| |
| |||||||
Log-Analyse und Auswertung: Telekom Mail versendet Spam - Delivery Status Notification erhaltenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
24.09.2015, 07:37
| #1 | |||
| |  Telekom Mail versendet Spam - Delivery Status Notification erhalten Moin, Ich bekomme seit zwei Tagen Emails mit dem Hinweis "Delivery Status Notification". Meine Mail Adresse soll Spam versenden.Im Postausgang bei Thunderbird und im Telekom Email Center ist davon nichts ersichtlich. So wie es aussieht bekommen alle Adressen die ich in Thunderbird habe eine Spam mail von mir. Bisher habe ich mein Email PW geändert, mein Telekom Zugangs PW - waren 2 unterschiedliche und 8 stellig mit Buchstaben und Zahlen.Wurde von diesem Rechner geändert, was mir nun beim Schreiben auffällt, dass es keine gute Idee war. Ich werde es nochmal von einem anderen ändern. Auf meinem Handy (iOS) habe ich die TOnline Mail App. Im Emailcenter ist mir aufgefallen das sich der Absender Name meiner Mail ändert, es ist jeden Tag ein anderer auch wenn ich es in meinen ändere. Die Antwortadresse scheint sich auch zu verändern im Emailcenter der Tcom. Ich poste einmal meinen Mail Auszug. Zitat:
Zitat:
Zitat:
 Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015
durchgeführt von nunuc (Administrator) auf NUNUC-PC (24-09-2015 08:29:22)
Gestartet von C:\Users\nunuc\Desktop
Geladene Profile: nunuc (Verfügbare Profile: nunuc)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
() C:\Program Files (x86)\Lexware\AAVUpdateManager\aavus.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Akamai Technologies, Inc.) C:\Users\nunuc\AppData\Local\Akamai\netsession_win.exe
(hxxp://tortoisesvn.net) E:\Programme\bin\TSVNCache.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Akamai Technologies, Inc.) C:\Users\nunuc\AppData\Local\Akamai\netsession_win.exe
(Razer Inc) C:\Program Files (x86)\Razer\Razer_Kraken_Driver\Drivers\SysAudio\KrakenHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(ICQ) C:\Users\nunuc\AppData\Roaming\ICQM\icq.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.4432\Agent.exe
(Blizzard Entertainment) G:\GAMES\Battle.net\Battle.net.6160\Battle.net.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-03-12] (Logitech Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2015-05-25] (Realtek Semiconductor)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [593216 2015-08-11] (Razer Inc.)
HKLM-x32\...\Run: [KrakenLauncher] => C:\Program Files (x86)\Razer\Razer_Kraken_Driver\Drivers\SysAudio\KrakenHelper.exe [1599808 2015-02-03] (Razer Inc)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66936 2015-08-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782008 2015-08-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [896632 2015-07-22] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2403208828-1726898586-2912756724-1000\...\Run: [Akamai NetSession Interface] => C:\Users\nunuc\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2403208828-1726898586-2912756724-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2403208828-1726898586-2912756724-1000\...\MountPoints2: {20742068-8b60-11e4-adae-406186c7db28} - I:\StorioSetup.exe
HKU\S-1-5-21-2403208828-1726898586-2912756724-1000\...\MountPoints2: {68c678be-1b38-11e5-9032-406186c7db28} - K:\setup.exe
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKU\S-1-5-21-2403208828-1726898586-2912756724-1000\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 07 C:\Windows\SysWOW64\PrxerNsp.dll [56424 2014-10-27] ()
Winsock: Catalog5-x64 07 C:\Windows\system32\PrxerNsp.dll [57448 2014-10-27] ()
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{944EE6F6-5E54-4262-A1C0-FDEBC3062000}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-31] (Oracle Corporation)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-31] (Oracle Corporation)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\nunuc\AppData\Roaming\Mozilla\Firefox\Profiles\8ga7h27d.default-1422721195637
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-21] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2014-11-26] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-21] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-31] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2014-11-26] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-2403208828-1726898586-2912756724-1000: @hola.org/vlc,version=1.8.103 -> C:\Users\nunuc\AppData\Local\Hola\firefox\app\vlc Keine Datei
FF Extension: flash service plus - C:\Users\nunuc\AppData\Roaming\Mozilla\Firefox\Profiles\8ga7h27d.default-1422721195637\Extensions\{bc3bf693-8105-4984-aceb-f016e61280b7}.xpi [2015-06-27]
FF Extension: Adblock Plus - C:\Users\nunuc\AppData\Roaming\Mozilla\Firefox\Profiles\8ga7h27d.default-1422721195637\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-15]
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2015-06-03]
FF HKU\S-1-5-21-2403208828-1726898586-2912756724-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\nunuc\AppData\Roaming\Mozilla\Firefox\Profiles\po6pma7g.default\extensions\cliqz@cliqz.com
Chrome:
=======
CHR dev: Chrome dev build erkannt! <======= ACHTUNG
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
StartMenuInternet: (HKLM) OperaStable - E:\Programme\Launcher.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AAV UpdateService; C:\Program Files (x86)\Lexware\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [887128 2015-07-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-08-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-08-26] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1213072 2015-08-26] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [228104 2015-08-13] (Avira Operations GmbH & Co. KG)
R3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
R3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
R3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3755976 2015-07-01] (devolo AG)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [175136 2014-09-30] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3493744 2015-01-13] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
S3 Origin Client Service; G:\Gamez!\Origin\OriginClientService.exe [2057736 2015-09-02] (Electronic Arts)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-09-13] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-09-12] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-06-23] ()
R2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4254720 2015-07-29] (A-Volute) [Datei ist nicht signiert]
S3 SandraAgentSrv; E:\Programme\SiSoftware Sandra Lite 2015.SP2b\RpcAgentSrv.exe [73200 2015-07-06] (SiSoftware) [Datei ist nicht signiert]
S3 SDScannerService; E:\Programme\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S3 SDUpdateService; E:\Programme\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S2 SkypeUpdate; E:\Programme\Updater\Updater.exe [327296 2015-07-09] (Skype Technologies)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [65248 2015-04-23] (Advanced Micro Devices, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-07-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-07-15] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-07-15] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-05-25] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R3 JmUsbCcgp; C:\Windows\System32\DRIVERS\jmccgp.sys [17136 2009-07-29] (JMicron Technology Corp.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2015-07-01] (CACE Technologies)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129472 2015-06-27] (Razer, Inc.)
R3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [40640 2015-07-29] (Windows (R) Win 7 DDK provider)
S3 SANDRA; E:\Programme\SiSoftware Sandra Lite 2015.SP2b\WNt600x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2015-05-25] (Synaptics Incorporated)
S3 CFCOGJUTSSHKETKV; \??\C:\Windows\TEMP\CFCOGJUTSSHKETKV [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 TIYIXIYEHUDMXJJ; \??\C:\Windows\TEMP\TIYIXIYEHUDMXJJ [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-24 08:29 - 2015-09-24 08:29 - 00022973 _____ C:\Users\nunuc\Desktop\FRST.txt
2015-09-24 08:29 - 2015-09-24 08:29 - 00000000 ____D C:\FRST
2015-09-24 08:06 - 2015-09-24 08:06 - 02192384 _____ (Farbar) C:\Users\nunuc\Desktop\FRST64.exe
2015-09-23 18:50 - 2015-09-23 18:50 - 00000811 _____ C:\Users\Public\Desktop\Command and Conquer Red Alert 2.lnk
2015-09-23 18:50 - 2015-09-23 18:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Westwood Online
2015-09-23 18:50 - 2015-09-23 18:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Command and Conquer Red Alert 2
2015-09-23 18:50 - 2015-09-23 18:50 - 00000000 ____D C:\Program Files (x86)\WestwoodOnline
2015-09-23 15:53 - 2015-09-23 15:53 - 00249946 _____ C:\Users\nunuc\Desktop\bookmarks23092015.html
2015-09-23 15:53 - 2015-09-23 15:53 - 00100269 _____ C:\Users\nunuc\Desktop\bookmarks-2015-09-23.json
2015-09-23 15:47 - 2015-09-23 15:50 - 00000000 ____D C:\Users\nunuc\Desktop\Neuer PC
2015-09-23 13:01 - 2015-09-23 13:01 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2015-09-23 08:34 - 2015-09-23 08:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-09-23 08:34 - 2015-09-23 08:34 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-09-23 08:34 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-09-23 08:34 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-09-23 08:34 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-09-23 08:23 - 2015-09-23 08:34 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-23 08:22 - 2015-09-23 08:37 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-23 08:22 - 2015-09-23 08:34 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-09-23 08:05 - 2015-09-23 08:05 - 00000000 ____D C:\Users\nunuc\AppData\Roaming\QuickScan
2015-09-22 22:00 - 2015-09-22 22:00 - 00000669 _____ C:\Users\Public\Desktop\FIFA 16.lnk
2015-09-22 22:00 - 2015-09-22 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 16
2015-09-21 08:26 - 2015-09-21 08:26 - 00000000 ____D C:\Users\nunuc\Desktop\trophy
2015-09-20 10:45 - 2015-09-20 10:45 - 00000000 ____D C:\Program Files\Common Files\AV
2015-09-14 10:42 - 2015-07-04 11:29 - 14548992 _____ C:\Users\nunuc\AppData\Roaming\Sandra.mdb
2015-09-14 10:41 - 2015-09-14 10:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware
2015-09-14 09:54 - 2015-09-14 09:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-14 09:54 - 2015-09-14 09:54 - 00000000 ____D C:\Program Files (x86)\Skype
2015-09-13 17:25 - 2015-09-23 08:36 - 00002176 _____ C:\Windows\PFRO.log
2015-09-13 10:43 - 2015-09-13 10:43 - 00076152 _____ C:\Windows\system32\PnkBstrA.exe
2015-09-12 19:09 - 2015-09-12 19:09 - 00000000 ____D C:\Users\nunuc\AppData\Local\ESN
2015-09-12 18:58 - 2015-09-12 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4
2015-09-12 18:57 - 2015-09-23 18:50 - 00036946 _____ C:\Windows\DirectX.log
2015-09-11 18:16 - 2015-09-11 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
2015-09-11 18:16 - 2011-09-09 11:28 - 00007748 _____ C:\Windows\system32\athrextx.cat
2015-09-11 18:16 - 2011-04-11 17:35 - 01579520 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys
2015-09-11 18:16 - 2011-04-11 17:35 - 01579520 _____ (Atheros Communications, Inc.) C:\Windows\system32\athrx.sys
2015-09-11 18:15 - 2015-09-11 18:16 - 00000000 ____D C:\temp
2015-09-10 17:14 - 2015-09-10 17:14 - 00000000 ____D C:\Users\nunuc\Documents\SimCity
2015-09-10 17:11 - 2015-09-10 17:11 - 00000776 _____ C:\Users\Public\Desktop\SimCity™.lnk
2015-09-10 17:11 - 2015-09-10 17:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™
2015-09-10 16:32 - 2015-09-10 16:32 - 00000000 ____D C:\ProgramData\PopCap Games
2015-09-10 16:32 - 2015-09-10 16:32 - 00000000 ____D C:\ProgramData\EA Core
2015-09-10 16:23 - 2015-09-10 16:23 - 00000000 ____D C:\Users\nunuc\AppData\Local\Ubisoft
2015-09-04 21:45 - 2015-09-14 10:43 - 00000000 ____D C:\Users\nunuc\AppData\Roaming\NVIDIA
2015-09-03 16:06 - 2015-09-03 16:09 - 00007564 _____ C:\Windows\DPINST.LOG
2015-09-03 16:06 - 2015-09-03 16:06 - 00000000 ____D C:\Program Files\DIFX
2015-09-03 16:06 - 2015-07-15 17:20 - 00195912 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-09-03 16:06 - 2015-07-15 17:20 - 00031552 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-09-03 16:06 - 2015-04-23 21:19 - 00065248 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdkmpfd.sys
2015-09-03 16:06 - 2010-09-07 04:37 - 00121432 _____ (JMicron Technology Corp.) C:\Windows\system32\Drivers\jraid.sys
2015-09-03 16:06 - 2009-07-29 20:26 - 00614000 _____ (JMicron Technology Corp.) C:\Windows\system32\jmccgpInst.dll
2015-09-03 16:06 - 2009-07-29 20:26 - 00017136 _____ (JMicron Technology Corp.) C:\Windows\system32\Drivers\jmccgp.sys
2015-09-03 16:03 - 2015-09-03 16:04 - 00000000 ____D C:\ProgramData\BSD
2015-09-03 06:53 - 2015-09-24 07:44 - 00003967 _____ C:\Windows\setupact.log
2015-09-03 06:53 - 2015-09-03 06:53 - 00000000 _____ C:\Windows\setuperr.log
2015-09-02 17:25 - 2015-09-02 17:25 - 00002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-09-02 17:25 - 2015-09-02 17:25 - 00000000 ____D C:\Program Files\CCleaner
2015-09-02 14:16 - 2015-08-11 06:52 - 00069416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-09-02 14:16 - 2015-08-11 06:52 - 00050472 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-08-31 13:55 - 2015-08-31 13:55 - 00000000 ____D C:\Users\nunuc\AppData\Roaming\Sun
2015-08-31 13:55 - 2015-08-31 13:55 - 00000000 ____D C:\Users\nunuc\.oracle_jre_usage
2015-08-31 13:32 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\dG5XucIXHTsYgekuS.exe
2015-08-31 13:32 - 2014-11-01 01:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\ECHOUoP39ABAwawqOw2K.exe
2015-08-31 13:04 - 2015-08-31 13:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-08-25 19:49 - 2015-08-25 19:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-08-25 17:21 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\LswfWECHOZYtfdE8KaPW.exe
2015-08-25 17:21 - 2014-11-01 01:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\gQ1hhuPTECHOR9NysCDH.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-24 08:23 - 2014-10-27 18:31 - 00000000 ____D C:\Users\nunuc\AppData\Local\Battle.net
2015-09-24 08:10 - 2015-08-23 16:39 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-24 08:05 - 2009-07-14 06:45 - 00035328 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-24 08:05 - 2009-07-14 06:45 - 00035328 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-24 07:50 - 2014-10-28 02:44 - 00700470 _____ C:\Windows\system32\perfh007.dat
2015-09-24 07:50 - 2014-10-28 02:44 - 00150108 _____ C:\Windows\system32\perfc007.dat
2015-09-24 07:50 - 2009-07-14 07:13 - 01624106 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-24 07:47 - 2014-10-27 17:53 - 02010398 _____ C:\Windows\WindowsUpdate.log
2015-09-24 07:44 - 2014-10-27 21:56 - 00000000 ____D C:\Users\nunuc\AppData\Local\TSVNCache
2015-09-24 07:44 - 2014-10-27 18:11 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-24 07:44 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-23 18:50 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-09-23 17:17 - 2014-10-27 21:18 - 00000000 ____D C:\ProgramData\Origin
2015-09-23 08:51 - 2015-05-25 13:51 - 00000000 ____D C:\Users\nunuc\AppData\Roaming\IObit
2015-09-23 08:48 - 2015-05-08 11:15 - 00000000 ____D C:\AdwCleaner
2015-09-22 22:00 - 2014-10-27 18:15 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-22 18:30 - 2015-06-13 12:04 - 00000000 ____D C:\Users\nunuc\AppData\Local\Akamai
2015-09-22 11:50 - 2014-11-02 19:08 - 00000000 ____D C:\Users\nunuc\AppData\Roaming\vlc
2015-09-22 11:29 - 2014-10-29 23:38 - 00000000 ____D C:\Users\nunuc\AppData\Local\._LiveCode_
2015-09-21 23:10 - 2015-08-23 16:39 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-09-21 23:10 - 2014-10-27 18:53 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-21 23:10 - 2014-10-27 18:53 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-17 14:22 - 2014-10-29 16:11 - 00003820 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1414591907
2015-09-17 06:54 - 2014-11-15 12:47 - 00000000 ____D C:\Users\nunuc\AppData\Roaming\Skype
2015-09-14 09:54 - 2014-11-15 12:47 - 00000000 ____D C:\ProgramData\Skype
2015-09-13 17:25 - 2014-11-29 23:29 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-09-13 10:43 - 2014-11-29 23:28 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-09-13 10:34 - 2014-11-29 23:28 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-09-12 18:58 - 2014-11-29 23:28 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-09-11 18:16 - 2014-10-27 17:55 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-09-11 18:14 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-09-11 18:11 - 2014-11-30 16:16 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-09-10 16:25 - 2015-07-17 19:04 - 00000000 ____D C:\Users\nunuc\AppData\Roaming\Awesomium
2015-09-10 16:24 - 2014-11-04 22:06 - 00000000 ____D C:\Users\nunuc\Documents\my games
2015-09-10 16:24 - 2014-10-27 21:28 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-09-10 08:48 - 2015-06-25 15:57 - 00000000 ____D C:\ProgramData\TEMP
2015-09-08 21:27 - 2015-08-16 10:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-09-04 14:52 - 2015-01-02 22:39 - 00000000 ____D C:\Users\nunuc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-09-03 18:21 - 2015-06-25 20:16 - 00000000 ____D C:\Users\nunuc\Documents\Euro Truck Simulator 2
2015-09-03 16:04 - 2009-07-14 04:34 - 00000466 _____ C:\Windows\win.ini
2015-09-02 17:30 - 2014-11-02 18:21 - 00000000 ____D C:\Windows\Minidump
2015-09-02 17:30 - 2014-10-28 02:46 - 00000000 ____D C:\Windows\Panther
2015-09-02 14:16 - 2014-10-27 18:11 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-09-01 07:16 - 2014-10-27 21:24 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-09-01 07:16 - 2014-10-27 21:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-31 15:05 - 2014-10-27 21:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-31 13:56 - 2015-06-17 08:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-31 13:56 - 2015-06-17 08:29 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-31 13:56 - 2015-01-09 14:33 - 00000000 ____D C:\ProgramData\Oracle
2015-08-31 13:55 - 2015-06-17 08:30 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-08-31 13:55 - 2014-10-27 17:53 - 00000000 ____D C:\Users\nunuc
2015-08-31 13:04 - 2015-04-04 22:01 - 00000000 ____D C:\Program Files\iTunes
2015-08-31 13:03 - 2015-04-04 22:01 - 00000000 ____D C:\Program Files\iPod
2015-08-31 13:03 - 2015-04-04 22:01 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-08-31 13:03 - 2015-04-04 22:01 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-08-27 02:37 - 2014-10-27 18:11 - 01423120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-08-27 02:37 - 2014-10-27 18:11 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-08-27 02:36 - 2014-10-27 18:11 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-08-27 02:36 - 2014-10-27 18:11 - 01710568 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-08-26 14:49 - 2014-10-27 18:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-09-14 10:42 - 2015-07-04 11:29 - 14548992 _____ () C:\Users\nunuc\AppData\Roaming\Sandra.mdb
2015-08-17 23:12 - 2015-08-17 23:12 - 0000058 _____ () C:\Users\nunuc\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2015-04-14 23:14 - 2015-04-14 23:14 - 0011670 _____ () C:\Users\nunuc\AppData\Local\Temp-log.txt
2015-04-14 23:14 - 2015-04-14 23:14 - 0000000 _____ () C:\Users\nunuc\AppData\Local\Temp.dat
2014-10-27 21:22 - 2014-10-27 21:22 - 0012294 _____ () C:\ProgramData\mptmqteo.hmi
Einige Dateien in TEMP:
====================
C:\Users\nunuc\AppData\Local\Temp\0KrakenDevProps.dll
C:\Users\nunuc\AppData\Local\Temp\avgnt.exe
C:\Users\nunuc\AppData\Local\Temp\proxy_vole712786930832491872.dll
C:\Users\nunuc\AppData\Local\Temp\SkypeSetup.exe
C:\Users\nunuc\AppData\Local\Temp\sonarinst.exe
C:\Users\nunuc\AppData\Local\Temp\sqlite3.dll
C:\Users\nunuc\AppData\Local\Temp\Uninstall.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
nointegritychecks: ==> "IntegrityChecks" ist deaktiviert. <===== ACHTUNG
LastRegBack: 2015-09-21 04:35
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:23-09-2015
durchgeführt von nunuc (2015-09-24 08:29:46)
Gestartet von C:\Users\nunuc\Desktop
Windows 7 Professional Service Pack 1 (X64) (2014-10-27 15:53:49)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2403208828-1726898586-2912756724-500 - Administrator - Disabled)
Gast (S-1-5-21-2403208828-1726898586-2912756724-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2403208828-1726898586-2912756724-1002 - Limited - Enabled)
nunuc (S-1-5-21-2403208828-1726898586-2912756724-1000 - Administrator - Enabled) => C:\Users\nunuc
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-2403208828-1726898586-2912756724-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version: - Studio Wildcard)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.420 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Launcher (HKLM-x32\...\{315dd168-0794-4cf1-8355-f195cde642fc}) (Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.5.2.34169 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
BlueStacks Notification Center (HKLM-x32\...\{C1F53C9F-C560-4292-9237-12786FE6BF62}) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - Treyarch)
Canon MX370 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX370_series) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.5.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
CHIP Updater (HKLM-x32\...\CHIP Updater_is1) (Version: 2.39 - Abelssoft)
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.1.0 - devolo AG)
Dying Light (HKLM-x32\...\Steam App 239140) (Version: - Techland)
FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.0.3.0 - Electronic Arts)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
H1Z1 (HKLM-x32\...\Steam App 295110) (Version: - Sony Online Entertainment)
How to Survive (HKLM-x32\...\Steam App 250400) (Version: - )
ICQ 8.2 (build 7138) (HKU\S-1-5-21-2403208828-1726898586-2912756724-1000\...\ICQ) (Version: 8.2.7138.0 - ICQ)
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.59.0 - JMicron Technology Corp.)
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.183 - Logitech Inc.)
MagNets (HKLM-x32\...\Steam App 343020) (Version: - Total Monkery)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mortal Kombat X (HKLM-x32\...\Steam App 307780) (Version: - NetherRealm Studios)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.2.0 - Mozilla)
Mozilla Thunderbird 38.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.2.0 (x86 de)) (Version: 38.2.0 - Mozilla)
My Game Long Name (HKLM\...\UDK-41bc4b7c-2764-48ed-9c45-50a4bfd13797) (Version: - Epic Games, Inc.)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version: - )
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.60 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.60 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 32.0.1948.25 (HKLM-x32\...\Opera 32.0.1948.25) (Version: 32.0.1948.25 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.5.2.2829 - Electronic Arts, Inc.)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{D691E998-CF53-4F6C-AC20-E4284660E0E7}) (Version: 2.1.6.19758 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
Proxifier version 3.21 (HKLM-x32\...\Proxifier_is1) (Version: 3.21 - Initex)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
PVZ Garden Warfare (HKLM-x32\...\{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}) (Version: 1.0.3.0 - Electronic Arts)
Ravensburger tiptoi (HKLM-x32\...\Ravensburger tiptoi) (Version: - )
Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.18 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.27405 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.1 - Rockstar Games)
Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)
Screenshot Captor 4.12.0 (HKLM-x32\...\ScreenshotCaptor_is1) (Version: - )
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
SimCity 2000 Special Edition (HKLM-x32\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
SiSoftware Sandra Lite 2015.SP2b (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2496}_is1) (Version: 21.42.2015.7 - SiSoftware)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Star Wars - Battlefront II (HKLM-x32\...\Steam App 6060) (Version: - Pandemic Studios)
Star Wars - Jedi Knight II: Jedi Outcast (HKLM-x32\...\Steam App 6030) (Version: - Raven Software)
Star Wars Jedi Knight: Dark Forces II (HKLM-x32\...\Steam App 32380) (Version: - LucasArts)
Star Wars Jedi Knight: Jedi Academy (HKLM-x32\...\Steam App 6020) (Version: - Raven Software)
Star Wars Republic Commando (HKLM-x32\...\Steam App 6000) (Version: - LucasArts)
Star Wars Starfighter (HKLM-x32\...\Steam App 32350) (Version: - LucasArts)
Star Wars: Dark Forces (HKLM-x32\...\Steam App 32400) (Version: - LucasArts)
Star Wars: Empire at War Gold (HKLM-x32\...\Steam App 32470) (Version: - Petroglyph)
Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version: - BioWare)
Star Wars: Knights of the Old Republic II (HKLM-x32\...\Steam App 208580) (Version: - Obsidian Entertainment)
Star Wars: The Force Unleashed II (HKLM-x32\...\Steam App 32500) (Version: - Aspyr Studios)
Star Wars: The Force Unleashed Ultimate Sith Edition (HKLM-x32\...\Steam App 32430) (Version: - LucasArts)
Syndicate (HKLM-x32\...\{64CFBAAB-46F7-4628-8D9B-E656A8C11CDB}) (Version: 2.0.0.3 - Electronic Arts)
System Requirements Lab (HKLM-x32\...\{0F659036-14C7-4622-9505-35A0DC93526A}) (Version: 6.1.3.0 - Husdawg, LLC)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TAXMAN 2015 (HKLM-x32\...\{5613CAD3-71ED-4207-95A0-1BA0BF465E38}) (Version: 20.31.151 - Haufe-Lexware GmbH & Co.KG)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Theme Hospital (HKLM-x32\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.2 - Electronic Arts)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts)
TL-WN881ND Driver (HKLM-x32\...\{B512F025-E992-44D0-B1F4-D6E1D3339C80}) (Version: 1.0.0 - TP-LINK)
TortoiseSVN 1.8.8.25755 (64 bit) (HKLM\...\{7DAA9D5A-ED99-40D2-AA9D-386722FE105A}) (Version: 1.8.25755 - TortoiseSVN)
TOXIKK (HKLM-x32\...\Steam App 324810) (Version: - Reakktor Studios)
Unreal Tournament 3: Black Edition (HKLM-x32\...\Steam App 13210) (Version: - Epic Games, Inc.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VTech Download Agent Library (x32 Version: 1.00.0000 - VTech) Hidden
VTech Download Manager (HKLM-x32\...\VTechDownloadManager) (Version: - VTech)
War Thunder Launcher 1.0.1.502 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
WebMoney Agent (HKLM-x32\...\WebMoney Agent) (Version: 3.5 - Softomate)
WebMoney Keeper WinPro 3.9.9.5 (HKLM-x32\...\{6D9A7CEE-054A-437D-99EF-DD7C77E001FD}) (Version: 3.9.9.5 - WM Transfer Ltd.)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - AMD (amdkmpfd) System (02/12/2015 15.20.0.0000) (HKLM\...\708AE871DE4DE98C022B914117B48025341D07B8) (Version: 02/12/2015 15.20.0.0000 - AMD)
Windows Driver Package - JMicron (usbccgp) USB (07/28/2009 1.0.4.2) (HKLM\...\D3AAF0E65D8B1D5934711D3312BF76371DB14E42) (Version: 07/28/2009 1.0.4.2 - JMicron)
Windows Driver Package - JMicron Technology Corp. (JRAID) SCSIAdapter (08/10/2010 1.17.58.2) (HKLM\...\71DF76D3EFF8F1319B88DD518F44AF13B27C3193) (Version: 08/10/2010 1.17.58.2 - JMicron Technology Corp.)
Windows Driver Package - JMicron Technology Corp. (JRAID) SCSIAdapter (09/07/2010 1.17.59.0) (HKLM\...\D5496DF7336192E7F4E7313CE7DC86830DFBD406) (Version: 09/07/2010 1.17.59.0 - JMicron Technology Corp.)
Windows Driver Package - KYE System Corp. (ioFakMap) HIDClass (09/09/2013 6.3.0.1) (HKLM\...\2D411C1C731F85B0AE8A713F3C27A67932A89369) (Version: 09/09/2013 6.3.0.1 - KYE System Corp.)
Windows Driver Package - NVIDIA Corporation (NVHDA) MEDIA (07/08/2015 1.3.34.3) (HKLM\...\A829BD9C3C124B61C7EC97D586DC44BCDD2BA3DD) (Version: 07/08/2015 1.3.34.3 - NVIDIA Corporation)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-2403208828-1726898586-2912756724-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
World of Warships (HKU\S-1-5-21-2403208828-1726898586-2912756724-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
22-09-2015 03:36:02 Geplanter Prüfpunkt
22-09-2015 21:59:57 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
23-09-2015 08:50:46 JRT Pre-Junkware Removal
23-09-2015 18:49:58 DirectX wurde installiert
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2014-11-30 15:32 - 00000893 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 hxxp://www.driver-soft.com
127.0.0.1 www.driver-soft.com
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {49E09468-55F4-46BE-A4EB-96929BCCCE5F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-21] (Adobe Systems Incorporated)
Task: {5A242E98-D91D-48C4-ACF5-245D8FA5E879} - System32\Tasks\Opera scheduled Autoupdate 1414591907 => E:\Programme\launcher.exe [2015-09-11] (Opera Software)
Task: {C631B07E-2EAE-4416-AEA0-8176F6DB5E63} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {FCA4F240-2A6C-4CCD-9C49-9E91D3711BDA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-19] (Piriform Ltd)
Task: {FEC32660-94CA-4022-9E27-EE51388CAB1D} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-10-27 22:03 - 2012-11-22 19:57 - 00057448 _____ () C:\Windows\system32\PrxerNsp.dll
2014-10-27 18:11 - 2015-08-07 06:34 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2008-10-24 17:35 - 2008-10-24 17:35 - 00128296 _____ () C:\Program Files (x86)\Lexware\AAVUpdateManager\aavus.exe
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-09-13 10:43 - 2015-09-13 10:43 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2015-06-23 21:11 - 2015-06-23 21:11 - 00187048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-08-10 17:10 - 2014-08-10 17:10 - 00076032 _____ () E:\Programme\bin\TortoiseStub.dll
2014-08-10 17:10 - 2014-08-10 17:10 - 00088832 _____ () E:\Programme\bin\libsasl.dll
2014-09-18 09:23 - 2014-09-18 09:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-03-12 20:23 - 2015-03-12 20:23 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 09:23 - 2014-09-18 09:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-03-12 20:23 - 2015-03-12 20:23 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-04-13 23:05 - 2015-08-27 02:37 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-06-14 17:21 - 2015-09-24 07:44 - 00619840 _____ () C:\Users\nunuc\AppData\Local\Temp\0KrakenDevProps.dll
2015-09-05 03:42 - 2015-09-05 03:42 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2014-10-27 18:16 - 2014-10-27 18:16 - 00859144 _____ () C:\Users\nunuc\AppData\Roaming\ICQM\ICQ\dll\YLUSBTEL.dll
2015-09-17 22:19 - 2015-09-17 22:19 - 26065408 _____ () G:\GAMES\Battle.net\Battle.net.6160\libcef.dll
2015-09-17 22:19 - 2015-09-17 22:19 - 00739840 _____ () G:\GAMES\Battle.net\Battle.net.6160\libGLESv2.dll
2015-09-17 22:19 - 2015-09-17 22:19 - 00909312 _____ () G:\GAMES\Battle.net\Battle.net.6160\platforms\qwindows.dll
2015-09-17 22:19 - 2015-09-17 22:19 - 00130048 _____ () G:\GAMES\Battle.net\Battle.net.6160\libEGL.dll
2015-09-17 22:19 - 2015-09-17 22:19 - 00020992 _____ () G:\GAMES\Battle.net\Battle.net.6160\imageformats\qgif.dll
2015-09-17 22:19 - 2015-09-17 22:19 - 00021504 _____ () G:\GAMES\Battle.net\Battle.net.6160\imageformats\qico.dll
2015-09-17 22:19 - 2015-09-17 22:19 - 00205312 _____ () G:\GAMES\Battle.net\Battle.net.6160\imageformats\qjpeg.dll
2015-09-17 22:19 - 2015-09-17 22:19 - 00225792 _____ () G:\GAMES\Battle.net\Battle.net.6160\imageformats\qmng.dll
2015-09-17 22:19 - 2015-09-17 22:19 - 00015872 _____ () G:\GAMES\Battle.net\Battle.net.6160\imageformats\qsvg.dll
2015-09-17 22:19 - 2015-09-17 22:19 - 00312832 _____ () G:\GAMES\Battle.net\Battle.net.6160\imageformats\qtiff.dll
2015-09-17 22:19 - 2015-09-17 22:19 - 00010240 _____ () G:\GAMES\Battle.net\Battle.net.6160\qml\QtQuick.2\qtquick2plugin.dll
2015-09-17 22:19 - 2015-09-17 22:19 - 00054272 _____ () G:\GAMES\Battle.net\Battle.net.6160\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-09-17 22:19 - 2015-09-17 22:19 - 00010240 _____ () G:\GAMES\Battle.net\Battle.net.6160\qml\QtQml\Models.2\modelsplugin.dll
2014-08-10 16:40 - 2014-08-10 16:40 - 00065792 _____ () E:\Programme\bin\TortoiseStub32.dll
2014-08-10 16:40 - 2014-08-10 16:40 - 00071936 _____ () E:\Programme\bin\libsasl32.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Windows\Temp:$DATA
AlternateDataStreams: C:\ProgramData\TEMP:41ADDB8A
AlternateDataStreams: C:\ProgramData\TEMP:A064CECC
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
HKU\S-1-5-21-2403208828-1726898586-2912756724-1000\Software\Classes\.exe: => <===== ACHTUNG
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2403208828-1726898586-2912756724-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\nunuc\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TP-LINK Wireless Configuration Utility.lnk => C:\Windows\pss\TP-LINK Wireless Configuration Utility.lnk.CommonStartup
MSCONFIG\startupreg: AgentMonitor => E:\Programme\VTech\DownloadManager\System\AgentMonitor.exe
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: icq => C:\Users\nunuc\AppData\Roaming\ICQM\icq.exe -CU
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesPreload => E:\Programme\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => E:\Programme\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: SDTray => "E:\Programme\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: VirtualCloneDrive => "G:\Program Files (x86)\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: wmagent.exe => "C:\Program Files (x86)\WebMoney Agent\wmagent.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{469700EB-FCEA-44E8-B1D9-DB7333A6E809}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{10AA2F31-200F-4EA5-B1C1-4FCB9EC2FED0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{501A6E02-1E9D-4F62-942A-3D52A511F1DB}] => (Allow) C:\Users\nunuc\AppData\Roaming\ICQM\icq.exe
FirewallRules: [{4192EB03-6510-4B8F-9FAA-BA8B39CDC8EB}] => (Allow) C:\Users\nunuc\AppData\Roaming\ICQM\icq.exe
FirewallRules: [{E2C7E35D-DC95-4D68-B109-88C7B6C593C4}] => (Allow) G:\GAMES\Steam.exe
FirewallRules: [{68E14B5F-880D-4659-8557-0E3C434679BF}] => (Allow) G:\GAMES\Steam.exe
FirewallRules: [{62E50759-7BA4-4C37-92CD-93F5D083F12C}] => (Allow) G:\GAMES\bin\steamwebhelper.exe
FirewallRules: [{F4D852E5-FE40-4C27-84F4-DB8C881AF883}] => (Allow) G:\GAMES\bin\steamwebhelper.exe
FirewallRules: [{B622E890-FBB4-44B2-8B18-A83C28192185}] => (Allow) G:\GAMES\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{3EAA1700-C6A5-44DD-B265-217C484524C6}] => (Allow) G:\GAMES\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{BD1BAFE4-5001-44C7-848B-161408CFAF81}] => (Allow) G:\GAMES\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{6E9803AE-8FCB-4C55-A998-BB7772B57283}] => (Allow) G:\GAMES\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{31337C8C-D50E-4697-9A43-E30DCE285F96}] => (Allow) G:\GAMES\Battle.net\Battle.net.exe
FirewallRules: [{12FED024-5C4D-410F-9310-BAEA071A0D3F}] => (Allow) G:\GAMES\Battle.net\Battle.net.exe
FirewallRules: [{DD8C143B-1CE8-4E7E-B8AE-A22BDA624EE5}] => (Allow) G:\GAMES\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{185DFF5D-23AA-4020-BC79-EA17E368626E}] => (Allow) G:\GAMES\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{DE9A4150-5946-4311-8439-1E5D8F7CF345}] => (Allow) G:\GAMES\SteamApps\common\APB Reloaded\Launcher\APBLauncher.exe
FirewallRules: [{EFA3DA4E-F03F-4561-A9B9-7A227816C949}] => (Allow) G:\GAMES\SteamApps\common\APB Reloaded\Launcher\APBLauncher.exe
FirewallRules: [{04D43B8C-44D1-464F-B870-3D0DB1A648A2}] => (Allow) G:\GAMES\SteamApps\common\Dead Island Epidemic\Dead Island Epidemic - Launcher.exe
FirewallRules: [{EF5F55C3-5B24-4184-90E5-8F53BB431912}] => (Allow) G:\GAMES\SteamApps\common\Dead Island Epidemic\Dead Island Epidemic - Launcher.exe
FirewallRules: [{C87127B8-902C-439B-B264-39B923CBE670}] => (Allow) G:\GAMES\SteamApps\common\Nether\Launcher\Launcher.exe
FirewallRules: [{85DD0183-DEF4-401C-B315-6FBC5434B39C}] => (Allow) G:\GAMES\SteamApps\common\Nether\Launcher\Launcher.exe
FirewallRules: [{3F70B08C-CDAF-4387-AFDD-8D24B1ACA58E}] => (Allow) G:\GAMES\SteamApps\common\Aerena\game.exe
FirewallRules: [{B4AC20C3-4EFB-4490-8FDA-FA71963ABAC0}] => (Allow) G:\GAMES\SteamApps\common\Aerena\game.exe
FirewallRules: [{5048DA5F-61E1-420C-BCC3-F4D0F1933C40}] => (Allow) E:\STEAM GAMES\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{4FACEF2F-CF36-4B40-ACCE-DD666D73DF40}] => (Allow) E:\STEAM GAMES\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{86046C36-8AD2-4573-A274-A9CA72023006}] => (Allow) G:\GAMES\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{448D9C83-3BB0-4FC0-94E5-C244361F92AF}] => (Allow) G:\GAMES\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{FD9073B4-E3B6-4807-8684-0733F0BA42BE}] => (Allow) G:\GAMES\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{099AECC8-EDEA-44EA-B7A8-506B7E2D257C}] => (Allow) G:\GAMES\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6D7824D7-CBAA-4224-93B7-55C1FCF32218}] => (Allow) G:\GAMES\SteamApps\common\SourceFilmmaker\game\sfm.exe
FirewallRules: [{7C4BD3CA-02B8-4564-AF04-058D523239E9}] => (Allow) G:\GAMES\SteamApps\common\SourceFilmmaker\game\sfm.exe
FirewallRules: [{C5804147-9758-46B3-A8A5-69A493BB2F97}] => (Allow) G:\GAMES\SteamApps\common\SourceFilmmaker\game\bin\qsdklauncher.exe
FirewallRules: [{C44FB3C9-C931-4DE5-B01C-15EE7FC189DA}] => (Allow) G:\GAMES\SteamApps\common\SourceFilmmaker\game\bin\qsdklauncher.exe
FirewallRules: [TCP Query User{3C1B3A5B-E282-44F1-9615-6BFAB3B5B287}G:\gamez!\hearthstone\hearthstone.exe] => (Allow) G:\gamez!\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{FB1B26A3-415C-4612-B04E-9781B9C328C5}G:\gamez!\hearthstone\hearthstone.exe] => (Allow) G:\gamez!\hearthstone\hearthstone.exe
FirewallRules: [{3729900A-3D45-4146-B67E-73A33C27D8CB}] => (Allow) G:\GAMES\SteamApps\common\PinballArcade\PinballArcade.exe
FirewallRules: [{5D4012D4-8B5B-428C-B505-B4C53FBA6E20}] => (Allow) G:\GAMES\SteamApps\common\PinballArcade\PinballArcade.exe
FirewallRules: [{99E5633F-F4CE-48D3-A7E4-77E56B271707}] => (Allow) G:\GAMES\SteamApps\common\PinballArcade\PBAConfig.exe
FirewallRules: [{31B50993-FEBE-45B0-9AEF-E5551C5B3FBA}] => (Allow) G:\GAMES\SteamApps\common\PinballArcade\PBAConfig.exe
FirewallRules: [{DFC0A3C3-5436-4905-8C7E-5ABF0AB4E38C}] => (Allow) E:\Programme\Phone\Skype.exe
FirewallRules: [{236860E2-B4CE-41FD-8167-038B843C7DDF}] => (Allow) G:\GAMES\SteamApps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe
FirewallRules: [{D31C17B0-6E9E-4DA8-880E-25EFE65FB608}] => (Allow) G:\GAMES\SteamApps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe
FirewallRules: [{0081B00B-1285-4799-B469-B088996257A1}] => (Allow) G:\GAMES\SteamApps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
FirewallRules: [{C5E57D91-BD20-4B0C-B402-57A90BB80BB4}] => (Allow) G:\GAMES\SteamApps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
FirewallRules: [{E0EDF197-51E0-427B-92FD-A83AE0A87F4A}] => (Allow) G:\GAMES\SteamApps\common\SanctumTD\SuperSanctumTD.exe
FirewallRules: [{CF2A2B0C-A131-40A8-9418-29FBBA9038C2}] => (Allow) G:\GAMES\SteamApps\common\SanctumTD\SuperSanctumTD.exe
FirewallRules: [TCP Query User{B0706FC5-0E50-4D24-BE15-24DD06831EC9}E:\wot\wotlauncher.exe] => (Allow) E:\wot\wotlauncher.exe
FirewallRules: [UDP Query User{A3C2A3FD-9771-4BFA-AF48-E3BA77B4A7AF}E:\wot\wotlauncher.exe] => (Allow) E:\wot\wotlauncher.exe
FirewallRules: [TCP Query User{86FDB30A-04CE-4388-8346-DAAA17C4BD9B}E:\wot\worldoftanks.exe] => (Allow) E:\wot\worldoftanks.exe
FirewallRules: [UDP Query User{01E88954-3C24-4618-96A0-A209F64886F1}E:\wot\worldoftanks.exe] => (Allow) E:\wot\worldoftanks.exe
FirewallRules: [{BFF5E78F-F8C7-4A97-B545-9754DE0C58AA}] => (Allow) G:\GAMES\SteamApps\common\Quake Live\quakelive_steam.exe
FirewallRules: [{E4E7C9E0-B0B3-4FDE-9FDA-E6D10CF3EB6B}] => (Allow) G:\GAMES\SteamApps\common\Quake Live\quakelive_steam.exe
FirewallRules: [{CBE38E34-942E-48E4-B382-9FF77C584AB6}] => (Allow) E:\STEAM GAMES\SteamApps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{D623077D-8B43-4519-A6BC-897B69DB4AF1}] => (Allow) E:\STEAM GAMES\SteamApps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{726E3F0A-FC8A-4E9B-8C5E-1BC03FFBCCFE}] => (Allow) E:\STEAM GAMES\SteamApps\common\How to Survive\Detect.exe
FirewallRules: [{BA3B3D39-F638-4ACD-90BF-A85C56C522E4}] => (Allow) E:\STEAM GAMES\SteamApps\common\How to Survive\Detect.exe
FirewallRules: [{40D8898A-DDF7-4927-AAA0-CBF5661D27AB}] => (Allow) G:\GAMES\SteamApps\common\ShufflepuckCantinaDeluxe\ShufflepuckCantinaDeluxe.exe
FirewallRules: [{DB1C8B5B-F6E6-4A5E-8990-A205B9B07FC0}] => (Allow) G:\GAMES\SteamApps\common\ShufflepuckCantinaDeluxe\ShufflepuckCantinaDeluxe.exe
FirewallRules: [{EE32CE94-DAD5-47CA-A933-9FE4C82263E3}] => (Allow) E:\Origin Spiele\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{4DDFACB8-40D9-4B03-9CD4-D03987C03D9C}] => (Allow) E:\Origin Spiele\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{1C0489F7-6479-4BD2-B1F0-508601751686}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AFDAF23F-5253-4FA5-8C5A-46BD2ECC3644}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4116DFE5-7D19-41FC-BAE9-334351D6C174}] => (Allow) E:\STEAM GAMES\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{BB218CF7-D117-4566-9642-D162E0EC3B74}] => (Allow) E:\STEAM GAMES\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{1C18E3B0-AA2D-4D6C-9139-C25B504482ED}] => (Allow) E:\STEAM GAMES\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [{3B26F86F-E1CA-46FA-8B3E-75851534FDE6}] => (Allow) E:\STEAM GAMES\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [TCP Query User{9E597A75-C5FB-4FE7-89C1-436DEE332994}E:\steam games\steamapps\common\h1z1\h1z1.exe] => (Allow) E:\steam games\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{A28D56C4-0F9F-46E1-8069-F80C78C1D861}E:\steam games\steamapps\common\h1z1\h1z1.exe] => (Allow) E:\steam games\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{4D4E7B1A-FD22-4029-8794-A8C92ECF82D1}] => (Allow) E:\Origin Spiele\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{E9D376D3-0C70-4032-B6F9-4CC4ABD76054}] => (Allow) E:\Origin Spiele\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{0594F98F-BE7C-4D70-8D4C-C33D7CD8F6CF}] => (Allow) E:\STEAM GAMES\SteamApps\common\TOXIKK\Binaries\Win32\TOXIKK.exe
FirewallRules: [{E22AE42D-C595-44A2-BD20-FFECA2FD516D}] => (Allow) E:\STEAM GAMES\SteamApps\common\TOXIKK\Binaries\Win32\TOXIKK.exe
FirewallRules: [{EF88F882-A007-42AE-9E89-8916B47EFCFA}] => (Allow) G:\GAMES\SteamApps\common\IL 2 Sturmovik 1946\il2fb.exe
FirewallRules: [{0FE39CF8-3598-4461-8AC6-4BB8FFDDB862}] => (Allow) G:\GAMES\SteamApps\common\IL 2 Sturmovik 1946\il2fb.exe
FirewallRules: [{55549C5A-E7EC-4221-8986-C617B9CA510C}] => (Allow) E:\Programme\VTech\DownloadManager\System\AgentMonitor.exe
FirewallRules: [{3E1444A2-3E2A-4DCB-BB89-3EEABF53C965}] => (Allow) E:\Programme\VTech\DownloadManager\System\AgentMonitor.exe
FirewallRules: [{AA6EF5D8-7B49-4908-A7BD-C403DFCA36B6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4C8E8815-0343-4BB0-95E4-EB340E7F0FC1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E384EDE4-2B23-405D-976F-266E0843D52E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E6A08E7F-B1A7-41D5-915E-5F983B71A505}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C33555EF-2C96-4AFD-81AE-0C7E0B7273AF}] => (Allow) E:\STEAM GAMES\SteamApps\common\swkotor\swkotor.exe
FirewallRules: [{F9A2CB34-BB2B-45A2-869B-04393EE9655C}] => (Allow) E:\STEAM GAMES\SteamApps\common\swkotor\swkotor.exe
FirewallRules: [{BDD53416-092C-45D4-B3D0-C046FB284E9C}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars Republic Commando\GameData\System\SWRepublicCommando.exe
FirewallRules: [{896C8CDE-A2EB-43A0-A7E8-FE2F5B022A5F}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars Republic Commando\GameData\System\SWRepublicCommando.exe
FirewallRules: [{36698429-04AB-43D1-9ABB-B846E6C72413}] => (Allow) E:\STEAM GAMES\SteamApps\common\Jedi Academy\GameData\jasp.exe
FirewallRules: [{07450FE0-A06F-454F-8E72-34BFCC729B60}] => (Allow) E:\STEAM GAMES\SteamApps\common\Jedi Academy\GameData\jasp.exe
FirewallRules: [{64E8CBF2-3B5D-44A8-B811-18603DF94678}] => (Allow) E:\STEAM GAMES\SteamApps\common\Jedi Academy\GameData\jamp.exe
FirewallRules: [{97267A96-EB36-4C93-9655-17C9BFB8565D}] => (Allow) E:\STEAM GAMES\SteamApps\common\Jedi Academy\GameData\jamp.exe
FirewallRules: [{DC197DF6-94BB-461D-8DA2-87176184EB1E}] => (Allow) E:\STEAM GAMES\SteamApps\common\Jedi Outcast\GameData\jk2sp.exe
FirewallRules: [{D0734B75-D0B1-47DB-AC83-F642C4D8B6E2}] => (Allow) E:\STEAM GAMES\SteamApps\common\Jedi Outcast\GameData\jk2sp.exe
FirewallRules: [{8A926EB7-B9FF-4941-86CD-5E93F7CDAD73}] => (Allow) E:\STEAM GAMES\SteamApps\common\Jedi Outcast\GameData\jk2mp.exe
FirewallRules: [{6CE51235-3C2A-471C-B32C-AE201A66A1C8}] => (Allow) E:\STEAM GAMES\SteamApps\common\Jedi Outcast\GameData\jk2mp.exe
FirewallRules: [{68F5F57D-6FA1-4D51-8271-97B995AFEC39}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
FirewallRules: [{FF30B938-FDD2-468F-A702-A6B0EE1AF253}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
FirewallRules: [{82177C2F-BE3C-40B0-92E7-171FF6CB2719}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars Starfighter\Starfighter.exe
FirewallRules: [{D8560D93-28AB-43F5-96A0-41950511A3DF}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars Starfighter\Starfighter.exe
FirewallRules: [{E9A703F9-C97B-4F06-858C-3C27FCDB528F}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars Jedi Knight\JK.EXE
FirewallRules: [{17E78BEA-A303-41DF-A542-A16AEC94705E}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars Jedi Knight\JK.EXE
FirewallRules: [{EC34A1A5-5E2A-4568-8987-75E2B9199969}] => (Allow) E:\STEAM GAMES\SteamApps\common\Dark Forces\DosBox\dosbox.exe
FirewallRules: [{AE0E5C3C-2957-413D-9AD8-A9D02DD57C56}] => (Allow) E:\STEAM GAMES\SteamApps\common\Dark Forces\DosBox\dosbox.exe
FirewallRules: [{51197A25-6D2D-4DA3-BAA8-B3FD460D6C15}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars The Force Unleashed\SWTFU Launcher.exe
FirewallRules: [{73F0ACC2-F475-4893-87F6-D724E25F86E4}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars The Force Unleashed\SWTFU Launcher.exe
FirewallRules: [{CE19E947-1140-494E-AADD-ED03EFFF5068}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars Empire at War\runme.exe
FirewallRules: [{7371034F-C0B3-4631-BBE1-CEC88BA70DBB}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars Empire at War\runme.exe
FirewallRules: [{3B0A9B1D-8C21-4931-937A-4B57D8FAA069}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars Empire at War\runme2.exe
FirewallRules: [{692AFE0B-9306-46D7-9ADA-F0C4388CDD2A}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars Empire at War\runme2.exe
FirewallRules: [{9D7B0ED1-4D82-4EB1-B455-BC5E0E9C81B7}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars The Force Unleashed 2\SWTFU2.exe
FirewallRules: [{C3D63568-322B-4791-8E91-E4CEF2897C8F}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars The Force Unleashed 2\SWTFU2.exe
FirewallRules: [{DBE8E815-5978-4F38-93BF-BCCAEF04AB47}] => (Allow) E:\STEAM GAMES\SteamApps\common\Knights of the Old Republic II\swkotor2.exe
FirewallRules: [{012DF085-8B77-4569-90A7-246FAFA02227}] => (Allow) E:\STEAM GAMES\SteamApps\common\Knights of the Old Republic II\swkotor2.exe
FirewallRules: [TCP Query User{90F67090-8FB3-49EF-B508-8DE1388AF080}E:\steam games\steamapps\common\star wars empire at war\gamedata\sweaw.exe] => (Allow) E:\steam games\steamapps\common\star wars empire at war\gamedata\sweaw.exe
FirewallRules: [UDP Query User{3F4209B8-277E-479F-9C36-693D597450FC}E:\steam games\steamapps\common\star wars empire at war\gamedata\sweaw.exe] => (Allow) E:\steam games\steamapps\common\star wars empire at war\gamedata\sweaw.exe
FirewallRules: [{BB656002-1732-41D6-9E1A-A229B586C015}] => (Allow) E:\STEAM GAMES\SteamApps\common\Rust\Rust.exe
FirewallRules: [{577A6465-B43E-4563-AC75-7D02C005CEF9}] => (Allow) E:\STEAM GAMES\SteamApps\common\Rust\Rust.exe
FirewallRules: [{42B33F5E-9100-4AC7-9E75-3F5A4C138193}] => (Allow) G:\GAMES\SteamApps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{CA065EF0-8C86-4105-B913-5ECFF06EC9A1}] => (Allow) G:\GAMES\SteamApps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{FA2915A2-D7CE-4894-B98E-FCDCF2E711B9}] => (Allow) G:\GAMES\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{EAE8A57F-277E-4704-AB65-D214F3DAADDC}] => (Allow) G:\GAMES\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [TCP Query User{C75A35E5-937E-4A21-A1C0-141259B95C60}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{06579E57-FA2D-48EA-A8E2-A5A08EB8C7C9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{D611ED8C-884D-44AF-843A-E581F6788740}] => (Allow) E:\STEAM GAMES\SteamApps\common\TOXIKK\Binaries\Win32\TOXIKK.exe
FirewallRules: [{60226BF8-89EB-4277-9A29-AA928CE0E752}] => (Allow) E:\STEAM GAMES\SteamApps\common\TOXIKK\Binaries\Win32\TOXIKK.exe
FirewallRules: [{9AF028BA-C5A6-4A7E-90C8-714AF431B3F9}] => (Allow) E:\STEAM GAMES\SteamApps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{D88D3576-1D00-44AB-A66C-C5D22EF1C4AF}] => (Allow) E:\STEAM GAMES\SteamApps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{9757EAC9-7321-4C5C-A84D-E2F17FD15885}] => (Allow) E:\STEAM GAMES\SteamApps\common\Unreal Tournament 3\Binaries\UT3.exe
FirewallRules: [{DABAA092-316D-4B1B-A4C5-55BD008EDDFE}] => (Allow) E:\STEAM GAMES\SteamApps\common\Unreal Tournament 3\Binaries\UT3.exe
FirewallRules: [{94D54AC0-7B3E-4C7C-B2E4-E7C463752983}] => (Allow) G:\GAMES\WarThunder\launcher.exe
FirewallRules: [{9EC25746-EE9F-4AB1-95C9-49D9C72A30C3}] => (Allow) G:\GAMES\WarThunder\launcher.exe
FirewallRules: [{671A3C3F-7F88-47F6-B5AE-62EAEEBD3C41}] => (Allow) G:\GAMES\WarThunder\bpreport.exe
FirewallRules: [{9252C5E1-D9E3-40D2-BB56-D94DF24E46F1}] => (Allow) G:\GAMES\WarThunder\bpreport.exe
FirewallRules: [{8B302CD0-2267-41B2-8D40-7E2CAADFF9BE}] => (Allow) LPort=80
FirewallRules: [{B826BDB5-F573-4D7D-B662-34F0308B73BB}] => (Allow) LPort=443
FirewallRules: [{B3484C71-E574-4EB8-90E6-7292D080C939}] => (Allow) LPort=20010
FirewallRules: [{23A0AF88-1EC2-4E93-97C6-92EDC734275A}] => (Allow) LPort=3478
FirewallRules: [{4652B566-36C4-4AD5-82DE-7F596C40FF14}] => (Allow) LPort=7850
FirewallRules: [{6A5C3FD7-03D4-46C0-8989-E4C87660F0FA}] => (Allow) LPort=7852
FirewallRules: [{41CD6180-FEE9-49B1-AAAC-F4B938C873F3}] => (Allow) LPort=7853
FirewallRules: [{794CC770-6A8E-4102-B9F6-90760CA5E53A}] => (Allow) LPort=27022
FirewallRules: [{E287722C-0D49-40DB-BFC1-EB9783A66223}] => (Allow) LPort=6881
FirewallRules: [{F7AF9C60-9CD4-4637-94CB-0A7709E979DA}] => (Allow) LPort=33333
FirewallRules: [{5F04EC02-5D23-4638-A914-F5776765DB9D}] => (Allow) LPort=20443
FirewallRules: [{0985DE53-D57C-46CC-85D2-DC62C4387672}] => (Allow) LPort=8090
FirewallRules: [TCP Query User{5C8A1F4A-3B16-4DF7-8058-BECFA1B8789A}G:\games\warthunder\aces.exe] => (Allow) G:\games\warthunder\aces.exe
FirewallRules: [UDP Query User{F657CF06-8F1F-4A3E-A757-08EED07A913E}G:\games\warthunder\aces.exe] => (Allow) G:\games\warthunder\aces.exe
FirewallRules: [{D63FA105-6B66-4A39-92C7-DDF6CA5C4024}] => (Allow) E:\Origin Spiele\Syndicate (1993)\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{5015243C-07BF-4F58-8F7B-6D5D0C470883}] => (Allow) E:\Origin Spiele\Syndicate (1993)\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{7D8AE61B-9F3C-41AA-8CEF-8FFF97F43953}] => (Allow) E:\Origin Spiele\Titanfall\Titanfall.exe
FirewallRules: [{50F7FCDC-56F9-4E3A-8810-4C0124A7BBB3}] => (Allow) E:\Origin Spiele\Titanfall\Titanfall.exe
FirewallRules: [{6573FBC3-B55C-42BB-B243-7814F9E84BD4}] => (Allow) E:\STEAM GAMES\SteamApps\common\Two Worlds - Epic Edition\TwoWorlds.exe
FirewallRules: [{D577D25C-DFDD-443E-8946-897B07FA8FD0}] => (Allow) E:\STEAM GAMES\SteamApps\common\Two Worlds - Epic Edition\TwoWorlds.exe
FirewallRules: [{EF69610D-0D26-4023-95DC-62F55972F236}] => (Allow) E:\STEAM GAMES\SteamApps\common\Two Worlds - Epic Edition\TwoWorlds_RADEON.exe
FirewallRules: [{2D8CC5D5-7A5B-4145-A18E-3CD90129D4D0}] => (Allow) E:\STEAM GAMES\SteamApps\common\Two Worlds - Epic Edition\TwoWorlds_RADEON.exe
FirewallRules: [{21D82907-A142-4C43-B993-E70E02C98FA1}] => (Allow) E:\STEAM GAMES\SteamApps\common\Knights and Merchants Historical Version\KM_TPR.exe
FirewallRules: [{45E26189-877F-41D4-AC1D-0DE1C3134D21}] => (Allow) E:\STEAM GAMES\SteamApps\common\Knights and Merchants Historical Version\KM_TPR.exe
FirewallRules: [{44696DB8-6BBA-4B24-9DBC-B6BB470AD8C1}] => (Allow) E:\STEAM GAMES\SteamApps\common\Knights and Merchants Historical Version\hd\Knights_and_Merchants_steam.exe
FirewallRules: [{E57BE1D3-F7DA-4AC1-AC1B-DA8A429A4B46}] => (Allow) E:\STEAM GAMES\SteamApps\common\Knights and Merchants Historical Version\hd\Knights_and_Merchants_steam.exe
FirewallRules: [{336957FF-6409-4840-8057-1BF1FFE7B4EE}] => (Allow) E:\STEAM GAMES\SteamApps\common\Enclave\Enclave.exe
FirewallRules: [{E0508657-9279-460D-B382-38E12AF3A6A2}] => (Allow) E:\STEAM GAMES\SteamApps\common\Enclave\Enclave.exe
FirewallRules: [{9A5A84A8-2C6C-43DD-B475-E0201CA1F933}] => (Allow) E:\STEAM GAMES\SteamApps\common\KnightShift\KnightShift.exe
FirewallRules: [{3031C719-BFA5-42E9-B3BB-C7B465F2DE6A}] => (Allow) E:\STEAM GAMES\SteamApps\common\KnightShift\KnightShift.exe
FirewallRules: [{DBFAAA8A-047C-4416-A6CE-8DFE70693967}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{B28332D7-48EC-47C8-B3A1-BDA7F494D938}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{019B55D5-A6E2-4096-87B7-B64E3FF304D0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D67ADC62-A9C1-4F0D-BF87-65E728125074}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{477D1E92-9304-463B-ACA2-1AC1EEAC65F8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4C450097-D3D7-4C8C-9118-6A4E1C66F00D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3524F0D0-B446-4458-966E-7DEED183B179}] => (Allow) G:\GAMES\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{1ECA58DF-2322-4005-812A-ADDD221A9C5F}] => (Allow) G:\GAMES\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{5CC91905-E503-4A2D-9F7C-63B254AF22C6}] => (Allow) C:\Users\nunuc\AppData\Local\Hola\firefox\app\hola_plugin.exe
FirewallRules: [{317C46C1-019F-4752-94E7-90EDF8C5FFD2}] => (Allow) C:\Users\nunuc\AppData\Local\Hola\firefox\app\hola_plugin.exe
FirewallRules: [{851073F2-981E-490F-B2C1-2A72DC0754A9}] => (Allow) E:\STEAM GAMES\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{9C21D684-A7DC-482A-8223-E49E86C7E121}] => (Allow) E:\STEAM GAMES\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{5E392CA8-6353-4918-9AA8-1BFDB35CBA31}] => (Allow) G:\GAMES\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{87F282A9-6898-461C-A54B-568C6685257C}] => (Allow) G:\GAMES\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{44B70246-4A5D-4EDE-871E-11D57BB5CD1B}] => (Allow) G:\GAMES\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{187D8768-D99B-4679-A1FC-9622286D01D9}] => (Allow) G:\GAMES\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [TCP Query User{8E53FC88-DE40-4360-A660-7FFEED247DDA}J:\gta 5\gta5.exe] => (Allow) J:\gta 5\gta5.exe
FirewallRules: [UDP Query User{D9A63C25-F253-48B6-8B84-C4ED443ED50D}J:\gta 5\gta5.exe] => (Allow) J:\gta 5\gta5.exe
FirewallRules: [{1C8DD052-70FA-4C53-8E7B-3085A98CC7D8}] => (Allow) G:\GAMES\SteamApps\common\PinballArcade\PinballArcade11.exe
FirewallRules: [{68862417-BE3E-4238-A064-1CBD6B64BD5C}] => (Allow) G:\GAMES\SteamApps\common\PinballArcade\PinballArcade11.exe
FirewallRules: [TCP Query User{8810F88E-EA63-454B-9AB5-850C5F5BA353}C:\users\nunuc\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\nunuc\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{FCC6148C-0F8F-4704-9248-599C56274212}C:\users\nunuc\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\nunuc\appdata\local\akamai\netsession_win.exe
FirewallRules: [{A21260B1-2366-4C48-9BD7-73F60185429F}] => (Block) C:\users\nunuc\appdata\local\akamai\netsession_win.exe
FirewallRules: [{5980A259-2D0B-4464-A62B-EDFB8BCD8E1A}] => (Block) C:\users\nunuc\appdata\local\akamai\netsession_win.exe
FirewallRules: [{3F05D33F-1CB2-4A2B-BF44-2D6A54CE58D8}] => (Allow) C:\Users\nunuc\AppData\Local\Hola\firefox\app\hola_plugin.exe
FirewallRules: [{40357622-4CDA-4982-85A9-0924B7036C72}] => (Allow) C:\Users\nunuc\AppData\Local\Hola\firefox\app\hola_plugin.exe
FirewallRules: [{AD770DCA-CA6B-44E2-8347-5EF11394E93A}] => (Allow) E:\Origin Spiele\Titanfall\Titanfall.exe
FirewallRules: [{2B7F8145-91DC-49AA-BFE6-7CD894B9C053}] => (Allow) E:\Origin Spiele\Titanfall\Titanfall.exe
FirewallRules: [{3AE09DEC-5873-4FA7-9E55-819D8773AD00}] => (Allow) J:\Spiele\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{678EE611-8A3C-4716-8608-365FF638CB98}] => (Allow) J:\Spiele\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{49AD51AE-47CC-4FCA-AEF0-E4980BBB02AD}] => (Allow) G:\GAMES\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{07600EED-618F-405B-83A2-401EC86B0258}] => (Allow) G:\GAMES\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{71AC4F25-4025-4CD2-B675-0BB5A669340A}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{BAA4A271-5CEF-4DF1-88AB-84554F889480}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{12883DBB-A986-4E61-BCD9-904460E2EDBC}] => (Allow) E:\STEAM GAMES\SteamApps\common\TOXIKK\Binaries\Win32\TOXIKK.exe
FirewallRules: [{7BB7171E-275C-4A16-AD32-251F95766752}] => (Allow) E:\STEAM GAMES\SteamApps\common\TOXIKK\Binaries\Win32\TOXIKK.exe
FirewallRules: [{84CEF928-C8CA-4FE9-81AC-F030092BE4F3}] => (Allow) J:\GTA 5\GTA5.exe
FirewallRules: [{A959B973-1616-4821-8648-6648F9B9C88D}] => (Allow) J:\GTA 5\GTA5.exe
FirewallRules: [{153234FE-55FF-4B21-B15A-1060C895832F}] => (Allow) E:\STEAM GAMES\SteamApps\common\MagNets\MagNets.exe
FirewallRules: [{5421331D-8009-49D5-BF36-B162F42F012C}] => (Allow) E:\STEAM GAMES\SteamApps\common\MagNets\MagNets.exe
FirewallRules: [{38731E9A-1B8E-4ABC-9704-E5228045151D}] => (Allow) G:\GAMES\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{4B9F2722-ED70-42E5-94D7-38A3134BBCEB}] => (Allow) G:\GAMES\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{8353B975-45EE-4A25-A62A-4A1D7BF8171F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{BE350B53-3B1B-4F7F-81EF-6404815BD5FE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{41D16874-03E3-4F8F-B782-48359C851559}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{6816F2C2-16CE-4941-9AED-D3AA4A48FC43}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{BC950947-88A0-4867-9A28-5CD6E73895F2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{240F29D4-4633-472C-9106-8EDCE0F19CDE}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{665D62D4-6BAA-4A2B-8060-494074669DC8}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{3F3EB211-F12D-4273-8908-A1C217FD9C0C}] => (Allow) E:\STEAM GAMES\SteamApps\common\MK10\Binaries\Retail\MK10.exe
FirewallRules: [{58603FFA-13C9-4C94-AB40-4C3A8057431E}] => (Allow) E:\STEAM GAMES\SteamApps\common\MK10\Binaries\Retail\MK10.exe
FirewallRules: [{B1E5FFDA-F30A-4EFE-A49F-5898D7F59FE5}] => (Allow) E:\STEAM GAMES\SteamApps\common\MK10\Binaries\Retail\MKXLauncher.exe
FirewallRules: [{E76A9D1A-2B08-4146-8E8B-479F49FE12BF}] => (Allow) E:\STEAM GAMES\SteamApps\common\MK10\Binaries\Retail\MKXLauncher.exe
FirewallRules: [{318690D5-33ED-4041-BB60-8F57E2EDB6B2}] => (Allow) E:\Origin Spiele\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{DCD0139A-F67A-431C-A988-C4FE9378D7EB}] => (Allow) E:\Origin Spiele\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{400DBCF0-4097-44ED-A4E9-D33CE848C4FC}] => (Allow) E:\Origin Spiele\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{0B44C3D0-DF47-41CA-8437-6094FD4E26B5}] => (Allow) E:\Origin Spiele\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [TCP Query User{D132AC5F-8263-4633-8357-FD85E49CBD8D}G:\gamez!\wos\wowslauncher.exe] => (Allow) G:\gamez!\wos\wowslauncher.exe
FirewallRules: [UDP Query User{F6D5BE04-57CD-4E78-BDF6-FF054CBD3520}G:\gamez!\wos\wowslauncher.exe] => (Allow) G:\gamez!\wos\wowslauncher.exe
FirewallRules: [{A9F9D9DF-ECB3-439C-968F-A24B1DDADCCF}] => (Block) G:\gamez!\wos\wowslauncher.exe
FirewallRules: [{7C72DC4E-4D1A-4CB6-AAA3-5F2E65F25D33}] => (Block) G:\gamez!\wos\wowslauncher.exe
FirewallRules: [{A288564D-2987-496C-BF68-A2F57263E8F1}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{320DEA70-B918-4645-B3F1-9BB528F5733A}] => (Allow) E:\Programme\VTech\DownloadManager\System\AgentMonitor.exe
FirewallRules: [{AE70FC3C-8C1D-489B-A052-5F37DD3C77DB}] => (Allow) E:\Programme\VTech\DownloadManager\System\AgentMonitor.exe
FirewallRules: [{EB1717CF-76F7-42D0-9DC7-120E9A03A28D}] => (Allow) E:\STEAM GAMES\SteamApps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{D499C005-B9ED-4292-A84B-CCB611A7DF8E}] => (Allow) E:\STEAM GAMES\SteamApps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{157F83A7-AA37-4213-B1E2-55DDD7FC8E01}] => (Allow) G:\GAMES\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2794423D-4DE3-48E1-A336-0751C3A70EE8}] => (Allow) G:\GAMES\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{6713182E-3829-493F-911B-430C9142A079}G:\games\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe] => (Allow) G:\games\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe
FirewallRules: [UDP Query User{93C4FB1B-388D-444A-9F7E-65E58FAF563C}G:\games\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe] => (Allow) G:\games\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe
FirewallRules: [{02804247-6D60-4DD4-9245-40E93EADD60F}] => (Block) G:\games\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe
FirewallRules: [{E4E45934-4172-4B3E-887E-0423F9262259}] => (Block) G:\games\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe
FirewallRules: [{C8BBE54A-C10F-4259-AA49-890DC535062F}] => (Allow) E:\Origin Spiele\SimCity\SimCity\SimCity.exe
FirewallRules: [{F3E7E183-8A7B-4B62-A669-EE9677F12E05}] => (Allow) E:\Origin Spiele\SimCity\SimCity\SimCity.exe
FirewallRules: [{B032E1F6-9C50-4FC1-860C-F8052A44ADFD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0038F24F-6388-4720-AEF3-E9EE6FB8D455}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{73BEBA49-DB73-477A-B0D5-CA0F27364DDF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A2A7DB1D-D762-465F-9FDC-76CD74628DBC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{3DD750CF-8954-4130-BE61-5F59B0945CAB}] => (Allow) E:\Origin Spiele\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{1C84F5A1-FF5A-4693-9BAA-D282AEC77CE1}] => (Allow) E:\Origin Spiele\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{1E9C6C22-526E-4051-AC1A-09C3294D46B4}] => (Allow) E:\Origin Spiele\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{94085C37-76C4-48D8-8BEB-33CD07094E33}] => (Allow) E:\Origin Spiele\Battlefield 4\BF4WebHelper.exe
FirewallRules: [TCP Query User{A4357C21-47A6-435A-9B2D-EDF91DA34842}E:\origin spiele\battlefield 4\bf4.exe] => (Allow) E:\origin spiele\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{A6D98CFE-B9EC-45D3-9D6B-09E2E91788F2}E:\origin spiele\battlefield 4\bf4.exe] => (Allow) E:\origin spiele\battlefield 4\bf4.exe
FirewallRules: [{28E135A7-BF31-420A-BE30-A3BDC7CCD8BC}] => (Block) E:\origin spiele\battlefield 4\bf4.exe
FirewallRules: [{8A5146BD-4430-459C-B54B-B50BDE4B72E5}] => (Block) E:\origin spiele\battlefield 4\bf4.exe
FirewallRules: [{5EFD41A9-6CA9-412C-9F8E-2B655E362D97}] => (Allow) E:\Programme\SiSoftware Sandra Lite 2015.SP2b\RpcAgentSrv.exe
FirewallRules: [{D270705D-94A4-4019-A5C5-3C5E5DD92753}] => (Allow) E:\Programme\SiSoftware Sandra Lite 2015.SP2b\WNt600x64\RpcSandraSrv.exe
FirewallRules: [{33B89147-AF5A-44BF-86E1-5E04CD8B642E}] => (Allow) G:\GAMES\SteamApps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{1FE4459A-19C4-4639-9510-EBF7E590EF08}] => (Allow) G:\GAMES\SteamApps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{D58D67FD-46AF-477D-BA2C-4BE69A3DD8A8}] => (Allow) G:\GAMES\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{0FCBC00F-3737-4C1F-8BDA-2DECA6F7FCB2}] => (Allow) G:\GAMES\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{0BCE6888-FB4E-4A52-B377-C4750B8EB6A3}] => (Allow) E:\Origin Spiele\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{B8BBA82C-C8C0-4D82-B0B5-93090AE1D7A3}] => (Allow) E:\Origin Spiele\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{8F904627-E678-43B5-84D5-303E3738AF54}] => (Allow) E:\Origin Spiele\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{C7331155-86D3-4EF0-B339-F480A21D5C67}] => (Allow) E:\Origin Spiele\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{122DF90B-9295-488B-8E89-0CD93AA428FF}] => (Allow) LPort=49185
FirewallRules: [{8F6B0B3F-6D60-425E-A52F-1A58E9AD9DF1}] => (Allow) LPort=5000
StandardProfile\AuthorizedApplications: [E:\Programme\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [E:\Programme\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [E:\Programme\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [E:\Programme\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/24/2015 07:44:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/23/2015 11:05:08 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108
Error: (09/23/2015 10:59:02 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (09/23/2015 01:44:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 18 6.3.F.6.A.6.B.6.9.C.B.F.0.D.D.6.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR nunuc-PC-2.local.
Error: (09/23/2015 01:44:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.100:5353 16 6.3.F.6.A.6.B.6.9.C.B.F.0.D.D.6.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR nunuc-PC.local.
Error: (09/23/2015 01:44:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 18 100.2.168.192.in-addr.arpa. PTR nunuc-PC-2.local.
Error: (09/23/2015 01:44:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.100:5353 16 100.2.168.192.in-addr.arpa. PTR nunuc-PC.local.
Error: (09/23/2015 01:44:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 18 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa. PTR nunuc-PC-2.local.
Error: (09/23/2015 01:44:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 0000:0000:0000:0000:0000:0000:0000:0001:5353 16 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa. PTR nunuc-PC.local.
Error: (09/23/2015 01:44:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 18 222.123.254.169.in-addr.arpa. PTR nunuc-PC-2.local.
Systemfehler:
=============
Error: (09/23/2015 09:00:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (09/23/2015 09:00:23 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\nunuc\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (09/23/2015 09:00:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (09/23/2015 09:00:22 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\nunuc\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (09/23/2015 09:00:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (09/23/2015 09:00:22 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\nunuc\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (09/23/2015 08:58:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (09/23/2015 08:58:46 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\nunuc\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (09/23/2015 08:58:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (09/23/2015 08:58:45 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\nunuc\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
CodeIntegrity:
===================================
Date: 2015-03-25 10:06:54.681
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\nunuc\AppData\Local\Temp\pavu99sh3g" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-25 10:06:54.658
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\nunuc\AppData\Local\Temp\pavu99sh3g" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-25 10:06:21.800
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\nunuc\AppData\Local\Temp\pavu99sh3g" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-25 10:06:21.777
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\nunuc\AppData\Local\Temp\pavu99sh3g" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-25 10:04:01.374
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\nunuc\AppData\Local\Temp\pavu99sh3g" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-25 10:04:01.349
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\nunuc\AppData\Local\Temp\pavu99sh3g" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-25 10:02:55.583
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\nunuc\AppData\Local\Temp\pavu99sh3g" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-25 10:02:55.558
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\nunuc\AppData\Local\Temp\pavu99sh3g" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-25 10:02:22.542
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\nunuc\AppData\Local\Temp\pavu99sh3g" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-25 10:02:22.516
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\nunuc\AppData\Local\Temp\pavu99sh3g" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7 CPU 860 @ 2.80GHz
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 12279.11 MB
Verfügbarer physikalischer RAM: 8101.2 MB
Summe virtueller Speicher: 24556.43 MB
Verfügbarer virtueller Speicher: 19859.7 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:111.69 GB) (Free:28.92 GB) NTFS
Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive e: () (Fixed) (Total:488.28 GB) (Free:45.23 GB) NTFS
Drive f: () (Fixed) (Total:244.14 GB) (Free:244.04 GB) NTFS
Drive g: () (Fixed) (Total:518.26 GB) (Free:32.11 GB) NTFS
Drive i: () (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive j: (32 Bit Windows) (Fixed) (Total:146.48 GB) (Free:146.35 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: E1D5A341)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1397.3 GB) (Disk ID: 11E3F74A)
Partition 1: (Not Active) - (Size=878.9 GB) - (Type=42)
Partition 2: (Active) - (Size=100 MB) - (Type=42)
Partition 3: (Not Active) - (Size=518.3 GB) - (Type=42)
==================== Ende von Addition.txt ============================
|
|
24.09.2015, 08:18
| #2 |
| /// the machine /// TB-Ausbilder    | Telekom Mail versendet Spam - Delivery Status Notification erhalten hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
24.09.2015, 09:09
| #3 |
| | Telekom Mail versendet Spam - Delivery Status Notification erhalten Beide Programme nach Anleitung ausgeführt und beide ohne einen Fund.
__________________Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2015.09.24.02
rootkit: v2015.09.22.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17914
nunuc :: NUNUC-PC [administrator]
24.09.2015 09:53:59
mbar-log-2015-09-24 (09-53-59).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 383649
Time elapsed: 11 minute(s), 30 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 10:06:08.0157 0x22bc TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
10:06:11.0016 0x22bc ============================================================
10:06:11.0016 0x22bc Current date / time: 2015/09/24 10:06:11.0016
10:06:11.0016 0x22bc SystemInfo:
10:06:11.0016 0x22bc
10:06:11.0016 0x22bc OS Version: 6.1.7601 ServicePack: 1.0
10:06:11.0016 0x22bc Product type: Workstation
10:06:11.0016 0x22bc ComputerName: NUNUC-PC
10:06:11.0017 0x22bc UserName: nunuc
10:06:11.0017 0x22bc Windows directory: C:\Windows
10:06:11.0017 0x22bc System windows directory: C:\Windows
10:06:11.0017 0x22bc Running under WOW64
10:06:11.0017 0x22bc Processor architecture: Intel x64
10:06:11.0017 0x22bc Number of processors: 8
10:06:11.0017 0x22bc Page size: 0x1000
10:06:11.0017 0x22bc Boot type: Normal boot
10:06:11.0017 0x22bc ============================================================
10:06:11.0325 0x22bc KLMD registered as C:\Windows\system32\drivers\10097641.sys
10:06:11.0421 0x22bc System UUID: {4AC7BCA2-A615-8145-7C5C-3520F01CCCD6}
10:06:11.0690 0x22bc Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:06:11.0716 0x22bc Drive \Device\Harddisk1\DR1 - Size: 0x15D50F66000 ( 1397.27 Gb ), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:06:11.0720 0x22bc ============================================================
10:06:11.0720 0x22bc \Device\Harddisk0\DR0:
10:06:11.0720 0x22bc MBR partitions:
10:06:11.0720 0x22bc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:06:11.0720 0x22bc \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
10:06:11.0720 0x22bc \Device\Harddisk1\DR1:
10:06:11.0721 0x22bc MBR partitions:
10:06:11.0721 0x22bc ============================================================
10:06:11.0721 0x22bc C: <-> \Device\Harddisk0\DR0\Partition2
10:06:11.0723 0x22bc D: <-> \Device\Harddisk0\DR0\Partition1
10:06:11.0723 0x22bc ============================================================
10:06:11.0723 0x22bc Initialize success
10:06:11.0723 0x22bc ============================================================
10:06:53.0206 0x238c ============================================================
10:06:53.0206 0x238c Scan started
10:06:53.0206 0x238c Mode: Manual; SigCheck; TDLFS;
10:06:53.0206 0x238c ============================================================
10:06:53.0206 0x238c KSN ping started
10:06:55.0942 0x238c KSN ping finished: true
10:06:56.0549 0x238c ================ Scan system memory ========================
10:06:56.0549 0x238c System memory - ok
10:06:56.0549 0x238c ================ Scan services =============================
10:06:56.0581 0x238c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
10:06:56.0625 0x238c 1394ohci - ok
10:06:56.0637 0x238c [ 7EEB488346FBFA3731276C3EE8A8FD9E, 97D2E49C2E615E38E8176F1C1551BF452CC6A00787FF90845EFF27A4E6E20B1F ] AAV UpdateService C:\Program Files (x86)\Lexware\AAVUpdateManager\aavus.exe
10:06:56.0647 0x238c AAV UpdateService - ok
10:06:56.0660 0x238c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:06:56.0675 0x238c ACPI - ok
10:06:56.0679 0x238c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:06:56.0702 0x238c AcpiPmi - ok
10:06:56.0706 0x238c [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:06:56.0715 0x238c AdobeARMservice - ok
10:06:56.0737 0x238c [ C6D147C12C424373B016C0AB0A6C61EB, 043D44F3C942CFC3558E782938C26849BF648A58A7AA62C4A526E37DE4136C27 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:06:56.0749 0x238c AdobeFlashPlayerUpdateSvc - ok
10:06:56.0773 0x238c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
10:06:56.0791 0x238c adp94xx - ok
10:06:56.0809 0x238c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
10:06:56.0825 0x238c adpahci - ok
10:06:56.0835 0x238c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
10:06:56.0847 0x238c adpu320 - ok
10:06:56.0853 0x238c [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:06:56.0865 0x238c AeLookupSvc - ok
10:06:56.0879 0x238c [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
10:06:56.0900 0x238c AFD - ok
10:06:56.0907 0x238c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
10:06:56.0917 0x238c agp440 - ok
10:06:56.0922 0x238c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
10:06:56.0938 0x238c ALG - ok
10:06:56.0942 0x238c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
10:06:56.0951 0x238c aliide - ok
10:06:56.0955 0x238c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
10:06:56.0964 0x238c amdide - ok
10:06:56.0970 0x238c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
10:06:56.0982 0x238c AmdK8 - ok
10:06:56.0987 0x238c [ 6ED151E48EE0F594767D440BD3204598, 10DB6C45DBC2EA8203DACEE2A98BC47548A0338A298838747CA86E9D282C45BC ] amdkmpfd C:\Windows\system32\DRIVERS\amdkmpfd.sys
10:06:56.0999 0x238c amdkmpfd - ok
10:06:57.0004 0x238c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
10:06:57.0016 0x238c AmdPPM - ok
10:06:57.0022 0x238c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:06:57.0033 0x238c amdsata - ok
10:06:57.0042 0x238c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
10:06:57.0054 0x238c amdsbs - ok
10:06:57.0058 0x238c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:06:57.0067 0x238c amdxata - ok
10:06:57.0094 0x238c [ 9FE1AC875A7AD7B7FF28FEC8B754968D, EEE04D4073E49332C85028B62E8A035EAA2284526A3F3820133492C8F8CBA3D5 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
10:06:57.0120 0x238c AntiVirMailService - ok
10:06:57.0133 0x238c [ E20B4F23EB153635D67944F63454EC84, FEE76A74767CDB33415C64F08AE1FF248F505AF22C1F1BA1EBB5CC6A75E3926F ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
10:06:57.0151 0x238c AntiVirSchedulerService - ok
10:06:57.0164 0x238c [ E20B4F23EB153635D67944F63454EC84, FEE76A74767CDB33415C64F08AE1FF248F505AF22C1F1BA1EBB5CC6A75E3926F ] AntiVirService C:\Program Files (x86)\Avira\Antivirus\avguard.exe
10:06:57.0182 0x238c AntiVirService - ok
10:06:57.0210 0x238c [ D9A8EE3F4A1E604B9315B34A5AA4569E, 287BA8FA1949646E03D39F36F50C016251358A8A454EE19D249E76A723F1455E ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
10:06:57.0242 0x238c AntiVirWebService - ok
10:06:57.0248 0x238c [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
10:06:57.0261 0x238c AppID - ok
10:06:57.0265 0x238c [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:06:57.0275 0x238c AppIDSvc - ok
10:06:57.0279 0x238c [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo C:\Windows\System32\appinfo.dll
10:06:57.0291 0x238c Appinfo - ok
10:06:57.0298 0x238c [ 6EB87FDB59AABF6D19C927492DEA0D36, 36168F8CC75D16917A30FA1FACF57659BC2ADF870D20DEE93F851D5348E605BB ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:06:57.0306 0x238c Apple Mobile Device Service - ok
10:06:57.0314 0x238c [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
10:06:57.0327 0x238c AppMgmt - ok
10:06:57.0333 0x238c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
10:06:57.0343 0x238c arc - ok
10:06:57.0349 0x238c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
10:06:57.0360 0x238c arcsas - ok
10:06:57.0373 0x238c [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:06:57.0385 0x238c aspnet_state - ok
10:06:57.0389 0x238c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:06:57.0467 0x238c AsyncMac - ok
10:06:57.0472 0x238c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
10:06:57.0481 0x238c atapi - ok
10:06:57.0519 0x238c [ 7D89B0C443F6068E5B27AA3B972069FF, 34CBB7D44D060F1D614BCA1357C8A260A002C21E67D33E819F57815AC400CCBD ] athr C:\Windows\system32\DRIVERS\athrx.sys
10:06:57.0559 0x238c athr - ok
10:06:57.0583 0x238c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:06:57.0607 0x238c AudioEndpointBuilder - ok
10:06:57.0629 0x238c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:06:57.0651 0x238c AudioSrv - ok
10:06:57.0658 0x238c [ 24843902369DC82B4691F816F08F2938, 330E22C6007B10FE9C232BBCA2F388ADA17DEDBAA11BEC2A70377A4466DFB6FA ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
10:06:57.0670 0x238c avgntflt - ok
10:06:57.0677 0x238c [ 043E5F34C3878C844568658B79B3E55C, D13D8FC5205562E02F252C0EE1AB2236C9212445D6EC3715041EBDF993CB467F ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
10:06:57.0689 0x238c avipbb - ok
10:06:57.0697 0x238c [ 24680B56D862F1DE30C13FC64B80F568, 4B30EB73369691B915F5615E1BF6C95B070E184BC42BCC505C94410014A04EB3 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
10:06:57.0710 0x238c Avira.ServiceHost - ok
10:06:57.0714 0x238c [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
10:06:57.0722 0x238c avkmgr - ok
10:06:57.0726 0x238c [ 13253E5E3B6BDF945B63B336A8C9489B, 671C716E43F89D4BDDAA2BE045CDEBBB569C85BC2BA334E1F550187B79A7740D ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
10:06:57.0735 0x238c avnetflt - ok
10:06:57.0742 0x238c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:06:57.0769 0x238c AxInstSV - ok
10:06:57.0791 0x238c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
10:06:57.0813 0x238c b06bdrv - ok
10:06:57.0827 0x238c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:06:57.0846 0x238c b57nd60a - ok
10:06:57.0855 0x238c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
10:06:57.0867 0x238c BDESVC - ok
10:06:57.0870 0x238c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
10:06:57.0897 0x238c Beep - ok
10:06:57.0921 0x238c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
10:06:57.0949 0x238c BFE - ok
10:06:57.0974 0x238c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
10:06:58.0063 0x238c BITS - ok
10:06:58.0068 0x238c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:06:58.0084 0x238c blbdrive - ok
10:06:58.0099 0x238c [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:06:58.0114 0x238c Bonjour Service - ok
10:06:58.0119 0x238c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:06:58.0131 0x238c bowser - ok
10:06:58.0134 0x238c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
10:06:58.0145 0x238c BrFiltLo - ok
10:06:58.0149 0x238c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
10:06:58.0160 0x238c BrFiltUp - ok
10:06:58.0167 0x238c [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] Bridge C:\Windows\system32\DRIVERS\bridge.sys
10:06:58.0195 0x238c Bridge - ok
10:06:58.0201 0x238c [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
10:06:58.0227 0x238c BridgeMP - ok
10:06:58.0236 0x238c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
10:06:58.0250 0x238c Browser - ok
10:06:58.0263 0x238c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:06:58.0283 0x238c Brserid - ok
10:06:58.0289 0x238c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:06:58.0303 0x238c BrSerWdm - ok
10:06:58.0307 0x238c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:06:58.0320 0x238c BrUsbMdm - ok
10:06:58.0323 0x238c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:06:58.0333 0x238c BrUsbSer - ok
10:06:58.0348 0x238c [ 910B5BF2353D5D982D2F6B8F6454A00A, E27A0E9EDF50A935E83F4D5BD86C9B9B297F1B8193AFB7C28313B28B5A4B27A5 ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
10:06:58.0363 0x238c BstHdAndroidSvc - ok
10:06:58.0368 0x238c [ 6A4D927BDEE8D9944FAA0012AF7AD232, F0B8642FB02628899CCE526A59A18E0A89456AA2385E82CD97B25CFC64C0E92E ] BstHdDrv C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
10:06:58.0378 0x238c BstHdDrv - ok
10:06:58.0391 0x238c [ 95B960980034877821E7FB5BFE25136E, 64EA26E9E94767C9EBEEF26FEEAA3176BB7787785F5F20CB8BBB4C75F45AAAA1 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
10:06:58.0407 0x238c BstHdLogRotatorSvc - ok
10:06:58.0428 0x238c [ 5EBFF8D302047F4709F3A4F1231236E9, 84010BB25C4C029C03C98853E8AC75F103D1F34922B0643ECD758CE21E7DE4A6 ] BstHdUpdaterSvc C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
10:06:58.0454 0x238c BstHdUpdaterSvc - ok
10:06:58.0459 0x238c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
10:06:58.0473 0x238c BTHMODEM - ok
10:06:58.0479 0x238c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
10:06:58.0506 0x238c bthserv - ok
10:06:58.0515 0x238c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:06:58.0543 0x238c cdfs - ok
10:06:58.0550 0x238c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:06:58.0563 0x238c cdrom - ok
10:06:58.0568 0x238c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
10:06:58.0596 0x238c CertPropSvc - ok
10:06:58.0603 0x238c CFCOGJUTSSHKETKV - ok
10:06:58.0607 0x238c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
10:06:58.0620 0x238c circlass - ok
10:06:58.0632 0x238c [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
10:06:58.0649 0x238c CLFS - ok
10:06:58.0656 0x238c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:06:58.0666 0x238c clr_optimization_v2.0.50727_32 - ok
10:06:58.0674 0x238c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:06:58.0685 0x238c clr_optimization_v2.0.50727_64 - ok
10:06:58.0696 0x238c [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:06:58.0709 0x238c clr_optimization_v4.0.30319_32 - ok
10:06:58.0716 0x238c [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:06:58.0730 0x238c clr_optimization_v4.0.30319_64 - ok
10:06:58.0733 0x238c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
10:06:58.0743 0x238c CmBatt - ok
10:06:58.0747 0x238c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:06:58.0756 0x238c cmdide - ok
10:06:58.0771 0x238c [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
10:06:58.0795 0x238c CNG - ok
10:06:58.0799 0x238c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
10:06:58.0808 0x238c Compbatt - ok
10:06:58.0812 0x238c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
10:06:58.0825 0x238c CompositeBus - ok
10:06:58.0828 0x238c COMSysApp - ok
10:06:58.0832 0x238c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
10:06:58.0840 0x238c crcdisk - ok
10:06:58.0848 0x238c [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:06:58.0863 0x238c CryptSvc - ok
10:06:58.0882 0x238c [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
10:06:58.0901 0x238c CSC - ok
10:06:58.0932 0x238c [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
10:06:58.0957 0x238c CscService - ok
10:06:58.0974 0x238c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:06:59.0008 0x238c DcomLaunch - ok
10:06:59.0019 0x238c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
10:06:59.0049 0x238c defragsvc - ok
10:06:59.0133 0x238c [ 0B24043732807EE3AA25389356F4DE7C, 6A9A65B38968FF704C3938BEF5E6C1226447FF4F78997473B1694EA8D3D519DF ] DevoloNetworkService C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
10:06:59.0215 0x238c DevoloNetworkService - ok
10:06:59.0224 0x238c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:06:59.0249 0x238c DfsC - ok
10:06:59.0263 0x238c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
10:06:59.0280 0x238c Dhcp - ok
10:06:59.0310 0x238c [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack C:\Windows\system32\diagtrack.dll
10:06:59.0347 0x238c DiagTrack - ok
10:06:59.0354 0x238c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
10:06:59.0380 0x238c discache - ok
10:06:59.0384 0x238c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
10:06:59.0393 0x238c Disk - ok
10:06:59.0398 0x238c [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
10:06:59.0409 0x238c dmvsc - ok
10:06:59.0416 0x238c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:06:59.0432 0x238c Dnscache - ok
10:06:59.0443 0x238c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
10:06:59.0473 0x238c dot3svc - ok
10:06:59.0480 0x238c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
10:06:59.0507 0x238c DPS - ok
10:06:59.0510 0x238c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:06:59.0520 0x238c drmkaud - ok
10:06:59.0558 0x238c [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:06:59.0585 0x238c DXGKrnl - ok
10:06:59.0589 0x238c EagleX64 - ok
10:06:59.0594 0x238c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
10:06:59.0622 0x238c EapHost - ok
10:06:59.0625 0x238c EasyAntiCheat - ok
10:06:59.0744 0x238c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
10:06:59.0837 0x238c ebdrv - ok
10:06:59.0844 0x238c [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] EFS C:\Windows\System32\lsass.exe
10:06:59.0856 0x238c EFS - ok
10:06:59.0884 0x238c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:06:59.0912 0x238c ehRecvr - ok
10:06:59.0918 0x238c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
10:06:59.0932 0x238c ehSched - ok
10:06:59.0936 0x238c [ BE2902E13CA69383F449B6BF927844FB, F092785E305D8E1FE795AF98A7A7B7B4548A0D6687060568C9E078FFA8D65C1C ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
10:06:59.0945 0x238c ElbyCDIO - ok
10:06:59.0965 0x238c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
10:06:59.0984 0x238c elxstor - ok
10:06:59.0987 0x238c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:06:59.0997 0x238c ErrDev - ok
10:07:00.0016 0x238c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
10:07:00.0051 0x238c EventSystem - ok
10:07:00.0061 0x238c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
10:07:00.0095 0x238c exfat - ok
10:07:00.0105 0x238c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:07:00.0136 0x238c fastfat - ok
10:07:00.0164 0x238c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
10:07:00.0189 0x238c Fax - ok
10:07:00.0193 0x238c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
10:07:00.0203 0x238c fdc - ok
10:07:00.0208 0x238c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
10:07:00.0235 0x238c fdPHost - ok
10:07:00.0239 0x238c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
10:07:00.0265 0x238c FDResPub - ok
10:07:00.0269 0x238c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:07:00.0279 0x238c FileInfo - ok
10:07:00.0282 0x238c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:07:00.0307 0x238c Filetrace - ok
10:07:00.0311 0x238c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
10:07:00.0322 0x238c flpydisk - ok
10:07:00.0333 0x238c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:07:00.0347 0x238c FltMgr - ok
10:07:00.0381 0x238c [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\Windows\system32\FntCache.dll
10:07:00.0415 0x238c FontCache - ok
10:07:00.0421 0x238c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:07:00.0429 0x238c FontCache3.0.0.0 - ok
10:07:00.0433 0x238c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:07:00.0443 0x238c FsDepends - ok
10:07:00.0447 0x238c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:07:00.0456 0x238c Fs_Rec - ok
10:07:00.0465 0x238c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:07:00.0480 0x238c fvevol - ok
10:07:00.0486 0x238c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
10:07:00.0495 0x238c gagp30kx - ok
10:07:00.0499 0x238c [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:07:00.0506 0x238c GEARAspiWDM - ok
10:07:00.0532 0x238c [ 21931B9C5FDE6087F47F710AC1BE16E9, A727A8922A9769AAC77F5D85ED3475853655E9483C8DA091653D0B1F3D479398 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
10:07:00.0561 0x238c GfExperienceService - ok
10:07:00.0593 0x238c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
10:07:00.0631 0x238c gpsvc - ok
10:07:00.0637 0x238c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:07:00.0647 0x238c hcw85cir - ok
10:07:00.0659 0x238c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:07:00.0678 0x238c HdAudAddService - ok
10:07:00.0684 0x238c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
10:07:00.0698 0x238c HDAudBus - ok
10:07:00.0702 0x238c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
10:07:00.0712 0x238c HidBatt - ok
10:07:00.0720 0x238c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
10:07:00.0734 0x238c HidBth - ok
10:07:00.0739 0x238c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
10:07:00.0753 0x238c HidIr - ok
10:07:00.0758 0x238c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
10:07:00.0784 0x238c hidserv - ok
10:07:00.0788 0x238c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:07:00.0799 0x238c HidUsb - ok
10:07:00.0805 0x238c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:07:00.0834 0x238c hkmsvc - ok
10:07:00.0844 0x238c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:07:00.0860 0x238c HomeGroupListener - ok
10:07:00.0868 0x238c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:07:00.0883 0x238c HomeGroupProvider - ok
10:07:00.0889 0x238c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:07:00.0898 0x238c HpSAMD - ok
10:07:00.0919 0x238c [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:07:00.0945 0x238c HTTP - ok
10:07:00.0965 0x238c [ E5805896A55D4166C20F216249F40FA3, F426BF60D5B916E7A778EF24C49FE1FFE1B2977C2ABD2977FD5C38C6E6CB139F ] HWiNFO32 C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
10:07:00.0974 0x238c HWiNFO32 - ok
10:07:00.0977 0x238c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:07:00.0987 0x238c hwpolicy - ok
10:07:00.0996 0x238c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:07:01.0008 0x238c i8042prt - ok
10:07:01.0029 0x238c [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys
10:07:01.0051 0x238c iaStorA - ok
10:07:01.0056 0x238c [ CE5CD8CBE940965867D507AB8EA2795A, 1CC2C23A1436E4C911DD3B942D8F6DABB7249AB04426F9AB6B6045034226DD25 ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys
10:07:01.0063 0x238c iaStorF - ok
10:07:01.0078 0x238c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:07:01.0093 0x238c iaStorV - ok
10:07:01.0117 0x238c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:07:01.0142 0x238c idsvc - ok
10:07:01.0145 0x238c IEEtwCollectorService - ok
10:07:01.0150 0x238c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
10:07:01.0160 0x238c iirsp - ok
10:07:01.0186 0x238c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
10:07:01.0213 0x238c IKEEXT - ok
10:07:01.0325 0x238c [ FEE5C21569883B2BDC655FC875CCBA21, 273C017155DB92AC3408E9A1DF5D8A4BCFFED6C3C6C2474E883E6905DFABDCFC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:07:01.0418 0x238c IntcAzAudAddService - ok
10:07:01.0427 0x238c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
10:07:01.0435 0x238c intelide - ok
10:07:01.0440 0x238c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:07:01.0451 0x238c intelppm - ok
10:07:01.0458 0x238c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:07:01.0487 0x238c IPBusEnum - ok
10:07:01.0494 0x238c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:07:01.0520 0x238c IpFilterDriver - ok
10:07:01.0537 0x238c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:07:01.0560 0x238c iphlpsvc - ok
10:07:01.0567 0x238c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:07:01.0579 0x238c IPMIDRV - ok
10:07:01.0586 0x238c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:07:01.0614 0x238c IPNAT - ok
10:07:01.0630 0x238c [ E8D96F840994291789F0CDE6800AC1A4, 35B39474B6385DA828D4212047F5C94775FC3C55E8C72EAA503D763D86F9BFB7 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:07:01.0649 0x238c iPod Service - ok
10:07:01.0653 0x238c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:07:01.0666 0x238c IRENUM - ok
10:07:01.0669 0x238c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:07:01.0678 0x238c isapnp - ok
10:07:01.0688 0x238c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:07:01.0701 0x238c iScsiPrt - ok
10:07:01.0705 0x238c [ 6E76CFA02D7EBE9DBB5E8C60CC23CAA1, F847164478ADB09EC1335359937CAB1FBBF649AD1D52CF4CEF931388C07A9D0C ] JmUsbCcgp C:\Windows\system32\DRIVERS\jmccgp.sys
10:07:01.0712 0x238c JmUsbCcgp - ok
10:07:01.0718 0x238c [ 50DE7DD7EDB1B512B13666588AEFBF6F, 47FFBA2CA40718614C5A43C2D231B46C22E96221B9EFD8BD4C2D355412811DF4 ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
10:07:01.0727 0x238c JRAID - ok
10:07:01.0732 0x238c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:07:01.0741 0x238c kbdclass - ok
10:07:01.0745 0x238c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:07:01.0756 0x238c kbdhid - ok
10:07:01.0760 0x238c [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] KeyIso C:\Windows\system32\lsass.exe
10:07:01.0771 0x238c KeyIso - ok
10:07:01.0776 0x238c [ C0A6C3D6E02B61B5D100FE17306C276F, F57C7BCC39B30F1DF739D07B76BA18EB68D12D8D1BD13B6AC8DC712C29119495 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:07:01.0786 0x238c KSecDD - ok
10:07:01.0793 0x238c [ 7A7328E427694CC7244235C3BC299F80, 7FC2E1F3F93B3334C3A8961CA58B4F38524650F6D8DA9FFA1FB43E1A2B86B710 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:07:01.0805 0x238c KSecPkg - ok
10:07:01.0810 0x238c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:07:01.0837 0x238c ksthunk - ok
10:07:01.0855 0x238c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
10:07:01.0888 0x238c KtmRm - ok
10:07:01.0898 0x238c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:07:01.0928 0x238c LanmanServer - ok
10:07:01.0934 0x238c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:07:01.0963 0x238c LanmanWorkstation - ok
10:07:01.0967 0x238c [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
10:07:01.0974 0x238c LGBusEnum - ok
10:07:01.0978 0x238c [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
10:07:01.0985 0x238c LGVirHid - ok
10:07:01.0988 0x238c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:07:02.0014 0x238c lltdio - ok
10:07:02.0030 0x238c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:07:02.0060 0x238c lltdsvc - ok
10:07:02.0065 0x238c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:07:02.0090 0x238c lmhosts - ok
10:07:02.0097 0x238c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
10:07:02.0107 0x238c LSI_FC - ok
10:07:02.0112 0x238c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
10:07:02.0122 0x238c LSI_SAS - ok
10:07:02.0127 0x238c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
10:07:02.0137 0x238c LSI_SAS2 - ok
10:07:02.0144 0x238c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
10:07:02.0154 0x238c LSI_SCSI - ok
10:07:02.0160 0x238c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
10:07:02.0186 0x238c luafv - ok
10:07:02.0190 0x238c [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
10:07:02.0198 0x238c MBAMProtector - ok
10:07:02.0225 0x238c [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
10:07:02.0254 0x238c MBAMService - ok
10:07:02.0259 0x238c [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
10:07:02.0267 0x238c MBAMWebAccessControl - ok
10:07:02.0271 0x238c [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
10:07:02.0278 0x238c MBfilt - ok
10:07:02.0283 0x238c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:07:02.0295 0x238c Mcx2Svc - ok
10:07:02.0299 0x238c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
10:07:02.0308 0x238c megasas - ok
10:07:02.0320 0x238c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
10:07:02.0334 0x238c MegaSR - ok
10:07:02.0340 0x238c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
10:07:02.0367 0x238c MMCSS - ok
10:07:02.0372 0x238c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
10:07:02.0398 0x238c Modem - ok
10:07:02.0402 0x238c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:07:02.0415 0x238c monitor - ok
10:07:02.0418 0x238c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:07:02.0427 0x238c mouclass - ok
10:07:02.0432 0x238c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:07:02.0442 0x238c mouhid - ok
10:07:02.0449 0x238c [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:07:02.0460 0x238c mountmgr - ok
10:07:02.0466 0x238c [ 090EA48109E3CEC6229777C308184D81, DA9A66766998658F68C64607158571CEF526F3F49BD07D71C7DD54F778B14CF8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:07:02.0478 0x238c MozillaMaintenance - ok
10:07:02.0487 0x238c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
10:07:02.0498 0x238c mpio - ok
10:07:02.0502 0x238c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:07:02.0528 0x238c mpsdrv - ok
10:07:02.0558 0x238c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:07:02.0603 0x238c MpsSvc - ok
10:07:02.0612 0x238c [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:07:02.0626 0x238c MRxDAV - ok
10:07:02.0632 0x238c [ 1877EB1495CFBDAB27D6A32F6DDF3818, 3818055C66AB12A335A905CFFE5D05347F15AE488861C5C183E62E8E0881DA86 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:07:02.0646 0x238c mrxsmb - ok
10:07:02.0655 0x238c [ 21AF322605D8C7F2A627C22634D1C9C9, 6B783F95D093FEFB260EA9568926BBB3CB8ED0783184DB3A18733E211933BADD ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:07:02.0672 0x238c mrxsmb10 - ok
10:07:02.0678 0x238c [ 45A03A0B6461EFBEE77E0A6AC2816EDA, CFB0C11387F2EC49FD6B69EF747962114EBA6F8B4B4DEC3627E9E969775C4D7E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:07:02.0691 0x238c mrxsmb20 - ok
10:07:02.0695 0x238c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
10:07:02.0704 0x238c msahci - ok
10:07:02.0711 0x238c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:07:02.0722 0x238c msdsm - ok
10:07:02.0728 0x238c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
10:07:02.0741 0x238c MSDTC - ok
10:07:02.0747 0x238c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:07:02.0772 0x238c Msfs - ok
10:07:02.0775 0x238c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:07:02.0801 0x238c mshidkmdf - ok
10:07:02.0804 0x238c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:07:02.0813 0x238c msisadrv - ok
10:07:02.0823 0x238c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:07:02.0852 0x238c MSiSCSI - ok
10:07:02.0855 0x238c msiserver - ok
10:07:02.0858 0x238c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:07:02.0883 0x238c MSKSSRV - ok
10:07:02.0886 0x238c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:07:02.0911 0x238c MSPCLOCK - ok
10:07:02.0914 0x238c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:07:02.0942 0x238c MSPQM - ok
10:07:02.0955 0x238c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:07:02.0971 0x238c MsRPC - ok
10:07:02.0975 0x238c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
10:07:02.0984 0x238c mssmbios - ok
10:07:02.0987 0x238c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:07:03.0011 0x238c MSTEE - ok
10:07:03.0015 0x238c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
10:07:03.0025 0x238c MTConfig - ok
10:07:03.0029 0x238c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
10:07:03.0038 0x238c Mup - ok
10:07:03.0054 0x238c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
10:07:03.0090 0x238c napagent - ok
10:07:03.0107 0x238c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:07:03.0126 0x238c NativeWifiP - ok
10:07:03.0157 0x238c [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
10:07:03.0183 0x238c NDIS - ok
10:07:03.0189 0x238c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:07:03.0214 0x238c NdisCap - ok
10:07:03.0217 0x238c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:07:03.0242 0x238c NdisTapi - ok
10:07:03.0247 0x238c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:07:03.0271 0x238c Ndisuio - ok
10:07:03.0278 0x238c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:07:03.0304 0x238c NdisWan - ok
10:07:03.0309 0x238c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:07:03.0336 0x238c NDProxy - ok
10:07:03.0339 0x238c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:07:03.0366 0x238c NetBIOS - ok
10:07:03.0376 0x238c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:07:03.0405 0x238c NetBT - ok
10:07:03.0409 0x238c [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] Netlogon C:\Windows\system32\lsass.exe
10:07:03.0418 0x238c Netlogon - ok
10:07:03.0435 0x238c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
10:07:03.0469 0x238c Netman - ok
10:07:03.0479 0x238c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:07:03.0495 0x238c NetMsmqActivator - ok
10:07:03.0500 0x238c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:07:03.0513 0x238c NetPipeActivator - ok
10:07:03.0533 0x238c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
10:07:03.0575 0x238c netprofm - ok
10:07:03.0580 0x238c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:07:03.0593 0x238c NetTcpActivator - ok
10:07:03.0598 0x238c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:07:03.0611 0x238c NetTcpPortSharing - ok
10:07:03.0615 0x238c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
10:07:03.0624 0x238c nfrd960 - ok
10:07:03.0635 0x238c [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
10:07:03.0651 0x238c NlaSvc - ok
10:07:03.0655 0x238c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:07:03.0680 0x238c Npfs - ok
10:07:03.0684 0x238c [ 49697C2C761ACB5C0DE99CC8FE93E95B, 02EEA7FB21D28B235A05FE0A6061170F366470EF6E45C9B21D7C8C0E7C728FC5 ] NPF_devolo C:\Windows\sysWOW64\drivers\npf_devolo.sys
10:07:03.0692 0x238c NPF_devolo - ok
10:07:03.0694 0x238c npggsvc - ok
10:07:03.0698 0x238c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
10:07:03.0724 0x238c nsi - ok
10:07:03.0728 0x238c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:07:03.0753 0x238c nsiproxy - ok
10:07:03.0795 0x238c [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:07:03.0835 0x238c Ntfs - ok
10:07:03.0840 0x238c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
10:07:03.0866 0x238c Null - ok
10:07:03.0871 0x238c [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub C:\Windows\system32\drivers\nusb3hub.sys
10:07:03.0882 0x238c nusb3hub - ok
10:07:03.0891 0x238c [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc C:\Windows\system32\drivers\nusb3xhc.sys
10:07:03.0902 0x238c nusb3xhc - ok
10:07:03.0909 0x238c [ 624C1453F9109D98F7E2612DAD76BBB1, 4578623BF7EA1AF42038070AA3A1A9AC4A9582132ABBFAD9C3A99F46308DE8C3 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
10:07:03.0921 0x238c NVHDA - ok
10:07:04.0209 0x238c [ 23860E0BE05DF15970B9C0A141076080, 79DFB92E872AE108FFD47C577F96099C8FB03BA61A491B0CF3A5C8A2F3CAD17F ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:07:04.0428 0x238c nvlddmkm - ok
10:07:04.0480 0x238c [ 72DD6225BA6055472522195F96473639, 27C8F847B247645061C0CD6DFCC986DA27638A9DFE686040160DFDCF7B3A6E72 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
10:07:04.0524 0x238c NvNetworkService - ok
10:07:04.0532 0x238c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:07:04.0544 0x238c nvraid - ok
10:07:04.0551 0x238c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:07:04.0562 0x238c nvstor - ok
10:07:04.0566 0x238c [ 4680DDDDDBA1CB1D56D49B4A6134155C, BF6E538BC10B23F6D93143F5C48155245852798D4846F401E0DA70A5BCFC74E1 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
10:07:04.0573 0x238c NvStreamKms - ok
10:07:04.0699 0x238c [ E14F52B60581EE71849CD45186892046, 72B3E92CD34489306AB7D794C4C1F67513DE80C72A847DCF7A3EEFE2254762D0 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
10:07:04.0811 0x238c NvStreamSvc - ok
10:07:04.0839 0x238c [ F4D36838C25AB847D1A759150B5E992F, AB7BB99A90112F559AD4B4D33F53FFC2DBC7B1E85FCED90A9FCCA694A0BD9934 ] nvsvc C:\Windows\system32\nvvsvc.exe
10:07:04.0865 0x238c nvsvc - ok
10:07:04.0870 0x238c [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
10:07:04.0880 0x238c nvvad_WaveExtensible - ok
10:07:04.0888 0x238c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:07:04.0900 0x238c nv_agp - ok
10:07:04.0905 0x238c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:07:04.0917 0x238c ohci1394 - ok
10:07:04.0919 0x238c Origin Client Service - ok
10:07:04.0934 0x238c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:07:04.0953 0x238c p2pimsvc - ok
10:07:04.0967 0x238c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
10:07:04.0988 0x238c p2psvc - ok
10:07:04.0994 0x238c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
10:07:05.0008 0x238c Parport - ok
10:07:05.0013 0x238c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:07:05.0023 0x238c partmgr - ok
10:07:05.0031 0x238c [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:07:05.0048 0x238c PcaSvc - ok
10:07:05.0055 0x238c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
10:07:05.0068 0x238c pci - ok
10:07:05.0071 0x238c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
10:07:05.0081 0x238c pciide - ok
10:07:05.0092 0x238c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
10:07:05.0105 0x238c pcmcia - ok
10:07:05.0109 0x238c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
10:07:05.0119 0x238c pcw - ok
10:07:05.0164 0x238c [ 8F98C4BC605261B4B6E568FE791EB67A, 7B0D99D972A60423F7378BEE886061695FDA79B59AFF939744A130721E0174A1 ] PDF Architect 2 C:\Program Files (x86)\PDF Architect 2\ws.exe
10:07:05.0205 0x238c PDF Architect 2 - ok
10:07:05.0229 0x238c [ 9077A3059AB47834633AEAAED465F3D9, 9CA662E9CBA30795E4E5DAB3E309D2062FFDC2053C261054E24EF7EE5300F69F ] pdfforge CrashHandler C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe
10:07:05.0253 0x238c pdfforge CrashHandler - ok
10:07:05.0277 0x238c [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:07:05.0301 0x238c PEAUTH - ok
10:07:05.0352 0x238c [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
10:07:05.0391 0x238c PeerDistSvc - ok
10:07:05.0397 0x238c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:07:05.0408 0x238c PerfHost - ok
10:07:05.0454 0x238c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
10:07:05.0507 0x238c pla - ok
10:07:05.0524 0x238c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:07:05.0544 0x238c PlugPlay - ok
10:07:05.0549 0x238c [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
10:07:05.0558 0x238c PnkBstrA - ok
10:07:05.0561 0x238c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:07:05.0572 0x238c PNRPAutoReg - ok
10:07:05.0585 0x238c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:07:05.0602 0x238c PNRPsvc - ok
10:07:05.0624 0x238c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:07:05.0659 0x238c PolicyAgent - ok
10:07:05.0668 0x238c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
10:07:05.0696 0x238c Power - ok
10:07:05.0702 0x238c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:07:05.0730 0x238c PptpMiniport - ok
10:07:05.0735 0x238c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
10:07:05.0748 0x238c Processor - ok
10:07:05.0757 0x238c [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
10:07:05.0772 0x238c ProfSvc - ok
10:07:05.0775 0x238c [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] ProtectedStorage C:\Windows\system32\lsass.exe
10:07:05.0786 0x238c ProtectedStorage - ok
10:07:05.0792 0x238c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:07:05.0819 0x238c Psched - ok
10:07:05.0873 0x238c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
10:07:05.0910 0x238c ql2300 - ok
10:07:05.0919 0x238c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
10:07:05.0930 0x238c ql40xx - ok
10:07:05.0940 0x238c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
10:07:05.0958 0x238c QWAVE - ok
10:07:05.0961 0x238c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:07:05.0975 0x238c QWAVEdrv - ok
10:07:05.0979 0x238c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:07:06.0003 0x238c RasAcd - ok
10:07:06.0007 0x238c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:07:06.0033 0x238c RasAgileVpn - ok
10:07:06.0039 0x238c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
10:07:06.0067 0x238c RasAuto - ok
10:07:06.0072 0x238c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:07:06.0097 0x238c Rasl2tp - ok
10:07:06.0111 0x238c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
10:07:06.0142 0x238c RasMan - ok
10:07:06.0148 0x238c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:07:06.0176 0x238c RasPppoe - ok
10:07:06.0180 0x238c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:07:06.0206 0x238c RasSstp - ok
10:07:06.0214 0x238c [ 170C5DE900F60768C380ECD8A812512F, BFD085C32CF25E8261EF4BCFA5903A496785BCDA08037F4EB580BBDEDF42B656 ] Razer Game Scanner Service C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
10:07:06.0224 0x238c Razer Game Scanner Service - ok
10:07:06.0235 0x238c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:07:06.0266 0x238c rdbss - ok
10:07:06.0271 0x238c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:07:06.0284 0x238c rdpbus - ok
10:07:06.0287 0x238c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:07:06.0313 0x238c RDPCDD - ok
10:07:06.0324 0x238c [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
10:07:06.0337 0x238c RDPDR - ok
10:07:06.0340 0x238c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:07:06.0365 0x238c RDPENCDD - ok
10:07:06.0369 0x238c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:07:06.0394 0x238c RDPREFMP - ok
10:07:06.0399 0x238c [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
10:07:06.0412 0x238c RdpVideoMiniport - ok
10:07:06.0422 0x238c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:07:06.0436 0x238c RDPWD - ok
10:07:06.0444 0x238c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:07:06.0457 0x238c rdyboost - ok
10:07:06.0463 0x238c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:07:06.0491 0x238c RemoteAccess - ok
10:07:06.0498 0x238c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:07:06.0527 0x238c RemoteRegistry - ok
10:07:06.0532 0x238c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:07:06.0559 0x238c RpcEptMapper - ok
10:07:06.0563 0x238c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
10:07:06.0575 0x238c RpcLocator - ok
10:07:06.0593 0x238c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
10:07:06.0633 0x238c RpcSs - ok
10:07:06.0637 0x238c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:07:06.0665 0x238c rspndr - ok
10:07:06.0689 0x238c [ 7B486E26DCA97766F3617A395690E76A, DB27C4463BC10BCB6F16E731C897D1BC7A84C33305ABCE7E3F60279EFF28BB7B ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
10:07:06.0714 0x238c RTL8167 - ok
10:07:06.0719 0x238c [ 0C90E6CEA576095888E779E5BD9DD060, 8A13A92D5A8E577E2B919CC879FA8CFA1FAD0A6BFF0CF4FCC59B8E74AB22A673 ] rzpmgrk C:\Windows\system32\drivers\rzpmgrk.sys
10:07:06.0727 0x238c rzpmgrk - ok
10:07:06.0733 0x238c [ 288471F132C7249F598032D03575F083, 9E3430D5E0E93BC4A5DCCC985053912065E65722BFC2EAF431BC1DA91410434C ] rzpnk C:\Windows\system32\drivers\rzpnk.sys
10:07:06.0742 0x238c rzpnk - ok
10:07:06.0746 0x238c [ ED82FB8A5330D728193644D7F136B865, D5D3DFD1934B6EF373C20A346D130EEFFB6B493045B6A89EA2EBDF45B05F5372 ] RZSURROUNDVADService C:\Windows\system32\drivers\RzSurroundVAD.sys
10:07:06.0753 0x238c RZSURROUNDVADService - ok
10:07:06.0847 0x238c [ B31066DAE502765D8F37F5C85DC1AF3D, 8FD105D51EC9D9FA04BAD0B12861B71F004C15453CC749E448B20EBA8C579632 ] RzSurroundVADStreamingService C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
10:07:06.0954 0x238c RzSurroundVADStreamingService - detected UnsignedFile.Multi.Generic ( 1 )
10:07:09.0656 0x238c Detect skipped due to KSN trusted
10:07:09.0657 0x238c RzSurroundVADStreamingService - ok
10:07:09.0667 0x238c [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
10:07:09.0690 0x238c s3cap - ok
10:07:09.0696 0x238c [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] SamSs C:\Windows\system32\lsass.exe
10:07:09.0722 0x238c SamSs - ok
10:07:09.0727 0x238c SANDRA - ok
10:07:09.0734 0x238c SandraAgentSrv - ok
10:07:09.0747 0x238c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:07:09.0763 0x238c sbp2port - ok
10:07:09.0772 0x238c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:07:09.0802 0x238c SCardSvr - ok
10:07:09.0806 0x238c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:07:09.0831 0x238c scfilter - ok
10:07:09.0862 0x238c [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
10:07:09.0908 0x238c Schedule - ok
10:07:09.0914 0x238c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
10:07:09.0940 0x238c SCPolicySvc - ok
10:07:09.0949 0x238c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:07:09.0962 0x238c SDRSVC - ok
10:07:09.0965 0x238c SDScannerService - ok
10:07:09.0968 0x238c SDUpdateService - ok
10:07:09.0972 0x238c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:07:09.0998 0x238c secdrv - ok
10:07:10.0001 0x238c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
10:07:10.0026 0x238c seclogon - ok
10:07:10.0031 0x238c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
10:07:10.0058 0x238c SENS - ok
10:07:10.0062 0x238c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:07:10.0073 0x238c SensrSvc - ok
10:07:10.0076 0x238c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:07:10.0086 0x238c Serenum - ok
10:07:10.0091 0x238c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:07:10.0103 0x238c Serial - ok
10:07:10.0107 0x238c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
10:07:10.0118 0x238c sermouse - ok
10:07:10.0128 0x238c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
10:07:10.0155 0x238c SessionEnv - ok
10:07:10.0158 0x238c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:07:10.0171 0x238c sffdisk - ok
10:07:10.0175 0x238c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:07:10.0187 0x238c sffp_mmc - ok
10:07:10.0190 0x238c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:07:10.0202 0x238c sffp_sd - ok
10:07:10.0206 0x238c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
10:07:10.0217 0x238c sfloppy - ok
10:07:10.0233 0x238c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:07:10.0264 0x238c SharedAccess - ok
10:07:10.0278 0x238c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:07:10.0311 0x238c ShellHWDetection - ok
10:07:10.0315 0x238c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
10:07:10.0325 0x238c SiSRaid2 - ok
10:07:10.0332 0x238c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
10:07:10.0342 0x238c SiSRaid4 - ok
10:07:10.0345 0x238c SkypeUpdate - ok
10:07:10.0352 0x238c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:07:10.0382 0x238c Smb - ok
10:07:10.0386 0x238c [ 678D197CAD249F930B7FDD2AFA4C91B0, 5CE65B8A72225B663534A14BA31DCAB8EA5A7CE9BE05C3A18837FE8B554EF1FA ] SmbDrvI C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
10:07:10.0394 0x238c SmbDrvI - ok
10:07:10.0400 0x238c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:07:10.0412 0x238c SNMPTRAP - ok
10:07:10.0416 0x238c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
10:07:10.0424 0x238c spldr - ok
10:07:10.0441 0x238c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
10:07:10.0467 0x238c Spooler - ok
10:07:10.0560 0x238c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
10:07:10.0653 0x238c sppsvc - ok
10:07:10.0661 0x238c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:07:10.0689 0x238c sppuinotify - ok
10:07:10.0702 0x238c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
10:07:10.0723 0x238c srv - ok
10:07:10.0738 0x238c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:07:10.0759 0x238c srv2 - ok
10:07:10.0767 0x238c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:07:10.0782 0x238c srvnet - ok
10:07:10.0789 0x238c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:07:10.0820 0x238c SSDPSRV - ok
10:07:10.0826 0x238c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:07:10.0854 0x238c SstpSvc - ok
10:07:10.0867 0x238c [ F6D78F5436918952F1CB24BC48DB5B72, DFD6DA8A72D5719A063BAB921B6870B4BDA75DA4D280492F110DF3F99627BDF7 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
10:07:10.0882 0x238c Stereo Service - ok
10:07:10.0886 0x238c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
10:07:10.0895 0x238c stexstor - ok
10:07:10.0911 0x238c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
10:07:10.0938 0x238c stisvc - ok
10:07:10.0943 0x238c [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
10:07:10.0953 0x238c storflt - ok
10:07:10.0956 0x238c [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
10:07:10.0967 0x238c StorSvc - ok
10:07:10.0970 0x238c [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
10:07:10.0981 0x238c storvsc - ok
10:07:10.0984 0x238c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
10:07:10.0992 0x238c swenum - ok
10:07:11.0008 0x238c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
10:07:11.0045 0x238c swprv - ok
10:07:11.0093 0x238c [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
10:07:11.0142 0x238c SysMain - ok
10:07:11.0149 0x238c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:07:11.0166 0x238c TabletInputService - ok
10:07:11.0170 0x238c [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
10:07:11.0180 0x238c tap0901 - ok
10:07:11.0191 0x238c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
10:07:11.0223 0x238c TapiSrv - ok
10:07:11.0228 0x238c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
10:07:11.0256 0x238c TBS - ok
10:07:11.0304 0x238c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:07:11.0360 0x238c Tcpip - ok
10:07:11.0409 0x238c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:07:11.0453 0x238c TCPIP6 - ok
10:07:11.0461 0x238c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:07:11.0471 0x238c tcpipreg - ok
10:07:11.0475 0x238c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:07:11.0486 0x238c TDPIPE - ok
10:07:11.0490 0x238c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:07:11.0499 0x238c TDTCP - ok
10:07:11.0505 0x238c [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:07:11.0517 0x238c tdx - ok
10:07:11.0521 0x238c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
10:07:11.0530 0x238c TermDD - ok
10:07:11.0549 0x238c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
10:07:11.0573 0x238c TermService - ok
10:07:11.0578 0x238c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
10:07:11.0592 0x238c Themes - ok
10:07:11.0597 0x238c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
10:07:11.0623 0x238c THREADORDER - ok
10:07:11.0631 0x238c TIYIXIYEHUDMXJJ - ok
10:07:11.0637 0x238c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
10:07:11.0667 0x238c TrkWks - ok
10:07:11.0675 0x238c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:07:11.0706 0x238c TrustedInstaller - ok
10:07:11.0713 0x238c [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:07:11.0725 0x238c tssecsrv - ok
10:07:11.0729 0x238c [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:07:11.0740 0x238c TsUsbFlt - ok
10:07:11.0744 0x238c [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
10:07:11.0755 0x238c TsUsbGD - ok
10:07:11.0763 0x238c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:07:11.0792 0x238c tunnel - ok
10:07:11.0797 0x238c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
10:07:11.0808 0x238c uagp35 - ok
10:07:11.0818 0x238c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:07:11.0847 0x238c udfs - ok
10:07:11.0855 0x238c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:07:11.0867 0x238c UI0Detect - ok
10:07:11.0873 0x238c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:07:11.0882 0x238c uliagpkx - ok
10:07:11.0886 0x238c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:07:11.0897 0x238c umbus - ok
10:07:11.0901 0x238c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
10:07:11.0912 0x238c UmPass - ok
10:07:11.0921 0x238c [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
10:07:11.0935 0x238c UmRdpService - ok
10:07:11.0949 0x238c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
10:07:11.0982 0x238c upnphost - ok
10:07:11.0986 0x238c [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
10:07:11.0997 0x238c USBAAPL64 - ok
10:07:12.0002 0x238c [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
10:07:12.0015 0x238c usbaudio - ok
10:07:12.0021 0x238c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:07:12.0033 0x238c usbccgp - ok
10:07:12.0038 0x238c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:07:12.0050 0x238c usbcir - ok
10:07:12.0054 0x238c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:07:12.0065 0x238c usbehci - ok
10:07:12.0080 0x238c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:07:12.0096 0x238c usbhub - ok
10:07:12.0100 0x238c [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:07:12.0110 0x238c usbohci - ok
10:07:12.0114 0x238c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:07:12.0127 0x238c usbprint - ok
10:07:12.0131 0x238c [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
10:07:12.0140 0x238c usbscan - ok
10:07:12.0146 0x238c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:07:12.0158 0x238c USBSTOR - ok
10:07:12.0161 0x238c [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:07:12.0172 0x238c usbuhci - ok
10:07:12.0176 0x238c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
10:07:12.0204 0x238c UxSms - ok
10:07:12.0208 0x238c [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] VaultSvc C:\Windows\system32\lsass.exe
10:07:12.0219 0x238c VaultSvc - ok
10:07:12.0222 0x238c [ 3C8E2C591345F38149C69FE8E5DF8C90, 9F4BB9BDA09CB2E99A6A888B288F322AE5C460B5D124CD714C6F00FF5029144B ] VClone C:\Windows\system32\DRIVERS\VClone.sys
10:07:12.0231 0x238c VClone - ok
10:07:12.0235 0x238c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:07:12.0246 0x238c vdrvroot - ok
10:07:12.0263 0x238c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
10:07:12.0298 0x238c vds - ok
10:07:12.0302 0x238c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:07:12.0313 0x238c vga - ok
10:07:12.0317 0x238c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
10:07:12.0343 0x238c VgaSave - ok
10:07:12.0354 0x238c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:07:12.0367 0x238c vhdmp - ok
10:07:12.0371 0x238c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
10:07:12.0379 0x238c viaide - ok
10:07:12.0387 0x238c [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
10:07:12.0399 0x238c vmbus - ok
10:07:12.0403 0x238c [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
10:07:12.0412 0x238c VMBusHID - ok
10:07:12.0417 0x238c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:07:12.0427 0x238c volmgr - ok
10:07:12.0439 0x238c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:07:12.0455 0x238c volmgrx - ok
10:07:12.0466 0x238c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:07:12.0481 0x238c volsnap - ok
10:07:12.0489 0x238c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
10:07:12.0501 0x238c vsmraid - ok
10:07:12.0543 0x238c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
10:07:12.0611 0x238c VSS - ok
10:07:12.0616 0x238c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
10:07:12.0631 0x238c vwifibus - ok
10:07:12.0635 0x238c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:07:12.0650 0x238c vwififlt - ok
10:07:12.0666 0x238c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
10:07:12.0699 0x238c W32Time - ok
10:07:12.0705 0x238c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
10:07:12.0718 0x238c WacomPen - ok
10:07:12.0724 0x238c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:07:12.0751 0x238c WANARP - ok
10:07:12.0756 0x238c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:07:12.0782 0x238c Wanarpv6 - ok
10:07:12.0816 0x238c [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:07:12.0849 0x238c WatAdminSvc - ok
10:07:12.0890 0x238c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
10:07:12.0932 0x238c wbengine - ok
10:07:12.0941 0x238c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:07:12.0959 0x238c WbioSrvc - ok
10:07:12.0973 0x238c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:07:12.0995 0x238c wcncsvc - ok
10:07:12.0998 0x238c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:07:13.0011 0x238c WcsPlugInService - ok
10:07:13.0014 0x238c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
10:07:13.0023 0x238c Wd - ok
10:07:13.0046 0x238c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:07:13.0072 0x238c Wdf01000 - ok
10:07:13.0078 0x238c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:07:13.0092 0x238c WdiServiceHost - ok
10:07:13.0096 0x238c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:07:13.0108 0x238c WdiSystemHost - ok
10:07:13.0118 0x238c [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
10:07:13.0135 0x238c WebClient - ok
10:07:13.0145 0x238c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:07:13.0177 0x238c Wecsvc - ok
10:07:13.0182 0x238c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:07:13.0210 0x238c wercplsupport - ok
10:07:13.0215 0x238c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
10:07:13.0244 0x238c WerSvc - ok
10:07:13.0247 0x238c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:07:13.0272 0x238c WfpLwf - ok
10:07:13.0277 0x238c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:07:13.0287 0x238c WIMMount - ok
10:07:13.0292 0x238c WinHttpAutoProxySvc - ok
10:07:13.0305 0x238c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:07:13.0336 0x238c Winmgmt - ok
10:07:13.0395 0x238c [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
10:07:13.0444 0x238c WinRM - ok
10:07:13.0452 0x238c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\drivers\WinUsb.sys
10:07:13.0464 0x238c WinUsb - ok
10:07:13.0492 0x238c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:07:13.0522 0x238c Wlansvc - ok
10:07:13.0525 0x238c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
10:07:13.0535 0x238c WmiAcpi - ok
10:07:13.0545 0x238c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:07:13.0563 0x238c wmiApSrv - ok
10:07:13.0565 0x238c WMPNetworkSvc - ok
10:07:13.0569 0x238c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:07:13.0579 0x238c WPCSvc - ok
10:07:13.0584 0x238c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:07:13.0605 0x238c WPDBusEnum - ok
10:07:13.0608 0x238c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:07:13.0632 0x238c ws2ifsl - ok
10:07:13.0638 0x238c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
10:07:13.0655 0x238c wscsvc - ok
10:07:13.0657 0x238c WSearch - ok
10:07:13.0719 0x238c [ AA3E844A2595B1AA5825C70CA50D963E, F9C7D64D9563CA5167EC9B0D957473B55C02E9456E041AE2CDA6ABFA9641D176 ] wuauserv C:\Windows\system32\wuaueng.dll
10:07:13.0780 0x238c wuauserv - ok
10:07:13.0788 0x238c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:07:13.0800 0x238c WudfPf - ok
10:07:13.0808 0x238c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:07:13.0821 0x238c WUDFRd - ok
10:07:13.0826 0x238c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:07:13.0838 0x238c wudfsvc - ok
10:07:13.0846 0x238c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
10:07:13.0861 0x238c WwanSvc - ok
10:07:13.0867 0x238c ================ Scan global ===============================
10:07:13.0871 0x238c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:07:13.0879 0x238c [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
10:07:13.0892 0x238c [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
10:07:13.0899 0x238c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:07:13.0910 0x238c [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
10:07:13.0918 0x238c [ Global ] - ok
10:07:13.0918 0x238c ================ Scan MBR ==================================
10:07:13.0920 0x238c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:07:14.0000 0x238c \Device\Harddisk0\DR0 - ok
10:07:14.0003 0x238c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
10:07:14.0300 0x238c \Device\Harddisk1\DR1 - ok
10:07:14.0301 0x238c ================ Scan VBR ==================================
10:07:14.0305 0x238c [ 33733156A27E337CDF94573F1272CB56 ] \Device\Harddisk0\DR0\Partition1
10:07:14.0308 0x238c \Device\Harddisk0\DR0\Partition1 - ok
10:07:14.0311 0x238c [ 36C5122AD787B922111926AF9016640E ] \Device\Harddisk0\DR0\Partition2
10:07:14.0314 0x238c \Device\Harddisk0\DR0\Partition2 - ok
10:07:14.0315 0x238c ================ Scan generic autorun ======================
10:07:14.0406 0x238c [ 463C40BFC0FB8FF59049E2CA78695A40, 8D693A061A19E47CCADEEC844D4ACF59B5CD3CE97452018807884D2ACBEDA7FF ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
10:07:14.0481 0x238c NvBackend - ok
10:07:14.0487 0x238c [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
10:07:14.0501 0x238c ShadowPlay - ok
10:07:14.0857 0x238c [ 3F0B5EBDEB180C073E01A4A2DFA28C12, 0ACE6F70260E17284B8307D0DD0ACC9B59B379A99AE43429AB644B421ADAE8A7 ] C:\Program Files\Logitech Gaming Software\LCore.exe
10:07:14.0932 0x2780 Object required for P2P: [ 23860E0BE05DF15970B9C0A141076080 ] nvlddmkm
10:07:15.0126 0x238c Launch LCore - ok
10:07:15.0439 0x238c [ 08D9600B273D85C4CC5E4D6116E1941A, CB6A3010873F1707165B0EC74BEBB8F39F4E06530319EF509ACB58D497E8F7AE ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
10:07:15.0706 0x238c RTHDVCPL - ok
10:07:15.0753 0x238c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:07:15.0789 0x238c Sidebar - ok
10:07:15.0796 0x238c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:07:15.0811 0x238c mctadmin - ok
10:07:15.0849 0x238c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:07:15.0883 0x238c Sidebar - ok
10:07:15.0889 0x238c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:07:15.0904 0x238c mctadmin - ok
10:07:16.0007 0x238c [ F2AD1B265908797F8A5E21E0312F2F25, 2A6A612F7D52D297385C43E77AD0CD37B28F33ED2AF89098F5E66B812B838A52 ] C:\Users\nunuc\AppData\Local\Akamai\netsession_win.exe
10:07:16.0103 0x238c Akamai NetSession Interface - ok
10:07:16.0130 0x238c [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
10:07:16.0158 0x238c SpybotPostWindows10UpgradeReInstall - detected UnsignedFile.Multi.Generic ( 1 )
10:07:17.0752 0x2780 Object send P2P result: true
10:07:19.0021 0x238c Detect skipped due to KSN trusted
10:07:19.0021 0x238c SpybotPostWindows10UpgradeReInstall - ok
10:07:19.0022 0x238c Waiting for KSN requests completion. In queue: 64
10:07:20.0022 0x238c Waiting for KSN requests completion. In queue: 64
10:07:21.0022 0x238c Waiting for KSN requests completion. In queue: 64
10:07:21.0384 0x23ac Object required for P2P: [ AA3E844A2595B1AA5825C70CA50D963E ] wuauserv
10:07:22.0022 0x238c Waiting for KSN requests completion. In queue: 14
10:07:23.0022 0x238c Waiting for KSN requests completion. In queue: 14
10:07:24.0022 0x238c Waiting for KSN requests completion. In queue: 14
10:07:24.0129 0x23ac Object send P2P result: true
10:07:25.0047 0x238c AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.12.420 ), 0x41000 ( enabled : updated )
10:07:25.0057 0x238c Win FW state via NFP2: enabled ( trusted )
10:07:27.0797 0x238c ============================================================
10:07:27.0797 0x238c Scan finished
10:07:27.0797 0x238c ============================================================
10:07:27.0812 0x224c Detected object count: 0
10:07:27.0812 0x224c Actual detected object count: 0
|
|
24.09.2015, 20:44
| #4 |
| /// the machine /// TB-Ausbilder | Telekom Mail versendet Spam - Delivery Status Notification erhalten hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
25.09.2015, 07:10
| #5 |
| | Telekom Mail versendet Spam - Delivery Status Notification erhalten Hey, Vielen Dank für die schnellen Antworten schonmal Es gab keine Fehlermeldungen, hier der Log. Ich muss heute mit der Telekom reden, da mein Mail Versand komplett gesperrt ist. Nun erhalte ich immer einen Fehlercode sobald ich eine Mail senden möchte. Fehlermeldung : Code:
ATTFilter Ihre E-Mail kann leider nicht versendet werden, da sie als Spam oder Virus eingestuft wurde. Wenn dies nicht zutrifft, senden Sie bitte die Fehlercodes, die Sie unter Details finden, an FPR@RX.T-ONLINE.DE, damit wir die Klassifizierung untersuchen können.
Details
Error-Code: 5.7.0
Message considered as spam or virus, rejected / Your IP: 172.20.102.139
Mailhost: fwd05.aul.t-online.de
Timestamp: 2015-09-25T06:09:37Z
Expurgate-ID: 150726::1443161377-000012A5-FC81F65C/0-17697734582/0-10
Authenticator: 4CA1C041DC5EB8D8175BE3F6508946ACF33A834EB432BD4BA54FCF46CDD90C3D3942A6A2
Your message has been rejected due to spam or virus classification.
If you feel this is inapplicable, please report the above error codes
back to FPR@RX.T-ONLINE.DE to help us fix possible misclassification.
We apologize for any inconvenience and thank you for your assistance!
Die Annahme Ihrer Nachricht wurde abgelehnt, da sie als Spam oder
Virus eingestuft wurde. Sollten Sie dies als unzutreffend ansehen,
senden Sie bitte obige Fehlercodes an FPR@RX.T-ONLINE.DE, damit wir
die Klassifizierung untersuchen können. Wir entschuldigen uns für
etwaige Unannehmlichkeiten und bedanken uns für Ihre Unterstuetzung!
Code:
ATTFilter ComboFix 15-09-21.01 - nunuc 25.09.2015 7:52.1.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.12279.10347 [GMT 2:00]
ausgeführt von:: c:\users\nunuc\Desktop\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Antivirus *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\nunuc\AppData\Local\._LiveCode_
c:\users\nunuc\AppData\Local\Temp\0KrakenDevProps.dll
c:\users\nunuc\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\windows\SysWow64\DEBUG.log
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-08-25 bis 2015-09-25 ))))))))))))))))))))))))))))))
.
.
2015-09-24 06:29 . 2015-09-24 06:30 -------- d-----w- C:\FRST
2015-09-23 16:50 . 2015-09-23 16:50 -------- d-----w- c:\program files (x86)\WestwoodOnline
2015-09-23 11:01 . 2015-09-23 11:01 -------- d-----w- c:\programdata\Kaspersky Lab Setup Files
2015-09-23 06:34 . 2015-09-24 07:52 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-09-23 06:34 . 2015-09-23 06:34 -------- d-----w- c:\program files (x86)\ Malwarebytes Anti-Malware
2015-09-23 06:34 . 2015-06-18 06:41 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-09-23 06:34 . 2015-06-18 06:41 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-09-23 06:23 . 2015-09-23 06:34 -------- d-----w- c:\programdata\Malwarebytes
2015-09-23 06:22 . 2015-09-24 08:05 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-09-23 06:22 . 2015-09-24 07:53 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-09-23 06:05 . 2015-09-23 06:05 -------- d-----w- c:\users\nunuc\AppData\Roaming\QuickScan
2015-09-20 08:45 . 2015-09-20 08:45 -------- d-----w- c:\program files\Common Files\AV
2015-09-14 07:54 . 2015-09-14 07:54 -------- d-----w- c:\program files (x86)\Skype
2015-09-14 07:54 . 2015-09-14 07:54 -------- d-----w- c:\program files (x86)\Common Files\Skype
2015-09-13 08:43 . 2015-09-13 08:43 76152 ----a-w- c:\windows\system32\PnkBstrA.exe
2015-09-12 17:09 . 2015-09-12 17:09 -------- d-----w- c:\users\nunuc\AppData\Local\ESN
2015-09-11 16:16 . 2011-04-11 15:35 1579520 ----a-w- c:\windows\system32\drivers\athrx.sys
2015-09-11 16:16 . 2011-04-11 15:35 1579520 ----a-w- c:\windows\system32\athrx.sys
2015-09-11 16:15 . 2015-09-11 16:16 -------- d-----w- C:\temp
2015-09-10 14:32 . 2015-09-10 14:32 -------- d-----w- c:\programdata\PopCap Games
2015-09-10 14:32 . 2015-09-10 14:32 -------- d-----w- c:\programdata\EA Core
2015-09-10 14:32 . 2015-09-10 14:32 -------- d-----w- c:\programdata\EA Logs
2015-09-10 14:23 . 2015-09-10 14:23 -------- d-----w- c:\users\nunuc\AppData\Local\Ubisoft
2015-09-04 19:45 . 2015-09-14 08:43 -------- d-----w- c:\users\nunuc\AppData\Roaming\NVIDIA
2015-09-03 14:06 . 2015-09-03 14:06 -------- d-----w- c:\program files\DIFX
2015-09-03 14:06 . 2009-07-29 18:26 614000 ----a-w- c:\windows\system32\jmccgpInst.dll
2015-09-03 14:06 . 2009-07-29 18:26 17136 ----a-w- c:\windows\system32\drivers\jmccgp.sys
2015-09-03 14:06 . 2010-09-07 02:37 121432 ----a-w- c:\windows\system32\drivers\jraid.sys
2015-09-03 14:06 . 2015-04-23 19:19 65248 ----a-w- c:\windows\system32\drivers\amdkmpfd.sys
2015-09-03 14:06 . 2015-07-15 15:20 31552 ----a-w- c:\windows\system32\nvhdap64.dll
2015-09-03 14:06 . 2015-07-15 15:20 195912 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2015-09-03 14:03 . 2015-09-03 14:04 -------- d-----w- c:\programdata\BSD
2015-09-02 15:25 . 2015-09-02 15:25 -------- d-----w- c:\program files\CCleaner
2015-09-02 12:16 . 2015-08-11 04:52 69416 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2015-09-02 12:16 . 2015-08-11 04:52 50472 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2015-08-31 11:56 . 2015-08-31 11:56 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-08-31 11:55 . 2015-08-31 11:55 -------- d-----w- c:\users\nunuc\.oracle_jre_usage
2015-08-31 11:32 . 2015-07-15 18:15 5568960 ----a-w- c:\windows\system32\dG5XucIXHTsYgekuS.exe
2015-08-31 11:32 . 2014-10-31 23:24 619056 ----a-w- c:\windows\system32\ECHOUoP39ABAwawqOw2K.exe
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-09-24 23:55 . 2015-08-16 08:22 74952 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2015-09-24 23:55 . 2015-08-16 08:22 163544 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2015-09-21 21:10 . 2014-10-27 16:53 780488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-09-21 21:10 . 2014-10-27 16:53 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-09-13 08:43 . 2014-11-29 21:28 226168 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2015-09-13 08:34 . 2014-11-29 21:28 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2015-09-12 16:58 . 2014-11-29 21:28 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2015-08-31 11:55 . 2015-06-17 06:30 97888 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-08-27 00:37 . 2014-10-27 16:11 1423120 ----a-w- c:\windows\SysWow64\nvspcap.dll
2015-08-27 00:37 . 2014-10-27 16:11 1316000 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-08-27 00:36 . 2014-10-27 16:11 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-08-27 00:36 . 2014-10-27 16:11 1710568 ----a-w- c:\windows\system32\nvspcap64.dll
2015-08-26 13:12 . 2015-08-08 17:08 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2015-08-11 04:52 . 2014-10-27 16:07 72504 ----a-w- c:\windows\system32\nvaudcap64v.dll
2015-08-07 14:54 . 2015-08-07 14:54 90112 ----a-w- c:\windows\SysWow64\rzdevinfo.dll
2015-08-07 11:06 . 2015-08-16 08:13 985208 ----a-w- c:\windows\SysWow64\NvIFR.dll
2015-08-07 11:06 . 2015-08-16 08:13 942688 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2015-08-07 11:06 . 2015-08-16 08:13 931448 ----a-w- c:\windows\SysWow64\NvFBC.dll
2015-08-07 11:06 . 2015-08-16 08:13 512720 ----a-w- c:\windows\system32\nvEncodeAPI64.dll
2015-08-07 11:06 . 2015-08-16 08:13 42840184 ----a-w- c:\windows\system32\nvcompiler.dll
2015-08-07 11:06 . 2015-08-16 08:13 421544 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll
2015-08-07 11:06 . 2015-08-16 08:13 408184 ----a-w- c:\windows\system32\NvIFROpenGL.dll
2015-08-07 11:06 . 2015-08-16 08:13 37819000 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2015-08-07 11:06 . 2015-08-16 08:13 364152 ----a-w- c:\windows\SysWow64\NvIFROpenGL.dll
2015-08-07 11:06 . 2015-08-16 08:13 2937648 ----a-w- c:\windows\system32\nvcuvid.dll
2015-08-07 11:06 . 2015-08-16 08:13 2624816 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2015-08-07 11:06 . 2015-08-16 08:13 22520624 ----a-w- c:\windows\system32\nvoglv64.dll
2015-08-07 11:06 . 2015-08-16 08:13 1898104 ----a-w- c:\windows\system32\nvdispco6435560.dll
2015-08-07 11:06 . 2015-08-16 08:13 18540336 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2015-08-07 11:06 . 2015-08-16 08:13 177088 ----a-w- c:\windows\system32\nvinitx.dll
2015-08-07 11:06 . 2015-08-16 08:13 16630096 ----a-w- c:\windows\system32\nvopencl.dll
2015-08-07 11:06 . 2015-08-16 08:13 1558832 ----a-w- c:\windows\system32\nvdispgenco6435560.dll
2015-08-07 11:06 . 2015-08-16 08:13 155792 ----a-w- c:\windows\SysWow64\nvinit.dll
2015-08-07 11:06 . 2015-08-16 08:13 150648 ----a-w- c:\windows\system32\nvoglshim64.dll
2015-08-07 11:06 . 2015-08-16 08:13 14928048 ----a-w- c:\windows\system32\nvcuda.dll
2015-08-07 11:06 . 2015-08-16 08:13 13656016 ----a-w- c:\windows\SysWow64\nvopencl.dll
2015-08-07 11:06 . 2015-08-16 08:13 128512 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2015-08-07 11:06 . 2015-08-16 08:13 12179496 ----a-w- c:\windows\SysWow64\nvcuda.dll
2015-08-07 11:06 . 2015-08-16 08:13 11076216 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2015-08-07 11:06 . 2015-08-16 08:13 1104440 ----a-w- c:\windows\system32\nvumdshimx.dll
2015-08-07 11:06 . 2015-08-16 08:13 1063216 ----a-w- c:\windows\system32\NvIFR64.dll
2015-08-07 11:06 . 2015-08-16 08:13 1059960 ----a-w- c:\windows\system32\NvFBC64.dll
2015-08-07 11:06 . 2015-08-16 07:24 112760 ----a-w- c:\windows\system32\OpenCL.dll
2015-08-07 11:06 . 2015-08-16 07:24 105080 ----a-w- c:\windows\SysWow64\OpenCL.dll
2015-08-07 11:06 . 2015-06-22 13:16 17124832 ----a-w- c:\windows\system32\nvwgf2umx.dll
2015-08-07 11:06 . 2015-06-22 13:16 15510112 ----a-w- c:\windows\system32\nvd3dumx.dll
2015-08-07 11:06 . 2015-06-22 13:16 14673920 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2015-08-07 11:06 . 2015-06-22 13:16 3518248 ----a-w- c:\windows\system32\nvapi64.dll
2015-08-07 11:06 . 2015-06-22 13:16 3106384 ----a-w- c:\windows\SysWow64\nvapi.dll
2015-08-07 11:06 . 2015-06-22 13:16 12513288 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-08-07 04:34 . 2014-10-27 16:11 937592 ----a-w- c:\windows\system32\nvvsvc.exe
2015-08-07 04:34 . 2014-10-27 16:11 62768 ----a-w- c:\windows\system32\nvshext.dll
2015-08-07 04:34 . 2014-10-27 16:11 2558768 ----a-w- c:\windows\system32\nvsvcr.dll
2015-08-07 04:34 . 2014-10-27 16:11 385328 ----a-w- c:\windows\system32\nvmctray.dll
2015-08-07 04:34 . 2014-10-27 16:11 6883448 ----a-w- c:\windows\system32\nvcpl.dll
2015-08-07 04:34 . 2014-10-27 16:11 3492144 ----a-w- c:\windows\system32\nvsvc64.dll
2015-08-07 04:22 . 2015-08-16 08:14 573048 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2015-08-03 10:12 . 2014-10-27 16:11 5133709 ----a-w- c:\windows\system32\nvcoproc.bin
2015-07-29 01:09 . 2015-07-29 01:09 69632 ----a-w- c:\windows\system32\DriverInstallCA.dll
2015-07-29 01:09 . 2015-07-29 01:09 245760 ----a-w- c:\windows\system32\DriverInstallCACMD.exe
2015-07-29 01:09 . 2015-07-29 01:09 40640 ----a-w- c:\windows\system32\drivers\RzSurroundVAD.sys
2015-07-29 01:09 . 2015-07-29 01:09 136704 ----a-w- c:\windows\SysWow64\RzVAD.dll
2015-07-15 18:15 . 2015-08-25 15:21 5568960 ----a-w- c:\windows\system32\LswfWECHOZYtfdE8KaPW.exe
2015-07-15 15:20 . 2015-01-24 09:23 1558848 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2015-07-15 06:37 . 2015-08-16 08:22 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2015-07-15 06:37 . 2015-08-16 08:22 141416 ----a-w- c:\windows\system32\drivers\avipbb.sys
2015-07-15 03:19 . 2015-07-21 04:55 41984 ----a-w- c:\windows\system32\lpk.dll
2015-07-15 03:19 . 2015-07-21 04:55 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-07-15 03:19 . 2015-07-21 04:55 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-07-15 03:19 . 2015-07-21 04:55 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-07-15 02:55 . 2015-07-21 04:55 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-07-15 02:55 . 2015-07-21 04:55 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-07-15 02:55 . 2015-07-21 04:55 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-07-15 02:54 . 2015-07-21 04:55 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-07-15 01:59 . 2015-07-21 04:55 372224 ----a-w- c:\windows\system32\atmfd.dll
2015-07-15 01:52 . 2015-07-21 04:55 299008 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-07-09 17:59 . 2015-07-15 19:28 17856 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-07-09 17:58 . 2015-07-15 19:28 37888 ----a-w- c:\windows\system32\wups2.dll
2015-07-09 17:58 . 2015-07-15 19:28 36864 ----a-w- c:\windows\system32\wups.dll
2015-07-09 17:58 . 2015-07-15 19:28 192000 ----a-w- c:\windows\system32\wuwebv.dll
2015-07-09 17:58 . 2015-07-15 19:28 98304 ----a-w- c:\windows\system32\wudriver.dll
2015-07-09 17:58 . 2015-07-15 19:28 696320 ----a-w- c:\windows\system32\wuapi.dll
2015-07-09 17:58 . 2015-07-15 19:28 3154944 ----a-w- c:\windows\system32\wucltux.dll
2015-07-09 17:58 . 2015-07-15 19:28 2603008 ----a-w- c:\windows\system32\wuaueng.dll
2015-07-09 17:58 . 2015-07-15 19:28 726528 ----a-w- c:\windows\system32\generaltel.dll
2015-07-09 17:58 . 2015-07-15 19:28 91136 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-07-09 17:58 . 2015-07-15 19:28 765440 ----a-w- c:\windows\system32\invagent.dll
2015-07-09 17:58 . 2015-07-15 19:28 433664 ----a-w- c:\windows\system32\devinv.dll
2015-07-09 17:58 . 2015-07-15 19:28 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-07-09 17:58 . 2015-07-15 19:28 1085440 ----a-w- c:\windows\system32\appraiser.dll
2015-07-09 17:58 . 2015-07-15 19:28 67584 ----a-w- c:\windows\system32\acmigration.dll
2015-07-09 17:58 . 2015-07-15 19:28 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-07-09 17:58 . 2015-07-15 19:28 37376 ----a-w- c:\windows\system32\wuapp.exe
2015-07-09 17:58 . 2015-07-15 19:28 139776 ----a-w- c:\windows\system32\wuauclt.exe
2015-07-09 17:50 . 2015-07-15 19:28 1145856 ----a-w- c:\windows\system32\aeinv.dll
2015-07-09 17:43 . 2015-07-15 19:28 93184 ----a-w- c:\windows\SysWow64\wudriver.dll
2015-07-09 17:43 . 2015-07-15 19:28 30208 ----a-w- c:\windows\SysWow64\wups.dll
2015-07-09 17:43 . 2015-07-15 19:28 173056 ----a-w- c:\windows\SysWow64\wuwebv.dll
2015-07-09 17:43 . 2015-07-15 19:28 566784 ----a-w- c:\windows\SysWow64\wuapi.dll
2015-07-09 17:42 . 2015-07-15 19:28 34816 ----a-w- c:\windows\SysWow64\wuapp.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\nunuc\AppData\Local\Akamai\netsession_win.exe" [2015-09-10 4691384]
"SpybotPostWindows10UpgradeReInstall"="c:\program files\Common Files\AV\Spybot - Search and Destroy\Test.exe" [2015-07-28 1011200]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2015-08-11 593216]
"KrakenLauncher"="c:\program files (x86)\Razer\Razer_Kraken_Driver\Drivers\SysAudio\KrakenHelper.exe" [2015-02-03 1599808]
"Avira SystrayStartTrigger"="c:\program files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe" [2015-08-13 66936]
"avgnt"="c:\program files (x86)\Avira\Antivirus\avgnt.exe" [2015-09-24 782520]
"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2015-07-22 896632]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-08-04 597552]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
R2 AntiVirMailService;Avira Email-Schutz;c:\program files (x86)\Avira\Antivirus\avmailc7.exe;c:\program files (x86)\Avira\Antivirus\avmailc7.exe [x]
R2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\Antivirus\avwebg7.exe;c:\program files (x86)\Avira\Antivirus\avwebg7.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;e:\programme\Updater\Updater.exe;e:\programme\Updater\Updater.exe [x]
R3 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R3 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
R3 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
R3 CFCOGJUTSSHKETKV;CFCOGJUTSSHKETKV;c:\windows\TEMP\CFCOGJUTSSHKETKV;c:\windows\TEMP\CFCOGJUTSSHKETKV [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\windows\system32\EasyAntiCheat.exe;c:\windows\SYSNATIVE\EasyAntiCheat.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 Origin Client Service;Origin Client Service;g:\gamez!\Origin\OriginClientService.exe;g:\gamez!\Origin\OriginClientService.exe [x]
R3 PDF Architect 2;PDF Architect 2;c:\program files (x86)\PDF Architect 2\ws.exe;c:\program files (x86)\PDF Architect 2\ws.exe [x]
R3 pdfforge CrashHandler;pdfforge CrashHandler;c:\program files (x86)\PDF Architect 2\crash-handler-ws.exe;c:\program files (x86)\PDF Architect 2\crash-handler-ws.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;e:\programme\SiSoftware Sandra Lite 2015.SP2b\RpcAgentSrv.exe;e:\programme\SiSoftware Sandra Lite 2015.SP2b\RpcAgentSrv.exe [x]
R3 SDScannerService;Spybot-S&D 2 Scanner Service;e:\programme\Spybot - Search & Destroy 2\SDFSSvc.exe;e:\programme\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
R3 SDUpdateService;Spybot-S&D 2 Updating Service;e:\programme\Spybot - Search & Destroy 2\SDUpdSvc.exe;e:\programme\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
R3 TIYIXIYEHUDMXJJ;TIYIXIYEHUDMXJJ;c:\windows\TEMP\TIYIXIYEHUDMXJJ;c:\windows\TEMP\TIYIXIYEHUDMXJJ [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys;c:\windows\SYSNATIVE\DRIVERS\amdkmpfd.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S2 AAV UpdateService;AAV UpdateService;c:\program files (x86)\Lexware\AAVUpdateManager\aavus.exe;c:\program files (x86)\Lexware\AAVUpdateManager\aavus.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\Antivirus\sched.exe;c:\program files (x86)\Avira\Antivirus\sched.exe [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 Avira.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 DevoloNetworkService;devolo Network Service;c:\program files (x86)\devolo\dlan\devolonetsvc.exe;c:\program files (x86)\devolo\dlan\devolonetsvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 NPF_devolo;NetGroup Packet Filter Driver (devolo);c:\windows\sysWOW64\drivers\npf_devolo.sys;c:\windows\sysWOW64\drivers\npf_devolo.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 Razer Game Scanner Service;Razer Game Scanner;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [x]
S2 rzpmgrk;rzpmgrk;c:\windows\system32\drivers\rzpmgrk.sys;c:\windows\SYSNATIVE\drivers\rzpmgrk.sys [x]
S2 rzpnk;rzpnk;c:\windows\system32\drivers\rzpnk.sys;c:\windows\SYSNATIVE\drivers\rzpnk.sys [x]
S2 RzSurroundVADStreamingService;RzSurroundVADStreamingService;c:\programdata\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe;c:\programdata\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 JmUsbCcgp;JMicron USB Composite Device Lower Filter Driver;c:\windows\system32\DRIVERS\jmccgp.sys;c:\windows\SYSNATIVE\DRIVERS\jmccgp.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RZSURROUNDVADService;Razer Surround Audio Service;c:\windows\system32\drivers\RzSurroundVAD.sys;c:\windows\SYSNATIVE\drivers\RzSurroundVAD.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2015-09-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-27 21:10]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-08-27 2634872]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-08-27 1710568]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2015-03-12 13318424]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2015-05-25 13876952]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mSearch Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>
IE: {{c0e8ae32-0758-4c8d-ab71-23b361fe8964} - c:\users\nunuc\AppData\Local\Temp\ie_script.htm
IE: {{d8f67242-b229-4065-95fa-391b077ed6ca} - {d8f67242-b229-4065-95fa-391b077ed6ca} - mscoree.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
Handler: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - c:\windows\System32\mscoree.dll
FF - ProfilePath - c:\users\nunuc\AppData\Roaming\Mozilla\Firefox\Profiles\8ga7h27d.default-1422721195637\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Notify-SDWinLogon - SDWinLogon.dll
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\CFCOGJUTSSHKETKV]
"ImagePath"="\??\c:\windows\TEMP\CFCOGJUTSSHKETKV"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\TIYIXIYEHUDMXJJ]
"ImagePath"="\??\c:\windows\TEMP\TIYIXIYEHUDMXJJ"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3e,13,6b,df,36,b2,23,41,9b,91,dd,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,3e,13,6b,df,36,b2,23,41,9b,91,dd,\
.
[HKEY_LOCAL_MACHINE\software\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_185_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_185_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_185_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_185_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_185.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.19"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_185.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_185.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_185.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\Antivirus\avguard.exe
c:\windows\system32\PnkBstrA.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-09-25 08:04:04 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2015-09-25 06:04
.
Vor Suchlauf: 15 Verzeichnis(se), 29.247.012.864 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 29.004.443.648 Bytes frei
.
- - End Of File - - B5B0D35DFEB9F01584FA60BE43976D53
A36C5E4F47E84449FF07ED3517B43A31
|
|
25.09.2015, 18:16
| #6 |
| /// the machine /// TB-Ausbilder | Telekom Mail versendet Spam - Delivery Status Notification erhalten Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Telekom Mail versendet Spam - Delivery Status Notification erhalten |
|
25.09.2015, 19:28
| #7 |
| | Telekom Mail versendet Spam - Delivery Status Notification erhalten Malwarebytes Anti-Malware Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 25.09.2015 Suchlaufzeit: 20:07 Protokolldatei: mbam.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.09.25.03 Rootkit-Datenbank: v2015.09.22.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: nunuc Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 394973 Abgelaufene Zeit: 8 Min., 4 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v5.008 - Bericht erstellt am 25/09/2015 um 20:19:24
# Aktualisiert am 18/09/2015 von Xplode
# Datenbank : 2015-09-23.1 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : nunuc - NUNUC-PC
# Gestartet von : C:\Users\nunuc\Desktop\AdwCleaner_5.008.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ Verknüpfungen ] *****
***** [ Geplante Tasks ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
*************************
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [794 Bytes] ##########
JRT Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.3 (09.21.2015:1)
OS: Windows 7 Professional x64
Ran by nunuc on 25.09.2015 at 20:22:22,75
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
~~~ Files
~~~ Folders
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.09.2015 at 20:24:24,61
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015
durchgeführt von nunuc (Administrator) auf NUNUC-PC (25-09-2015 20:24:58)
Gestartet von C:\Users\nunuc\Desktop
Geladene Profile: nunuc (Verfügbare Profile: nunuc)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-03-12] (Logitech Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2015-05-25] (Realtek Semiconductor)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [593216 2015-08-11] (Razer Inc.)
HKLM-x32\...\Run: [KrakenLauncher] => C:\Program Files (x86)\Razer\Razer_Kraken_Driver\Drivers\SysAudio\KrakenHelper.exe [1599808 2015-02-03] (Razer Inc)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66936 2015-08-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782520 2015-09-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [896632 2015-07-22] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2403208828-1726898586-2912756724-1000\...\Run: [Akamai NetSession Interface] => C:\Users\nunuc\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2403208828-1726898586-2912756724-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKU\S-1-5-21-2403208828-1726898586-2912756724-1000\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 07 C:\Windows\SysWOW64\PrxerNsp.dll [56424 2014-10-27] ()
Winsock: Catalog5-x64 07 C:\Windows\system32\PrxerNsp.dll [57448 2014-10-27] ()
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{944EE6F6-5E54-4262-A1C0-FDEBC3062000}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2403208828-1726898586-2912756724-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-31] (Oracle Corporation)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-31] (Oracle Corporation)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\nunuc\AppData\Roaming\Mozilla\Firefox\Profiles\8ga7h27d.default-1422721195637
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-21] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2014-11-26] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-21] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-31] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2014-11-26] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-2403208828-1726898586-2912756724-1000: @hola.org/vlc,version=1.8.103 -> C:\Users\nunuc\AppData\Local\Hola\firefox\app\vlc Keine Datei
FF Extension: flash service plus - C:\Users\nunuc\AppData\Roaming\Mozilla\Firefox\Profiles\8ga7h27d.default-1422721195637\Extensions\{bc3bf693-8105-4984-aceb-f016e61280b7}.xpi [2015-06-27]
FF Extension: Adblock Plus - C:\Users\nunuc\AppData\Roaming\Mozilla\Firefox\Profiles\8ga7h27d.default-1422721195637\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-15]
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2015-06-03]
FF HKU\S-1-5-21-2403208828-1726898586-2912756724-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\nunuc\AppData\Roaming\Mozilla\Firefox\Profiles\po6pma7g.default\extensions\cliqz@cliqz.com
Chrome:
=======
CHR dev: Chrome dev build erkannt! <======= ACHTUNG
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
StartMenuInternet: (HKLM) OperaStable - E:\Programme\Launcher.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AAV UpdateService; C:\Program Files (x86)\Lexware\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [932912 2015-09-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-09-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-09-25] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1148688 2015-09-25] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [228104 2015-08-13] (Avira Operations GmbH & Co. KG)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.)
S2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3755976 2015-07-01] (devolo AG)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [175136 2014-09-30] (EasyAntiCheat Ltd)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3493744 2015-01-13] (INCA Internet Co., Ltd.)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
S3 Origin Client Service; G:\Gamez!\Origin\OriginClientService.exe [2057736 2015-09-02] (Electronic Arts)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
S2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-09-13] ()
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-09-12] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-06-23] ()
R2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4254720 2015-07-29] (A-Volute) [Datei ist nicht signiert]
S3 SandraAgentSrv; E:\Programme\SiSoftware Sandra Lite 2015.SP2b\RpcAgentSrv.exe [73200 2015-07-06] (SiSoftware) [Datei ist nicht signiert]
S3 SDScannerService; E:\Programme\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S3 SDUpdateService; E:\Programme\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S2 SkypeUpdate; E:\Programme\Updater\Updater.exe [327296 2015-07-09] (Skype Technologies)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [65248 2015-04-23] (Advanced Micro Devices, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-09-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-07-15] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [74952 2015-09-25] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-05-25] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R3 JmUsbCcgp; C:\Windows\System32\DRIVERS\jmccgp.sys [17136 2009-07-29] (JMicron Technology Corp.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2015-07-01] (CACE Technologies)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129472 2015-06-27] (Razer, Inc.)
R3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [40640 2015-07-29] (Windows (R) Win 7 DDK provider)
S3 SANDRA; E:\Programme\SiSoftware Sandra Lite 2015.SP2b\WNt600x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2015-05-25] (Synaptics Incorporated)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 CFCOGJUTSSHKETKV; \??\C:\Windows\TEMP\CFCOGJUTSSHKETKV [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 TIYIXIYEHUDMXJJ; \??\C:\Windows\TEMP\TIYIXIYEHUDMXJJ [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-25 20:24 - 2015-09-25 20:25 - 00020376 _____ C:\Users\nunuc\Desktop\FRST.txt
2015-09-25 20:24 - 2015-09-25 20:24 - 00000709 _____ C:\Users\nunuc\Desktop\JRT.txt
2015-09-25 20:20 - 2015-09-25 20:20 - 00000872 _____ C:\Users\nunuc\Desktop\AdwCleaner[C3].txt
2015-09-25 20:17 - 2015-09-25 20:17 - 00001208 _____ C:\Users\nunuc\Desktop\mbam.txt
2015-09-25 20:16 - 2015-09-25 20:16 - 00001208 _____ C:\mbam.txt
2015-09-25 20:05 - 2015-09-25 20:05 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-09-25 20:04 - 2015-09-25 20:04 - 01798976 _____ (Malwarebytes) C:\Users\nunuc\Desktop\JRT.exe
2015-09-25 20:03 - 2015-09-25 20:04 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\nunuc\Desktop\mbam-setup-2.1.8.1057.exe
2015-09-25 20:03 - 2015-09-25 20:04 - 01662976 _____ C:\Users\nunuc\Desktop\AdwCleaner_5.008.exe
2015-09-25 08:04 - 2015-09-25 08:04 - 00038390 _____ C:\ComboFix.txt
2015-09-25 07:51 - 2015-09-25 08:04 - 00000000 ____D C:\Qoobox
2015-09-25 07:51 - 2015-09-25 08:03 - 00000000 ____D C:\Windows\erdnt
2015-09-25 07:51 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-09-25 07:51 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-09-25 07:51 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-09-25 07:51 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-09-25 07:51 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-09-25 07:51 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-09-25 07:51 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-09-25 07:51 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-09-24 09:06 - 2015-09-24 09:16 - 00000000 ____D C:\Users\nunuc\Documents\FIFA 16
2015-09-24 08:29 - 2015-09-25 20:24 - 00000000 ____D C:\FRST
2015-09-24 08:06 - 2015-09-24 08:06 - 02192384 _____ (Farbar) C:\Users\nunuc\Desktop\FRST64.exe
2015-09-23 18:50 - 2015-09-23 18:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Westwood Online
2015-09-23 18:50 - 2015-09-23 18:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Command and Conquer Red Alert 2
2015-09-23 18:50 - 2015-09-23 18:50 - 00000000 ____D C:\Program Files (x86)\WestwoodOnline
2015-09-23 15:53 - 2015-09-23 15:53 - 00249946 _____ C:\Users\nunuc\Desktop\bookmarks23092015.html
2015-09-23 15:53 - 2015-09-23 15:53 - 00100269 _____ C:\Users\nunuc\Desktop\bookmarks-2015-09-23.json
2015-09-23 15:47 - 2015-09-23 15:50 - 00000000 ____D C:\Users\nunuc\Desktop\Neuer PC
2015-09-23 13:01 - 2015-09-23 13:01 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2015-09-23 08:34 - 2015-09-25 20:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-09-23 08:34 - 2015-09-25 20:05 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-09-23 08:34 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-09-23 08:34 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-09-23 08:34 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-09-23 08:23 - 2015-09-23 08:34 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-23 08:22 - 2015-09-25 20:17 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-23 08:22 - 2015-09-24 10:05 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-09-23 08:05 - 2015-09-23 08:05 - 00000000 ____D C:\Users\nunuc\AppData\Roaming\QuickScan
2015-09-22 22:00 - 2015-09-22 22:00 - 00000669 _____ C:\Users\Public\Desktop\FIFA 16.lnk
2015-09-22 22:00 - 2015-09-22 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 16
2015-09-21 08:26 - 2015-09-21 08:26 - 00000000 ____D C:\Users\nunuc\Desktop\trophy
2015-09-20 10:45 - 2015-09-20 10:45 - 00000000 ____D C:\Program Files\Common Files\AV
2015-09-14 10:42 - 2015-07-04 11:29 - 14548992 _____ C:\Users\nunuc\AppData\Roaming\Sandra.mdb
2015-09-14 10:41 - 2015-09-14 10:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware
2015-09-14 09:54 - 2015-09-14 09:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-14 09:54 - 2015-09-14 09:54 - 00000000 ____D C:\Program Files (x86)\Skype
2015-09-13 17:25 - 2015-09-25 07:57 - 00002722 _____ C:\Windows\PFRO.log
2015-09-13 10:43 - 2015-09-13 10:43 - 00076152 _____ C:\Windows\system32\PnkBstrA.exe
2015-09-12 19:09 - 2015-09-12 19:09 - 00000000 ____D C:\Users\nunuc\AppData\Local\ESN
2015-09-12 18:58 - 2015-09-12 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4
2015-09-12 18:57 - 2015-09-23 18:50 - 00036946 _____ C:\Windows\DirectX.log
2015-09-11 18:16 - 2015-09-11 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
2015-09-11 18:16 - 2011-09-09 11:28 - 00007748 _____ C:\Windows\system32\athrextx.cat
2015-09-11 18:16 - 2011-04-11 17:35 - 01579520 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys
2015-09-11 18:16 - 2011-04-11 17:35 - 01579520 _____ (Atheros Communications, Inc.) C:\Windows\system32\athrx.sys
2015-09-11 18:15 - 2015-09-11 18:16 - 00000000 ____D C:\temp
2015-09-10 17:14 - 2015-09-10 17:14 - 00000000 ____D C:\Users\nunuc\Documents\SimCity
2015-09-10 17:11 - 2015-09-10 17:11 - 00000776 _____ C:\Users\Public\Desktop\SimCity™.lnk
2015-09-10 17:11 - 2015-09-10 17:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™
2015-09-10 16:32 - 2015-09-10 16:32 - 00000000 ____D C:\ProgramData\PopCap Games
2015-09-10 16:32 - 2015-09-10 16:32 - 00000000 ____D C:\ProgramData\EA Core
2015-09-10 16:23 - 2015-09-10 16:23 - 00000000 ____D C:\Users\nunuc\AppData\Local\Ubisoft
2015-09-04 21:45 - 2015-09-14 10:43 - 00000000 ____D C:\Users\nunuc\AppData\Roaming\NVIDIA
2015-09-03 16:06 - 2015-09-03 16:09 - 00007564 _____ C:\Windows\DPINST.LOG
2015-09-03 16:06 - 2015-09-03 16:06 - 00000000 ____D C:\Program Files\DIFX
2015-09-03 16:06 - 2015-07-15 17:20 - 00195912 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-09-03 16:06 - 2015-07-15 17:20 - 00031552 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-09-03 16:06 - 2015-04-23 21:19 - 00065248 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdkmpfd.sys
2015-09-03 16:06 - 2010-09-07 04:37 - 00121432 _____ (JMicron Technology Corp.) C:\Windows\system32\Drivers\jraid.sys
2015-09-03 16:06 - 2009-07-29 20:26 - 00614000 _____ (JMicron Technology Corp.) C:\Windows\system32\jmccgpInst.dll
2015-09-03 16:06 - 2009-07-29 20:26 - 00017136 _____ (JMicron Technology Corp.) C:\Windows\system32\Drivers\jmccgp.sys
2015-09-03 16:03 - 2015-09-03 16:04 - 00000000 ____D C:\ProgramData\BSD
2015-09-03 06:53 - 2015-09-25 20:20 - 00004639 _____ C:\Windows\setupact.log
2015-09-03 06:53 - 2015-09-03 06:53 - 00000000 _____ C:\Windows\setuperr.log
2015-09-02 17:25 - 2015-09-02 17:25 - 00002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-09-02 17:25 - 2015-09-02 17:25 - 00000000 ____D C:\Program Files\CCleaner
2015-09-02 14:16 - 2015-08-11 06:52 - 00069416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-09-02 14:16 - 2015-08-11 06:52 - 00050472 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-08-31 13:55 - 2015-08-31 13:55 - 00000000 ____D C:\Users\nunuc\AppData\Roaming\Sun
2015-08-31 13:55 - 2015-08-31 13:55 - 00000000 ____D C:\Users\nunuc\.oracle_jre_usage
2015-08-31 13:32 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\dG5XucIXHTsYgekuS.exe
2015-08-31 13:32 - 2014-11-01 01:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\ECHOUoP39ABAwawqOw2K.exe
2015-08-31 13:04 - 2015-08-31 13:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-25 20:23 - 2014-10-27 17:53 - 02096264 _____ C:\Windows\WindowsUpdate.log
2015-09-25 20:22 - 2009-07-14 06:45 - 00035328 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-25 20:22 - 2009-07-14 06:45 - 00035328 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-25 20:20 - 2014-10-27 18:11 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-25 20:20 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-25 20:19 - 2015-05-08 11:15 - 00000000 ____D C:\AdwCleaner
2015-09-25 20:10 - 2015-08-23 16:39 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-25 20:03 - 2014-10-28 02:44 - 00700470 _____ C:\Windows\system32\perfh007.dat
2015-09-25 20:03 - 2014-10-28 02:44 - 00150108 _____ C:\Windows\system32\perfc007.dat
2015-09-25 20:03 - 2009-07-14 07:13 - 01624106 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-25 19:57 - 2014-10-27 21:56 - 00000000 ____D C:\Users\nunuc\AppData\Local\TSVNCache
2015-09-25 19:41 - 2014-10-27 18:31 - 00000000 ____D C:\Users\nunuc\AppData\Local\Battle.net
2015-09-25 10:53 - 2014-10-27 21:18 - 00000000 ____D C:\ProgramData\Origin
2015-09-25 08:04 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-09-25 08:02 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-09-25 01:56 - 2015-08-16 10:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-09-25 01:55 - 2015-08-16 10:22 - 00163544 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-09-25 01:55 - 2015-08-16 10:22 - 00074952 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-09-24 10:44 - 2014-11-02 19:08 - 00000000 ____D C:\Users\nunuc\AppData\Roaming\vlc
2015-09-23 18:50 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-09-23 08:51 - 2015-05-25 13:51 - 00000000 ____D C:\Users\nunuc\AppData\Roaming\IObit
2015-09-22 22:00 - 2014-10-27 18:15 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-22 18:30 - 2015-06-13 12:04 - 00000000 ____D C:\Users\nunuc\AppData\Local\Akamai
2015-09-21 23:10 - 2015-08-23 16:39 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-09-21 23:10 - 2014-10-27 18:53 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-21 23:10 - 2014-10-27 18:53 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-17 14:22 - 2014-10-29 16:11 - 00003820 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1414591907
2015-09-17 06:54 - 2014-11-15 12:47 - 00000000 ____D C:\Users\nunuc\AppData\Roaming\Skype
2015-09-14 09:54 - 2014-11-15 12:47 - 00000000 ____D C:\ProgramData\Skype
2015-09-13 17:25 - 2014-11-29 23:29 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-09-13 10:43 - 2014-11-29 23:28 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-09-13 10:34 - 2014-11-29 23:28 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-09-12 18:58 - 2014-11-29 23:28 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-09-11 18:16 - 2014-10-27 17:55 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-09-11 18:14 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-09-11 18:11 - 2014-11-30 16:16 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-09-10 16:25 - 2015-07-17 19:04 - 00000000 ____D C:\Users\nunuc\AppData\Roaming\Awesomium
2015-09-10 16:24 - 2014-11-04 22:06 - 00000000 ____D C:\Users\nunuc\Documents\my games
2015-09-10 16:24 - 2014-10-27 21:28 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-09-10 08:48 - 2015-06-25 15:57 - 00000000 ____D C:\ProgramData\TEMP
2015-09-04 14:52 - 2015-01-02 22:39 - 00000000 ____D C:\Users\nunuc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-09-03 18:21 - 2015-06-25 20:16 - 00000000 ____D C:\Users\nunuc\Documents\Euro Truck Simulator 2
2015-09-03 16:04 - 2009-07-14 04:34 - 00000466 _____ C:\Windows\win.ini
2015-09-02 17:30 - 2014-11-02 18:21 - 00000000 ____D C:\Windows\Minidump
2015-09-02 17:30 - 2014-10-28 02:46 - 00000000 ____D C:\Windows\Panther
2015-09-02 14:16 - 2014-10-27 18:11 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-09-01 07:16 - 2014-10-27 21:24 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-09-01 07:16 - 2014-10-27 21:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-31 15:05 - 2014-10-27 21:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-31 13:56 - 2015-06-17 08:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-31 13:56 - 2015-06-17 08:29 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-31 13:56 - 2015-01-09 14:33 - 00000000 ____D C:\ProgramData\Oracle
2015-08-31 13:55 - 2015-06-17 08:30 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-08-31 13:55 - 2014-10-27 17:53 - 00000000 ____D C:\Users\nunuc
2015-08-31 13:04 - 2015-04-04 22:01 - 00000000 ____D C:\Program Files\iTunes
2015-08-31 13:03 - 2015-04-04 22:01 - 00000000 ____D C:\Program Files\iPod
2015-08-31 13:03 - 2015-04-04 22:01 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-08-31 13:03 - 2015-04-04 22:01 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-08-27 02:37 - 2014-10-27 18:11 - 01423120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-08-27 02:37 - 2014-10-27 18:11 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-08-27 02:36 - 2014-10-27 18:11 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-08-27 02:36 - 2014-10-27 18:11 - 01710568 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-08-26 14:49 - 2014-10-27 18:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-09-14 10:42 - 2015-07-04 11:29 - 14548992 _____ () C:\Users\nunuc\AppData\Roaming\Sandra.mdb
2015-08-17 23:12 - 2015-08-17 23:12 - 0000058 _____ () C:\Users\nunuc\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2015-04-14 23:14 - 2015-04-14 23:14 - 0011670 _____ () C:\Users\nunuc\AppData\Local\Temp-log.txt
2015-04-14 23:14 - 2015-04-14 23:14 - 0000000 _____ () C:\Users\nunuc\AppData\Local\Temp.dat
2014-10-27 21:22 - 2014-10-27 21:22 - 0012294 _____ () C:\ProgramData\mptmqteo.hmi
Einige Dateien in TEMP:
====================
C:\Users\nunuc\AppData\Local\Temp\0KrakenDevProps.dll
C:\Users\nunuc\AppData\Local\Temp\avgnt.exe
C:\Users\nunuc\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
nointegritychecks: ==> "IntegrityChecks" ist deaktiviert. <===== ACHTUNG
LastRegBack: 2015-09-21 04:35
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:23-09-2015
durchgeführt von nunuc (2015-09-25 20:25:23)
Gestartet von C:\Users\nunuc\Desktop
Windows 7 Professional Service Pack 1 (X64) (2014-10-27 15:53:49)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2403208828-1726898586-2912756724-500 - Administrator - Disabled)
Gast (S-1-5-21-2403208828-1726898586-2912756724-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2403208828-1726898586-2912756724-1002 - Limited - Enabled)
nunuc (S-1-5-21-2403208828-1726898586-2912756724-1000 - Administrator - Enabled) => C:\Users\nunuc
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-2403208828-1726898586-2912756724-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version: - Studio Wildcard)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.202 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Launcher (HKLM-x32\...\{315dd168-0794-4cf1-8355-f195cde642fc}) (Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.5.2.34169 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
BlueStacks Notification Center (HKLM-x32\...\{C1F53C9F-C560-4292-9237-12786FE6BF62}) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - Treyarch)
Canon MX370 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX370_series) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.5.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
CHIP Updater (HKLM-x32\...\CHIP Updater_is1) (Version: 2.39 - Abelssoft)
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.1.0 - devolo AG)
Dying Light (HKLM-x32\...\Steam App 239140) (Version: - Techland)
FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.0.3.0 - Electronic Arts)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
H1Z1 (HKLM-x32\...\Steam App 295110) (Version: - Sony Online Entertainment)
How to Survive (HKLM-x32\...\Steam App 250400) (Version: - )
ICQ 8.2 (build 7138) (HKU\S-1-5-21-2403208828-1726898586-2912756724-1000\...\ICQ) (Version: 8.2.7138.0 - ICQ)
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.59.0 - JMicron Technology Corp.)
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.183 - Logitech Inc.)
MagNets (HKLM-x32\...\Steam App 343020) (Version: - Total Monkery)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mortal Kombat X (HKLM-x32\...\Steam App 307780) (Version: - NetherRealm Studios)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.2.0 - Mozilla)
Mozilla Thunderbird 38.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.2.0 (x86 de)) (Version: 38.2.0 - Mozilla)
My Game Long Name (HKLM\...\UDK-41bc4b7c-2764-48ed-9c45-50a4bfd13797) (Version: - Epic Games, Inc.)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version: - )
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.60 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.60 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 32.0.1948.25 (HKLM-x32\...\Opera 32.0.1948.25) (Version: 32.0.1948.25 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.5.2.2829 - Electronic Arts, Inc.)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{D691E998-CF53-4F6C-AC20-E4284660E0E7}) (Version: 2.1.6.19758 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
Proxifier version 3.21 (HKLM-x32\...\Proxifier_is1) (Version: 3.21 - Initex)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
PVZ Garden Warfare (HKLM-x32\...\{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}) (Version: 1.0.3.0 - Electronic Arts)
Ravensburger tiptoi (HKLM-x32\...\Ravensburger tiptoi) (Version: - )
Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.18 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.27405 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.1 - Rockstar Games)
Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)
Screenshot Captor 4.12.0 (HKLM-x32\...\ScreenshotCaptor_is1) (Version: - )
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
SimCity 2000 Special Edition (HKLM-x32\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
SiSoftware Sandra Lite 2015.SP2b (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2496}_is1) (Version: 21.42.2015.7 - SiSoftware)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Star Wars - Battlefront II (HKLM-x32\...\Steam App 6060) (Version: - Pandemic Studios)
Star Wars - Jedi Knight II: Jedi Outcast (HKLM-x32\...\Steam App 6030) (Version: - Raven Software)
Star Wars Jedi Knight: Dark Forces II (HKLM-x32\...\Steam App 32380) (Version: - LucasArts)
Star Wars Jedi Knight: Jedi Academy (HKLM-x32\...\Steam App 6020) (Version: - Raven Software)
Star Wars Republic Commando (HKLM-x32\...\Steam App 6000) (Version: - LucasArts)
Star Wars Starfighter (HKLM-x32\...\Steam App 32350) (Version: - LucasArts)
Star Wars: Dark Forces (HKLM-x32\...\Steam App 32400) (Version: - LucasArts)
Star Wars: Empire at War Gold (HKLM-x32\...\Steam App 32470) (Version: - Petroglyph)
Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version: - BioWare)
Star Wars: Knights of the Old Republic II (HKLM-x32\...\Steam App 208580) (Version: - Obsidian Entertainment)
Star Wars: The Force Unleashed II (HKLM-x32\...\Steam App 32500) (Version: - Aspyr Studios)
Star Wars: The Force Unleashed Ultimate Sith Edition (HKLM-x32\...\Steam App 32430) (Version: - LucasArts)
Syndicate (HKLM-x32\...\{64CFBAAB-46F7-4628-8D9B-E656A8C11CDB}) (Version: 2.0.0.3 - Electronic Arts)
System Requirements Lab (HKLM-x32\...\{0F659036-14C7-4622-9505-35A0DC93526A}) (Version: 6.1.3.0 - Husdawg, LLC)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TAXMAN 2015 (HKLM-x32\...\{5613CAD3-71ED-4207-95A0-1BA0BF465E38}) (Version: 20.31.151 - Haufe-Lexware GmbH & Co.KG)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Theme Hospital (HKLM-x32\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.2 - Electronic Arts)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts)
TL-WN881ND Driver (HKLM-x32\...\{B512F025-E992-44D0-B1F4-D6E1D3339C80}) (Version: 1.0.0 - TP-LINK)
TortoiseSVN 1.8.8.25755 (64 bit) (HKLM\...\{7DAA9D5A-ED99-40D2-AA9D-386722FE105A}) (Version: 1.8.25755 - TortoiseSVN)
TOXIKK (HKLM-x32\...\Steam App 324810) (Version: - Reakktor Studios)
Unreal Tournament 3: Black Edition (HKLM-x32\...\Steam App 13210) (Version: - Epic Games, Inc.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VTech Download Agent Library (x32 Version: 1.00.0000 - VTech) Hidden
VTech Download Manager (HKLM-x32\...\VTechDownloadManager) (Version: - VTech)
War Thunder Launcher 1.0.1.502 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
WebMoney Agent (HKLM-x32\...\WebMoney Agent) (Version: 3.5 - Softomate)
WebMoney Keeper WinPro 3.9.9.5 (HKLM-x32\...\{6D9A7CEE-054A-437D-99EF-DD7C77E001FD}) (Version: 3.9.9.5 - WM Transfer Ltd.)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - AMD (amdkmpfd) System (02/12/2015 15.20.0.0000) (HKLM\...\708AE871DE4DE98C022B914117B48025341D07B8) (Version: 02/12/2015 15.20.0.0000 - AMD)
Windows Driver Package - JMicron (usbccgp) USB (07/28/2009 1.0.4.2) (HKLM\...\D3AAF0E65D8B1D5934711D3312BF76371DB14E42) (Version: 07/28/2009 1.0.4.2 - JMicron)
Windows Driver Package - JMicron Technology Corp. (JRAID) SCSIAdapter (08/10/2010 1.17.58.2) (HKLM\...\71DF76D3EFF8F1319B88DD518F44AF13B27C3193) (Version: 08/10/2010 1.17.58.2 - JMicron Technology Corp.)
Windows Driver Package - JMicron Technology Corp. (JRAID) SCSIAdapter (09/07/2010 1.17.59.0) (HKLM\...\D5496DF7336192E7F4E7313CE7DC86830DFBD406) (Version: 09/07/2010 1.17.59.0 - JMicron Technology Corp.)
Windows Driver Package - KYE System Corp. (ioFakMap) HIDClass (09/09/2013 6.3.0.1) (HKLM\...\2D411C1C731F85B0AE8A713F3C27A67932A89369) (Version: 09/09/2013 6.3.0.1 - KYE System Corp.)
Windows Driver Package - NVIDIA Corporation (NVHDA) MEDIA (07/08/2015 1.3.34.3) (HKLM\...\A829BD9C3C124B61C7EC97D586DC44BCDD2BA3DD) (Version: 07/08/2015 1.3.34.3 - NVIDIA Corporation)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-2403208828-1726898586-2912756724-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
World of Warships (HKU\S-1-5-21-2403208828-1726898586-2912756724-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
22-09-2015 21:59:57 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
23-09-2015 08:50:46 JRT Pre-Junkware Removal
23-09-2015 18:49:58 DirectX wurde installiert
25-09-2015 07:51:36 ComboFix created restore point
25-09-2015 20:22:23 JRT Pre-Junkware Removal
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2015-09-25 07:56 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {49E09468-55F4-46BE-A4EB-96929BCCCE5F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-21] (Adobe Systems Incorporated)
Task: {5A242E98-D91D-48C4-ACF5-245D8FA5E879} - System32\Tasks\Opera scheduled Autoupdate 1414591907 => E:\Programme\launcher.exe [2015-09-11] (Opera Software)
Task: {C631B07E-2EAE-4416-AEA0-8176F6DB5E63} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {FCA4F240-2A6C-4CCD-9C49-9E91D3711BDA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-19] (Piriform Ltd)
Task: {FEC32660-94CA-4022-9E27-EE51388CAB1D} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-10-27 22:03 - 2012-11-22 19:57 - 00057448 _____ () C:\Windows\system32\PrxerNsp.dll
2014-08-10 17:10 - 2014-08-10 17:10 - 00076032 _____ () E:\Programme\bin\TortoiseStub.dll
2014-08-10 17:10 - 2014-08-10 17:10 - 00088832 _____ () E:\Programme\bin\libsasl.dll
2015-06-23 21:11 - 2015-06-23 21:11 - 00187048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:41ADDB8A
AlternateDataStreams: C:\ProgramData\TEMP:A064CECC
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2403208828-1726898586-2912756724-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\nunuc\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TP-LINK Wireless Configuration Utility.lnk => C:\Windows\pss\TP-LINK Wireless Configuration Utility.lnk.CommonStartup
MSCONFIG\startupreg: AgentMonitor => E:\Programme\VTech\DownloadManager\System\AgentMonitor.exe
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: icq => C:\Users\nunuc\AppData\Roaming\ICQM\icq.exe -CU
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesPreload => E:\Programme\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => E:\Programme\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: SDTray => "E:\Programme\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: VirtualCloneDrive => "G:\Program Files (x86)\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: wmagent.exe => "C:\Program Files (x86)\WebMoney Agent\wmagent.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{469700EB-FCEA-44E8-B1D9-DB7333A6E809}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{10AA2F31-200F-4EA5-B1C1-4FCB9EC2FED0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{501A6E02-1E9D-4F62-942A-3D52A511F1DB}] => (Allow) C:\Users\nunuc\AppData\Roaming\ICQM\icq.exe
FirewallRules: [{4192EB03-6510-4B8F-9FAA-BA8B39CDC8EB}] => (Allow) C:\Users\nunuc\AppData\Roaming\ICQM\icq.exe
FirewallRules: [{E2C7E35D-DC95-4D68-B109-88C7B6C593C4}] => (Allow) G:\GAMES\Steam.exe
FirewallRules: [{68E14B5F-880D-4659-8557-0E3C434679BF}] => (Allow) G:\GAMES\Steam.exe
FirewallRules: [{62E50759-7BA4-4C37-92CD-93F5D083F12C}] => (Allow) G:\GAMES\bin\steamwebhelper.exe
FirewallRules: [{F4D852E5-FE40-4C27-84F4-DB8C881AF883}] => (Allow) G:\GAMES\bin\steamwebhelper.exe
FirewallRules: [{B622E890-FBB4-44B2-8B18-A83C28192185}] => (Allow) G:\GAMES\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{3EAA1700-C6A5-44DD-B265-217C484524C6}] => (Allow) G:\GAMES\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{BD1BAFE4-5001-44C7-848B-161408CFAF81}] => (Allow) G:\GAMES\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{6E9803AE-8FCB-4C55-A998-BB7772B57283}] => (Allow) G:\GAMES\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{31337C8C-D50E-4697-9A43-E30DCE285F96}] => (Allow) G:\GAMES\Battle.net\Battle.net.exe
FirewallRules: [{12FED024-5C4D-410F-9310-BAEA071A0D3F}] => (Allow) G:\GAMES\Battle.net\Battle.net.exe
FirewallRules: [{DD8C143B-1CE8-4E7E-B8AE-A22BDA624EE5}] => (Allow) G:\GAMES\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{185DFF5D-23AA-4020-BC79-EA17E368626E}] => (Allow) G:\GAMES\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{DE9A4150-5946-4311-8439-1E5D8F7CF345}] => (Allow) G:\GAMES\SteamApps\common\APB Reloaded\Launcher\APBLauncher.exe
FirewallRules: [{EFA3DA4E-F03F-4561-A9B9-7A227816C949}] => (Allow) G:\GAMES\SteamApps\common\APB Reloaded\Launcher\APBLauncher.exe
FirewallRules: [{04D43B8C-44D1-464F-B870-3D0DB1A648A2}] => (Allow) G:\GAMES\SteamApps\common\Dead Island Epidemic\Dead Island Epidemic - Launcher.exe
FirewallRules: [{EF5F55C3-5B24-4184-90E5-8F53BB431912}] => (Allow) G:\GAMES\SteamApps\common\Dead Island Epidemic\Dead Island Epidemic - Launcher.exe
FirewallRules: [{C87127B8-902C-439B-B264-39B923CBE670}] => (Allow) G:\GAMES\SteamApps\common\Nether\Launcher\Launcher.exe
FirewallRules: [{85DD0183-DEF4-401C-B315-6FBC5434B39C}] => (Allow) G:\GAMES\SteamApps\common\Nether\Launcher\Launcher.exe
FirewallRules: [{3F70B08C-CDAF-4387-AFDD-8D24B1ACA58E}] => (Allow) G:\GAMES\SteamApps\common\Aerena\game.exe
FirewallRules: [{B4AC20C3-4EFB-4490-8FDA-FA71963ABAC0}] => (Allow) G:\GAMES\SteamApps\common\Aerena\game.exe
FirewallRules: [{5048DA5F-61E1-420C-BCC3-F4D0F1933C40}] => (Allow) E:\STEAM GAMES\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{4FACEF2F-CF36-4B40-ACCE-DD666D73DF40}] => (Allow) E:\STEAM GAMES\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{86046C36-8AD2-4573-A274-A9CA72023006}] => (Allow) G:\GAMES\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{448D9C83-3BB0-4FC0-94E5-C244361F92AF}] => (Allow) G:\GAMES\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{FD9073B4-E3B6-4807-8684-0733F0BA42BE}] => (Allow) G:\GAMES\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{099AECC8-EDEA-44EA-B7A8-506B7E2D257C}] => (Allow) G:\GAMES\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6D7824D7-CBAA-4224-93B7-55C1FCF32218}] => (Allow) G:\GAMES\SteamApps\common\SourceFilmmaker\game\sfm.exe
FirewallRules: [{7C4BD3CA-02B8-4564-AF04-058D523239E9}] => (Allow) G:\GAMES\SteamApps\common\SourceFilmmaker\game\sfm.exe
FirewallRules: [{C5804147-9758-46B3-A8A5-69A493BB2F97}] => (Allow) G:\GAMES\SteamApps\common\SourceFilmmaker\game\bin\qsdklauncher.exe
FirewallRules: [{C44FB3C9-C931-4DE5-B01C-15EE7FC189DA}] => (Allow) G:\GAMES\SteamApps\common\SourceFilmmaker\game\bin\qsdklauncher.exe
FirewallRules: [TCP Query User{3C1B3A5B-E282-44F1-9615-6BFAB3B5B287}G:\gamez!\hearthstone\hearthstone.exe] => (Allow) G:\gamez!\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{FB1B26A3-415C-4612-B04E-9781B9C328C5}G:\gamez!\hearthstone\hearthstone.exe] => (Allow) G:\gamez!\hearthstone\hearthstone.exe
FirewallRules: [{3729900A-3D45-4146-B67E-73A33C27D8CB}] => (Allow) G:\GAMES\SteamApps\common\PinballArcade\PinballArcade.exe
FirewallRules: [{5D4012D4-8B5B-428C-B505-B4C53FBA6E20}] => (Allow) G:\GAMES\SteamApps\common\PinballArcade\PinballArcade.exe
FirewallRules: [{99E5633F-F4CE-48D3-A7E4-77E56B271707}] => (Allow) G:\GAMES\SteamApps\common\PinballArcade\PBAConfig.exe
FirewallRules: [{31B50993-FEBE-45B0-9AEF-E5551C5B3FBA}] => (Allow) G:\GAMES\SteamApps\common\PinballArcade\PBAConfig.exe
FirewallRules: [{DFC0A3C3-5436-4905-8C7E-5ABF0AB4E38C}] => (Allow) E:\Programme\Phone\Skype.exe
FirewallRules: [{236860E2-B4CE-41FD-8167-038B843C7DDF}] => (Allow) G:\GAMES\SteamApps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe
FirewallRules: [{D31C17B0-6E9E-4DA8-880E-25EFE65FB608}] => (Allow) G:\GAMES\SteamApps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe
FirewallRules: [{0081B00B-1285-4799-B469-B088996257A1}] => (Allow) G:\GAMES\SteamApps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
FirewallRules: [{C5E57D91-BD20-4B0C-B402-57A90BB80BB4}] => (Allow) G:\GAMES\SteamApps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
FirewallRules: [{E0EDF197-51E0-427B-92FD-A83AE0A87F4A}] => (Allow) G:\GAMES\SteamApps\common\SanctumTD\SuperSanctumTD.exe
FirewallRules: [{CF2A2B0C-A131-40A8-9418-29FBBA9038C2}] => (Allow) G:\GAMES\SteamApps\common\SanctumTD\SuperSanctumTD.exe
FirewallRules: [TCP Query User{B0706FC5-0E50-4D24-BE15-24DD06831EC9}E:\wot\wotlauncher.exe] => (Allow) E:\wot\wotlauncher.exe
FirewallRules: [UDP Query User{A3C2A3FD-9771-4BFA-AF48-E3BA77B4A7AF}E:\wot\wotlauncher.exe] => (Allow) E:\wot\wotlauncher.exe
FirewallRules: [TCP Query User{86FDB30A-04CE-4388-8346-DAAA17C4BD9B}E:\wot\worldoftanks.exe] => (Allow) E:\wot\worldoftanks.exe
FirewallRules: [UDP Query User{01E88954-3C24-4618-96A0-A209F64886F1}E:\wot\worldoftanks.exe] => (Allow) E:\wot\worldoftanks.exe
FirewallRules: [{BFF5E78F-F8C7-4A97-B545-9754DE0C58AA}] => (Allow) G:\GAMES\SteamApps\common\Quake Live\quakelive_steam.exe
FirewallRules: [{E4E7C9E0-B0B3-4FDE-9FDA-E6D10CF3EB6B}] => (Allow) G:\GAMES\SteamApps\common\Quake Live\quakelive_steam.exe
FirewallRules: [{CBE38E34-942E-48E4-B382-9FF77C584AB6}] => (Allow) E:\STEAM GAMES\SteamApps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{D623077D-8B43-4519-A6BC-897B69DB4AF1}] => (Allow) E:\STEAM GAMES\SteamApps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{726E3F0A-FC8A-4E9B-8C5E-1BC03FFBCCFE}] => (Allow) E:\STEAM GAMES\SteamApps\common\How to Survive\Detect.exe
FirewallRules: [{BA3B3D39-F638-4ACD-90BF-A85C56C522E4}] => (Allow) E:\STEAM GAMES\SteamApps\common\How to Survive\Detect.exe
FirewallRules: [{40D8898A-DDF7-4927-AAA0-CBF5661D27AB}] => (Allow) G:\GAMES\SteamApps\common\ShufflepuckCantinaDeluxe\ShufflepuckCantinaDeluxe.exe
FirewallRules: [{DB1C8B5B-F6E6-4A5E-8990-A205B9B07FC0}] => (Allow) G:\GAMES\SteamApps\common\ShufflepuckCantinaDeluxe\ShufflepuckCantinaDeluxe.exe
FirewallRules: [{EE32CE94-DAD5-47CA-A933-9FE4C82263E3}] => (Allow) E:\Origin Spiele\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{4DDFACB8-40D9-4B03-9CD4-D03987C03D9C}] => (Allow) E:\Origin Spiele\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{1C0489F7-6479-4BD2-B1F0-508601751686}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AFDAF23F-5253-4FA5-8C5A-46BD2ECC3644}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4116DFE5-7D19-41FC-BAE9-334351D6C174}] => (Allow) E:\STEAM GAMES\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{BB218CF7-D117-4566-9642-D162E0EC3B74}] => (Allow) E:\STEAM GAMES\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{1C18E3B0-AA2D-4D6C-9139-C25B504482ED}] => (Allow) E:\STEAM GAMES\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [{3B26F86F-E1CA-46FA-8B3E-75851534FDE6}] => (Allow) E:\STEAM GAMES\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [TCP Query User{9E597A75-C5FB-4FE7-89C1-436DEE332994}E:\steam games\steamapps\common\h1z1\h1z1.exe] => (Allow) E:\steam games\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{A28D56C4-0F9F-46E1-8069-F80C78C1D861}E:\steam games\steamapps\common\h1z1\h1z1.exe] => (Allow) E:\steam games\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{4D4E7B1A-FD22-4029-8794-A8C92ECF82D1}] => (Allow) E:\Origin Spiele\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{E9D376D3-0C70-4032-B6F9-4CC4ABD76054}] => (Allow) E:\Origin Spiele\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{0594F98F-BE7C-4D70-8D4C-C33D7CD8F6CF}] => (Allow) E:\STEAM GAMES\SteamApps\common\TOXIKK\Binaries\Win32\TOXIKK.exe
FirewallRules: [{E22AE42D-C595-44A2-BD20-FFECA2FD516D}] => (Allow) E:\STEAM GAMES\SteamApps\common\TOXIKK\Binaries\Win32\TOXIKK.exe
FirewallRules: [{EF88F882-A007-42AE-9E89-8916B47EFCFA}] => (Allow) G:\GAMES\SteamApps\common\IL 2 Sturmovik 1946\il2fb.exe
FirewallRules: [{0FE39CF8-3598-4461-8AC6-4BB8FFDDB862}] => (Allow) G:\GAMES\SteamApps\common\IL 2 Sturmovik 1946\il2fb.exe
FirewallRules: [{55549C5A-E7EC-4221-8986-C617B9CA510C}] => (Allow) E:\Programme\VTech\DownloadManager\System\AgentMonitor.exe
FirewallRules: [{3E1444A2-3E2A-4DCB-BB89-3EEABF53C965}] => (Allow) E:\Programme\VTech\DownloadManager\System\AgentMonitor.exe
FirewallRules: [{AA6EF5D8-7B49-4908-A7BD-C403DFCA36B6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4C8E8815-0343-4BB0-95E4-EB340E7F0FC1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E384EDE4-2B23-405D-976F-266E0843D52E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E6A08E7F-B1A7-41D5-915E-5F983B71A505}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C33555EF-2C96-4AFD-81AE-0C7E0B7273AF}] => (Allow) E:\STEAM GAMES\SteamApps\common\swkotor\swkotor.exe
FirewallRules: [{F9A2CB34-BB2B-45A2-869B-04393EE9655C}] => (Allow) E:\STEAM GAMES\SteamApps\common\swkotor\swkotor.exe
FirewallRules: [{BDD53416-092C-45D4-B3D0-C046FB284E9C}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars Republic Commando\GameData\System\SWRepublicCommando.exe
FirewallRules: [{896C8CDE-A2EB-43A0-A7E8-FE2F5B022A5F}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars Republic Commando\GameData\System\SWRepublicCommando.exe
FirewallRules: [{36698429-04AB-43D1-9ABB-B846E6C72413}] => (Allow) E:\STEAM GAMES\SteamApps\common\Jedi Academy\GameData\jasp.exe
FirewallRules: [{07450FE0-A06F-454F-8E72-34BFCC729B60}] => (Allow) E:\STEAM GAMES\SteamApps\common\Jedi Academy\GameData\jasp.exe
FirewallRules: [{64E8CBF2-3B5D-44A8-B811-18603DF94678}] => (Allow) E:\STEAM GAMES\SteamApps\common\Jedi Academy\GameData\jamp.exe
FirewallRules: [{97267A96-EB36-4C93-9655-17C9BFB8565D}] => (Allow) E:\STEAM GAMES\SteamApps\common\Jedi Academy\GameData\jamp.exe
FirewallRules: [{DC197DF6-94BB-461D-8DA2-87176184EB1E}] => (Allow) E:\STEAM GAMES\SteamApps\common\Jedi Outcast\GameData\jk2sp.exe
FirewallRules: [{D0734B75-D0B1-47DB-AC83-F642C4D8B6E2}] => (Allow) E:\STEAM GAMES\SteamApps\common\Jedi Outcast\GameData\jk2sp.exe
FirewallRules: [{8A926EB7-B9FF-4941-86CD-5E93F7CDAD73}] => (Allow) E:\STEAM GAMES\SteamApps\common\Jedi Outcast\GameData\jk2mp.exe
FirewallRules: [{6CE51235-3C2A-471C-B32C-AE201A66A1C8}] => (Allow) E:\STEAM GAMES\SteamApps\common\Jedi Outcast\GameData\jk2mp.exe
FirewallRules: [{68F5F57D-6FA1-4D51-8271-97B995AFEC39}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
FirewallRules: [{FF30B938-FDD2-468F-A702-A6B0EE1AF253}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
FirewallRules: [{82177C2F-BE3C-40B0-92E7-171FF6CB2719}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars Starfighter\Starfighter.exe
FirewallRules: [{D8560D93-28AB-43F5-96A0-41950511A3DF}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars Starfighter\Starfighter.exe
FirewallRules: [{E9A703F9-C97B-4F06-858C-3C27FCDB528F}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars Jedi Knight\JK.EXE
FirewallRules: [{17E78BEA-A303-41DF-A542-A16AEC94705E}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars Jedi Knight\JK.EXE
FirewallRules: [{EC34A1A5-5E2A-4568-8987-75E2B9199969}] => (Allow) E:\STEAM GAMES\SteamApps\common\Dark Forces\DosBox\dosbox.exe
FirewallRules: [{AE0E5C3C-2957-413D-9AD8-A9D02DD57C56}] => (Allow) E:\STEAM GAMES\SteamApps\common\Dark Forces\DosBox\dosbox.exe
FirewallRules: [{51197A25-6D2D-4DA3-BAA8-B3FD460D6C15}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars The Force Unleashed\SWTFU Launcher.exe
FirewallRules: [{73F0ACC2-F475-4893-87F6-D724E25F86E4}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars The Force Unleashed\SWTFU Launcher.exe
FirewallRules: [{CE19E947-1140-494E-AADD-ED03EFFF5068}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars Empire at War\runme.exe
FirewallRules: [{7371034F-C0B3-4631-BBE1-CEC88BA70DBB}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars Empire at War\runme.exe
FirewallRules: [{3B0A9B1D-8C21-4931-937A-4B57D8FAA069}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars Empire at War\runme2.exe
FirewallRules: [{692AFE0B-9306-46D7-9ADA-F0C4388CDD2A}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars Empire at War\runme2.exe
FirewallRules: [{9D7B0ED1-4D82-4EB1-B455-BC5E0E9C81B7}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars The Force Unleashed 2\SWTFU2.exe
FirewallRules: [{C3D63568-322B-4791-8E91-E4CEF2897C8F}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars The Force Unleashed 2\SWTFU2.exe
FirewallRules: [{DBE8E815-5978-4F38-93BF-BCCAEF04AB47}] => (Allow) E:\STEAM GAMES\SteamApps\common\Knights of the Old Republic II\swkotor2.exe
FirewallRules: [{012DF085-8B77-4569-90A7-246FAFA02227}] => (Allow) E:\STEAM GAMES\SteamApps\common\Knights of the Old Republic II\swkotor2.exe
FirewallRules: [TCP Query User{90F67090-8FB3-49EF-B508-8DE1388AF080}E:\steam games\steamapps\common\star wars empire at war\gamedata\sweaw.exe] => (Allow) E:\steam games\steamapps\common\star wars empire at war\gamedata\sweaw.exe
FirewallRules: [UDP Query User{3F4209B8-277E-479F-9C36-693D597450FC}E:\steam games\steamapps\common\star wars empire at war\gamedata\sweaw.exe] => (Allow) E:\steam games\steamapps\common\star wars empire at war\gamedata\sweaw.exe
FirewallRules: [{BB656002-1732-41D6-9E1A-A229B586C015}] => (Allow) E:\STEAM GAMES\SteamApps\common\Rust\Rust.exe
FirewallRules: [{577A6465-B43E-4563-AC75-7D02C005CEF9}] => (Allow) E:\STEAM GAMES\SteamApps\common\Rust\Rust.exe
FirewallRules: [{42B33F5E-9100-4AC7-9E75-3F5A4C138193}] => (Allow) G:\GAMES\SteamApps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{CA065EF0-8C86-4105-B913-5ECFF06EC9A1}] => (Allow) G:\GAMES\SteamApps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{FA2915A2-D7CE-4894-B98E-FCDCF2E711B9}] => (Allow) G:\GAMES\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{EAE8A57F-277E-4704-AB65-D214F3DAADDC}] => (Allow) G:\GAMES\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [TCP Query User{C75A35E5-937E-4A21-A1C0-141259B95C60}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{06579E57-FA2D-48EA-A8E2-A5A08EB8C7C9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{D611ED8C-884D-44AF-843A-E581F6788740}] => (Allow) E:\STEAM GAMES\SteamApps\common\TOXIKK\Binaries\Win32\TOXIKK.exe
FirewallRules: [{60226BF8-89EB-4277-9A29-AA928CE0E752}] => (Allow) E:\STEAM GAMES\SteamApps\common\TOXIKK\Binaries\Win32\TOXIKK.exe
FirewallRules: [{9AF028BA-C5A6-4A7E-90C8-714AF431B3F9}] => (Allow) E:\STEAM GAMES\SteamApps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{D88D3576-1D00-44AB-A66C-C5D22EF1C4AF}] => (Allow) E:\STEAM GAMES\SteamApps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{9757EAC9-7321-4C5C-A84D-E2F17FD15885}] => (Allow) E:\STEAM GAMES\SteamApps\common\Unreal Tournament 3\Binaries\UT3.exe
FirewallRules: [{DABAA092-316D-4B1B-A4C5-55BD008EDDFE}] => (Allow) E:\STEAM GAMES\SteamApps\common\Unreal Tournament 3\Binaries\UT3.exe
FirewallRules: [{94D54AC0-7B3E-4C7C-B2E4-E7C463752983}] => (Allow) G:\GAMES\WarThunder\launcher.exe
FirewallRules: [{9EC25746-EE9F-4AB1-95C9-49D9C72A30C3}] => (Allow) G:\GAMES\WarThunder\launcher.exe
FirewallRules: [{671A3C3F-7F88-47F6-B5AE-62EAEEBD3C41}] => (Allow) G:\GAMES\WarThunder\bpreport.exe
FirewallRules: [{9252C5E1-D9E3-40D2-BB56-D94DF24E46F1}] => (Allow) G:\GAMES\WarThunder\bpreport.exe
FirewallRules: [{8B302CD0-2267-41B2-8D40-7E2CAADFF9BE}] => (Allow) LPort=80
FirewallRules: [{B826BDB5-F573-4D7D-B662-34F0308B73BB}] => (Allow) LPort=443
FirewallRules: [{B3484C71-E574-4EB8-90E6-7292D080C939}] => (Allow) LPort=20010
FirewallRules: [{23A0AF88-1EC2-4E93-97C6-92EDC734275A}] => (Allow) LPort=3478
FirewallRules: [{4652B566-36C4-4AD5-82DE-7F596C40FF14}] => (Allow) LPort=7850
FirewallRules: [{6A5C3FD7-03D4-46C0-8989-E4C87660F0FA}] => (Allow) LPort=7852
FirewallRules: [{41CD6180-FEE9-49B1-AAAC-F4B938C873F3}] => (Allow) LPort=7853
FirewallRules: [{794CC770-6A8E-4102-B9F6-90760CA5E53A}] => (Allow) LPort=27022
FirewallRules: [{E287722C-0D49-40DB-BFC1-EB9783A66223}] => (Allow) LPort=6881
FirewallRules: [{F7AF9C60-9CD4-4637-94CB-0A7709E979DA}] => (Allow) LPort=33333
FirewallRules: [{5F04EC02-5D23-4638-A914-F5776765DB9D}] => (Allow) LPort=20443
FirewallRules: [{0985DE53-D57C-46CC-85D2-DC62C4387672}] => (Allow) LPort=8090
FirewallRules: [TCP Query User{5C8A1F4A-3B16-4DF7-8058-BECFA1B8789A}G:\games\warthunder\aces.exe] => (Allow) G:\games\warthunder\aces.exe
FirewallRules: [UDP Query User{F657CF06-8F1F-4A3E-A757-08EED07A913E}G:\games\warthunder\aces.exe] => (Allow) G:\games\warthunder\aces.exe
FirewallRules: [{D63FA105-6B66-4A39-92C7-DDF6CA5C4024}] => (Allow) E:\Origin Spiele\Syndicate (1993)\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{5015243C-07BF-4F58-8F7B-6D5D0C470883}] => (Allow) E:\Origin Spiele\Syndicate (1993)\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{7D8AE61B-9F3C-41AA-8CEF-8FFF97F43953}] => (Allow) E:\Origin Spiele\Titanfall\Titanfall.exe
FirewallRules: [{50F7FCDC-56F9-4E3A-8810-4C0124A7BBB3}] => (Allow) E:\Origin Spiele\Titanfall\Titanfall.exe
FirewallRules: [{6573FBC3-B55C-42BB-B243-7814F9E84BD4}] => (Allow) E:\STEAM GAMES\SteamApps\common\Two Worlds - Epic Edition\TwoWorlds.exe
FirewallRules: [{D577D25C-DFDD-443E-8946-897B07FA8FD0}] => (Allow) E:\STEAM GAMES\SteamApps\common\Two Worlds - Epic Edition\TwoWorlds.exe
FirewallRules: [{EF69610D-0D26-4023-95DC-62F55972F236}] => (Allow) E:\STEAM GAMES\SteamApps\common\Two Worlds - Epic Edition\TwoWorlds_RADEON.exe
FirewallRules: [{2D8CC5D5-7A5B-4145-A18E-3CD90129D4D0}] => (Allow) E:\STEAM GAMES\SteamApps\common\Two Worlds - Epic Edition\TwoWorlds_RADEON.exe
FirewallRules: [{21D82907-A142-4C43-B993-E70E02C98FA1}] => (Allow) E:\STEAM GAMES\SteamApps\common\Knights and Merchants Historical Version\KM_TPR.exe
FirewallRules: [{45E26189-877F-41D4-AC1D-0DE1C3134D21}] => (Allow) E:\STEAM GAMES\SteamApps\common\Knights and Merchants Historical Version\KM_TPR.exe
FirewallRules: [{44696DB8-6BBA-4B24-9DBC-B6BB470AD8C1}] => (Allow) E:\STEAM GAMES\SteamApps\common\Knights and Merchants Historical Version\hd\Knights_and_Merchants_steam.exe
FirewallRules: [{E57BE1D3-F7DA-4AC1-AC1B-DA8A429A4B46}] => (Allow) E:\STEAM GAMES\SteamApps\common\Knights and Merchants Historical Version\hd\Knights_and_Merchants_steam.exe
FirewallRules: [{336957FF-6409-4840-8057-1BF1FFE7B4EE}] => (Allow) E:\STEAM GAMES\SteamApps\common\Enclave\Enclave.exe
FirewallRules: [{E0508657-9279-460D-B382-38E12AF3A6A2}] => (Allow) E:\STEAM GAMES\SteamApps\common\Enclave\Enclave.exe
FirewallRules: [{9A5A84A8-2C6C-43DD-B475-E0201CA1F933}] => (Allow) E:\STEAM GAMES\SteamApps\common\KnightShift\KnightShift.exe
FirewallRules: [{3031C719-BFA5-42E9-B3BB-C7B465F2DE6A}] => (Allow) E:\STEAM GAMES\SteamApps\common\KnightShift\KnightShift.exe
FirewallRules: [{DBFAAA8A-047C-4416-A6CE-8DFE70693967}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{B28332D7-48EC-47C8-B3A1-BDA7F494D938}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{019B55D5-A6E2-4096-87B7-B64E3FF304D0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D67ADC62-A9C1-4F0D-BF87-65E728125074}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{477D1E92-9304-463B-ACA2-1AC1EEAC65F8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4C450097-D3D7-4C8C-9118-6A4E1C66F00D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3524F0D0-B446-4458-966E-7DEED183B179}] => (Allow) G:\GAMES\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{1ECA58DF-2322-4005-812A-ADDD221A9C5F}] => (Allow) G:\GAMES\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{5CC91905-E503-4A2D-9F7C-63B254AF22C6}] => (Allow) C:\Users\nunuc\AppData\Local\Hola\firefox\app\hola_plugin.exe
FirewallRules: [{317C46C1-019F-4752-94E7-90EDF8C5FFD2}] => (Allow) C:\Users\nunuc\AppData\Local\Hola\firefox\app\hola_plugin.exe
FirewallRules: [{851073F2-981E-490F-B2C1-2A72DC0754A9}] => (Allow) E:\STEAM GAMES\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{9C21D684-A7DC-482A-8223-E49E86C7E121}] => (Allow) E:\STEAM GAMES\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{5E392CA8-6353-4918-9AA8-1BFDB35CBA31}] => (Allow) G:\GAMES\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{87F282A9-6898-461C-A54B-568C6685257C}] => (Allow) G:\GAMES\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{44B70246-4A5D-4EDE-871E-11D57BB5CD1B}] => (Allow) G:\GAMES\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{187D8768-D99B-4679-A1FC-9622286D01D9}] => (Allow) G:\GAMES\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [TCP Query User{8E53FC88-DE40-4360-A660-7FFEED247DDA}J:\gta 5\gta5.exe] => (Allow) J:\gta 5\gta5.exe
FirewallRules: [UDP Query User{D9A63C25-F253-48B6-8B84-C4ED443ED50D}J:\gta 5\gta5.exe] => (Allow) J:\gta 5\gta5.exe
FirewallRules: [{1C8DD052-70FA-4C53-8E7B-3085A98CC7D8}] => (Allow) G:\GAMES\SteamApps\common\PinballArcade\PinballArcade11.exe
FirewallRules: [{68862417-BE3E-4238-A064-1CBD6B64BD5C}] => (Allow) G:\GAMES\SteamApps\common\PinballArcade\PinballArcade11.exe
FirewallRules: [TCP Query User{8810F88E-EA63-454B-9AB5-850C5F5BA353}C:\users\nunuc\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\nunuc\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{FCC6148C-0F8F-4704-9248-599C56274212}C:\users\nunuc\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\nunuc\appdata\local\akamai\netsession_win.exe
FirewallRules: [{A21260B1-2366-4C48-9BD7-73F60185429F}] => (Block) C:\users\nunuc\appdata\local\akamai\netsession_win.exe
FirewallRules: [{5980A259-2D0B-4464-A62B-EDFB8BCD8E1A}] => (Block) C:\users\nunuc\appdata\local\akamai\netsession_win.exe
FirewallRules: [{3F05D33F-1CB2-4A2B-BF44-2D6A54CE58D8}] => (Allow) C:\Users\nunuc\AppData\Local\Hola\firefox\app\hola_plugin.exe
FirewallRules: [{40357622-4CDA-4982-85A9-0924B7036C72}] => (Allow) C:\Users\nunuc\AppData\Local\Hola\firefox\app\hola_plugin.exe
FirewallRules: [{AD770DCA-CA6B-44E2-8347-5EF11394E93A}] => (Allow) E:\Origin Spiele\Titanfall\Titanfall.exe
FirewallRules: [{2B7F8145-91DC-49AA-BFE6-7CD894B9C053}] => (Allow) E:\Origin Spiele\Titanfall\Titanfall.exe
FirewallRules: [{3AE09DEC-5873-4FA7-9E55-819D8773AD00}] => (Allow) J:\Spiele\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{678EE611-8A3C-4716-8608-365FF638CB98}] => (Allow) J:\Spiele\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{49AD51AE-47CC-4FCA-AEF0-E4980BBB02AD}] => (Allow) G:\GAMES\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{07600EED-618F-405B-83A2-401EC86B0258}] => (Allow) G:\GAMES\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{71AC4F25-4025-4CD2-B675-0BB5A669340A}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{BAA4A271-5CEF-4DF1-88AB-84554F889480}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{12883DBB-A986-4E61-BCD9-904460E2EDBC}] => (Allow) E:\STEAM GAMES\SteamApps\common\TOXIKK\Binaries\Win32\TOXIKK.exe
FirewallRules: [{7BB7171E-275C-4A16-AD32-251F95766752}] => (Allow) E:\STEAM GAMES\SteamApps\common\TOXIKK\Binaries\Win32\TOXIKK.exe
FirewallRules: [{84CEF928-C8CA-4FE9-81AC-F030092BE4F3}] => (Allow) J:\GTA 5\GTA5.exe
FirewallRules: [{A959B973-1616-4821-8648-6648F9B9C88D}] => (Allow) J:\GTA 5\GTA5.exe
FirewallRules: [{153234FE-55FF-4B21-B15A-1060C895832F}] => (Allow) E:\STEAM GAMES\SteamApps\common\MagNets\MagNets.exe
FirewallRules: [{5421331D-8009-49D5-BF36-B162F42F012C}] => (Allow) E:\STEAM GAMES\SteamApps\common\MagNets\MagNets.exe
FirewallRules: [{38731E9A-1B8E-4ABC-9704-E5228045151D}] => (Allow) G:\GAMES\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{4B9F2722-ED70-42E5-94D7-38A3134BBCEB}] => (Allow) G:\GAMES\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{8353B975-45EE-4A25-A62A-4A1D7BF8171F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{BE350B53-3B1B-4F7F-81EF-6404815BD5FE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{41D16874-03E3-4F8F-B782-48359C851559}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{6816F2C2-16CE-4941-9AED-D3AA4A48FC43}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{BC950947-88A0-4867-9A28-5CD6E73895F2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{240F29D4-4633-472C-9106-8EDCE0F19CDE}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{665D62D4-6BAA-4A2B-8060-494074669DC8}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{3F3EB211-F12D-4273-8908-A1C217FD9C0C}] => (Allow) E:\STEAM GAMES\SteamApps\common\MK10\Binaries\Retail\MK10.exe
FirewallRules: [{58603FFA-13C9-4C94-AB40-4C3A8057431E}] => (Allow) E:\STEAM GAMES\SteamApps\common\MK10\Binaries\Retail\MK10.exe
FirewallRules: [{B1E5FFDA-F30A-4EFE-A49F-5898D7F59FE5}] => (Allow) E:\STEAM GAMES\SteamApps\common\MK10\Binaries\Retail\MKXLauncher.exe
FirewallRules: [{E76A9D1A-2B08-4146-8E8B-479F49FE12BF}] => (Allow) E:\STEAM GAMES\SteamApps\common\MK10\Binaries\Retail\MKXLauncher.exe
FirewallRules: [{318690D5-33ED-4041-BB60-8F57E2EDB6B2}] => (Allow) E:\Origin Spiele\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{DCD0139A-F67A-431C-A988-C4FE9378D7EB}] => (Allow) E:\Origin Spiele\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{400DBCF0-4097-44ED-A4E9-D33CE848C4FC}] => (Allow) E:\Origin Spiele\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{0B44C3D0-DF47-41CA-8437-6094FD4E26B5}] => (Allow) E:\Origin Spiele\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [TCP Query User{D132AC5F-8263-4633-8357-FD85E49CBD8D}G:\gamez!\wos\wowslauncher.exe] => (Allow) G:\gamez!\wos\wowslauncher.exe
FirewallRules: [UDP Query User{F6D5BE04-57CD-4E78-BDF6-FF054CBD3520}G:\gamez!\wos\wowslauncher.exe] => (Allow) G:\gamez!\wos\wowslauncher.exe
FirewallRules: [{A9F9D9DF-ECB3-439C-968F-A24B1DDADCCF}] => (Block) G:\gamez!\wos\wowslauncher.exe
FirewallRules: [{7C72DC4E-4D1A-4CB6-AAA3-5F2E65F25D33}] => (Block) G:\gamez!\wos\wowslauncher.exe
FirewallRules: [{A288564D-2987-496C-BF68-A2F57263E8F1}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{320DEA70-B918-4645-B3F1-9BB528F5733A}] => (Allow) E:\Programme\VTech\DownloadManager\System\AgentMonitor.exe
FirewallRules: [{AE70FC3C-8C1D-489B-A052-5F37DD3C77DB}] => (Allow) E:\Programme\VTech\DownloadManager\System\AgentMonitor.exe
FirewallRules: [{EB1717CF-76F7-42D0-9DC7-120E9A03A28D}] => (Allow) E:\STEAM GAMES\SteamApps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{D499C005-B9ED-4292-A84B-CCB611A7DF8E}] => (Allow) E:\STEAM GAMES\SteamApps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{157F83A7-AA37-4213-B1E2-55DDD7FC8E01}] => (Allow) G:\GAMES\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2794423D-4DE3-48E1-A336-0751C3A70EE8}] => (Allow) G:\GAMES\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{6713182E-3829-493F-911B-430C9142A079}G:\games\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe] => (Allow) G:\games\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe
FirewallRules: [UDP Query User{93C4FB1B-388D-444A-9F7E-65E58FAF563C}G:\games\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe] => (Allow) G:\games\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe
FirewallRules: [{02804247-6D60-4DD4-9245-40E93EADD60F}] => (Block) G:\games\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe
FirewallRules: [{E4E45934-4172-4B3E-887E-0423F9262259}] => (Block) G:\games\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe
FirewallRules: [{C8BBE54A-C10F-4259-AA49-890DC535062F}] => (Allow) E:\Origin Spiele\SimCity\SimCity\SimCity.exe
FirewallRules: [{F3E7E183-8A7B-4B62-A669-EE9677F12E05}] => (Allow) E:\Origin Spiele\SimCity\SimCity\SimCity.exe
FirewallRules: [{B032E1F6-9C50-4FC1-860C-F8052A44ADFD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0038F24F-6388-4720-AEF3-E9EE6FB8D455}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{73BEBA49-DB73-477A-B0D5-CA0F27364DDF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A2A7DB1D-D762-465F-9FDC-76CD74628DBC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{3DD750CF-8954-4130-BE61-5F59B0945CAB}] => (Allow) E:\Origin Spiele\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{1C84F5A1-FF5A-4693-9BAA-D282AEC77CE1}] => (Allow) E:\Origin Spiele\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{1E9C6C22-526E-4051-AC1A-09C3294D46B4}] => (Allow) E:\Origin Spiele\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{94085C37-76C4-48D8-8BEB-33CD07094E33}] => (Allow) E:\Origin Spiele\Battlefield 4\BF4WebHelper.exe
FirewallRules: [TCP Query User{A4357C21-47A6-435A-9B2D-EDF91DA34842}E:\origin spiele\battlefield 4\bf4.exe] => (Allow) E:\origin spiele\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{A6D98CFE-B9EC-45D3-9D6B-09E2E91788F2}E:\origin spiele\battlefield 4\bf4.exe] => (Allow) E:\origin spiele\battlefield 4\bf4.exe
FirewallRules: [{28E135A7-BF31-420A-BE30-A3BDC7CCD8BC}] => (Block) E:\origin spiele\battlefield 4\bf4.exe
FirewallRules: [{8A5146BD-4430-459C-B54B-B50BDE4B72E5}] => (Block) E:\origin spiele\battlefield 4\bf4.exe
FirewallRules: [{5EFD41A9-6CA9-412C-9F8E-2B655E362D97}] => (Allow) E:\Programme\SiSoftware Sandra Lite 2015.SP2b\RpcAgentSrv.exe
FirewallRules: [{D270705D-94A4-4019-A5C5-3C5E5DD92753}] => (Allow) E:\Programme\SiSoftware Sandra Lite 2015.SP2b\WNt600x64\RpcSandraSrv.exe
FirewallRules: [{33B89147-AF5A-44BF-86E1-5E04CD8B642E}] => (Allow) G:\GAMES\SteamApps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{1FE4459A-19C4-4639-9510-EBF7E590EF08}] => (Allow) G:\GAMES\SteamApps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{D58D67FD-46AF-477D-BA2C-4BE69A3DD8A8}] => (Allow) G:\GAMES\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{0FCBC00F-3737-4C1F-8BDA-2DECA6F7FCB2}] => (Allow) G:\GAMES\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{0BCE6888-FB4E-4A52-B377-C4750B8EB6A3}] => (Allow) E:\Origin Spiele\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{B8BBA82C-C8C0-4D82-B0B5-93090AE1D7A3}] => (Allow) E:\Origin Spiele\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{8F904627-E678-43B5-84D5-303E3738AF54}] => (Allow) E:\Origin Spiele\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{C7331155-86D3-4EF0-B339-F480A21D5C67}] => (Allow) E:\Origin Spiele\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [TCP Query User{A75ABEFA-A860-424A-9363-B7FEA54E1087}E:\origin spiele\fifa 16\fifa16.exe] => (Allow) E:\origin spiele\fifa 16\fifa16.exe
FirewallRules: [UDP Query User{5503557A-507B-4C15-B570-00B712765B87}E:\origin spiele\fifa 16\fifa16.exe] => (Allow) E:\origin spiele\fifa 16\fifa16.exe
FirewallRules: [{1704052B-C309-48DA-9CC1-2A029D3333A8}] => (Block) E:\origin spiele\fifa 16\fifa16.exe
FirewallRules: [{6CB02185-D6AC-48A9-BF2C-58EE81438227}] => (Block) E:\origin spiele\fifa 16\fifa16.exe
FirewallRules: [{8495D77E-D725-4B79-94AD-95D947A7932D}] => (Allow) LPort=49208
FirewallRules: [{8FEA6859-E0B6-4CBC-A1A8-90EE5339FAE8}] => (Allow) LPort=5000
StandardProfile\AuthorizedApplications: [E:\Programme\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [E:\Programme\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [E:\Programme\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [E:\Programme\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/25/2015 08:20:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/25/2015 08:03:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: jucheck.exe, Version: 2.8.60.27, Zeitstempel: 0x55c116b1
Name des fehlerhaften Moduls: jucheck.exe, Version: 2.8.60.27, Zeitstempel: 0x55c116b1
Ausnahmecode: 0x40000015
Fehleroffset: 0x00052d24
ID des fehlerhaften Prozesses: 0x265c
Startzeit der fehlerhaften Anwendung: 0xjucheck.exe0
Pfad der fehlerhaften Anwendung: jucheck.exe1
Pfad des fehlerhaften Moduls: jucheck.exe2
Berichtskennung: jucheck.exe3
Error: (09/25/2015 07:57:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/25/2015 01:07:26 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (09/25/2015 07:58:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/25/2015 07:49:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/24/2015 06:32:27 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108
Error: (09/24/2015 05:34:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Origin.exe, Version 9.8.3.59237 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 23b8
Startzeit: 01d0f6963da0847f
Endzeit: 8
Anwendungspfad: G:\Gamez!\Origin\Origin.exe
Berichts-ID: c9213c4b-62d1-11e5-87ea-406186c7db28
Error: (09/24/2015 05:22:52 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (09/24/2015 07:44:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Systemfehler:
=============
Error: (09/25/2015 08:24:50 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Software Protection" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (09/25/2015 08:22:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/25/2015 08:22:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/25/2015 08:22:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/25/2015 08:22:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/25/2015 08:22:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "RzSurroundVADStreamingService" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/25/2015 08:22:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Razer Game Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/25/2015 08:22:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/25/2015 08:22:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/25/2015 08:22:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2015-09-25 07:56:23.570
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-09-25 07:56:23.537
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-25 10:06:54.681
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\nunuc\AppData\Local\Temp\pavu99sh3g" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-25 10:06:54.658
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\nunuc\AppData\Local\Temp\pavu99sh3g" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-25 10:06:21.800
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\nunuc\AppData\Local\Temp\pavu99sh3g" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-25 10:06:21.777
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\nunuc\AppData\Local\Temp\pavu99sh3g" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-25 10:04:01.374
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\nunuc\AppData\Local\Temp\pavu99sh3g" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-25 10:04:01.349
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\nunuc\AppData\Local\Temp\pavu99sh3g" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-25 10:02:55.583
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\nunuc\AppData\Local\Temp\pavu99sh3g" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-25 10:02:55.558
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\nunuc\AppData\Local\Temp\pavu99sh3g" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7 CPU 860 @ 2.80GHz
Prozentuale Nutzung des RAM: 17%
Installierter physikalischer RAM: 12279.11 MB
Verfügbarer physikalischer RAM: 10076.77 MB
Summe virtueller Speicher: 24556.43 MB
Verfügbarer virtueller Speicher: 22188.36 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:111.69 GB) (Free:27.32 GB) NTFS
Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive e: () (Fixed) (Total:488.28 GB) (Free:45.23 GB) NTFS
Drive f: () (Fixed) (Total:244.14 GB) (Free:244.04 GB) NTFS
Drive g: () (Fixed) (Total:518.26 GB) (Free:32.61 GB) NTFS
Drive i: () (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive j: (32 Bit Windows) (Fixed) (Total:146.48 GB) (Free:146.35 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: E1D5A341)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1397.3 GB) (Disk ID: 11E3F74A)
Partition 1: (Not Active) - (Size=878.9 GB) - (Type=42)
Partition 2: (Active) - (Size=100 MB) - (Type=42)
Partition 3: (Not Active) - (Size=518.3 GB) - (Type=42)
==================== Ende von Addition.txt ============================
|
|
26.09.2015, 19:30
| #8 |
| /// the machine /// TB-Ausbilder | Telekom Mail versendet Spam - Delivery Status Notification erhaltenESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
28.09.2015, 11:15
| #9 |
| | Telekom Mail versendet Spam - Delivery Status Notification erhalten Mail Name und Antwortadresse wurden bisher nicht mehr verändert. Spm Mail ging am Sonntag Morgen anscheind erneut raus, habe zumindest eine auf meine eigene Adresse bei web.de erhalten.Vielleicht kam die aber auch verzögert an das kann ich nicht genau beantworten. Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=5723229968646542902ad7913b79fde8
# end=init
# utc_time=2015-09-28 06:26:09
# local_time=2015-09-28 08:26:09 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 25970
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=5723229968646542902ad7913b79fde8
# end=updated
# utc_time=2015-09-28 06:29:09
# local_time=2015-09-28 08:29:09 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=5723229968646542902ad7913b79fde8
# engine=25970
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-09-28 10:00:52
# local_time=2015-09-28 12:00:52 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 85 28901971 195064302 0 0
# scanned=884053
# found=1
# cleaned=0
# scan_time=12703
sh=B6EFA8979F642ED5DBFB2E49FA26A819C870D9D5 ft=1 fh=32ad7efb20089ce7 vn="Variante von Win32/InstallCore.ADB evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WSE_Vosteran\uninstall.exe.vir"
Code:
ATTFilter Results of screen317's Security Check version 1.008
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Avira Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
Java 8 Update 60
Adobe Flash Player 19.0.0.185
Adobe Reader XI
Mozilla Firefox 38.0.5 Firefox out of Date!
Mozilla Thunderbird (38.2.0)
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
Avira Antivirus sched.exe
Avira Antivirus avshadow.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015
durchgeführt von nunuc (Administrator) auf NUNUC-PC (28-09-2015 12:10:30)
Gestartet von C:\Users\nunuc\Desktop
Geladene Profile: nunuc (Verfügbare Profile: nunuc)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
() C:\Program Files (x86)\Lexware\AAVUpdateManager\aavus.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Akamai Technologies, Inc.) C:\Users\nunuc\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\nunuc\AppData\Local\Akamai\netsession_win.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(hxxp://tortoisesvn.net) E:\Programme\bin\TSVNCache.exe
(Razer Inc) C:\Program Files (x86)\Razer\Razer_Kraken_Driver\Drivers\SysAudio\KrakenHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dinotify.exe
(Microsoft Corporation) C:\Windows\System32\drvinst.exe
(Microsoft Corporation) C:\Windows\System32\drvinst.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-03-12] (Logitech Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2015-05-25] (Realtek Semiconductor)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [593216 2015-08-11] (Razer Inc.)
HKLM-x32\...\Run: [KrakenLauncher] => C:\Program Files (x86)\Razer\Razer_Kraken_Driver\Drivers\SysAudio\KrakenHelper.exe [1599808 2015-02-03] (Razer Inc)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66936 2015-08-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782520 2015-09-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [896632 2015-07-22] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2403208828-1726898586-2912756724-1000\...\Run: [Akamai NetSession Interface] => C:\Users\nunuc\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2403208828-1726898586-2912756724-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKU\S-1-5-21-2403208828-1726898586-2912756724-1000\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 07 C:\Windows\SysWOW64\PrxerNsp.dll [56424 2014-10-27] ()
Winsock: Catalog5-x64 07 C:\Windows\system32\PrxerNsp.dll [57448 2014-10-27] ()
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{2E30CE6D-2814-45C8-9ECF-03DA74E40094}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{944EE6F6-5E54-4262-A1C0-FDEBC3062000}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2403208828-1726898586-2912756724-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-31] (Oracle Corporation)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-31] (Oracle Corporation)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\nunuc\AppData\Roaming\Mozilla\Firefox\Profiles\8ga7h27d.default-1422721195637
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-21] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2014-11-26] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-21] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-31] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2014-11-26] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-2403208828-1726898586-2912756724-1000: @hola.org/vlc,version=1.8.103 -> C:\Users\nunuc\AppData\Local\Hola\firefox\app\vlc Keine Datei
FF Extension: flash service plus - C:\Users\nunuc\AppData\Roaming\Mozilla\Firefox\Profiles\8ga7h27d.default-1422721195637\Extensions\{bc3bf693-8105-4984-aceb-f016e61280b7}.xpi [2015-06-27]
FF Extension: Adblock Plus - C:\Users\nunuc\AppData\Roaming\Mozilla\Firefox\Profiles\8ga7h27d.default-1422721195637\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-04-15]
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2015-06-03]
FF HKU\S-1-5-21-2403208828-1726898586-2912756724-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\nunuc\AppData\Roaming\Mozilla\Firefox\Profiles\po6pma7g.default\extensions\cliqz@cliqz.com
Chrome:
=======
CHR dev: Chrome dev build erkannt! <======= ACHTUNG
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
StartMenuInternet: (HKLM) OperaStable - E:\Programme\Launcher.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AAV UpdateService; C:\Program Files (x86)\Lexware\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [932912 2015-09-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-09-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-09-25] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1148688 2015-09-25] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [228104 2015-08-13] (Avira Operations GmbH & Co. KG)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (BlueStack Systems, Inc.)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3755976 2015-07-01] (devolo AG)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [175136 2014-09-30] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3493744 2015-01-13] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
S3 Origin Client Service; G:\Gamez!\Origin\OriginClientService.exe [2057736 2015-09-02] (Electronic Arts)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-09-13] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-09-12] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-06-23] ()
R2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4254720 2015-07-29] (A-Volute) [Datei ist nicht signiert]
S3 SandraAgentSrv; E:\Programme\SiSoftware Sandra Lite 2015.SP2b\RpcAgentSrv.exe [73200 2015-07-06] (SiSoftware) [Datei ist nicht signiert]
S3 SDScannerService; E:\Programme\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S3 SDUpdateService; E:\Programme\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S2 SkypeUpdate; E:\Programme\Updater\Updater.exe [327296 2015-07-09] (Skype Technologies)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [65248 2015-04-23] (Advanced Micro Devices, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-09-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-07-15] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [74952 2015-09-25] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (BlueStack Systems)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-05-25] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R3 JmUsbCcgp; C:\Windows\System32\DRIVERS\jmccgp.sys [17136 2009-07-29] (JMicron Technology Corp.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2015-07-01] (CACE Technologies)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129472 2015-06-27] (Razer, Inc.)
R3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [40640 2015-07-29] (Windows (R) Win 7 DDK provider)
S3 SANDRA; E:\Programme\SiSoftware Sandra Lite 2015.SP2b\WNt600x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2015-05-25] (Synaptics Incorporated)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 CFCOGJUTSSHKETKV; \??\C:\Windows\TEMP\CFCOGJUTSSHKETKV [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 TIYIXIYEHUDMXJJ; \??\C:\Windows\TEMP\TIYIXIYEHUDMXJJ [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-28 12:10 - 2015-09-28 12:10 - 00022646 _____ C:\Users\nunuc\Desktop\FRST.txt
2015-09-28 12:10 - 2015-09-28 12:10 - 00000921 _____ C:\Users\nunuc\Desktop\checkup.txt
2015-09-28 08:25 - 2015-09-28 08:25 - 00852704 _____ C:\Users\nunuc\Desktop\SecurityCheck.exe
2015-09-28 08:25 - 2015-09-28 08:25 - 00000000 ____D C:\Program Files (x86)\ESET
2015-09-28 08:24 - 2015-09-28 08:24 - 02870984 _____ (ESET) C:\Users\nunuc\Desktop\esetsmartinstaller_deu.exe
2015-09-25 20:24 - 2015-09-25 20:24 - 00000709 _____ C:\Users\nunuc\Desktop\JRT.txt
2015-09-25 20:20 - 2015-09-25 20:20 - 00000872 _____ C:\Users\nunuc\Desktop\AdwCleaner[C3].txt
2015-09-25 20:17 - 2015-09-25 20:17 - 00001208 _____ C:\Users\nunuc\Desktop\mbam.txt
2015-09-25 20:16 - 2015-09-25 20:16 - 00001208 _____ C:\mbam.txt
2015-09-25 20:05 - 2015-09-25 20:05 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-09-25 20:04 - 2015-09-25 20:04 - 01798976 _____ (Malwarebytes) C:\Users\nunuc\Desktop\JRT.exe
2015-09-25 20:03 - 2015-09-25 20:04 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\nunuc\Desktop\mbam-setup-2.1.8.1057.exe
2015-09-25 20:03 - 2015-09-25 20:04 - 01662976 _____ C:\Users\nunuc\Desktop\AdwCleaner_5.008.exe
2015-09-25 08:04 - 2015-09-25 08:04 - 00038390 _____ C:\ComboFix.txt
2015-09-25 07:51 - 2015-09-25 08:04 - 00000000 ____D C:\Qoobox
2015-09-25 07:51 - 2015-09-25 08:03 - 00000000 ____D C:\Windows\erdnt
2015-09-25 07:51 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-09-25 07:51 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-09-25 07:51 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-09-25 07:51 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-09-25 07:51 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-09-25 07:51 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-09-25 07:51 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-09-25 07:51 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-09-24 09:06 - 2015-09-24 09:16 - 00000000 ____D C:\Users\nunuc\Documents\FIFA 16
2015-09-24 08:29 - 2015-09-28 12:10 - 00000000 ____D C:\FRST
2015-09-24 08:06 - 2015-09-24 08:06 - 02192384 _____ (Farbar) C:\Users\nunuc\Desktop\FRST64.exe
2015-09-23 18:50 - 2015-09-23 18:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Westwood Online
2015-09-23 18:50 - 2015-09-23 18:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Command and Conquer Red Alert 2
2015-09-23 18:50 - 2015-09-23 18:50 - 00000000 ____D C:\Program Files (x86)\WestwoodOnline
2015-09-23 15:53 - 2015-09-23 15:53 - 00249946 _____ C:\Users\nunuc\Desktop\bookmarks23092015.html
2015-09-23 15:53 - 2015-09-23 15:53 - 00100269 _____ C:\Users\nunuc\Desktop\bookmarks-2015-09-23.json
2015-09-23 15:47 - 2015-09-23 15:50 - 00000000 ____D C:\Users\nunuc\Desktop\Neuer PC
2015-09-23 13:01 - 2015-09-23 13:01 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2015-09-23 08:34 - 2015-09-25 20:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-09-23 08:34 - 2015-09-25 20:05 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-09-23 08:34 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-09-23 08:34 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-09-23 08:34 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-09-23 08:23 - 2015-09-23 08:34 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-23 08:22 - 2015-09-25 20:17 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-23 08:22 - 2015-09-24 10:05 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-09-23 08:05 - 2015-09-23 08:05 - 00000000 ____D C:\Users\nunuc\AppData\Roaming\QuickScan
2015-09-22 22:00 - 2015-09-22 22:00 - 00000669 _____ C:\Users\Public\Desktop\FIFA 16.lnk
2015-09-22 22:00 - 2015-09-22 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 16
2015-09-21 08:26 - 2015-09-21 08:26 - 00000000 ____D C:\Users\nunuc\Desktop\trophy
2015-09-20 10:45 - 2015-09-20 10:45 - 00000000 ____D C:\Program Files\Common Files\AV
2015-09-14 10:42 - 2015-07-04 11:29 - 14548992 _____ C:\Users\nunuc\AppData\Roaming\Sandra.mdb
2015-09-14 10:41 - 2015-09-14 10:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware
2015-09-14 09:54 - 2015-09-14 09:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-14 09:54 - 2015-09-14 09:54 - 00000000 ____D C:\Program Files (x86)\Skype
2015-09-13 17:25 - 2015-09-25 07:57 - 00002722 _____ C:\Windows\PFRO.log
2015-09-13 10:43 - 2015-09-13 10:43 - 00076152 _____ C:\Windows\system32\PnkBstrA.exe
2015-09-12 19:09 - 2015-09-12 19:09 - 00000000 ____D C:\Users\nunuc\AppData\Local\ESN
2015-09-12 18:58 - 2015-09-12 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4
2015-09-12 18:57 - 2015-09-23 18:50 - 00036946 _____ C:\Windows\DirectX.log
2015-09-11 18:16 - 2015-09-11 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
2015-09-11 18:16 - 2011-09-09 11:28 - 00007748 _____ C:\Windows\system32\athrextx.cat
2015-09-11 18:16 - 2011-04-11 17:35 - 01579520 _____ (Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys
2015-09-11 18:16 - 2011-04-11 17:35 - 01579520 _____ (Atheros Communications, Inc.) C:\Windows\system32\athrx.sys
2015-09-11 18:15 - 2015-09-11 18:16 - 00000000 ____D C:\temp
2015-09-10 17:14 - 2015-09-10 17:14 - 00000000 ____D C:\Users\nunuc\Documents\SimCity
2015-09-10 17:11 - 2015-09-10 17:11 - 00000776 _____ C:\Users\Public\Desktop\SimCity™.lnk
2015-09-10 17:11 - 2015-09-10 17:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™
2015-09-10 16:32 - 2015-09-10 16:32 - 00000000 ____D C:\ProgramData\PopCap Games
2015-09-10 16:32 - 2015-09-10 16:32 - 00000000 ____D C:\ProgramData\EA Core
2015-09-10 16:23 - 2015-09-10 16:23 - 00000000 ____D C:\Users\nunuc\AppData\Local\Ubisoft
2015-09-04 21:45 - 2015-09-14 10:43 - 00000000 ____D C:\Users\nunuc\AppData\Roaming\NVIDIA
2015-09-03 16:06 - 2015-09-03 16:09 - 00007564 _____ C:\Windows\DPINST.LOG
2015-09-03 16:06 - 2015-09-03 16:06 - 00000000 ____D C:\Program Files\DIFX
2015-09-03 16:06 - 2015-07-15 17:20 - 00195912 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-09-03 16:06 - 2015-07-15 17:20 - 00031552 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-09-03 16:06 - 2015-04-23 21:19 - 00065248 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdkmpfd.sys
2015-09-03 16:06 - 2010-09-07 04:37 - 00121432 _____ (JMicron Technology Corp.) C:\Windows\system32\Drivers\jraid.sys
2015-09-03 16:06 - 2009-07-29 20:26 - 00614000 _____ (JMicron Technology Corp.) C:\Windows\system32\jmccgpInst.dll
2015-09-03 16:06 - 2009-07-29 20:26 - 00017136 _____ (JMicron Technology Corp.) C:\Windows\system32\Drivers\jmccgp.sys
2015-09-03 16:03 - 2015-09-03 16:04 - 00000000 ____D C:\ProgramData\BSD
2015-09-03 06:53 - 2015-09-28 08:17 - 00005143 _____ C:\Windows\setupact.log
2015-09-03 06:53 - 2015-09-03 06:53 - 00000000 _____ C:\Windows\setuperr.log
2015-09-02 17:25 - 2015-09-02 17:25 - 00002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-09-02 17:25 - 2015-09-02 17:25 - 00000000 ____D C:\Program Files\CCleaner
2015-09-02 14:16 - 2015-08-11 06:52 - 00069416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-09-02 14:16 - 2015-08-11 06:52 - 00050472 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-08-31 13:55 - 2015-08-31 13:55 - 00000000 ____D C:\Users\nunuc\AppData\Roaming\Sun
2015-08-31 13:55 - 2015-08-31 13:55 - 00000000 ____D C:\Users\nunuc\.oracle_jre_usage
2015-08-31 13:32 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\dG5XucIXHTsYgekuS.exe
2015-08-31 13:32 - 2014-11-01 01:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\ECHOUoP39ABAwawqOw2K.exe
2015-08-31 13:04 - 2015-08-31 13:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-28 12:10 - 2015-08-23 16:39 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-28 12:08 - 2014-10-27 17:53 - 01069390 _____ C:\Windows\WindowsUpdate.log
2015-09-28 08:33 - 2009-07-14 06:45 - 00035328 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-28 08:33 - 2009-07-14 06:45 - 00035328 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-28 08:23 - 2014-10-28 02:44 - 00700470 _____ C:\Windows\system32\perfh007.dat
2015-09-28 08:23 - 2014-10-28 02:44 - 00150108 _____ C:\Windows\system32\perfc007.dat
2015-09-28 08:23 - 2009-07-14 07:13 - 01624106 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-28 08:18 - 2014-10-27 21:56 - 00000000 ____D C:\Users\nunuc\AppData\Local\TSVNCache
2015-09-28 08:17 - 2014-10-27 18:11 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-28 08:17 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-25 20:19 - 2015-05-08 11:15 - 00000000 ____D C:\AdwCleaner
2015-09-25 19:41 - 2014-10-27 18:31 - 00000000 ____D C:\Users\nunuc\AppData\Local\Battle.net
2015-09-25 10:53 - 2014-10-27 21:18 - 00000000 ____D C:\ProgramData\Origin
2015-09-25 08:04 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-09-25 08:02 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-09-25 01:56 - 2015-08-16 10:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-09-25 01:55 - 2015-08-16 10:22 - 00163544 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-09-25 01:55 - 2015-08-16 10:22 - 00074952 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-09-24 10:44 - 2014-11-02 19:08 - 00000000 ____D C:\Users\nunuc\AppData\Roaming\vlc
2015-09-23 18:50 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-09-23 08:51 - 2015-05-25 13:51 - 00000000 ____D C:\Users\nunuc\AppData\Roaming\IObit
2015-09-22 22:00 - 2014-10-27 18:15 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-22 18:30 - 2015-06-13 12:04 - 00000000 ____D C:\Users\nunuc\AppData\Local\Akamai
2015-09-21 23:10 - 2015-08-23 16:39 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-09-21 23:10 - 2014-10-27 18:53 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-21 23:10 - 2014-10-27 18:53 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-17 14:22 - 2014-10-29 16:11 - 00003820 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1414591907
2015-09-17 06:54 - 2014-11-15 12:47 - 00000000 ____D C:\Users\nunuc\AppData\Roaming\Skype
2015-09-14 09:54 - 2014-11-15 12:47 - 00000000 ____D C:\ProgramData\Skype
2015-09-13 17:25 - 2014-11-29 23:29 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-09-13 10:43 - 2014-11-29 23:28 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-09-13 10:34 - 2014-11-29 23:28 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-09-12 18:58 - 2014-11-29 23:28 - 00076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-09-11 18:16 - 2014-10-27 17:55 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-09-11 18:14 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-09-11 18:11 - 2014-11-30 16:16 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-09-10 16:25 - 2015-07-17 19:04 - 00000000 ____D C:\Users\nunuc\AppData\Roaming\Awesomium
2015-09-10 16:24 - 2014-11-04 22:06 - 00000000 ____D C:\Users\nunuc\Documents\my games
2015-09-10 16:24 - 2014-10-27 21:28 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-09-10 08:48 - 2015-06-25 15:57 - 00000000 ____D C:\ProgramData\TEMP
2015-09-04 14:52 - 2015-01-02 22:39 - 00000000 ____D C:\Users\nunuc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-09-03 18:21 - 2015-06-25 20:16 - 00000000 ____D C:\Users\nunuc\Documents\Euro Truck Simulator 2
2015-09-03 16:04 - 2009-07-14 04:34 - 00000466 _____ C:\Windows\win.ini
2015-09-02 17:30 - 2014-11-02 18:21 - 00000000 ____D C:\Windows\Minidump
2015-09-02 17:30 - 2014-10-28 02:46 - 00000000 ____D C:\Windows\Panther
2015-09-02 14:16 - 2014-10-27 18:11 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-09-01 07:16 - 2014-10-27 21:24 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-09-01 07:16 - 2014-10-27 21:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-31 15:05 - 2014-10-27 21:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-31 13:56 - 2015-06-17 08:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-31 13:56 - 2015-06-17 08:29 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-31 13:56 - 2015-01-09 14:33 - 00000000 ____D C:\ProgramData\Oracle
2015-08-31 13:55 - 2015-06-17 08:30 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-08-31 13:55 - 2014-10-27 17:53 - 00000000 ____D C:\Users\nunuc
2015-08-31 13:04 - 2015-04-04 22:01 - 00000000 ____D C:\Program Files\iTunes
2015-08-31 13:03 - 2015-04-04 22:01 - 00000000 ____D C:\Program Files\iPod
2015-08-31 13:03 - 2015-04-04 22:01 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-08-31 13:03 - 2015-04-04 22:01 - 00000000 ____D C:\Program Files (x86)\iTunes
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-09-14 10:42 - 2015-07-04 11:29 - 14548992 _____ () C:\Users\nunuc\AppData\Roaming\Sandra.mdb
2015-08-17 23:12 - 2015-08-17 23:12 - 0000058 _____ () C:\Users\nunuc\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2015-04-14 23:14 - 2015-04-14 23:14 - 0011670 _____ () C:\Users\nunuc\AppData\Local\Temp-log.txt
2015-04-14 23:14 - 2015-04-14 23:14 - 0000000 _____ () C:\Users\nunuc\AppData\Local\Temp.dat
2014-10-27 21:22 - 2014-10-27 21:22 - 0012294 _____ () C:\ProgramData\mptmqteo.hmi
Einige Dateien in TEMP:
====================
C:\Users\nunuc\AppData\Local\Temp\0KrakenDevProps.dll
C:\Users\nunuc\AppData\Local\Temp\avgnt.exe
C:\Users\nunuc\AppData\Local\Temp\proxy_vole2582185970789966619.dll
C:\Users\nunuc\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
nointegritychecks: ==> "IntegrityChecks" ist deaktiviert. <===== ACHTUNG
LastRegBack: 2015-09-21 04:35
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:23-09-2015
durchgeführt von nunuc (2015-09-28 12:10:58)
Gestartet von C:\Users\nunuc\Desktop
Windows 7 Professional Service Pack 1 (X64) (2014-10-27 15:53:49)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2403208828-1726898586-2912756724-500 - Administrator - Disabled)
Gast (S-1-5-21-2403208828-1726898586-2912756724-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2403208828-1726898586-2912756724-1002 - Limited - Enabled)
nunuc (S-1-5-21-2403208828-1726898586-2912756724-1000 - Administrator - Enabled) => C:\Users\nunuc
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-2403208828-1726898586-2912756724-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version: - Studio Wildcard)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.202 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Launcher (HKLM-x32\...\{315dd168-0794-4cf1-8355-f195cde642fc}) (Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.5.2.34169 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
BlueStacks Notification Center (HKLM-x32\...\{C1F53C9F-C560-4292-9237-12786FE6BF62}) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - Treyarch)
Canon MX370 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX370_series) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.5.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
CHIP Updater (HKLM-x32\...\CHIP Updater_is1) (Version: 2.39 - Abelssoft)
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.1.0 - devolo AG)
Dying Light (HKLM-x32\...\Steam App 239140) (Version: - Techland)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.0.3.0 - Electronic Arts)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
H1Z1 (HKLM-x32\...\Steam App 295110) (Version: - Sony Online Entertainment)
How to Survive (HKLM-x32\...\Steam App 250400) (Version: - )
ICQ 8.2 (build 7138) (HKU\S-1-5-21-2403208828-1726898586-2912756724-1000\...\ICQ) (Version: 8.2.7138.0 - ICQ)
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.59.0 - JMicron Technology Corp.)
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.183 - Logitech Inc.)
MagNets (HKLM-x32\...\Steam App 343020) (Version: - Total Monkery)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mortal Kombat X (HKLM-x32\...\Steam App 307780) (Version: - NetherRealm Studios)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.2.0 - Mozilla)
Mozilla Thunderbird 38.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.2.0 (x86 de)) (Version: 38.2.0 - Mozilla)
My Game Long Name (HKLM\...\UDK-41bc4b7c-2764-48ed-9c45-50a4bfd13797) (Version: - Epic Games, Inc.)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version: - )
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.60 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.60 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 32.0.1948.25 (HKLM-x32\...\Opera 32.0.1948.25) (Version: 32.0.1948.25 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.5.2.2829 - Electronic Arts, Inc.)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH)
PDF Architect 2 View Module (HKLM-x32\...\{D691E998-CF53-4F6C-AC20-E4284660E0E7}) (Version: 2.1.6.19758 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
Proxifier version 3.21 (HKLM-x32\...\Proxifier_is1) (Version: 3.21 - Initex)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
PVZ Garden Warfare (HKLM-x32\...\{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}) (Version: 1.0.3.0 - Electronic Arts)
Ravensburger tiptoi (HKLM-x32\...\Ravensburger tiptoi) (Version: - )
Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.18 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.27405 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.1 - Rockstar Games)
Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)
Screenshot Captor 4.12.0 (HKLM-x32\...\ScreenshotCaptor_is1) (Version: - )
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
SimCity 2000 Special Edition (HKLM-x32\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
SiSoftware Sandra Lite 2015.SP2b (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2496}_is1) (Version: 21.42.2015.7 - SiSoftware)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Star Wars - Battlefront II (HKLM-x32\...\Steam App 6060) (Version: - Pandemic Studios)
Star Wars - Jedi Knight II: Jedi Outcast (HKLM-x32\...\Steam App 6030) (Version: - Raven Software)
Star Wars Jedi Knight: Dark Forces II (HKLM-x32\...\Steam App 32380) (Version: - LucasArts)
Star Wars Jedi Knight: Jedi Academy (HKLM-x32\...\Steam App 6020) (Version: - Raven Software)
Star Wars Republic Commando (HKLM-x32\...\Steam App 6000) (Version: - LucasArts)
Star Wars Starfighter (HKLM-x32\...\Steam App 32350) (Version: - LucasArts)
Star Wars: Dark Forces (HKLM-x32\...\Steam App 32400) (Version: - LucasArts)
Star Wars: Empire at War Gold (HKLM-x32\...\Steam App 32470) (Version: - Petroglyph)
Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version: - BioWare)
Star Wars: Knights of the Old Republic II (HKLM-x32\...\Steam App 208580) (Version: - Obsidian Entertainment)
Star Wars: The Force Unleashed II (HKLM-x32\...\Steam App 32500) (Version: - Aspyr Studios)
Star Wars: The Force Unleashed Ultimate Sith Edition (HKLM-x32\...\Steam App 32430) (Version: - LucasArts)
Syndicate (HKLM-x32\...\{64CFBAAB-46F7-4628-8D9B-E656A8C11CDB}) (Version: 2.0.0.3 - Electronic Arts)
System Requirements Lab (HKLM-x32\...\{0F659036-14C7-4622-9505-35A0DC93526A}) (Version: 6.1.3.0 - Husdawg, LLC)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TAXMAN 2015 (HKLM-x32\...\{5613CAD3-71ED-4207-95A0-1BA0BF465E38}) (Version: 20.31.151 - Haufe-Lexware GmbH & Co.KG)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Theme Hospital (HKLM-x32\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.2 - Electronic Arts)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts)
TL-WN881ND Driver (HKLM-x32\...\{B512F025-E992-44D0-B1F4-D6E1D3339C80}) (Version: 1.0.0 - TP-LINK)
TortoiseSVN 1.8.8.25755 (64 bit) (HKLM\...\{7DAA9D5A-ED99-40D2-AA9D-386722FE105A}) (Version: 1.8.25755 - TortoiseSVN)
TOXIKK (HKLM-x32\...\Steam App 324810) (Version: - Reakktor Studios)
Unreal Tournament 3: Black Edition (HKLM-x32\...\Steam App 13210) (Version: - Epic Games, Inc.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VTech Download Agent Library (x32 Version: 1.00.0000 - VTech) Hidden
VTech Download Manager (HKLM-x32\...\VTechDownloadManager) (Version: - VTech)
War Thunder Launcher 1.0.1.502 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
WebMoney Agent (HKLM-x32\...\WebMoney Agent) (Version: 3.5 - Softomate)
WebMoney Keeper WinPro 3.9.9.5 (HKLM-x32\...\{6D9A7CEE-054A-437D-99EF-DD7C77E001FD}) (Version: 3.9.9.5 - WM Transfer Ltd.)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - AMD (amdkmpfd) System (02/12/2015 15.20.0.0000) (HKLM\...\708AE871DE4DE98C022B914117B48025341D07B8) (Version: 02/12/2015 15.20.0.0000 - AMD)
Windows Driver Package - JMicron (usbccgp) USB (07/28/2009 1.0.4.2) (HKLM\...\D3AAF0E65D8B1D5934711D3312BF76371DB14E42) (Version: 07/28/2009 1.0.4.2 - JMicron)
Windows Driver Package - JMicron Technology Corp. (JRAID) SCSIAdapter (08/10/2010 1.17.58.2) (HKLM\...\71DF76D3EFF8F1319B88DD518F44AF13B27C3193) (Version: 08/10/2010 1.17.58.2 - JMicron Technology Corp.)
Windows Driver Package - JMicron Technology Corp. (JRAID) SCSIAdapter (09/07/2010 1.17.59.0) (HKLM\...\D5496DF7336192E7F4E7313CE7DC86830DFBD406) (Version: 09/07/2010 1.17.59.0 - JMicron Technology Corp.)
Windows Driver Package - KYE System Corp. (ioFakMap) HIDClass (09/09/2013 6.3.0.1) (HKLM\...\2D411C1C731F85B0AE8A713F3C27A67932A89369) (Version: 09/09/2013 6.3.0.1 - KYE System Corp.)
Windows Driver Package - NVIDIA Corporation (NVHDA) MEDIA (07/08/2015 1.3.34.3) (HKLM\...\A829BD9C3C124B61C7EC97D586DC44BCDD2BA3DD) (Version: 07/08/2015 1.3.34.3 - NVIDIA Corporation)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-2403208828-1726898586-2912756724-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
World of Warships (HKU\S-1-5-21-2403208828-1726898586-2912756724-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
22-09-2015 21:59:57 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
23-09-2015 08:50:46 JRT Pre-Junkware Removal
23-09-2015 18:49:58 DirectX wurde installiert
25-09-2015 07:51:36 ComboFix created restore point
25-09-2015 20:22:23 JRT Pre-Junkware Removal
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2015-09-25 07:56 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {49E09468-55F4-46BE-A4EB-96929BCCCE5F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-21] (Adobe Systems Incorporated)
Task: {5A242E98-D91D-48C4-ACF5-245D8FA5E879} - System32\Tasks\Opera scheduled Autoupdate 1414591907 => E:\Programme\launcher.exe [2015-09-11] (Opera Software)
Task: {C631B07E-2EAE-4416-AEA0-8176F6DB5E63} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {FCA4F240-2A6C-4CCD-9C49-9E91D3711BDA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-19] (Piriform Ltd)
Task: {FEC32660-94CA-4022-9E27-EE51388CAB1D} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-10-27 22:03 - 2012-11-22 19:57 - 00057448 _____ () C:\Windows\system32\PrxerNsp.dll
2014-10-27 18:11 - 2015-08-07 06:34 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2008-10-24 17:35 - 2008-10-24 17:35 - 00128296 _____ () C:\Program Files (x86)\Lexware\AAVUpdateManager\aavus.exe
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-09-13 10:43 - 2015-09-13 10:43 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2015-06-23 21:11 - 2015-06-23 21:11 - 00187048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-08-10 17:10 - 2014-08-10 17:10 - 00076032 _____ () E:\Programme\bin\TortoiseStub.dll
2014-08-10 17:10 - 2014-08-10 17:10 - 00088832 _____ () E:\Programme\bin\libsasl.dll
2014-09-18 09:23 - 2014-09-18 09:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-03-12 20:23 - 2015-03-12 20:23 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 09:23 - 2014-09-18 09:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-03-12 20:23 - 2015-03-12 20:23 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-04-13 23:05 - 2015-08-27 02:37 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-09-25 19:57 - 2015-09-28 08:18 - 00619840 _____ () C:\Users\nunuc\AppData\Local\Temp\0KrakenDevProps.dll
2015-09-05 03:42 - 2015-09-05 03:42 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2014-08-10 16:40 - 2014-08-10 16:40 - 00065792 _____ () E:\Programme\bin\TortoiseStub32.dll
2014-08-10 16:40 - 2014-08-10 16:40 - 00071936 _____ () E:\Programme\bin\libsasl32.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:41ADDB8A
AlternateDataStreams: C:\ProgramData\TEMP:A064CECC
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2403208828-1726898586-2912756724-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\nunuc\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TP-LINK Wireless Configuration Utility.lnk => C:\Windows\pss\TP-LINK Wireless Configuration Utility.lnk.CommonStartup
MSCONFIG\startupreg: AgentMonitor => E:\Programme\VTech\DownloadManager\System\AgentMonitor.exe
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: icq => C:\Users\nunuc\AppData\Roaming\ICQM\icq.exe -CU
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesPreload => E:\Programme\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => E:\Programme\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: SDTray => "E:\Programme\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: VirtualCloneDrive => "G:\Program Files (x86)\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: wmagent.exe => "C:\Program Files (x86)\WebMoney Agent\wmagent.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{469700EB-FCEA-44E8-B1D9-DB7333A6E809}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{10AA2F31-200F-4EA5-B1C1-4FCB9EC2FED0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{501A6E02-1E9D-4F62-942A-3D52A511F1DB}] => (Allow) C:\Users\nunuc\AppData\Roaming\ICQM\icq.exe
FirewallRules: [{4192EB03-6510-4B8F-9FAA-BA8B39CDC8EB}] => (Allow) C:\Users\nunuc\AppData\Roaming\ICQM\icq.exe
FirewallRules: [{E2C7E35D-DC95-4D68-B109-88C7B6C593C4}] => (Allow) G:\GAMES\Steam.exe
FirewallRules: [{68E14B5F-880D-4659-8557-0E3C434679BF}] => (Allow) G:\GAMES\Steam.exe
FirewallRules: [{62E50759-7BA4-4C37-92CD-93F5D083F12C}] => (Allow) G:\GAMES\bin\steamwebhelper.exe
FirewallRules: [{F4D852E5-FE40-4C27-84F4-DB8C881AF883}] => (Allow) G:\GAMES\bin\steamwebhelper.exe
FirewallRules: [{B622E890-FBB4-44B2-8B18-A83C28192185}] => (Allow) G:\GAMES\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{3EAA1700-C6A5-44DD-B265-217C484524C6}] => (Allow) G:\GAMES\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{BD1BAFE4-5001-44C7-848B-161408CFAF81}] => (Allow) G:\GAMES\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{6E9803AE-8FCB-4C55-A998-BB7772B57283}] => (Allow) G:\GAMES\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{31337C8C-D50E-4697-9A43-E30DCE285F96}] => (Allow) G:\GAMES\Battle.net\Battle.net.exe
FirewallRules: [{12FED024-5C4D-410F-9310-BAEA071A0D3F}] => (Allow) G:\GAMES\Battle.net\Battle.net.exe
FirewallRules: [{DD8C143B-1CE8-4E7E-B8AE-A22BDA624EE5}] => (Allow) G:\GAMES\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{185DFF5D-23AA-4020-BC79-EA17E368626E}] => (Allow) G:\GAMES\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{DE9A4150-5946-4311-8439-1E5D8F7CF345}] => (Allow) G:\GAMES\SteamApps\common\APB Reloaded\Launcher\APBLauncher.exe
FirewallRules: [{EFA3DA4E-F03F-4561-A9B9-7A227816C949}] => (Allow) G:\GAMES\SteamApps\common\APB Reloaded\Launcher\APBLauncher.exe
FirewallRules: [{04D43B8C-44D1-464F-B870-3D0DB1A648A2}] => (Allow) G:\GAMES\SteamApps\common\Dead Island Epidemic\Dead Island Epidemic - Launcher.exe
FirewallRules: [{EF5F55C3-5B24-4184-90E5-8F53BB431912}] => (Allow) G:\GAMES\SteamApps\common\Dead Island Epidemic\Dead Island Epidemic - Launcher.exe
FirewallRules: [{C87127B8-902C-439B-B264-39B923CBE670}] => (Allow) G:\GAMES\SteamApps\common\Nether\Launcher\Launcher.exe
FirewallRules: [{85DD0183-DEF4-401C-B315-6FBC5434B39C}] => (Allow) G:\GAMES\SteamApps\common\Nether\Launcher\Launcher.exe
FirewallRules: [{3F70B08C-CDAF-4387-AFDD-8D24B1ACA58E}] => (Allow) G:\GAMES\SteamApps\common\Aerena\game.exe
FirewallRules: [{B4AC20C3-4EFB-4490-8FDA-FA71963ABAC0}] => (Allow) G:\GAMES\SteamApps\common\Aerena\game.exe
FirewallRules: [{5048DA5F-61E1-420C-BCC3-F4D0F1933C40}] => (Allow) E:\STEAM GAMES\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{4FACEF2F-CF36-4B40-ACCE-DD666D73DF40}] => (Allow) E:\STEAM GAMES\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{86046C36-8AD2-4573-A274-A9CA72023006}] => (Allow) G:\GAMES\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{448D9C83-3BB0-4FC0-94E5-C244361F92AF}] => (Allow) G:\GAMES\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{FD9073B4-E3B6-4807-8684-0733F0BA42BE}] => (Allow) G:\GAMES\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{099AECC8-EDEA-44EA-B7A8-506B7E2D257C}] => (Allow) G:\GAMES\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6D7824D7-CBAA-4224-93B7-55C1FCF32218}] => (Allow) G:\GAMES\SteamApps\common\SourceFilmmaker\game\sfm.exe
FirewallRules: [{7C4BD3CA-02B8-4564-AF04-058D523239E9}] => (Allow) G:\GAMES\SteamApps\common\SourceFilmmaker\game\sfm.exe
FirewallRules: [{C5804147-9758-46B3-A8A5-69A493BB2F97}] => (Allow) G:\GAMES\SteamApps\common\SourceFilmmaker\game\bin\qsdklauncher.exe
FirewallRules: [{C44FB3C9-C931-4DE5-B01C-15EE7FC189DA}] => (Allow) G:\GAMES\SteamApps\common\SourceFilmmaker\game\bin\qsdklauncher.exe
FirewallRules: [TCP Query User{3C1B3A5B-E282-44F1-9615-6BFAB3B5B287}G:\gamez!\hearthstone\hearthstone.exe] => (Allow) G:\gamez!\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{FB1B26A3-415C-4612-B04E-9781B9C328C5}G:\gamez!\hearthstone\hearthstone.exe] => (Allow) G:\gamez!\hearthstone\hearthstone.exe
FirewallRules: [{3729900A-3D45-4146-B67E-73A33C27D8CB}] => (Allow) G:\GAMES\SteamApps\common\PinballArcade\PinballArcade.exe
FirewallRules: [{5D4012D4-8B5B-428C-B505-B4C53FBA6E20}] => (Allow) G:\GAMES\SteamApps\common\PinballArcade\PinballArcade.exe
FirewallRules: [{99E5633F-F4CE-48D3-A7E4-77E56B271707}] => (Allow) G:\GAMES\SteamApps\common\PinballArcade\PBAConfig.exe
FirewallRules: [{31B50993-FEBE-45B0-9AEF-E5551C5B3FBA}] => (Allow) G:\GAMES\SteamApps\common\PinballArcade\PBAConfig.exe
FirewallRules: [{DFC0A3C3-5436-4905-8C7E-5ABF0AB4E38C}] => (Allow) E:\Programme\Phone\Skype.exe
FirewallRules: [{236860E2-B4CE-41FD-8167-038B843C7DDF}] => (Allow) G:\GAMES\SteamApps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe
FirewallRules: [{D31C17B0-6E9E-4DA8-880E-25EFE65FB608}] => (Allow) G:\GAMES\SteamApps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe
FirewallRules: [{0081B00B-1285-4799-B469-B088996257A1}] => (Allow) G:\GAMES\SteamApps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
FirewallRules: [{C5E57D91-BD20-4B0C-B402-57A90BB80BB4}] => (Allow) G:\GAMES\SteamApps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
FirewallRules: [{E0EDF197-51E0-427B-92FD-A83AE0A87F4A}] => (Allow) G:\GAMES\SteamApps\common\SanctumTD\SuperSanctumTD.exe
FirewallRules: [{CF2A2B0C-A131-40A8-9418-29FBBA9038C2}] => (Allow) G:\GAMES\SteamApps\common\SanctumTD\SuperSanctumTD.exe
FirewallRules: [TCP Query User{B0706FC5-0E50-4D24-BE15-24DD06831EC9}E:\wot\wotlauncher.exe] => (Allow) E:\wot\wotlauncher.exe
FirewallRules: [UDP Query User{A3C2A3FD-9771-4BFA-AF48-E3BA77B4A7AF}E:\wot\wotlauncher.exe] => (Allow) E:\wot\wotlauncher.exe
FirewallRules: [TCP Query User{86FDB30A-04CE-4388-8346-DAAA17C4BD9B}E:\wot\worldoftanks.exe] => (Allow) E:\wot\worldoftanks.exe
FirewallRules: [UDP Query User{01E88954-3C24-4618-96A0-A209F64886F1}E:\wot\worldoftanks.exe] => (Allow) E:\wot\worldoftanks.exe
FirewallRules: [{BFF5E78F-F8C7-4A97-B545-9754DE0C58AA}] => (Allow) G:\GAMES\SteamApps\common\Quake Live\quakelive_steam.exe
FirewallRules: [{E4E7C9E0-B0B3-4FDE-9FDA-E6D10CF3EB6B}] => (Allow) G:\GAMES\SteamApps\common\Quake Live\quakelive_steam.exe
FirewallRules: [{CBE38E34-942E-48E4-B382-9FF77C584AB6}] => (Allow) E:\STEAM GAMES\SteamApps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{D623077D-8B43-4519-A6BC-897B69DB4AF1}] => (Allow) E:\STEAM GAMES\SteamApps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{726E3F0A-FC8A-4E9B-8C5E-1BC03FFBCCFE}] => (Allow) E:\STEAM GAMES\SteamApps\common\How to Survive\Detect.exe
FirewallRules: [{BA3B3D39-F638-4ACD-90BF-A85C56C522E4}] => (Allow) E:\STEAM GAMES\SteamApps\common\How to Survive\Detect.exe
FirewallRules: [{40D8898A-DDF7-4927-AAA0-CBF5661D27AB}] => (Allow) G:\GAMES\SteamApps\common\ShufflepuckCantinaDeluxe\ShufflepuckCantinaDeluxe.exe
FirewallRules: [{DB1C8B5B-F6E6-4A5E-8990-A205B9B07FC0}] => (Allow) G:\GAMES\SteamApps\common\ShufflepuckCantinaDeluxe\ShufflepuckCantinaDeluxe.exe
FirewallRules: [{EE32CE94-DAD5-47CA-A933-9FE4C82263E3}] => (Allow) E:\Origin Spiele\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{4DDFACB8-40D9-4B03-9CD4-D03987C03D9C}] => (Allow) E:\Origin Spiele\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{1C0489F7-6479-4BD2-B1F0-508601751686}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AFDAF23F-5253-4FA5-8C5A-46BD2ECC3644}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4116DFE5-7D19-41FC-BAE9-334351D6C174}] => (Allow) E:\STEAM GAMES\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{BB218CF7-D117-4566-9642-D162E0EC3B74}] => (Allow) E:\STEAM GAMES\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{1C18E3B0-AA2D-4D6C-9139-C25B504482ED}] => (Allow) E:\STEAM GAMES\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [{3B26F86F-E1CA-46FA-8B3E-75851534FDE6}] => (Allow) E:\STEAM GAMES\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [TCP Query User{9E597A75-C5FB-4FE7-89C1-436DEE332994}E:\steam games\steamapps\common\h1z1\h1z1.exe] => (Allow) E:\steam games\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{A28D56C4-0F9F-46E1-8069-F80C78C1D861}E:\steam games\steamapps\common\h1z1\h1z1.exe] => (Allow) E:\steam games\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{4D4E7B1A-FD22-4029-8794-A8C92ECF82D1}] => (Allow) E:\Origin Spiele\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{E9D376D3-0C70-4032-B6F9-4CC4ABD76054}] => (Allow) E:\Origin Spiele\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{0594F98F-BE7C-4D70-8D4C-C33D7CD8F6CF}] => (Allow) E:\STEAM GAMES\SteamApps\common\TOXIKK\Binaries\Win32\TOXIKK.exe
FirewallRules: [{E22AE42D-C595-44A2-BD20-FFECA2FD516D}] => (Allow) E:\STEAM GAMES\SteamApps\common\TOXIKK\Binaries\Win32\TOXIKK.exe
FirewallRules: [{EF88F882-A007-42AE-9E89-8916B47EFCFA}] => (Allow) G:\GAMES\SteamApps\common\IL 2 Sturmovik 1946\il2fb.exe
FirewallRules: [{0FE39CF8-3598-4461-8AC6-4BB8FFDDB862}] => (Allow) G:\GAMES\SteamApps\common\IL 2 Sturmovik 1946\il2fb.exe
FirewallRules: [{55549C5A-E7EC-4221-8986-C617B9CA510C}] => (Allow) E:\Programme\VTech\DownloadManager\System\AgentMonitor.exe
FirewallRules: [{3E1444A2-3E2A-4DCB-BB89-3EEABF53C965}] => (Allow) E:\Programme\VTech\DownloadManager\System\AgentMonitor.exe
FirewallRules: [{AA6EF5D8-7B49-4908-A7BD-C403DFCA36B6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4C8E8815-0343-4BB0-95E4-EB340E7F0FC1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E384EDE4-2B23-405D-976F-266E0843D52E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E6A08E7F-B1A7-41D5-915E-5F983B71A505}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C33555EF-2C96-4AFD-81AE-0C7E0B7273AF}] => (Allow) E:\STEAM GAMES\SteamApps\common\swkotor\swkotor.exe
FirewallRules: [{F9A2CB34-BB2B-45A2-869B-04393EE9655C}] => (Allow) E:\STEAM GAMES\SteamApps\common\swkotor\swkotor.exe
FirewallRules: [{BDD53416-092C-45D4-B3D0-C046FB284E9C}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars Republic Commando\GameData\System\SWRepublicCommando.exe
FirewallRules: [{896C8CDE-A2EB-43A0-A7E8-FE2F5B022A5F}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars Republic Commando\GameData\System\SWRepublicCommando.exe
FirewallRules: [{36698429-04AB-43D1-9ABB-B846E6C72413}] => (Allow) E:\STEAM GAMES\SteamApps\common\Jedi Academy\GameData\jasp.exe
FirewallRules: [{07450FE0-A06F-454F-8E72-34BFCC729B60}] => (Allow) E:\STEAM GAMES\SteamApps\common\Jedi Academy\GameData\jasp.exe
FirewallRules: [{64E8CBF2-3B5D-44A8-B811-18603DF94678}] => (Allow) E:\STEAM GAMES\SteamApps\common\Jedi Academy\GameData\jamp.exe
FirewallRules: [{97267A96-EB36-4C93-9655-17C9BFB8565D}] => (Allow) E:\STEAM GAMES\SteamApps\common\Jedi Academy\GameData\jamp.exe
FirewallRules: [{DC197DF6-94BB-461D-8DA2-87176184EB1E}] => (Allow) E:\STEAM GAMES\SteamApps\common\Jedi Outcast\GameData\jk2sp.exe
FirewallRules: [{D0734B75-D0B1-47DB-AC83-F642C4D8B6E2}] => (Allow) E:\STEAM GAMES\SteamApps\common\Jedi Outcast\GameData\jk2sp.exe
FirewallRules: [{8A926EB7-B9FF-4941-86CD-5E93F7CDAD73}] => (Allow) E:\STEAM GAMES\SteamApps\common\Jedi Outcast\GameData\jk2mp.exe
FirewallRules: [{6CE51235-3C2A-471C-B32C-AE201A66A1C8}] => (Allow) E:\STEAM GAMES\SteamApps\common\Jedi Outcast\GameData\jk2mp.exe
FirewallRules: [{68F5F57D-6FA1-4D51-8271-97B995AFEC39}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
FirewallRules: [{FF30B938-FDD2-468F-A702-A6B0EE1AF253}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
FirewallRules: [{82177C2F-BE3C-40B0-92E7-171FF6CB2719}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars Starfighter\Starfighter.exe
FirewallRules: [{D8560D93-28AB-43F5-96A0-41950511A3DF}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars Starfighter\Starfighter.exe
FirewallRules: [{E9A703F9-C97B-4F06-858C-3C27FCDB528F}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars Jedi Knight\JK.EXE
FirewallRules: [{17E78BEA-A303-41DF-A542-A16AEC94705E}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars Jedi Knight\JK.EXE
FirewallRules: [{EC34A1A5-5E2A-4568-8987-75E2B9199969}] => (Allow) E:\STEAM GAMES\SteamApps\common\Dark Forces\DosBox\dosbox.exe
FirewallRules: [{AE0E5C3C-2957-413D-9AD8-A9D02DD57C56}] => (Allow) E:\STEAM GAMES\SteamApps\common\Dark Forces\DosBox\dosbox.exe
FirewallRules: [{51197A25-6D2D-4DA3-BAA8-B3FD460D6C15}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars The Force Unleashed\SWTFU Launcher.exe
FirewallRules: [{73F0ACC2-F475-4893-87F6-D724E25F86E4}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars The Force Unleashed\SWTFU Launcher.exe
FirewallRules: [{CE19E947-1140-494E-AADD-ED03EFFF5068}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars Empire at War\runme.exe
FirewallRules: [{7371034F-C0B3-4631-BBE1-CEC88BA70DBB}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars Empire at War\runme.exe
FirewallRules: [{3B0A9B1D-8C21-4931-937A-4B57D8FAA069}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars Empire at War\runme2.exe
FirewallRules: [{692AFE0B-9306-46D7-9ADA-F0C4388CDD2A}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars Empire at War\runme2.exe
FirewallRules: [{9D7B0ED1-4D82-4EB1-B455-BC5E0E9C81B7}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars The Force Unleashed 2\SWTFU2.exe
FirewallRules: [{C3D63568-322B-4791-8E91-E4CEF2897C8F}] => (Allow) E:\STEAM GAMES\SteamApps\common\Star Wars The Force Unleashed 2\SWTFU2.exe
FirewallRules: [{DBE8E815-5978-4F38-93BF-BCCAEF04AB47}] => (Allow) E:\STEAM GAMES\SteamApps\common\Knights of the Old Republic II\swkotor2.exe
FirewallRules: [{012DF085-8B77-4569-90A7-246FAFA02227}] => (Allow) E:\STEAM GAMES\SteamApps\common\Knights of the Old Republic II\swkotor2.exe
FirewallRules: [TCP Query User{90F67090-8FB3-49EF-B508-8DE1388AF080}E:\steam games\steamapps\common\star wars empire at war\gamedata\sweaw.exe] => (Allow) E:\steam games\steamapps\common\star wars empire at war\gamedata\sweaw.exe
FirewallRules: [UDP Query User{3F4209B8-277E-479F-9C36-693D597450FC}E:\steam games\steamapps\common\star wars empire at war\gamedata\sweaw.exe] => (Allow) E:\steam games\steamapps\common\star wars empire at war\gamedata\sweaw.exe
FirewallRules: [{BB656002-1732-41D6-9E1A-A229B586C015}] => (Allow) E:\STEAM GAMES\SteamApps\common\Rust\Rust.exe
FirewallRules: [{577A6465-B43E-4563-AC75-7D02C005CEF9}] => (Allow) E:\STEAM GAMES\SteamApps\common\Rust\Rust.exe
FirewallRules: [{42B33F5E-9100-4AC7-9E75-3F5A4C138193}] => (Allow) G:\GAMES\SteamApps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{CA065EF0-8C86-4105-B913-5ECFF06EC9A1}] => (Allow) G:\GAMES\SteamApps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{FA2915A2-D7CE-4894-B98E-FCDCF2E711B9}] => (Allow) G:\GAMES\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{EAE8A57F-277E-4704-AB65-D214F3DAADDC}] => (Allow) G:\GAMES\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [TCP Query User{C75A35E5-937E-4A21-A1C0-141259B95C60}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{06579E57-FA2D-48EA-A8E2-A5A08EB8C7C9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{D611ED8C-884D-44AF-843A-E581F6788740}] => (Allow) E:\STEAM GAMES\SteamApps\common\TOXIKK\Binaries\Win32\TOXIKK.exe
FirewallRules: [{60226BF8-89EB-4277-9A29-AA928CE0E752}] => (Allow) E:\STEAM GAMES\SteamApps\common\TOXIKK\Binaries\Win32\TOXIKK.exe
FirewallRules: [{9AF028BA-C5A6-4A7E-90C8-714AF431B3F9}] => (Allow) E:\STEAM GAMES\SteamApps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{D88D3576-1D00-44AB-A66C-C5D22EF1C4AF}] => (Allow) E:\STEAM GAMES\SteamApps\common\Dying Light\DyingLightGame.exe
FirewallRules: [{9757EAC9-7321-4C5C-A84D-E2F17FD15885}] => (Allow) E:\STEAM GAMES\SteamApps\common\Unreal Tournament 3\Binaries\UT3.exe
FirewallRules: [{DABAA092-316D-4B1B-A4C5-55BD008EDDFE}] => (Allow) E:\STEAM GAMES\SteamApps\common\Unreal Tournament 3\Binaries\UT3.exe
FirewallRules: [{94D54AC0-7B3E-4C7C-B2E4-E7C463752983}] => (Allow) G:\GAMES\WarThunder\launcher.exe
FirewallRules: [{9EC25746-EE9F-4AB1-95C9-49D9C72A30C3}] => (Allow) G:\GAMES\WarThunder\launcher.exe
FirewallRules: [{671A3C3F-7F88-47F6-B5AE-62EAEEBD3C41}] => (Allow) G:\GAMES\WarThunder\bpreport.exe
FirewallRules: [{9252C5E1-D9E3-40D2-BB56-D94DF24E46F1}] => (Allow) G:\GAMES\WarThunder\bpreport.exe
FirewallRules: [{8B302CD0-2267-41B2-8D40-7E2CAADFF9BE}] => (Allow) LPort=80
FirewallRules: [{B826BDB5-F573-4D7D-B662-34F0308B73BB}] => (Allow) LPort=443
FirewallRules: [{B3484C71-E574-4EB8-90E6-7292D080C939}] => (Allow) LPort=20010
FirewallRules: [{23A0AF88-1EC2-4E93-97C6-92EDC734275A}] => (Allow) LPort=3478
FirewallRules: [{4652B566-36C4-4AD5-82DE-7F596C40FF14}] => (Allow) LPort=7850
FirewallRules: [{6A5C3FD7-03D4-46C0-8989-E4C87660F0FA}] => (Allow) LPort=7852
FirewallRules: [{41CD6180-FEE9-49B1-AAAC-F4B938C873F3}] => (Allow) LPort=7853
FirewallRules: [{794CC770-6A8E-4102-B9F6-90760CA5E53A}] => (Allow) LPort=27022
FirewallRules: [{E287722C-0D49-40DB-BFC1-EB9783A66223}] => (Allow) LPort=6881
FirewallRules: [{F7AF9C60-9CD4-4637-94CB-0A7709E979DA}] => (Allow) LPort=33333
FirewallRules: [{5F04EC02-5D23-4638-A914-F5776765DB9D}] => (Allow) LPort=20443
FirewallRules: [{0985DE53-D57C-46CC-85D2-DC62C4387672}] => (Allow) LPort=8090
FirewallRules: [TCP Query User{5C8A1F4A-3B16-4DF7-8058-BECFA1B8789A}G:\games\warthunder\aces.exe] => (Allow) G:\games\warthunder\aces.exe
FirewallRules: [UDP Query User{F657CF06-8F1F-4A3E-A757-08EED07A913E}G:\games\warthunder\aces.exe] => (Allow) G:\games\warthunder\aces.exe
FirewallRules: [{D63FA105-6B66-4A39-92C7-DDF6CA5C4024}] => (Allow) E:\Origin Spiele\Syndicate (1993)\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{5015243C-07BF-4F58-8F7B-6D5D0C470883}] => (Allow) E:\Origin Spiele\Syndicate (1993)\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{7D8AE61B-9F3C-41AA-8CEF-8FFF97F43953}] => (Allow) E:\Origin Spiele\Titanfall\Titanfall.exe
FirewallRules: [{50F7FCDC-56F9-4E3A-8810-4C0124A7BBB3}] => (Allow) E:\Origin Spiele\Titanfall\Titanfall.exe
FirewallRules: [{6573FBC3-B55C-42BB-B243-7814F9E84BD4}] => (Allow) E:\STEAM GAMES\SteamApps\common\Two Worlds - Epic Edition\TwoWorlds.exe
FirewallRules: [{D577D25C-DFDD-443E-8946-897B07FA8FD0}] => (Allow) E:\STEAM GAMES\SteamApps\common\Two Worlds - Epic Edition\TwoWorlds.exe
FirewallRules: [{EF69610D-0D26-4023-95DC-62F55972F236}] => (Allow) E:\STEAM GAMES\SteamApps\common\Two Worlds - Epic Edition\TwoWorlds_RADEON.exe
FirewallRules: [{2D8CC5D5-7A5B-4145-A18E-3CD90129D4D0}] => (Allow) E:\STEAM GAMES\SteamApps\common\Two Worlds - Epic Edition\TwoWorlds_RADEON.exe
FirewallRules: [{21D82907-A142-4C43-B993-E70E02C98FA1}] => (Allow) E:\STEAM GAMES\SteamApps\common\Knights and Merchants Historical Version\KM_TPR.exe
FirewallRules: [{45E26189-877F-41D4-AC1D-0DE1C3134D21}] => (Allow) E:\STEAM GAMES\SteamApps\common\Knights and Merchants Historical Version\KM_TPR.exe
FirewallRules: [{44696DB8-6BBA-4B24-9DBC-B6BB470AD8C1}] => (Allow) E:\STEAM GAMES\SteamApps\common\Knights and Merchants Historical Version\hd\Knights_and_Merchants_steam.exe
FirewallRules: [{E57BE1D3-F7DA-4AC1-AC1B-DA8A429A4B46}] => (Allow) E:\STEAM GAMES\SteamApps\common\Knights and Merchants Historical Version\hd\Knights_and_Merchants_steam.exe
FirewallRules: [{336957FF-6409-4840-8057-1BF1FFE7B4EE}] => (Allow) E:\STEAM GAMES\SteamApps\common\Enclave\Enclave.exe
FirewallRules: [{E0508657-9279-460D-B382-38E12AF3A6A2}] => (Allow) E:\STEAM GAMES\SteamApps\common\Enclave\Enclave.exe
FirewallRules: [{9A5A84A8-2C6C-43DD-B475-E0201CA1F933}] => (Allow) E:\STEAM GAMES\SteamApps\common\KnightShift\KnightShift.exe
FirewallRules: [{3031C719-BFA5-42E9-B3BB-C7B465F2DE6A}] => (Allow) E:\STEAM GAMES\SteamApps\common\KnightShift\KnightShift.exe
FirewallRules: [{DBFAAA8A-047C-4416-A6CE-8DFE70693967}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{B28332D7-48EC-47C8-B3A1-BDA7F494D938}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{019B55D5-A6E2-4096-87B7-B64E3FF304D0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D67ADC62-A9C1-4F0D-BF87-65E728125074}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{477D1E92-9304-463B-ACA2-1AC1EEAC65F8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4C450097-D3D7-4C8C-9118-6A4E1C66F00D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3524F0D0-B446-4458-966E-7DEED183B179}] => (Allow) G:\GAMES\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{1ECA58DF-2322-4005-812A-ADDD221A9C5F}] => (Allow) G:\GAMES\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{5CC91905-E503-4A2D-9F7C-63B254AF22C6}] => (Allow) C:\Users\nunuc\AppData\Local\Hola\firefox\app\hola_plugin.exe
FirewallRules: [{317C46C1-019F-4752-94E7-90EDF8C5FFD2}] => (Allow) C:\Users\nunuc\AppData\Local\Hola\firefox\app\hola_plugin.exe
FirewallRules: [{851073F2-981E-490F-B2C1-2A72DC0754A9}] => (Allow) E:\STEAM GAMES\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{9C21D684-A7DC-482A-8223-E49E86C7E121}] => (Allow) E:\STEAM GAMES\SteamApps\common\Dying Light\DevTools\DyingLightPlayer.exe
FirewallRules: [{5E392CA8-6353-4918-9AA8-1BFDB35CBA31}] => (Allow) G:\GAMES\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{87F282A9-6898-461C-A54B-568C6685257C}] => (Allow) G:\GAMES\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{44B70246-4A5D-4EDE-871E-11D57BB5CD1B}] => (Allow) G:\GAMES\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{187D8768-D99B-4679-A1FC-9622286D01D9}] => (Allow) G:\GAMES\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [TCP Query User{8E53FC88-DE40-4360-A660-7FFEED247DDA}J:\gta 5\gta5.exe] => (Allow) J:\gta 5\gta5.exe
FirewallRules: [UDP Query User{D9A63C25-F253-48B6-8B84-C4ED443ED50D}J:\gta 5\gta5.exe] => (Allow) J:\gta 5\gta5.exe
FirewallRules: [{1C8DD052-70FA-4C53-8E7B-3085A98CC7D8}] => (Allow) G:\GAMES\SteamApps\common\PinballArcade\PinballArcade11.exe
FirewallRules: [{68862417-BE3E-4238-A064-1CBD6B64BD5C}] => (Allow) G:\GAMES\SteamApps\common\PinballArcade\PinballArcade11.exe
FirewallRules: [TCP Query User{8810F88E-EA63-454B-9AB5-850C5F5BA353}C:\users\nunuc\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\nunuc\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{FCC6148C-0F8F-4704-9248-599C56274212}C:\users\nunuc\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\nunuc\appdata\local\akamai\netsession_win.exe
FirewallRules: [{A21260B1-2366-4C48-9BD7-73F60185429F}] => (Block) C:\users\nunuc\appdata\local\akamai\netsession_win.exe
FirewallRules: [{5980A259-2D0B-4464-A62B-EDFB8BCD8E1A}] => (Block) C:\users\nunuc\appdata\local\akamai\netsession_win.exe
FirewallRules: [{3F05D33F-1CB2-4A2B-BF44-2D6A54CE58D8}] => (Allow) C:\Users\nunuc\AppData\Local\Hola\firefox\app\hola_plugin.exe
FirewallRules: [{40357622-4CDA-4982-85A9-0924B7036C72}] => (Allow) C:\Users\nunuc\AppData\Local\Hola\firefox\app\hola_plugin.exe
FirewallRules: [{AD770DCA-CA6B-44E2-8347-5EF11394E93A}] => (Allow) E:\Origin Spiele\Titanfall\Titanfall.exe
FirewallRules: [{2B7F8145-91DC-49AA-BFE6-7CD894B9C053}] => (Allow) E:\Origin Spiele\Titanfall\Titanfall.exe
FirewallRules: [{3AE09DEC-5873-4FA7-9E55-819D8773AD00}] => (Allow) J:\Spiele\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{678EE611-8A3C-4716-8608-365FF638CB98}] => (Allow) J:\Spiele\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{49AD51AE-47CC-4FCA-AEF0-E4980BBB02AD}] => (Allow) G:\GAMES\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{07600EED-618F-405B-83A2-401EC86B0258}] => (Allow) G:\GAMES\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{71AC4F25-4025-4CD2-B675-0BB5A669340A}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{BAA4A271-5CEF-4DF1-88AB-84554F889480}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{12883DBB-A986-4E61-BCD9-904460E2EDBC}] => (Allow) E:\STEAM GAMES\SteamApps\common\TOXIKK\Binaries\Win32\TOXIKK.exe
FirewallRules: [{7BB7171E-275C-4A16-AD32-251F95766752}] => (Allow) E:\STEAM GAMES\SteamApps\common\TOXIKK\Binaries\Win32\TOXIKK.exe
FirewallRules: [{84CEF928-C8CA-4FE9-81AC-F030092BE4F3}] => (Allow) J:\GTA 5\GTA5.exe
FirewallRules: [{A959B973-1616-4821-8648-6648F9B9C88D}] => (Allow) J:\GTA 5\GTA5.exe
FirewallRules: [{153234FE-55FF-4B21-B15A-1060C895832F}] => (Allow) E:\STEAM GAMES\SteamApps\common\MagNets\MagNets.exe
FirewallRules: [{5421331D-8009-49D5-BF36-B162F42F012C}] => (Allow) E:\STEAM GAMES\SteamApps\common\MagNets\MagNets.exe
FirewallRules: [{38731E9A-1B8E-4ABC-9704-E5228045151D}] => (Allow) G:\GAMES\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{4B9F2722-ED70-42E5-94D7-38A3134BBCEB}] => (Allow) G:\GAMES\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{8353B975-45EE-4A25-A62A-4A1D7BF8171F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{BE350B53-3B1B-4F7F-81EF-6404815BD5FE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{41D16874-03E3-4F8F-B782-48359C851559}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{6816F2C2-16CE-4941-9AED-D3AA4A48FC43}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{BC950947-88A0-4867-9A28-5CD6E73895F2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{240F29D4-4633-472C-9106-8EDCE0F19CDE}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{665D62D4-6BAA-4A2B-8060-494074669DC8}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{3F3EB211-F12D-4273-8908-A1C217FD9C0C}] => (Allow) E:\STEAM GAMES\SteamApps\common\MK10\Binaries\Retail\MK10.exe
FirewallRules: [{58603FFA-13C9-4C94-AB40-4C3A8057431E}] => (Allow) E:\STEAM GAMES\SteamApps\common\MK10\Binaries\Retail\MK10.exe
FirewallRules: [{B1E5FFDA-F30A-4EFE-A49F-5898D7F59FE5}] => (Allow) E:\STEAM GAMES\SteamApps\common\MK10\Binaries\Retail\MKXLauncher.exe
FirewallRules: [{E76A9D1A-2B08-4146-8E8B-479F49FE12BF}] => (Allow) E:\STEAM GAMES\SteamApps\common\MK10\Binaries\Retail\MKXLauncher.exe
FirewallRules: [{318690D5-33ED-4041-BB60-8F57E2EDB6B2}] => (Allow) E:\Origin Spiele\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{DCD0139A-F67A-431C-A988-C4FE9378D7EB}] => (Allow) E:\Origin Spiele\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{400DBCF0-4097-44ED-A4E9-D33CE848C4FC}] => (Allow) E:\Origin Spiele\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{0B44C3D0-DF47-41CA-8437-6094FD4E26B5}] => (Allow) E:\Origin Spiele\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [TCP Query User{D132AC5F-8263-4633-8357-FD85E49CBD8D}G:\gamez!\wos\wowslauncher.exe] => (Allow) G:\gamez!\wos\wowslauncher.exe
FirewallRules: [UDP Query User{F6D5BE04-57CD-4E78-BDF6-FF054CBD3520}G:\gamez!\wos\wowslauncher.exe] => (Allow) G:\gamez!\wos\wowslauncher.exe
FirewallRules: [{A9F9D9DF-ECB3-439C-968F-A24B1DDADCCF}] => (Block) G:\gamez!\wos\wowslauncher.exe
FirewallRules: [{7C72DC4E-4D1A-4CB6-AAA3-5F2E65F25D33}] => (Block) G:\gamez!\wos\wowslauncher.exe
FirewallRules: [{A288564D-2987-496C-BF68-A2F57263E8F1}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{320DEA70-B918-4645-B3F1-9BB528F5733A}] => (Allow) E:\Programme\VTech\DownloadManager\System\AgentMonitor.exe
FirewallRules: [{AE70FC3C-8C1D-489B-A052-5F37DD3C77DB}] => (Allow) E:\Programme\VTech\DownloadManager\System\AgentMonitor.exe
FirewallRules: [{EB1717CF-76F7-42D0-9DC7-120E9A03A28D}] => (Allow) E:\STEAM GAMES\SteamApps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{D499C005-B9ED-4292-A84B-CCB611A7DF8E}] => (Allow) E:\STEAM GAMES\SteamApps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{157F83A7-AA37-4213-B1E2-55DDD7FC8E01}] => (Allow) G:\GAMES\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{2794423D-4DE3-48E1-A336-0751C3A70EE8}] => (Allow) G:\GAMES\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [TCP Query User{6713182E-3829-493F-911B-430C9142A079}G:\games\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe] => (Allow) G:\games\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe
FirewallRules: [UDP Query User{93C4FB1B-388D-444A-9F7E-65E58FAF563C}G:\games\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe] => (Allow) G:\games\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe
FirewallRules: [{02804247-6D60-4DD4-9245-40E93EADD60F}] => (Block) G:\games\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe
FirewallRules: [{E4E45934-4172-4B3E-887E-0423F9262259}] => (Block) G:\games\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe
FirewallRules: [{C8BBE54A-C10F-4259-AA49-890DC535062F}] => (Allow) E:\Origin Spiele\SimCity\SimCity\SimCity.exe
FirewallRules: [{F3E7E183-8A7B-4B62-A669-EE9677F12E05}] => (Allow) E:\Origin Spiele\SimCity\SimCity\SimCity.exe
FirewallRules: [{B032E1F6-9C50-4FC1-860C-F8052A44ADFD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0038F24F-6388-4720-AEF3-E9EE6FB8D455}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{73BEBA49-DB73-477A-B0D5-CA0F27364DDF}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A2A7DB1D-D762-465F-9FDC-76CD74628DBC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{3DD750CF-8954-4130-BE61-5F59B0945CAB}] => (Allow) E:\Origin Spiele\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{1C84F5A1-FF5A-4693-9BAA-D282AEC77CE1}] => (Allow) E:\Origin Spiele\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{1E9C6C22-526E-4051-AC1A-09C3294D46B4}] => (Allow) E:\Origin Spiele\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{94085C37-76C4-48D8-8BEB-33CD07094E33}] => (Allow) E:\Origin Spiele\Battlefield 4\BF4WebHelper.exe
FirewallRules: [TCP Query User{A4357C21-47A6-435A-9B2D-EDF91DA34842}E:\origin spiele\battlefield 4\bf4.exe] => (Allow) E:\origin spiele\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{A6D98CFE-B9EC-45D3-9D6B-09E2E91788F2}E:\origin spiele\battlefield 4\bf4.exe] => (Allow) E:\origin spiele\battlefield 4\bf4.exe
FirewallRules: [{28E135A7-BF31-420A-BE30-A3BDC7CCD8BC}] => (Block) E:\origin spiele\battlefield 4\bf4.exe
FirewallRules: [{8A5146BD-4430-459C-B54B-B50BDE4B72E5}] => (Block) E:\origin spiele\battlefield 4\bf4.exe
FirewallRules: [{5EFD41A9-6CA9-412C-9F8E-2B655E362D97}] => (Allow) E:\Programme\SiSoftware Sandra Lite 2015.SP2b\RpcAgentSrv.exe
FirewallRules: [{D270705D-94A4-4019-A5C5-3C5E5DD92753}] => (Allow) E:\Programme\SiSoftware Sandra Lite 2015.SP2b\WNt600x64\RpcSandraSrv.exe
FirewallRules: [{33B89147-AF5A-44BF-86E1-5E04CD8B642E}] => (Allow) G:\GAMES\SteamApps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{1FE4459A-19C4-4639-9510-EBF7E590EF08}] => (Allow) G:\GAMES\SteamApps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{D58D67FD-46AF-477D-BA2C-4BE69A3DD8A8}] => (Allow) G:\GAMES\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{0FCBC00F-3737-4C1F-8BDA-2DECA6F7FCB2}] => (Allow) G:\GAMES\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{0BCE6888-FB4E-4A52-B377-C4750B8EB6A3}] => (Allow) E:\Origin Spiele\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{B8BBA82C-C8C0-4D82-B0B5-93090AE1D7A3}] => (Allow) E:\Origin Spiele\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{8F904627-E678-43B5-84D5-303E3738AF54}] => (Allow) E:\Origin Spiele\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{C7331155-86D3-4EF0-B339-F480A21D5C67}] => (Allow) E:\Origin Spiele\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [TCP Query User{A75ABEFA-A860-424A-9363-B7FEA54E1087}E:\origin spiele\fifa 16\fifa16.exe] => (Allow) E:\origin spiele\fifa 16\fifa16.exe
FirewallRules: [UDP Query User{5503557A-507B-4C15-B570-00B712765B87}E:\origin spiele\fifa 16\fifa16.exe] => (Allow) E:\origin spiele\fifa 16\fifa16.exe
FirewallRules: [{1704052B-C309-48DA-9CC1-2A029D3333A8}] => (Block) E:\origin spiele\fifa 16\fifa16.exe
FirewallRules: [{6CB02185-D6AC-48A9-BF2C-58EE81438227}] => (Block) E:\origin spiele\fifa 16\fifa16.exe
StandardProfile\AuthorizedApplications: [E:\Programme\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [E:\Programme\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [E:\Programme\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [E:\Programme\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/28/2015 12:05:40 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (09/28/2015 08:50:53 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (09/28/2015 08:28:34 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (09/28/2015 08:25:50 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (09/28/2015 08:25:50 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (09/28/2015 08:25:45 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (09/28/2015 08:25:42 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (09/28/2015 08:24:59 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (09/28/2015 08:23:55 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname nunuc-PC.local already in use; will try nunuc-PC-2.local instead
Error: (09/28/2015 08:23:55 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 0; will deregister 4 nunuc-PC.local. Addr 192.168.2.112
Systemfehler:
=============
Error: (09/28/2015 12:10:09 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "NUNUC-PC :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.2.112
registriert werden. Der Computer mit IP-Adresse 192.168.2.100 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (09/28/2015 12:05:32 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "NUNUC-PC :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.2.112
registriert werden. Der Computer mit IP-Adresse 192.168.2.100 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (09/28/2015 08:29:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (09/28/2015 08:29:06 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\nunuc\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (09/28/2015 08:29:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (09/28/2015 08:29:05 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\nunuc\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (09/28/2015 08:29:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (09/28/2015 08:29:05 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\nunuc\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (09/28/2015 08:26:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (09/28/2015 08:26:50 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\nunuc\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
CodeIntegrity:
===================================
Date: 2015-09-25 07:56:23.570
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-09-25 07:56:23.537
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-25 10:06:54.681
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\nunuc\AppData\Local\Temp\pavu99sh3g" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-25 10:06:54.658
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\nunuc\AppData\Local\Temp\pavu99sh3g" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-25 10:06:21.800
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\nunuc\AppData\Local\Temp\pavu99sh3g" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-25 10:06:21.777
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\nunuc\AppData\Local\Temp\pavu99sh3g" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-25 10:04:01.374
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\nunuc\AppData\Local\Temp\pavu99sh3g" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-25 10:04:01.349
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\nunuc\AppData\Local\Temp\pavu99sh3g" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-25 10:02:55.583
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\nunuc\AppData\Local\Temp\pavu99sh3g" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-25 10:02:55.558
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\nunuc\AppData\Local\Temp\pavu99sh3g" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7 CPU 860 @ 2.80GHz
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 12279.11 MB
Verfügbarer physikalischer RAM: 7869.79 MB
Summe virtueller Speicher: 24556.43 MB
Verfügbarer virtueller Speicher: 20553.37 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:111.69 GB) (Free:26.24 GB) NTFS
Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive e: () (Fixed) (Total:488.28 GB) (Free:45.23 GB) NTFS
Drive f: () (Fixed) (Total:244.14 GB) (Free:244.04 GB) NTFS
Drive g: () (Fixed) (Total:518.26 GB) (Free:31.9 GB) NTFS
Drive i: () (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive j: (32 Bit Windows) (Fixed) (Total:146.48 GB) (Free:146.35 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: E1D5A341)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1397.3 GB) (Disk ID: 11E3F74A)
Partition 1: (Not Active) - (Size=878.9 GB) - (Type=42)
Partition 2: (Active) - (Size=100 MB) - (Type=42)
Partition 3: (Not Active) - (Size=518.3 GB) - (Type=42)
==================== Ende von Addition.txt ============================
|
|
29.09.2015, 12:07
| #10 |
| /// the machine /// TB-Ausbilder | Telekom Mail versendet Spam - Delivery Status Notification erhalten Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter S3 CFCOGJUTSSHKETKV; \??\C:\Windows\TEMP\CFCOGJUTSSHKETKV [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 TIYIXIYEHUDMXJJ; \??\C:\Windows\TEMP\TIYIXIYEHUDMXJJ [X]
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
29.09.2015, 15:25
| #11 |
| | Telekom Mail versendet Spam - Delivery Status Notification erhalten Ich habe im Telekom Konto täglich reingesehen und inzwischen ist der Anzeigename verändert und meine Antwortadresse auch wieder. Muss gestern gegen Abend oder heute sehr früh passiert sein. Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:23-09-2015
durchgeführt von nunuc (2015-09-29 16:19:12) Run:1
Gestartet von C:\Users\nunuc\Desktop
Geladene Profile: nunuc (Verfügbare Profile: nunuc)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
S3 CFCOGJUTSSHKETKV; \??\C:\Windows\TEMP\CFCOGJUTSSHKETKV [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 TIYIXIYEHUDMXJJ; \??\C:\Windows\TEMP\TIYIXIYEHUDMXJJ [X]
Emptytemp:
*****************
CFCOGJUTSSHKETKV => Dienst erfolgreich entfernt
EagleX64 => Dienst erfolgreich entfernt
TIYIXIYEHUDMXJJ => Dienst erfolgreich entfernt
EmptyTemp: => 509.7 MB temporäre Dateien entfernt.
Das System musste neu gestartet werden..
==== Ende von Fixlog 16:19:33 ====
|
|
30.09.2015, 14:21
| #12 |
| /// the machine /// TB-Ausbilder | Telekom Mail versendet Spam - Delivery Status Notification erhalten welche Antwortadresse meinst Du?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
30.09.2015, 14:55
| #13 |
| | Telekom Mail versendet Spam - Delivery Status Notification erhalten Moin, Peter M. - n****k@t-online.de - (Richtig) Natalie love - n****k@t-online.de - (verändert) Also der Name wird falsch angezeigt aber meine Mailadresse genutzt. Absendername - Mein Name (ändert sich in Natalie love etc.) Antwortadresse - Meine Mail Adresse (ändert sich in natalielove@ya***.de z.B.) Weiß nicht wie ich es anders erklären soll ;( Das wird mir im Kundencenter der Telekom angezeigt. Habe heute einen Anruf vom Abuse Team der Telekom erhalten die leicht verärgert waren wie denn sowas passieren kann und mir wurde erklärt das mein Rechner mit Viren befallen ist und ich doch am besten alles formatiere... Ich habe kurz nachgefragt ob es möglich ist vom Router aus meine Daten zu ändern und Spam zu versenden, dass wurde "vernuschelt" danach wurde mir ein neues Zugangspasswort zugesendet per SMS welches ich daraufhin im Router geändert habe von einem frischen Laptop aus. Das ich "Probleme" auf meinem PC habe/hatte ist mir bewusst durch dieses Forum und der guten Hilfe aber mich so zu behandeln ist nicht wirklich in Ordnung., was solls zuviel Off Topic |
|
01.10.2015, 16:18
| #14 |
| /// the machine /// TB-Ausbilder | Telekom Mail versendet Spam - Delivery Status Notification erhalten Poste mal bitte frische FRST logs von diesem Rechner.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
02.10.2015, 06:51
| #15 |
| | Telekom Mail versendet Spam - Delivery Status Notification erhalten Das wird ein paar Tage verzögert erst machbar sein, bekomme den Rechner nicht mehr zum starten seit gestern Abend. Es sieht nach dem Netzteil aus, der Lüfter läuft nicht mehr an. Leihe mir heute ein NT und bestelle dann ggf. ein neues. |
|
| Themen zu Telekom Mail versendet Spam - Delivery Status Notification erhalten |
| akamai, antivirus, avira, bluestacks, bonjour, cpu, dnsapi.dll, euro, failed, firefox, flash player, hotspot, installation, kaspersky, mozilla, popup, prozesse, realtek, registry, rundll, scan, server, software, spam, svchost.exe, system, virus, windows |
WARNUNG an die MITLESER: 
Linear-Darstellung
