-27] (NVIDIA Corporation)
Task: {1B53E9D4-E936-411B-827B-952B133CA4BA} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-27] (NVIDIA Corporation)
Task: {38FD6874-347B-482E-951F-CD16980BB242} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-10-27] (NVIDIA Corporation)
Task: {3AB065D2-A508-4A41-9F20-305DEE61E676} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {3C211330-3867-47D1-AE6B-70E6061E8325} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-27] (NVIDIA Corporation)
Task: {3D5843C4-BBF3-4FD1-AB8E-AFF68FBA1294} - System32\Tasks\{5779DDC4-9E0B-49ED-85A5-4E2D81ECBFA1} => C:\Windows\system32\pcalua.exe -a C:\Users\Maci\AppData\Local\Temp\jre-8u91-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {3F931B78-940E-40EA-AA26-9EA90D290492} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {445C3EEE-E736-4817-A2F1-36DDC3057897} - System32\Tasks\{3E2BEA76-BC1E-4796-9F8A-088253BBCF8C} => C:\MindMaster\MindMasterV2.exe
Task: {769FAEB1-972C-4D1A-A4B5-007F3EFF37C3} - \{F221865C-67A9-4972-B2E8-052208ACF3EA} -> No File <==== ATTENTION
Task: {782AB365-1127-42E1-BA32-B0B216E7D773} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-27] (NVIDIA Corporation)
Task: {8C4654B5-43DD-4ABC-91B7-D1E4C7EC3756} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {9DAE5D6F-F920-4342-9030-F0C7E77CBCBA} - System32\Tasks\SDMsgUpdate (TE) => C:\SmartDraw CI\Messages\SDNotify.exe [2012-08-13] ()
Task: {9FA34C46-3E74-4B2C-B131-78765C32C281} - System32\Tasks\Opera scheduled Autoupdate 1396455789 => C:\Program Files (x86)\Opera\launcher.exe [2018-04-10] (Opera Software)
Task: {BDAE7DB4-E044-4A63-9065-57B2DA11E8BC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-22] (Google Inc.)
Task: {C48ED685-2FA7-4CBF-A8A6-B7CB6155A5DB} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {CA7C0E73-A35E-4A17-A64C-2ED9D772AE43} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-27] (NVIDIA Corporation)
Task: {CD49CDF2-87FF-4A31-99B8-840C03BB752C} - System32\Tasks\{1031ECC5-474F-409A-897C-87C88E4A91D3} => C:\Windows\system32\pcalua.exe -a C:\Windows\IsUninst.exe -c -f"C:\Program Files (x86)\HumanConcepts\OrgPlus\Uninst.isu" -c"C:\Program Files (x86)\HumanConcepts\OrgPlus\dllopw.dll"
Task: {D179AD3F-5CDB-46AA-87AF-D7C645A60AA5} - System32\Tasks\{2DB539D1-CD9D-4829-8B87-B67587DC63AE} => C:\Windows\system32\pcalua.exe -a D:\dow\W40k.exe -d D:\dow\
Task: {D2915AA7-67E9-4DE4-ACAD-CD9EA6A45FDF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-22] (Google Inc.)
Task: {D6E00A9F-E45E-4FAA-AD12-716B1ED408EE} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-27] (NVIDIA Corporation)
Task: {E5EC7A5F-C9A6-4FB8-B568-B49C5F4FAF21} - System32\Tasks\{A0A039F1-7C9C-404B-9786-4D94CBDC9F23} => C:\Windows\system32\pcalua.exe -a H:\AutoPlay.exe -d H:\
Task: {E60B6C3E-D208-4778-91EF-9328F70FC33E} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-10-27] (NVIDIA Corporation)
Task: {E8632B31-21DE-4DE8-A95F-6B106B4FA8F0} - System32\Tasks\GarminUpdaterTask => D:\garmin 2595\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-03-28] ()
Task: {E9D5223C-9667-4366-B4BA-43D475C7FCC4} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {ECD6D8E9-BD48-49D6-96A0-5956C9625209} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [2018-03-03] (AO Kaspersky Lab)
Task: {FB86E72F-F387-4670-B856-3F86CF7ACAC2} - System32\Tasks\SDMsgUpdate (Local) => C:\SmartDraw CI\Messages\SDNotify.exe [2012-08-13] ()
Task: {FC5A3144-9A68-42C3-AF7C-8060311C2DA1} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Opera scheduled Autoupdate 1396455789.job => C:\Program Files (x86)\Opera\launcher.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Maci\AppData\Roaming\Microsoft\Windows\Start Menu\ÁNYK.lnk -> C:\Users\Public\abevjava\abevjava_start.bat ()
Shortcut: C:\Users\Maci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki
Shortcut: C:\Users\Maci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com

==================== Loaded Modules (Whitelisted) ==============

2013-08-29 09:08 - 2013-08-29 09:08 - 000332800 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\OnlineHandler.dll
2013-08-01 11:36 - 2013-08-01 11:36 - 000045568 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSLogging.dll
2013-08-29 09:08 - 2013-08-29 09:08 - 000490496 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSIndexDB.dll
2012-02-02 11:16 - 2012-02-02 11:16 - 000740864 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\sqlite3.dll
2013-02-03 13:40 - 2013-02-03 13:40 - 000011264 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\RWLock.dll
2013-08-29 09:08 - 2013-08-29 09:08 - 000209920 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\Settings.dll
2013-08-01 11:36 - 2013-08-01 11:36 - 000089600 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSEncryption.dll
2013-08-29 09:08 - 2013-08-29 09:08 - 000087040 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\QueueManager.dll
2013-08-29 09:08 - 2013-08-29 09:08 - 000710144 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSBackupManager.dll
2013-08-29 09:08 - 2013-08-29 09:08 - 000370688 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSWatcher4.dll
2013-02-03 11:21 - 2013-02-03 11:21 - 000045056 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\pcre.dll
2013-02-03 11:21 - 2013-02-03 11:21 - 000097792 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\pcrebase.dll
2013-08-29 09:08 - 2013-08-29 09:08 - 000054784 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSLogManager.dll
2013-02-03 13:40 - 2013-02-03 13:40 - 000010752 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\VSSEngine_Proxy.dll
2013-08-01 11:36 - 2013-08-01 11:36 - 000058368 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSLibrariesManager.dll
2015-02-17 15:26 - 2008-01-22 18:35 - 000103808 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2017-11-11 00:51 - 2017-10-27 19:46 - 001267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2011-11-25 00:15 - 2014-05-16 17:09 - 000076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2018-05-24 15:36 - 2018-06-06 12:28 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-05-24 15:36 - 2018-06-06 12:28 - 002493648 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-05-16 18:28 - 2013-08-29 09:08 - 000163328 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl
2016-05-16 18:28 - 2013-08-01 11:36 - 000045568 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSLogging.gtl
2016-05-16 18:28 - 2013-08-29 09:08 - 000209920 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\Settings.gtl
2016-05-16 18:28 - 2013-08-01 11:36 - 000089600 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSEncryption.gtl
2017-09-29 12:32 - 2017-09-29 12:32 - 000076456 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2016-05-16 18:28 - 2013-08-29 09:08 - 000490496 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSIndexDB.gtl
2016-05-16 18:28 - 2012-02-02 11:16 - 000740864 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\sqlite3.gtl
2016-05-16 18:28 - 2013-02-03 13:40 - 000011264 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\RWLock.gtl
2016-05-16 18:28 - 2013-08-29 09:08 - 000710144 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSBackupManager.gtl
2016-05-16 18:28 - 2013-08-29 09:08 - 000370688 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSWatcher4.gtl
2016-05-16 18:28 - 2013-08-29 09:08 - 000332800 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\OnlineHandler.gtl
2016-05-16 18:28 - 2013-08-29 09:08 - 000054784 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSLogManager.gtl
2016-05-16 18:28 - 2013-08-29 09:08 - 000087040 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\QueueManager.gtl
2016-05-16 18:28 - 2013-02-03 13:40 - 000010752 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\VSSEngine_Proxy.gtl
2016-05-16 18:28 - 2013-08-01 11:36 - 000058368 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSLibrariesManager.gtl
2016-03-28 20:07 - 2016-03-28 20:07 - 000230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2014-06-18 10:46 - 2014-06-18 10:46 - 001358912 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineAgent.exe
2013-08-29 09:08 - 2013-08-29 09:08 - 000063488 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\XBalloonMsgDll.dll
2013-08-01 11:36 - 2013-08-01 11:36 - 000093696 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSCurl.dll
2018-03-03 17:37 - 2018-03-03 17:37 - 000836968 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 18.0.0\kpcengine.2.3.dll
2015-01-13 22:40 - 2015-01-13 22:40 - 000275968 _____ () C:\Program Files (x86)\Common Files\Livescribe\PenComm\PenCommSdk.dll
2017-11-11 00:51 - 2017-10-27 19:46 - 001040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-12-01 17:38 - 2014-09-28 18:59 - 000019872 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2011-09-02 17:13 - 2011-05-20 10:05 - 000059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2018-04-21 11:20 - 2018-04-10 10:08 - 084110424 _____ () C:\Program Files (x86)\Opera\52.0.2871.64\opera_browser.dll
2018-04-21 11:20 - 2018-04-10 10:07 - 003741272 _____ () C:\Program Files (x86)\Opera\52.0.2871.64\libglesv2.dll
2018-04-21 11:20 - 2018-04-10 10:07 - 000086616 _____ () C:\Program Files (x86)\Opera\52.0.2871.64\libegl.dll
2015-11-11 04:41 - 2015-11-11 04:41 - 000756376 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2009-02-26 14:46 - 2009-02-26 14:46 - 000064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2011-06-22 12:46 - 2011-06-22 12:46 - 000434016 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:64170090 [147]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2184708151-3983908632-3959256547-1000\...\mcteddy.com -> www.mcteddy.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2184708151-3983908632-3959256547-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Maci\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: AcrSch2Svc => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: afcdpsrv => 2
MSCONFIG\Services: DDJ-SZ_AutoSetup => 2
MSCONFIG\Services: FolderSize => 2
MSCONFIG\Services: ss_conn_service => 2
MSCONFIG\Services: syncagentsrv => 2
MSCONFIG\Services: VyprVPN => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk => C:\Windows\pss\Adobe Gamma Loader.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HD Writer.lnk => C:\Windows\pss\HD Writer.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^office dictionary pro.lnk => C:\Windows\pss\office dictionary pro.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Maci^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk => C:\Windows\pss\MagicDisc.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Maci^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Reddcoin.lnk => C:\Windows\pss\Reddcoin.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Maci^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^simplicheck.lnk => C:\Windows\pss\simplicheck.lnk.Startup
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BackgroundContainer => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Maci\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
MSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: CPMonitor => "C:\Program Files (x86)\Roxio 2010\5.0\CPMonitor.exe"
MSCONFIG\startupreg: Creative Software Update => "C:\Program Files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe" /Silent
MSCONFIG\startupreg: CreativeTaskScheduler => "C:\Program Files (x86)\Creative\Shared Files\CTSched.exe" /logon
MSCONFIG\startupreg: CTxfiHlp => CTXFIHLP.EXE
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio 2010\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: Discord => C:\Users\Maci\AppData\Local\Discord\app-0.0.300\Discord.exe
MSCONFIG\startupreg: DT ACR => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe -ACR
MSCONFIG\startupreg: Eraser => "C:\Program Files\Eraser\Eraser.exe" /atRestart
MSCONFIG\startupreg: Folder Size => C:\Program Files\FolderSize\FolderSize.exe
MSCONFIG\startupreg: GarminExpressTrayApp => "D:\garmin 2595\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Launch LCore => C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
MSCONFIG\startupreg: Monitor => "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NETGEARGenie => "C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe" -mini -redirect
MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: PivotSoftware => "C:\Program Files (x86)\Portrait Displays\Pivot Pro Plugin\Pivot_startup.exe" -delay=10
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatchTray12.exe"
MSCONFIG\startupreg: SearchProtect => C:\Users\Maci\AppData\Roaming\SearchProtect\cltmng.exe
MSCONFIG\startupreg: SearchProtectAll => C:\Program Files (x86)\SearchProtect\cltmng.exe
MSCONFIG\startupreg: Smart File Advisor => "C:\Program Files (x86)\Smart File Advisor\sfa.exe" /checkassoc
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SweetIM => C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
MSCONFIG\startupreg: Sweetpacks Communicator => C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
MSCONFIG\startupreg: SystemExplorerAutoStart => "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
MSCONFIG\startupreg: TrayServer => C:\PROGRA~2\MAGIX\VIDEO_~2\TrayServer_de.exe
MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{63D86429-5B81-4B1E-BF41-9696A68CD139}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{D841B671-27C7-469C-8978-04E4F94C32DD}] => (Allow) LPort=2869
FirewallRules: [{314E6474-E5B7-4F40-AF30-22EBD35854DE}] => (Allow) LPort=1900
FirewallRules: [{568340A4-A8FE-436D-A9A3-911ACDFCF1F6}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{155D9314-227C-4CCE-83B8-3F072C989308}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C79D4386-808C-44BC-8429-B5C116A50AE0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9BBB4417-0A7D-4AED-9234-63C2FC26A558}] => (Allow) C:\Program Files\Newsbin\newsbinpro64.exe
FirewallRules: [{75FAA2BE-AFD7-4ECC-A148-09AEECCF4073}] => (Allow) C:\Program Files\Newsbin\NewsbinPro64.exe
FirewallRules: [{2E001835-73D4-4E95-801B-7C81BFC69E3F}] => (Allow) C:\Program Files\Newsbin\NewsbinPro64.exe
FirewallRules: [{906D2E8F-0657-46E9-B479-CC9271B76C40}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{39B95BC0-8437-4286-8636-EFAB9B44E46C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{F24963B8-B5AE-4670-B13A-E89419A7DF16}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{246C38AF-37C1-46F1-AFE5-C5151BA59D3B}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{10CF15EA-FCB8-4550-842D-26869B769F82}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rise of immortals\RoIClientR.exe
FirewallRules: [{2D53DC60-1F5A-44B1-9FA9-6A8E87F28985}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rise of immortals\RoIClientR.exe
FirewallRules: [{057C0A32-65DA-4B06-8C23-62533CAFD5D7}] => (Allow) C:\Program Files (x86)\Daum\PotPlayer\daumvsvr.exe
FirewallRules: [{B1D52354-4F71-4127-8165-0DE060F63939}] => (Allow) C:\Program Files (x86)\Daum\PotPlayer\daumvsvr.exe
FirewallRules: [PotPlayer(PotPlayerMini.exe)] => (Allow) C:\Program Files (x86)\Daum\PotPlayer\PotPlayerMini.exe
FirewallRules: [{B99E5138-424B-4E9E-B30B-7B449E6AD810}] => (Allow) C:\Program Files (x86)\Daum\PotPlayer\PotPlayerMini.exe
FirewallRules: [PotPlayer(PotPlayerMini64.exe)] => (Allow) C:\Program Files\DAUM\PotPlayerx64\PotPlayerMini64.exe
FirewallRules: [{64C77636-1912-435A-A3A5-0EA97087006A}] => (Allow) C:\Program Files\DAUM\PotPlayerx64\PotPlayerMini64.exe
FirewallRules: [{D17900AF-3215-4262-9C86-7856DB512FAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bejeweled 3\Bejeweled3.exe
FirewallRules: [{2A85C1E6-998E-46ED-90ED-ED297E5467E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bejeweled 3\Bejeweled3.exe
FirewallRules: [{E20FB660-8168-4A25-ADF9-03FF523418D6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{F0E694A0-D816-4451-AF17-E2D028589E0D}C:\program files (x86)\java\jre6\launch4j-tmp\mimo.exe] => (Block) C:\program files (x86)\java\jre6\launch4j-tmp\mimo.exe
FirewallRules: [UDP Query User{12951DA0-BE7C-45BA-AFD4-2BC95A449387}C:\program files (x86)\java\jre6\launch4j-tmp\mimo.exe] => (Block) C:\program files (x86)\java\jre6\launch4j-tmp\mimo.exe
FirewallRules: [{412F3DCC-8468-46B0-A8E6-72850BEE19D3}] => (Allow) C:\Program Files (x86)\Roxio 2010\Venue\Venue.exe
FirewallRules: [{B94286DD-1BFE-4D65-A078-70A05CF66592}] => (Allow) C:\Program Files (x86)\Roxio 2010\Venue\Venue.exe
FirewallRules: [{74CF33EA-D137-4AA6-AD6E-C34466A910AE}] => (Allow) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe
FirewallRules: [{4B39A8D8-F6B1-4D27-97FB-C3C1B2735B60}] => (Allow) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe
FirewallRules: [TCP Query User{C85B939A-53EB-4732-A5BD-1C7F5698E647}C:\program files (x86)\java\jre6\launch4j-tmp\mimo.exe] => (Block) C:\program files (x86)\java\jre6\launch4j-tmp\mimo.exe
FirewallRules: [UDP Query User{42E33AED-8831-4641-8435-BB635B8073FE}C:\program files (x86)\java\jre6\launch4j-tmp\mimo.exe] => (Block) C:\program files (x86)\java\jre6\launch4j-tmp\mimo.exe
FirewallRules: [TCP Query User{6ABCB7CA-498F-40FB-B632-215CD4A9E074}C:\program files\daum\potplayerx64\potplayer64.exe] => (Block) C:\program files\daum\potplayerx64\potplayer64.exe
FirewallRules: [UDP Query User{DA68DA1E-F0EB-4EDC-B085-D0007C397B95}C:\program files\daum\potplayerx64\potplayer64.exe] => (Block) C:\program files\daum\potplayerx64\potplayer64.exe
FirewallRules: [TCP Query User{DA7A2617-5542-444B-B873-7C28A867320C}C:\program files (x86)\starcraft ii\starcraft ii.exe] => (Allow) C:\program files (x86)\starcraft ii\starcraft ii.exe
FirewallRules: [UDP Query User{14EE4914-5E07-451E-A822-8296A6C250CB}C:\program files (x86)\starcraft ii\starcraft ii.exe] => (Allow) C:\program files (x86)\starcraft ii\starcraft ii.exe
FirewallRules: [TCP Query User{B3BCB0BC-3E50-468F-A224-F21E24904F07}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe] => (Allow) C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe
FirewallRules: [UDP Query User{FAA9689A-DF63-4B9A-89B3-8485272667F6}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe] => (Allow) C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe
FirewallRules: [TCP Query User{5FDCAC17-A42C-460F-82B3-D93C23C3834B}C:\users\maci\appdata\local\temp\electronicarts_patcher_000.exe] => (Allow) C:\users\maci\appdata\local\temp\electronicarts_patcher_000.exe
FirewallRules: [UDP Query User{CEB4D826-BAB7-4926-9AF9-53545E13FFB3}C:\users\maci\appdata\local\temp\electronicarts_patcher_000.exe] => (Allow) C:\users\maci\appdata\local\temp\electronicarts_patcher_000.exe
FirewallRules: [TCP Query User{D37C48A6-EDCC-4404-B6B3-85887F421574}C:\program files (x86)\steam\steamapps\arestor\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\arestor\team fortress 2\hl2.exe
FirewallRules: [UDP Query User{815B10D9-57A3-4426-A7F4-2B363EE73044}C:\program files (x86)\steam\steamapps\arestor\team fortress 2\hl2.exe] => (Allow) C:\program files (x86)\steam\steamapps\arestor\team fortress 2\hl2.exe
FirewallRules: [TCP Query User{006E377B-8E6C-48AD-AC95-98CAE071139F}C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe
FirewallRules: [UDP Query User{714E09DE-9E0B-476B-A2DE-F7FE23B7123A}C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe
FirewallRules: [{3FC3FCB4-6A61-4483-ABE8-56EABBF8D28A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.524\Agent.exe
FirewallRules: [{3941B41F-5C79-48DD-8D15-87104325E07B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.524\Agent.exe
FirewallRules: [{A25E3228-19D4-4890-8797-193F815AE3F9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.954\Agent.exe
FirewallRules: [{95175B9A-F315-4E2F-9984-920E1231F74E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.954\Agent.exe
FirewallRules: [{C6B9ABBC-4B2B-45D6-BA2F-A403BAB304A1}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{256A8110-69D1-4923-B636-DB5ACE39EC31}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [TCP Query User{470378BE-80EB-4D72-8E23-E9B26DE2775A}C:\programdata\battle.net\agent\agent.976\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.976\agent.exe
FirewallRules: [UDP Query User{C6D9E01A-EB68-48DC-9E64-10C84556BA4C}C:\programdata\battle.net\agent\agent.976\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.976\agent.exe
FirewallRules: [{F0FE5F93-849B-4839-A054-DC224B4D3154}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{228F9970-9F9C-404B-8320-DFF0B94CBF93}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{5508473D-C52E-4CA9-AD57-B1EE88B03797}] => (Allow) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
FirewallRules: [{4229526B-1F25-4F40-B765-47AB338B1241}] => (Allow) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
FirewallRules: [TCP Query User{E9EBAE26-5C65-4B0B-BF62-364C92E74B9E}C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Allow) C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe
FirewallRules: [UDP Query User{F2E17701-5D10-49B8-B14D-26B168B67402}C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Allow) C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe
FirewallRules: [{01DBBF9C-E1C4-4D3A-9F7F-DFFBA1843AD4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe
FirewallRules: [{D7461120-E410-4015-98D2-9033A4090261}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe
FirewallRules: [{FA6B4DFD-2EEB-4C6F-B7FC-4CCAAEF9CE02}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1225\Agent.exe
FirewallRules: [{0726078F-54F0-4EB4-B2D9-EE0B8C7F35DF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1225\Agent.exe
FirewallRules: [TCP Query User{418E4D1A-774A-42B4-B7E8-9D8F29132A02}C:\program files (x86)\ispy\ispy\ispy.exe] => (Allow) C:\program files (x86)\ispy\ispy\ispy.exe
FirewallRules: [UDP Query User{A43BE269-AC59-455F-827B-5BDCD36FFD71}C:\program files (x86)\ispy\ispy\ispy.exe] => (Allow) C:\program files (x86)\ispy\ispy\ispy.exe
FirewallRules: [{CB006913-0149-465D-A41A-00D4FFEA2CB5}] => (Allow) D:\End of Nations Beta\RTSClientG.exe
FirewallRules: [{B5AD5B31-826F-453F-8F17-2CF8D0F3149C}] => (Allow) D:\End of Nations Beta\RTSClientG.exe
FirewallRules: [{C07A09A7-2209-462A-97A5-C2C685FE100A}] => (Allow) D:\End of Nations Alpha\RTSClientG.exe
FirewallRules: [{B1573C5C-8BC4-4D80-AFC6-84D572A230B3}] => (Allow) D:\End of Nations Alpha\RTSClientG.exe
FirewallRules: [TCP Query User{7877B00B-9202-4BB0-B4E7-12CBD77A7603}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{AC487633-C6DB-4A72-AE71-8B2E25B0231B}C:\program files (x86)\java\jre6\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [{4FFF3947-3CC3-4E2F-B746-DE2E47BC47EB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{778F31DA-134B-4FA3-97F4-7A6605665A4E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [TCP Query User{6BA55BD2-9F38-4606-964B-AEC851243A5B}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{A717F78F-F162-4A6F-9477-BFCC14189A18}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{0604930C-3F5D-4587-9031-B02C0F3F78C8}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{B129A541-994C-4AA8-8CF5-D187885BEFB2}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{1828C50A-5FB2-455C-9E69-778B1A7FEAF4}] => (Allow) LPort=26675
FirewallRules: [{449A68EF-E038-422A-BED5-1F6951198673}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{52D6BB00-9BD9-4448-9ED0-C266FEF73060}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{85833FC4-43DB-4619-A545-A683BF3F559A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{11BE87CF-A29E-4239-B712-A1CEF64A48B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [PotPlayer(PotPlayer.exe)] => (Allow) C:\Program Files (x86)\Daum\PotPlayer\PotPlayer.exe
FirewallRules: [{41FB860A-4BE4-4180-86E1-1B233FA882B4}] => (Allow) C:\Program Files (x86)\Daum\PotPlayer\PotPlayer.exe
FirewallRules: [PotPlayer(PotPlayer64.exe)] => (Allow) C:\Program Files\DAUM\PotPlayerx64\PotPlayer64.exe
FirewallRules: [{C888491B-92AA-4E19-936D-582B96269AD0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8910999B-5F56-4440-96A7-7AFF0D3A6A19}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{892E37B0-6DDF-49D3-9F53-A1E62DE09854}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{5983AAFD-7AEC-433F-9014-6DB62F677163}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F5F57462-9D5D-4A1A-9FF2-52DCC6B48FB3}] => (Allow) C:\Program Files (x86)\Electronic Arts\Battlefield 4\bf4_x86.exe
FirewallRules: [{0557C745-A141-4E2B-BE47-26E17EA71204}] => (Allow) C:\Program Files (x86)\Electronic Arts\Battlefield 4\bf4_x86.exe
FirewallRules: [{32253172-813F-4460-BE52-F5DF25E236CD}] => (Allow) C:\Program Files (x86)\Electronic Arts\Battlefield 4\bf4.exe
FirewallRules: [{89E4AABB-EB75-46C7-B0EF-4B509A46AED6}] => (Allow) C:\Program Files (x86)\Electronic Arts\Battlefield 4\bf4.exe
FirewallRules: [{3EF748FB-A856-415A-A8CA-0374FABDF9D5}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{FFEF6415-6945-410A-933F-CF48B9809812}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{7FB1C086-772E-4EA2-85C8-85F9D5AD0DD5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D55A7FE2-3620-4BC1-B555-70442924D916}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E0AD4744-DE1D-4A8E-AE0B-8D80C2F19DD3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F2104ADA-A712-4409-8D3D-7D0B17D45EC5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9E617101-1100-43E0-9CB2-402B4B0606AF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{44A0DA46-A17F-4B56-B2BF-8E9E5DA5A73C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{FDB82753-9290-48F0-BD35-CD7075462C8F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{51709C00-D628-4917-A546-E3FB64D63574}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F2C90C80-4A37-4353-926C-D5F2A2E7993D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5E9BBE09-4CDD-43BB-B12B-ABF4A311D4B7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EAA393B0-4523-416E-964D-E3ED888D7A6C}] => (Allow) C:\Program Files\Flagship Studios\Hellgate London\Launcher.exe
FirewallRules: [{6F437FFE-A802-482D-88EC-9EDFA5615FD6}] => (Allow) C:\Program Files\Flagship Studios\Hellgate London\Launcher.exe
FirewallRules: [{6F7D87DF-624D-43C9-9CA9-D1D70FE40B01}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{BE101135-C5B9-4884-A62C-11376786B82A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{2DACE74D-CE74-4953-A591-EF2FB35DEBDA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Transmissions Element 120\hl2.exe
FirewallRules: [{3D131413-C622-4E52-9DB0-EA6AC3B0E96B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Transmissions Element 120\hl2.exe
FirewallRules: [{075EC568-8E8D-4ED3-874E-8388685FD571}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HuniePop\HuniePop.exe
FirewallRules: [{1254B9A7-C22F-4645-82A6-FBF34807BCA4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HuniePop\HuniePop.exe
FirewallRules: [{DB9888D1-BF7F-4546-B145-684403E18567}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Vanishing of Ethan Carter Redux\EthanCarter.exe
FirewallRules: [{F5247CF4-7383-4496-B445-D5F82E0CA1ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Vanishing of Ethan Carter Redux\EthanCarter.exe
FirewallRules: [{C6DCA4B4-07A0-41E8-A811-97CC38674B21}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ABZU\AbzuGame.exe
FirewallRules: [{78135209-2103-4414-BF81-B1A65D31961E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ABZU\AbzuGame.exe
FirewallRules: [{9B6A4E71-9410-4086-AE94-8225FAF50143}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Vanishing of Ethan Carter\Binaries\Launcher.exe
FirewallRules: [{D68E585A-13BC-46D5-99D4-A85E44D66865}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Vanishing of Ethan Carter\Binaries\Launcher.exe
FirewallRules: [{212305C2-317F-4146-BB8A-6A437165AC84}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Startopia\startopia.exe
FirewallRules: [{6CB4F6D1-A378-4E49-B31C-F7C791F4F9FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Startopia\startopia.exe
FirewallRules: [TCP Query User{C6D20178-5BD2-43DF-89DB-8BEE3F98F3B5}C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [UDP Query User{B33F93FA-BDE4-491B-B2FF-730FB4C40E03}C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_144\bin\javaw.exe
FirewallRules: [{B50A49B8-CC6C-4B22-9935-30C654D0DD50}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{BAC6EDE8-D46D-419D-B20F-67DB2F755B05}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{30F27498-BD43-4E73-9409-81F0EBEAEC17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{84234644-3244-4AA9-83AE-215A55AF3AA5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{46E5E917-D7F1-442F-98B6-9236E71048E5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FC4D123A-8772-4841-856E-7A82F698266D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{60DC6A29-0321-4F6D-B66C-4846632AB91F}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe
FirewallRules: [UDP Query User{95890FF9-14FB-4604-A818-A9CAEC216898}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe
FirewallRules: [{E044DDEF-1BCA-4954-B232-B8816E716EA8}] => (Allow) C:\Program Files\WebDrive\WebDrive.exe
FirewallRules: [{91093DC4-6A1F-4A12-B1C3-A8CA1AA956E6}] => (Allow) C:\Program Files\WebDrive\WebDrive.exe
FirewallRules: [{214F28F5-08A3-4D49-BC4E-35200F7B2DDC}] => (Allow) C:\Program Files\WebDrive\wdService.exe
FirewallRules: [{F68C1B5B-95E9-4B93-A3E6-E609769C05C2}] => (Allow) C:\Program Files\WebDrive\wdService.exe
FirewallRules: [{80556D0B-A325-4902-BA36-80E5051F8C51}] => (Allow) C:\Program Files\WebDrive\WebDrive.exe
FirewallRules: [{AC3308DE-C732-4754-8328-4E782137C621}] => (Allow) C:\Program Files\WebDrive\WebDrive.exe
FirewallRules: [{ACDABC61-C51E-4F3F-9800-ED913920CBE6}] => (Allow) C:\Program Files\WebDrive\wdService.exe
FirewallRules: [{023B1AAA-1325-4971-86C0-1B5A6E9C2125}] => (Allow) C:\Program Files\WebDrive\wdService.exe
FirewallRules: [{F90D5CDD-B18B-4E83-BB84-87D4FA2BF92F}] => (Allow) C:\Program Files (x86)\Opera\51.0.2830.55\opera.exe
FirewallRules: [{238DE648-71E0-4EDD-A906-9B6D996D46D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Serious Sam Fusion 2017\Bin\x64\Sam2017.exe
FirewallRules: [{A2DF62FF-8952-49B4-A1C9-71625872C3B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Serious Sam Fusion 2017\Bin\x64\Sam2017.exe
FirewallRules: [{4FD43B66-433D-4B21-A98F-ECFB62BFB483}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Serious Sam Fusion 2017\Bin\x64\Sam2017_Unrestricted.exe
FirewallRules: [{26195AC3-40D7-4A0D-AA3F-E0B6564EA245}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Serious Sam Fusion 2017\Bin\x64\Sam2017_Unrestricted.exe
FirewallRules: [{662A9323-5999-4726-8A8C-FF7CA654B216}] => (Allow) C:\Program Files (x86)\Opera\52.0.2871.64\opera.exe
FirewallRules: [{6819F5A5-3383-4955-8FE8-125E09E90EC4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: TAP-VyprVPN Adapter V9
Description: TAP-VyprVPN Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-VyprVPN Provider V9
Service: tapvyprvpn
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Kaspersky Security Data Escort Adapter
Description: Kaspersky Security Data Escort Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Kaspersky Security Data Escort Provider
Service: kltap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/28/2018 02:17:07 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe"; Description = Revo Uninstaller's restore point - VirtualDJ Home FREE; Error = 0x80070422).

Error: (06/28/2018 02:11:06 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = HALO 2 FÜR WINDOWS VISTA wird entfernt; Error = 0x80070422).

Error: (06/28/2018 02:11:06 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = HALO 2 FÜR WINDOWS VISTA wird entfernt; Error = 0x80070422).

Error: (06/28/2018 02:10:57 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe"; Description = Revo Uninstaller's restore point - HALO 2 FÜR WINDOWS VISTA; Error = 0x80070422).

Error: (06/28/2018 02:08:14 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Crazy Machines II wird entfernt; Error = 0x80070422).

Error: (06/28/2018 02:08:12 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Crazy Machines II wird entfernt; Error = 0x80070422).

Error: (06/28/2018 02:08:03 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe"; Description = Revo Uninstaller's restore point - Crazy Machines II; Error = 0x80070422).

Error: (06/28/2018 02:05:14 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe"; Description = Revo Uninstaller's restore point - Belarc Advisor 8.2; Error = 0x80070422).


System errors:
=============
Error: (06/27/2018 07:18:47 PM) (Source: Schannel) (EventID: 4108) (User: NT AUTHORITY)
Description: The certificate received from the remote server has not validated correctly. The error code is 0x80092012. The SSL connection request has failed. The attached data contains the server certificate.

Error: (06/27/2018 07:18:47 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 552.

Error: (06/27/2018 07:17:10 PM) (Source: Schannel) (EventID: 4108) (User: NT AUTHORITY)
Description: The certificate received from the remote server has not validated correctly. The error code is 0x80092012. The SSL connection request has failed. The attached data contains the server certificate.

Error: (06/27/2018 07:17:10 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 552.

Error: (06/27/2018 07:16:21 PM) (Source: Schannel) (EventID: 4108) (User: NT AUTHORITY)
Description: The certificate received from the remote server has not validated correctly. The error code is 0x80092012. The SSL connection request has failed. The attached data contains the server certificate.

Error: (06/27/2018 07:16:21 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 552.

Error: (06/27/2018 07:15:56 PM) (Source: Schannel) (EventID: 4108) (User: NT AUTHORITY)
Description: The certificate received from the remote server has not validated correctly. The error code is 0x80092012. The SSL connection request has failed. The attached data contains the server certificate.

Error: (06/27/2018 07:15:56 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 43. The internal error state is 552.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz
Percentage of memory in use: 48%
Total physical RAM: 16359.1 MB
Available physical RAM: 8360.43 MB
Total Virtual: 32716.37 MB
Available Virtual: 24092.51 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:429.02 GB) (Free:101.9 GB) NTFS
Drive d: (Games Raptor) (Fixed) (Total:97.66 GB) (Free:18.65 GB) NTFS
Drive e: (Temp Drive Raptor) (Fixed) (Total:21.8 GB) (Free:11.72 GB) NTFS
Drive f: (Downloads Raptor) (Fixed) (Total:390.62 GB) (Free:57.38 GB) NTFS
Drive g: (Multimedia Raptor) (Fixed) (Total:48.83 GB) (Free:30.88 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 558.9 GB) (Disk ID: B01740C3)
Partition 1: (Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=390.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=48.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=21.8 GB) - (Type=0F Extended)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 476.9 GB) (Disk ID: BE49A14E)

Partition: GPT.

==================== End of Addition.txt ============================
         


Code:
ATTFilter
Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 6/27/18
Protection Event Time: 2:34 PM
Log File: 6ae0c782-7a06-11e8-ad35-14dae91528d9.json
Administrator: Yes

-Software Information-
Version: 3.5.1.2522
Components Version: 1.0.374
Update Package Version: 1.0.5649
License: Premium

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0

-Website Data-
Category: Hijack
Domain: katie.runtnc.net
IP Address: 54.88.91.231
Port: [55292]
Type: Outbound
File: C:\Program Files (x86)\Mozilla Firefox\firefox.exe



(end)
         
Und Malwarebytes scan:

Code:
ATTFilter
Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 6/30/18
Scan Time: 3:01 AM
Log File: 17c218ba-7c01-11e8-9e30-14dae91528d9.json
Administrator: Yes

-Software Information-
Version: 3.5.1.2522
Components Version: 1.0.374
Update Package Version: 1.0.5691
License: Premium

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 748244
Threats Detected: 0
(No malicious items detected)
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 4 hr, 18 min, 28 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)
         

Alt 30.06.2018, 15:35   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
katie.runtnc.net erschien in Firefox, geblockt von Malwarebytes, komisches benehmen? - Standard

katie.runtnc.net erschien in Firefox, geblockt von Malwarebytes, komisches benehmen?



Zitat:
Microsoft Office Enterprise 2007
Microsoft Office Project Standard 2007
PDF-XChange 4 Pro
Gewerblich genutzter Rechner? Zum reinen Privatvergnügen nutzte man derartige Software jedenfalls nicht.

Zitat:
Windows 7 Ultimate Service Pack 1
Ultimate-Edition spricht auch nicht gerade für reines Privatvergnügen aber nunja - warum bist du überhaupt noch bei Windows 7 und nicht schon längst bei Windows 10?

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 30.06.2018, 15:54   #6
ToLiNoLi
 
katie.runtnc.net erschien in Firefox, geblockt von Malwarebytes, komisches benehmen? - Lächeln

katie.runtnc.net erschien in Firefox, geblockt von Malwarebytes, komisches benehmen?



Meinen Arbeitsplatz ermoglicht mir den Gebrauch. Als Version 10 rauskam gab es genuegend Sprengstoff im Internet nicht umzusteigen, ausserdem gefiel mir das neue Layout nicht, "never touch a running system" ist mein Motto und abwarten wie die "Beta" Tester damit zurechtkommen, das war eine gute Entscheidung. Konnte mich bisjetzt nicht beklagen was 7 Ultimate angeht und bin sehr zufrieden.

Koenntest du so nett sein und mir bitte weiterhelfen?
Danke

Alt 30.06.2018, 16:09   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
katie.runtnc.net erschien in Firefox, geblockt von Malwarebytes, komisches benehmen? - Standard

katie.runtnc.net erschien in Firefox, geblockt von Malwarebytes, komisches benehmen?



Es hat auch niemand verlangt, dass du Beta-Tester werden sollst. Und nach mittlerweile DREI JAHREN kann niemand mehr ernsthaft sagen, dass man ein Beta-Tester sei, wenn man Windows10 verwendet. Windows 7 ist auch bald EOL.

Zudem ist dein Rechner ziemlich zugemüllt, installierst du jede Software, die du findest?

Zitat:
Kaspersky Total Security
Diese Suite bzw Internet Security bitte komplett deinstallieren

Von derartiger Software wird schon schon lange abgeraten, die darin enthaltenen Personal Firewall sind total unsinnig und kontraproduktiv.
Außerdem will ich für eine Analyse und Bereinigung so wenig Störquellen wie nur möglich. Zum Abschluss gibt es Hinweise zur Absicherung deines Windows-Systems.


Gib Bescheid wenn das weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 30.06.2018, 16:42   #8
ToLiNoLi
 
katie.runtnc.net erschien in Firefox, geblockt von Malwarebytes, komisches benehmen? - Standard

katie.runtnc.net erschien in Firefox, geblockt von Malwarebytes, komisches benehmen?



Und wieso sollte ich umsteigen auf Windows 10 wenn 7 genuegt (habe mir die Version gekauft, dann nochmal hinblaettern obwohl das nicht notig ist? Wieso denn? Und solange 7 noch haelt, solange haelt mein PC auch noch)

Zugemuellt, du bist lustig das kommt weil es noch immer die erste Installation ist seit Jahren seitdem es den i7-920 gibt und ueber die Jahre kommt so einiges zusammen. Aber ja, koennte einiges runter schmeissen was ich nicht mehr benoetige.

Gibt es irgendwelche Beitraege, Posts, Tests, Examples, wieso Kaspersky Muell sei? Deine Behauptung muss ja irgendwie auf was grundlegen. Ich lese eben gerne nach wenn ich sowas hoere um zu lernen und um auch andere ueberzeugen zu koennen diese Software im Muel zu schmeissen...

Meine erste Antivirensoftware war Norton, aber ueber Zeit wurde diese schlechter und falls du dich erinnern kannst war die de-installation der reinste Horror da die de-installationsdatei eben nicht alles loeschte und so konnte man dan von Hand anlegen seine Registrie zu saubern.... da war schluss fuer mich mit Norton (ausserdem war es der reinste Resourcenfresser, Windows XP Zeit...)

Dann hatte ich Gdata fuer einige Jahren, bis dieser dann auch nicht mehr herhielt und in Tests kam Kaspersky dann als Beste hervor.

Gut das koennte sich ja geaendert haben, aber weshalb wird es dann noch von Zig Webseiten als einer der Besten angepriesen? Ich habe herumgegoogelt und konnte keine negative Berichte in diesem Sinne finden (auf Englisch und auf Deutsch gesucht), ich wuerde es sehr begruessen wenn du mich da auf die Spruenge weiter helfen wuerdest, damit ich mir selbst ein Bild davon machen kann.

Und was ist denn das Problem dass man ein System anhand der Daten nicht ausforschen kann solange Kaspersky sich auf dem System befindet?

Vielen Dank schon mal fuer deine Muehe.

Alt 30.06.2018, 17:52   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
katie.runtnc.net erschien in Firefox, geblockt von Malwarebytes, komisches benehmen? - Standard

katie.runtnc.net erschien in Firefox, geblockt von Malwarebytes, komisches benehmen?



Zitat:
Und wieso sollte ich umsteigen auf Windows 10 wenn 7 genuegt
Du hast es nicht verstanden. Es geht nicht um "genügen" sondern darum, dass es bald END OF LIFE Ist und das OS keine Updates mehr bekommt!

Zitat:
Zugemuellt, du bist lustig
Dann schau dir an was für Tonnen an Software du installiert hast. Sowas sieht man hier auch nicht jeden Tag!


Zitat:
Gibt es irgendwelche Beitraege, Posts, Tests, Examples, wieso Kaspersky Muell sei?
Ich analysiere keine Rechner wenn noch so ein Müll wie ne Secruity Suite drauf ist. Dass Kaspersky schon lange nicht mehr empfohlen wird kannst du hier auch in zig Threads nachlesen. Unnötiges Schlangenöl, macht nix sicherer, ist ne Systembremse hoch drei, bricht SSL-Verkehr auf usw usf. - und obwohl du diese tolle Suite hast bist du letztenendes doch bei uns weil dein Rechner wohl was hat.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 01.07.2018, 10:22   #10
ToLiNoLi
 
katie.runtnc.net erschien in Firefox, geblockt von Malwarebytes, komisches benehmen? - Standard

katie.runtnc.net erschien in Firefox, geblockt von Malwarebytes, komisches benehmen?



So habe mal bei Microsoft nachgeschaut, also Windows 7 Support wird ab 14 Januar 2020 eingestellt, da habe ich noch ausreichend Zeit um mir bis dahin einen neuen Rechner zusammenzubauen und mir dann auf ein neues Betriebssystem umzustellen.

Uebrigerens es ist doch gar nicht sicher ob mein Rechner was eingefangen hat, ich schrieb ja dass ich nicht sicher bin.

Und da du wie du schriebst du es ja sowieso nicht analysierst mit sogenannten Antiviren Muel, kannst du das ja auch nicht wissen.

Malwarebytes Premium lauft ja bei mir und findet nichts....

Habe mich mal bei euch herumgelesen, da steht bei euch dass alle Antiviren so gut wie nichts taugen, aber wie waere es mit nem Test wo Ihr die Virenscanner unter einen Stresstest setzt, ein Video waere doch super, stellt das auf Youtube so koennt ihr viele helfen, das macht wenigstens sinn und jeder kann dann sehen dass was ihr sagt auch wirklich so ist.

Und im Ergaenzung waere es dann auch sehr Sinnvoll die User zu helfen wie sie sich dann am Besten schuetzen sollten (auch die die von Computern gar keine Ahnung haben (besser ein Antivir als garnichts sonst klicken die sich doch ins unendliche herum um sich alles moegliche einzufangen, weil die nicht besser wissen...)).

Ich mache mich jetzt mal auf den Weg wie ich die Logdateien analysieren kann und versuche mal herauszufinden ob da ein Wurm drin ist. Und werde mich mal bei euch weiter herumlesen und studieren.

Habe mir mal nen Kaffee gemacht, wird wohl eine lange Nacht werden...

Trotzdem danke fuer deine ehrliche Meinung und Hilfe soweit. Bis spaeter dann...

Guten Morgen,

Habe mal damit angefangen saemtliche Programme die ich nicht mehr brauch von meinem PC zu entfernen und nutze dazu das Tool Revo Uninstaller um auch uebrig gebliebene Registry Spuren zu entfernen.

Habe dazu folgende Fragen:

Nachdem ich dem Daum Potplayer entfernt hatte, laesst sich das Verzeichnis im Windows Taskmenu nicht entfernen wegen fehlende Administratorrechte?

Soll ich in abgesicherten Modus gehen und es dort versuchen es zu entfernen oder hast du andere Tips?

Welches Program empfiehlst du zur Registrierungsreinigung? Ist Revo dazu geeignet? Eben fuer die Spuren die nicht entfernt wurden von aelteren installierten Programme?

Einige Installationen frage ich mich ob ich die ohne weiteres entfernen kann, vor allem wenn es eine Meldung gibt dass verschiedene Dateien moeglicherweise auch von anderen Programmen genutzt wird, wie zB das Nokia Suite fuer mein aelteres Mobil Telefon.

Vielleicht kannst du mich auf Foren Themen hinweisen die dies behandeln? Dann lese ich mich durch.

Danke schon mal fuer deine Muehe.

Alt 01.07.2018, 13:05   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
katie.runtnc.net erschien in Firefox, geblockt von Malwarebytes, komisches benehmen? - Standard

katie.runtnc.net erschien in Firefox, geblockt von Malwarebytes, komisches benehmen?



Ist Kaspersky jetzt deinstalliert?

Und diese vielen Fragen sind zum jetzigen Zeitpunkt einfach fehl am Platz. Das meiste wird eh durch meinen Abschlussbaustein geklärt.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu katie.runtnc.net erschien in Firefox, geblockt von Malwarebytes, komisches benehmen?
anschluss, bin ich infiziert, dsl, email, entfernen, fehler, firefox, folge, frage, infiziert, kaspersky, katie.runtnc.net, laufwerk, lizenz, malwarebytes, passwort, problem, rootkit, router, scan, scanner finden nichts, security, stick, umgeleitet, updates, usb, usb stick, windows



Ähnliche Themen: katie.runtnc.net erschien in Firefox, geblockt von Malwarebytes, komisches benehmen?


  1. iyfnzgb.com und katie.runtnc.net erscheinen einfach im Browser Betreff
    Plagegeister aller Art und deren Bekämpfung - 18.04.2018 (17)
  2. iyfnzgb.com und katie.runtnc.net bei berliner-sparkasse.de
    Plagegeister aller Art und deren Bekämpfung - 27.03.2018 (5)
  3. windows 7, Firefox öffnet Tabs mit Werbung, Adblock wird geblockt
    Log-Analyse und Auswertung - 10.02.2016 (12)
  4. Windows 7, Trojaner von Avira geblockt + entfernt, Malwarebytes möglicher Fund aber von Avira geblockt
    Log-Analyse und Auswertung - 13.05.2015 (13)
  5. Win 7 : IPA Trojaner - Firefox geblockt
    Log-Analyse und Auswertung - 06.01.2015 (11)
  6. GVU - Trojaner Seite erschien infiziert oder Fake?
    Log-Analyse und Auswertung - 31.12.2014 (9)
  7. Avast und Malwarebytes Anti-Malware werdenvon gruppenrichtlinie geblockt + aussergewöhnliche meldung nach dem bootvorgang.
    Plagegeister aller Art und deren Bekämpfung - 16.05.2014 (11)
  8. RVZR-a.akamaihd.net erschien, seitdem PC langsam, Texte farblich und unterstrichen, dahinter Webebanner
    Log-Analyse und Auswertung - 19.11.2013 (22)
  9. Plötzlich erschien DELTA SEARCH
    Log-Analyse und Auswertung - 17.11.2013 (22)
  10. GfilterSvc.exe wird durch Malwarebytes geblockt
    Log-Analyse und Auswertung - 19.07.2013 (19)
  11. Infektion: Firefox stürzt ab; Virusseiten werden geblockt.
    Plagegeister aller Art und deren Bekämpfung - 14.05.2013 (8)
  12. Versch. Webseiten geblockt, Firefox lässt sich nicht öffnen
    Plagegeister aller Art und deren Bekämpfung - 21.09.2012 (17)
  13. Incoming von 221.192.199.49, wird geblockt von Malwarebytes
    Plagegeister aller Art und deren Bekämpfung - 02.04.2012 (1)
  14. TR/Crypt.Xpack.Gen2 Firefox und IE werden von Avira geblockt
    Plagegeister aller Art und deren Bekämpfung - 11.08.2010 (12)
  15. Malwarebytes und andere geblockt...
    Plagegeister aller Art und deren Bekämpfung - 05.05.2009 (27)
  16. Mein HijackThis Log --> Firefox stürtzt ab.. komisches Logo
    Log-Analyse und Auswertung - 25.01.2005 (2)

Zum Thema katie.runtnc.net erschien in Firefox, geblockt von Malwarebytes, komisches benehmen? - Guten Tag alle, Bin jetzt nicht komplett Leie und hatte bisjetzt keine Infektionen auf meinem PC (denke ich mal), jedoch nachdem ich katie.runtnc.net als Meldung bekam, geblockt von Malwarebytes Premium - katie.runtnc.net erschien in Firefox, geblockt von Malwarebytes, komisches benehmen?...
Archiv
Du betrachtest: katie.runtnc.net erschien in Firefox, geblockt von Malwarebytes, komisches benehmen? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.