|
Plagegeister aller Art und deren Bekämpfung: Virusname: "searchinterneat-a.akamaihd". Öffnet selbstständig Browser-FensterWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
02.11.2015, 19:11 | #1 |
| Virusname: "searchinterneat-a.akamaihd". Öffnet selbstständig Browser-Fenster Guten Abend Trojaner-Board Community Und zwar habe ich mir einen Plagegeist eingefangen der wohl unter den Namen "searchinterneat-a.akamaihd" im Netz bekannt zu sein scheint. Ich habe mehrere Anleitung im Netz durchgelesen und hier auch die Suchfunktion genutzt. Aber ich habe kein Programm welches unseriös wirken würde installiert, welches ich nun deinstallieren könnte. Desweiteren habe ich alle Chrome Extentions gelöscht und einen neuen Nutzer angelegt. Avira und Malwarebytes konnten den Frechdachs auch nicht aufspüren. Der Virus äußert sich wie folgt: IMMER wenn ich einen neuen Tab öffne, kommt eine Yahoo-Startseite. Desöfteren erscheint diese auch wenn ich bspw. Google oder andere Websites eingebe. Wenn ich in Google einen Suchbegriff eingebe, werde ich einfach auf diese Yahoo-Site verwiesen. Im Anschluss folgt der Malware-Bytes Log, Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 02.11.2015 Suchlaufzeit: 18:17 Protokolldatei: malware bytes.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2015.11.02.04 Rootkit-Datenbank: v2015.10.28.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Tower Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 381664 Abgelaufene Zeit: 4 Min., 41 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 1 PUP.Optional.Yontoo, C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default\extensions\{811c6c06-2e47-4388-b9e3-03f23e3139de}.xpi, , [75c780f99deecb6ba2b1eadf05fe4eb2], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Avira findet gar nichts. Danke und grüße, Red |
02.11.2015, 19:14 | #2 |
/// TB-Ausbilder | Virusname: "searchinterneat-a.akamaihd". Öffnet selbstständig Browser-FensterMein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags: So funktioniert es: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Zur ersten Analyse bitte FRST und TDSS-Killer ausführen: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
02.11.2015, 19:33 | #3 |
| Virusname: "searchinterneat-a.akamaihd". Öffnet selbstständig Browser-Fenster Dankesehr. Hoffe ich habe es richtig gemacht.
__________________FRST: FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-10-2015 durchgeführt von Tower (Administrator) auf TOWER-PC (02-11-2015 19:19:16) Gestartet von C:\Users\Tower\Downloads Geladene Profile: Tower & (Verfügbare Profile: Tower) Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe () C:\Windows\System32\PnkBstrA.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (NetEase) C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe (NetEase) C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe (NetEase) C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe (Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Valve Corporation) D:\Programme\Steam\Steam.exe (Valve Corporation) D:\Programme\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Valve Corporation) D:\Programme\Steam\bin\steamwebhelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Valve Corporation) D:\Programme\Steam\bin\steamwebhelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-07-22] (Adobe Systems Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2303152 2015-07-23] (Adobe Systems Incorporated) HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [218656 2015-09-01] (Geek Software GmbH) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-10-26] (LogMeIn Inc.) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782520 2015-10-05] (Avira Operations GmbH & Co. KG) HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\Run: [cloudmusic] => C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe [356720 2015-08-20] (NetEase) HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3638256 2015-10-27] (Electronic Arts) HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3129560 2014-02-24] (Disc Soft Ltd) HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd) HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\MountPoints2: {b3db381f-6cef-11e5-8288-1c872c435803} - "H:\setup.exe" HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [cloudmusic] => C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe [356720 2015-08-20] (NetEase) HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3638256 2015-10-27] (Electronic Arts) HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3129560 2014-02-24] (Disc Soft Ltd) HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd) HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b3db381f-6cef-11e5-8288-1c872c435803} - "H:\setup.exe" ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] () ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\..\Interfaces\{248c2f9a-a959-44e0-89c4-fb5feece3233}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q= HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q= HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q= HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.asus.com/ HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q= HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q= HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q= HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q= HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.asus.com/ HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q= HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q= SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-10-10] (Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-10-10] (Oracle Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default FF Homepage: hxxps://www.malwarebytes.org/restorebrowser//h?eq=U0EeCFZVBB8SRggSJAkKV11EEhgbJAwOTA1BFwQOIlsPAxRDFgcWIwEMU19AEFQFIk0FA18DB0VXfV9eFElXTwhxJUpNDU0CaUBB FF SelectedSearchEngine: Default FF DefaultSearchEngine: Default FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-10-10] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-10-10] (Oracle Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-07-23] (Adobe Systems) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] () FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-25] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-25] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-07-23] (Adobe Systems) FF Plugin HKU\S-1-5-21-2297507985-1758812650-2133870427-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tower\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tower\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS) FF user.js: detected! => C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default\user.js [2015-11-01] FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation) FF Extension: Avira Browser Safety - C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default\Extensions\abs@avira.com [2015-11-02] [ist nicht signiert] FF Extension: Avira SafeSearch Plus - C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default\Extensions\safesearchplus@avira.com [2015-11-02] [ist nicht signiert] Chrome: ======= CHR NewTab: Profile 1 -> "chrome-extension://khjilmcjipkeokomeekfnhkpbnhmgaje/html/newtab.html" CHR DefaultSearchURL: Profile 1 -> hxxps://safesearch.avira.com/#web/result?source=omnibar&q={searchTerms} CHR DefaultSearchKeyword: Profile 1 -> Avira CHR DefaultSuggestURL: Profile 1 -> hxxps://safesearch.avira.com/suggestions?q={searchTerms}&li=ff&hl=en CHR Profile: C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Default CHR Profile: C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1 CHR Extension: (Google Slides) - C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-02] CHR Extension: (Google Docs) - C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-02] CHR Extension: (Google Drive) - C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-02] CHR Extension: (YouTube) - C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-02] CHR Extension: (Google Search) - C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02] CHR Extension: (Google Sheets) - C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-02] CHR Extension: (Avira Browser Safety) - C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-11-02] CHR Extension: (Google Docs Offline) - C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-02] CHR Extension: (Avira SafeSearch) - C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjilmcjipkeokomeekfnhkpbnhmgaje [2015-11-02] CHR Extension: (Chrome Web Store Payments) - C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-02] CHR Extension: (Gmail) - C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-02] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [680112 2015-07-22] (Adobe Systems Incorporated) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [932912 2015-10-05] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-10-05] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-10-05] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1147720 2015-10-05] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] () R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [243968 2015-10-14] (Avira Operations GmbH & Co. KG) S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Datei ist nicht signiert] R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-10-26] (LogMeIn, Inc.) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2099208 2015-10-27] (Electronic Arts) R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2015-08-29] () R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2015-08-29] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] () R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-10-05] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-10-05] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-10-05] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-10-05] (Avira Operations GmbH & Co. KG) R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-10-07] (Disc Soft Ltd) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2015-08-25] (Disc Soft Ltd) R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation) S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] () S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-02 19:19 - 2015-11-02 19:19 - 00026211 _____ C:\Users\Tower\Downloads\FRST.txt 2015-11-02 19:19 - 2015-11-02 19:19 - 00000000 ____D C:\FRST 2015-11-02 19:18 - 2015-11-02 19:19 - 02198016 _____ (Farbar) C:\Users\Tower\Downloads\FRST64.exe 2015-11-02 19:04 - 2015-11-02 19:04 - 00016148 _____ C:\WINDOWS\system32\TOWER-PC_Tower_HistoryPrediction.bin 2015-11-02 18:23 - 2015-11-02 18:23 - 00001356 _____ C:\Users\Tower\Desktop\malware bytes.txt 2015-11-02 15:24 - 2015-11-02 15:24 - 00000000 ____D C:\Users\Tower\AppData\Roaming\Avira 2015-11-02 15:22 - 2015-10-05 15:51 - 00148632 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys 2015-11-02 15:22 - 2015-10-05 15:51 - 00137800 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys 2015-11-02 15:22 - 2015-10-05 15:51 - 00074440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys 2015-11-02 15:22 - 2015-10-05 15:51 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys 2015-11-02 15:21 - 2015-11-02 15:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-11-02 15:21 - 2015-11-02 15:22 - 00000000 ____D C:\ProgramData\Avira 2015-11-02 15:21 - 2015-11-02 15:22 - 00000000 ____D C:\Program Files (x86)\Avira 2015-11-02 15:21 - 2015-11-02 15:21 - 00001287 _____ C:\Users\Public\Desktop\Avira Launcher.lnk 2015-11-02 15:20 - 2015-11-02 15:21 - 04577440 _____ (Avira Operations GmbH & Co. KG) C:\Users\Tower\Downloads\avira_de_av_563771342a8bc__ws.exe 2015-11-02 15:17 - 2015-11-02 15:17 - 00002336 _____ C:\Users\Tower\Desktop\Google Chrome.lnk 2015-11-02 14:05 - 2015-11-02 18:17 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-11-02 14:05 - 2015-11-02 14:05 - 00001175 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-11-02 14:05 - 2015-11-02 14:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-11-02 14:05 - 2015-11-02 14:05 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-11-02 14:05 - 2015-11-02 14:05 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-11-02 14:05 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-11-02 14:05 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2015-11-02 14:05 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2015-11-02 14:04 - 2015-11-02 14:04 - 22908888 _____ (Malwarebytes ) C:\Users\Tower\Downloads\mbam-setup-org-2.2.0.1024.exe 2015-11-01 21:33 - 2015-11-02 15:00 - 00000000 ____D C:\ProgramData\Results Hub 2015-11-01 21:33 - 2015-11-01 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Results Hub 2015-11-01 18:36 - 2015-11-01 18:36 - 00000000 _____ C:\Users\Tower\Desktop\Neues Textdokument (2).txt 2015-11-01 17:27 - 2015-11-01 17:27 - 01088437 _____ (pendrivelinux.com) C:\Users\Tower\Downloads\Universal-USB-Installer-1.9.6.2.exe 2015-11-01 17:19 - 2015-11-01 17:20 - 06160320 _____ (LinuxLive USB Creator) C:\Users\Tower\Downloads\LinuxLive_USB_Creator_2.9.4.exe 2015-11-01 17:02 - 2015-11-01 17:04 - 1178386432 _____ C:\Users\Tower\Downloads\ubuntu-15.10-desktop-amd64.iso 2015-10-30 13:57 - 2015-10-28 00:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2015-10-30 13:57 - 2015-10-28 00:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2015-10-30 13:57 - 2015-10-21 13:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll 2015-10-30 13:57 - 2015-10-21 13:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2015-10-30 13:57 - 2015-10-21 13:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2015-10-30 13:57 - 2015-10-21 13:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-10-30 13:57 - 2015-10-21 13:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-10-30 13:57 - 2015-10-21 13:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2015-10-30 13:57 - 2015-10-21 12:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2015-10-30 13:57 - 2015-10-21 12:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2015-10-30 13:57 - 2015-10-21 12:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll 2015-10-30 13:57 - 2015-10-21 12:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2015-10-30 13:57 - 2015-10-21 12:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2015-10-30 13:57 - 2015-10-21 12:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll 2015-10-30 13:57 - 2015-10-21 12:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2015-10-30 13:57 - 2015-10-21 12:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-10-30 13:57 - 2015-10-21 12:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2015-10-30 13:57 - 2015-10-21 12:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2015-10-30 13:57 - 2015-10-21 12:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2015-10-30 13:57 - 2015-10-21 12:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2015-10-30 13:57 - 2015-10-21 12:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2015-10-30 13:57 - 2015-10-21 12:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll 2015-10-30 13:57 - 2015-10-21 12:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll 2015-10-30 13:57 - 2015-10-21 06:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2015-10-30 13:57 - 2015-10-21 06:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-10-30 13:57 - 2015-10-21 06:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-10-30 13:57 - 2015-10-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2015-10-30 13:57 - 2015-10-21 06:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2015-10-30 13:57 - 2015-10-21 06:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll 2015-10-30 13:57 - 2015-10-21 06:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-10-30 13:57 - 2015-10-21 06:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll 2015-10-30 13:57 - 2015-10-21 05:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2015-10-30 13:57 - 2015-10-21 05:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2015-10-30 13:57 - 2015-10-21 05:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll 2015-10-27 14:54 - 2015-10-27 14:54 - 00000000 ____D C:\Users\Public\Documents\BrFaxRx 2015-10-27 14:53 - 2015-10-27 14:58 - 00000009 _____ C:\WINDOWS\Brfaxrx.ini 2015-10-27 14:53 - 2015-10-27 14:58 - 00000000 ____D C:\Program Files (x86)\Brother 2015-10-27 14:53 - 2015-10-27 14:53 - 00000000 ____D C:\ProgramData\PCFaxTx 2015-10-27 14:53 - 2015-10-27 14:53 - 00000000 ____D C:\ProgramData\ControlCenter4 2015-10-27 14:53 - 2015-10-27 14:53 - 00000000 ____D C:\Program Files (x86)\ControlCenter4 2015-10-27 14:53 - 2015-10-27 14:53 - 00000000 ____D C:\Program Files (x86)\Browny02 2015-10-27 14:53 - 2013-01-10 13:56 - 00253952 ____N (brother) C:\WINDOWS\SysWOW64\NSSearch.dll 2015-10-27 14:53 - 2012-12-12 11:37 - 00318464 ____N (Brother Industries, Ltd.) C:\WINDOWS\system32\BrFaxTxAppRun64.dll 2015-10-27 14:53 - 2012-10-22 14:41 - 00002560 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2S.dll 2015-10-27 14:53 - 2010-09-29 17:07 - 00180224 ____N (Brother Industries, Ltd.) C:\WINDOWS\SysWOW64\BroSNMP.dll 2015-10-27 14:53 - 2010-03-15 19:45 - 00073728 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2.dll 2015-10-27 14:53 - 2007-12-13 22:16 - 00005632 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2L.dll 2015-10-27 14:52 - 2015-10-27 14:52 - 00000000 ____D C:\Users\Tower\Downloads\install 2015-10-27 14:52 - 2015-10-27 14:52 - 00000000 ____D C:\Users\Tower\AppData\Roaming\InstallShield 2015-10-27 14:52 - 2015-10-27 14:52 - 00000000 ____D C:\ProgramData\InstallShield 2015-10-27 14:52 - 2015-10-27 14:52 - 00000000 ____D C:\ProgramData\Brother 2015-10-27 14:45 - 2015-10-27 14:52 - 151108968 _____ (A.I.SOFT,INC.) C:\Users\Tower\Downloads\MFC-J470DW-inst-A1-OCE.EXE 2015-10-27 14:33 - 2015-10-27 14:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2015-10-27 14:33 - 2015-10-27 14:33 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi 2015-10-25 20:35 - 2015-10-25 20:35 - 00001052 _____ C:\Users\Public\Desktop\Winamp.lnk 2015-10-25 20:35 - 2015-10-25 20:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp 2015-10-25 20:34 - 2015-10-25 22:38 - 00000000 ____D C:\Users\Tower\AppData\Roaming\Winamp 2015-10-25 20:34 - 2015-10-25 20:35 - 00000000 ____D C:\Program Files (x86)\Winamp 2015-10-25 20:34 - 2015-10-25 20:34 - 12855384 _____ (Nullsoft, Inc.) C:\Users\Tower\Downloads\winamp5666_full_de-de_b3516.exe 2015-10-25 20:34 - 2015-10-25 20:34 - 12855384 _____ (Nullsoft, Inc.) C:\Users\Tower\Downloads\winamp5666_full_de-de_b3516 (1).exe 2015-10-25 20:11 - 2015-10-25 20:37 - 00000000 ____D C:\Users\Tower\Desktop\Neuer Ordner 2015-10-24 13:43 - 2015-10-24 13:43 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys 2015-10-24 13:43 - 2015-10-24 13:43 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys 2015-10-19 16:20 - 2015-10-25 16:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-10-16 10:01 - 2015-10-16 10:05 - 1671288950 _____ C:\Users\Tower\Downloads\jc3_trailer_kit.zip 2015-10-14 15:31 - 2015-10-10 08:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2015-10-14 15:31 - 2015-10-06 04:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2015-10-14 15:31 - 2015-10-06 03:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2015-10-14 15:31 - 2015-10-01 05:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2015-10-14 15:31 - 2015-10-01 05:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2015-10-14 15:31 - 2015-10-01 05:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2015-10-14 15:31 - 2015-10-01 05:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2015-10-14 15:31 - 2015-10-01 05:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-10-14 15:31 - 2015-10-01 04:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2015-10-14 15:31 - 2015-09-25 05:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2015-10-14 15:31 - 2015-09-25 05:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys 2015-10-14 15:31 - 2015-09-25 04:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2015-10-14 15:31 - 2015-09-25 04:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2015-10-14 15:31 - 2015-09-25 04:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2015-10-14 15:31 - 2015-09-25 04:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2015-10-14 15:31 - 2015-09-25 04:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll 2015-10-14 15:31 - 2015-09-25 04:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll 2015-10-14 15:31 - 2015-09-25 04:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-10-14 15:31 - 2015-09-25 04:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2015-10-14 15:31 - 2015-09-25 04:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-10-14 15:31 - 2015-09-25 04:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2015-10-14 15:31 - 2015-09-25 04:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2015-10-14 15:31 - 2015-09-25 04:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-10-14 15:31 - 2015-09-25 04:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2015-10-14 15:31 - 2015-09-25 04:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2015-10-14 15:31 - 2015-09-25 04:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2015-10-14 15:31 - 2015-09-25 04:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-10-14 15:31 - 2015-09-25 04:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2015-10-14 15:31 - 2015-09-25 04:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll 2015-10-14 15:31 - 2015-09-25 04:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2015-10-14 15:31 - 2015-09-25 04:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll 2015-10-14 15:31 - 2015-09-25 04:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll 2015-10-14 15:31 - 2015-09-25 03:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2015-10-14 15:31 - 2015-09-25 03:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll 2015-10-14 15:31 - 2015-09-25 03:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll 2015-10-14 15:31 - 2015-09-25 03:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll 2015-10-14 15:31 - 2015-09-25 03:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll 2015-10-14 15:31 - 2015-09-25 03:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll 2015-10-14 15:31 - 2015-09-25 03:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2015-10-14 15:31 - 2015-09-25 03:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll 2015-10-14 15:31 - 2015-09-25 03:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll 2015-10-14 15:31 - 2015-09-25 03:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-10-14 15:31 - 2015-09-25 03:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-10-14 15:31 - 2015-09-25 03:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2015-10-14 15:31 - 2015-09-25 03:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-10-14 15:31 - 2015-09-25 03:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2015-10-14 15:31 - 2015-09-25 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2015-10-14 15:31 - 2015-09-25 03:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2015-10-14 15:31 - 2015-09-25 03:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-10-14 15:31 - 2015-09-25 03:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2015-10-14 15:31 - 2015-09-25 03:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2015-10-14 15:31 - 2015-09-25 03:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll 2015-10-14 15:31 - 2015-09-25 03:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll 2015-10-14 15:31 - 2015-09-25 03:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll 2015-10-14 15:31 - 2015-09-25 03:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll 2015-10-14 15:31 - 2015-09-25 03:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll 2015-10-14 15:31 - 2015-09-25 03:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2015-10-14 15:31 - 2015-09-25 03:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2015-10-13 15:30 - 2015-10-13 15:35 - 00000000 ____D C:\Users\Tower\Downloads\Dead.Island-RELOADED 2015-10-13 15:29 - 2015-10-13 15:29 - 00019890 _____ C:\Users\Tower\Downloads\Dead.Island.Game.of.The.Year.Edition.PC.+.DLCs.^^nosTEAM^^.torrent 2015-10-12 20:11 - 2015-10-12 20:11 - 00537000 _____ () C:\Users\Tower\Downloads\MW2 RepZ Setup.exe 2015-10-12 20:11 - 2015-10-12 20:11 - 00000000 ____D C:\Users\Tower\AppData\Local\Deployment 2015-10-12 20:11 - 2015-10-12 20:11 - 00000000 ____D C:\Users\Tower\AppData\Local\Apps\2.0 2015-10-11 13:24 - 2015-10-11 13:24 - 00001072 _____ C:\Users\Tower\Desktop\DUC (2).lnk 2015-10-11 12:38 - 2015-11-02 18:06 - 00000000 ____D C:\Users\Tower\AppData\Local\LogMeIn Hamachi 2015-10-11 12:37 - 2015-10-27 14:33 - 00000995 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk 2015-10-11 12:37 - 2015-10-11 12:37 - 08716288 _____ C:\Users\Tower\Downloads\hamachi220383(1).msi 2015-10-11 12:19 - 2015-10-11 13:24 - 00000000 ____D C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC 2015-10-11 12:19 - 2015-10-11 12:19 - 00241720 _____ C:\Users\Tower\Downloads\DUCSetup_v4_1_1.exe 2015-10-11 12:19 - 2015-10-11 12:19 - 00000000 ____D C:\Users\Tower\AppData\Local\Vitalwerks 2015-10-11 12:19 - 2015-10-11 12:19 - 00000000 ____D C:\Program Files (x86)\No-IP 2015-10-11 12:03 - 2015-10-11 12:04 - 00000000 ____D C:\Users\Tower\Downloads\sd 2015-10-10 23:29 - 2015-10-16 11:44 - 00000000 ____D C:\Users\Tower\Desktop\Timur Vernes - Er ist wieder da 2015-10-10 23:29 - 2015-10-10 23:30 - 00000000 ____D C:\Users\Tower\Downloads\Neuer Ordner 2015-10-10 16:06 - 2015-10-10 16:06 - 00000000 ____D C:\Users\Tower\AppData\Local\LogMeIn 2015-10-10 16:06 - 2015-10-10 16:06 - 00000000 ____D C:\ProgramData\LogMeIn 2015-10-10 16:05 - 2015-10-10 16:06 - 08716288 _____ C:\Users\Tower\Downloads\hamachi220383.msi 2015-10-10 16:05 - 2015-10-10 16:06 - 08716288 _____ C:\Users\Tower\Downloads\hamachi220383 (1).msi 2015-10-10 15:38 - 2015-10-10 15:39 - 00000185 _____ C:\Users\Tower\Downloads\eula.txt 2015-10-10 15:38 - 2015-10-10 15:38 - 00000062 _____ C:\Users\Tower\Downloads\server.properties 2015-10-10 15:28 - 2015-10-10 15:38 - 08718628 _____ C:\Users\Tower\Downloads\minecraft_server.1.8.8.exe 2015-10-10 14:45 - 2015-10-10 14:45 - 30984104 _____ (Oracle Corporation) C:\Users\Tower\Downloads\jre-7u60-windows-x64.exe 2015-10-10 14:45 - 2015-10-10 14:45 - 00313256 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2015-10-10 14:45 - 2015-10-10 14:45 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2015-10-10 14:45 - 2015-10-10 14:45 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2015-10-10 14:45 - 2015-10-10 14:45 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2015-10-10 14:45 - 2015-10-10 14:45 - 00000702 _____ C:\Users\Public\Desktop\Titanfall.lnk 2015-10-10 14:45 - 2015-10-10 14:45 - 00000000 ____D C:\Users\Tower\AppData\LocalLow\Sun 2015-10-10 14:45 - 2015-10-10 14:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Titanfall 2015-10-10 14:45 - 2015-10-10 14:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-10-10 14:45 - 2015-10-10 14:45 - 00000000 ____D C:\Program Files\Java 2015-10-10 13:38 - 2015-10-11 12:23 - 00000000 ____D C:\Users\Tower\AppData\Roaming\.minecraft 2015-10-10 13:38 - 2015-10-10 13:38 - 00000000 ____D C:\Users\Tower\AppData\Roaming\java 2015-10-10 13:37 - 2015-10-10 13:37 - 02314240 _____ C:\Users\Tower\Downloads\MinecraftInstaller.msi 2015-10-10 13:37 - 2015-10-10 13:37 - 00000728 _____ C:\Users\Public\Desktop\Minecraft.lnk 2015-10-10 13:37 - 2015-10-10 13:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft 2015-10-09 20:14 - 2015-10-09 20:14 - 00000000 ____D C:\Users\Tower\Documents\Rockstar Games 2015-10-09 20:13 - 2015-10-09 20:13 - 00000000 ____D C:\Program Files\Rockstar Games 2015-10-09 20:12 - 2015-10-09 20:13 - 00000000 ____D C:\Program Files (x86)\Rockstar Games 2015-10-09 20:11 - 2015-10-09 20:11 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2015-10-09 20:11 - 2015-10-09 20:11 - 00000000 ____D C:\Program Files\Reference Assemblies 2015-10-09 20:11 - 2015-10-09 20:11 - 00000000 ____D C:\Program Files\MSBuild 2015-10-09 20:11 - 2015-10-09 20:11 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2015-10-09 20:11 - 2015-10-09 20:11 - 00000000 ____D C:\Program Files (x86)\MSBuild 2015-10-09 20:11 - 2015-06-17 17:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2015-10-09 20:11 - 2015-06-17 17:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2015-10-09 20:11 - 2015-06-17 17:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2015-10-09 20:11 - 2015-05-29 20:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2015-10-09 20:11 - 2015-05-29 20:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-10-09 20:11 - 2015-05-29 20:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2015-10-08 14:29 - 2015-10-08 14:30 - 00000000 ____D C:\Users\Tower\Documents\STAR WARS Battlefront Beta 2015-10-08 02:51 - 2015-10-08 03:06 - 00000000 ____D C:\Users\Tower\AppData\Roaming\Teeworlds 2015-10-08 02:40 - 2015-10-08 02:41 - 39968152 _____ (Activision ) C:\Users\Tower\Downloads\CoD4MW-1.6-1.7-PatchSetup.exe 2015-10-08 02:40 - 2015-10-08 02:40 - 296330688 _____ (Activision ) C:\Users\Tower\Downloads\cod4mw-1.6-patchsetup.exe 2015-10-08 02:39 - 2015-10-08 02:41 - 72328877 _____ (Activision ) C:\Users\Tower\Downloads\cod4mw-1.4-patchsetup.exe 2015-10-08 02:39 - 2015-10-08 02:41 - 14544960 _____ (Activision ) C:\Users\Tower\Downloads\cod4mw-1.3-patchsetup.exe 2015-10-08 02:39 - 2015-10-08 02:40 - 14532064 _____ (Activision ) C:\Users\Tower\Downloads\cod4mw-1.2-patchsetup.exe 2015-10-08 02:39 - 2015-10-08 02:40 - 11167560 _____ (Activision ) C:\Users\Tower\Downloads\cod4mw-1.4-1.5mp-patchsetup.exe 2015-10-08 02:39 - 2015-10-08 02:40 - 11149280 _____ (Activision ) C:\Users\Tower\Downloads\cod4mw-1.1-patchsetup.exe 2015-10-08 00:16 - 2015-11-02 18:02 - 00000000 ____D C:\Users\Tower\Desktop\PROPHET 2015-10-08 00:07 - 2015-10-08 00:07 - 00000823 _____ C:\Users\Public\Desktop\Total War - SHOGUN 2.lnk 2015-10-08 00:07 - 2015-10-08 00:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA 2015-10-07 23:50 - 2015-10-07 23:50 - 00000000 ____D C:\Users\Tower\AppData\Local\Disc_Soft_Ltd 2015-10-07 23:44 - 2015-03-13 17:52 - 00015159 _____ C:\Users\Tower\Desktop\prophet.nfo 2015-10-07 23:43 - 2015-10-07 23:43 - 00000000 ____D C:\ProgramData\Steam 2015-10-07 21:43 - 2015-10-07 21:44 - 00000000 ____D C:\Users\Tower\AppData\Roaming\DAEMON Tools Lite 2015-10-07 21:43 - 2015-10-07 21:43 - 00030264 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys 2015-10-07 21:43 - 2015-10-07 21:43 - 00001814 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk 2015-10-07 21:43 - 2015-10-07 21:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite 2015-10-07 21:43 - 2015-10-07 21:43 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite 2015-10-07 21:43 - 2015-10-07 21:43 - 00000000 ____D C:\Program Files\DAEMON Tools Lite 2015-10-07 21:42 - 2015-10-07 21:42 - 01709792 _____ (Disc Soft Ltd.) C:\Users\Tower\Downloads\DT101LiteInstaller.exe 2015-10-07 21:42 - 2015-10-07 21:42 - 01709792 _____ (Disc Soft Ltd.) C:\Users\Tower\Downloads\DT101LiteInstaller (1).exe 2015-10-07 20:09 - 2015-10-07 20:24 - 00000000 ____D C:\Users\Tower\Downloads\Total.War.SHOGUN.2.Complete-PROPHET 2015-10-07 20:08 - 2015-10-07 20:08 - 00044495 _____ C:\Users\Tower\Downloads\Total.War.SHOGUN.2.Complete-PROPHET-[rarbg.com].torrent 2015-10-07 19:54 - 2015-10-07 19:55 - 00008431 _____ C:\Users\Tower\Downloads\mpdata 2015-10-07 19:47 - 2015-10-07 19:47 - 00002030 _____ C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Singleplayer.lnk 2015-10-07 19:47 - 2015-10-07 19:47 - 00002030 _____ C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Multiplayer.lnk 2015-10-07 19:47 - 2015-10-07 19:47 - 00000331 _____ C:\WINDOWS\game.ini 2015-10-07 19:47 - 2015-10-07 19:47 - 00000175 _____ C:\WINDOWS\DXError.log 2015-10-07 19:47 - 2015-10-07 19:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision 2015-10-07 19:46 - 2015-10-07 19:46 - 00000000 ____D C:\Program Files (x86)\Activision 2015-10-07 19:23 - 2015-10-13 15:29 - 00000000 ____D C:\Users\Tower\AppData\LocalLow\uTorrent 2015-10-07 19:23 - 2015-10-07 19:37 - 00000000 ____D C:\Users\Tower\Downloads\cod torrentti 2015-10-07 19:23 - 2015-10-07 19:23 - 00052707 _____ C:\Users\Tower\Downloads\[kat.cr]call.of.duty.4.full.crack.and.keygen (1).torrent 2015-10-07 19:22 - 2015-10-07 19:22 - 00002722 _____ C:\Users\Tower\Desktop\µTorrent.lnk 2015-10-07 19:22 - 2015-10-07 19:22 - 00002722 _____ C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2015-10-07 19:21 - 2015-10-13 22:23 - 00000000 ____D C:\Users\Tower\AppData\Roaming\uTorrent 2015-10-07 19:21 - 2015-10-07 19:21 - 01822048 _____ (BitTorrent Inc.) C:\Users\Tower\Downloads\uTorrent.exe 2015-10-07 19:20 - 2015-10-07 19:20 - 00052707 _____ C:\Users\Tower\Downloads\[kat.cr]call.of.duty.4.full.crack.and.keygen.torrent 2015-10-06 17:55 - 2015-10-08 22:33 - 00002270 _____ C:\Users\Tower\Desktop\RocketLeague - Shortcut.lnk 2015-10-03 12:58 - 2015-10-03 13:02 - 00000000 ____D C:\Users\Tower\AppData\LocalLow\Daybreak Game Company 2015-10-03 12:58 - 2015-10-03 12:58 - 00000000 ____D C:\Users\Tower\AppData\Local\SCE 2015-10-03 12:58 - 2015-10-03 12:58 - 00000000 ____D C:\Users\Tower\AppData\Local\Daybreak Game Company ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-02 19:11 - 2015-08-12 10:56 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-11-02 19:06 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru 2015-11-02 19:05 - 2015-07-10 13:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log 2015-11-02 18:09 - 2015-08-12 11:27 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-11-02 18:09 - 2015-07-10 17:34 - 00771100 _____ C:\WINDOWS\system32\perfh007.dat 2015-11-02 18:09 - 2015-07-10 17:34 - 00153964 _____ C:\WINDOWS\system32\perfc007.dat 2015-11-02 18:06 - 2015-08-15 23:47 - 00000000 ____D C:\ProgramData\boost_interprocess 2015-11-02 18:06 - 2015-08-15 23:44 - 00000000 ____D C:\Users\Tower\AppData\Local\Adobe 2015-11-02 18:06 - 2015-08-15 17:34 - 00000000 ____D C:\ProgramData\Origin 2015-11-02 18:06 - 2015-08-12 10:56 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-11-02 18:03 - 2015-08-12 11:20 - 00000000 ____D C:\ProgramData\NVIDIA 2015-11-02 18:03 - 2015-08-12 11:19 - 00192850 _____ C:\WINDOWS\PFRO.log 2015-11-02 18:03 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-11-02 18:03 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2015-11-02 17:41 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-11-02 16:47 - 2015-08-12 08:07 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B0ABBCD9-80EF-444C-B833-51C5C9291BB0} 2015-11-02 15:21 - 2015-08-12 13:07 - 00000000 ____D C:\ProgramData\Package Cache 2015-11-01 19:26 - 2015-08-12 11:37 - 00000000 ____D C:\Users\Tower\Documents\The Witcher 3 2015-11-01 17:17 - 2015-08-24 19:09 - 00011217 _____ C:\WINDOWS\setupact.log 2015-11-01 16:55 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache 2015-11-01 16:39 - 2015-08-12 11:27 - 00002396 _____ C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2015-11-01 16:39 - 2015-08-12 08:35 - 00000000 ___RD C:\Users\Tower\OneDrive 2015-11-01 16:27 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-10-30 15:33 - 2015-08-23 12:50 - 00000000 ____D C:\Users\Tower\AppData\Roaming\TS3Client 2015-10-30 14:03 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-10-29 18:45 - 2015-08-12 10:03 - 00000000 ____D C:\Users\Tower\AppData\Local\Battle.net 2015-10-27 14:53 - 2015-08-24 15:27 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-10-27 14:36 - 2015-08-23 12:50 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client 2015-10-27 14:35 - 2015-08-16 19:31 - 00000000 ____D C:\Program Files (x86)\Origin 2015-10-25 22:39 - 2015-08-12 11:21 - 00000000 ____D C:\Users\Tower 2015-10-25 16:49 - 2015-08-15 19:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-10-24 02:41 - 2015-08-12 11:37 - 00284825 _____ C:\WINDOWS\DirectX.log 2015-10-24 02:20 - 2015-09-01 10:36 - 00000000 ____D C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2015-10-18 21:57 - 2015-08-12 11:37 - 00000000 ____D C:\Users\Tower\Documents\My Games 2015-10-16 11:55 - 2015-08-12 21:04 - 00477184 ___SH C:\Users\Tower\Desktop\Thumbs.db 2015-10-16 04:10 - 2015-07-10 12:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-10-16 04:10 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-10-14 15:45 - 2015-08-12 08:21 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-10-14 15:43 - 2015-08-12 08:21 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-10-10 19:04 - 2015-08-16 14:18 - 00226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe 2015-10-10 19:04 - 2015-08-16 14:18 - 00214392 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0 2015-10-10 14:09 - 2015-08-29 15:08 - 00000000 ____D C:\BF4 2015-10-09 20:11 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI 2015-10-09 20:11 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\MUI 2015-10-08 11:50 - 2015-08-12 11:36 - 00000000 ____D C:\Users\Tower\AppData\Local\Steam 2015-10-08 01:32 - 2015-08-12 07:57 - 00000000 ____D C:\Users\Tower\AppData\Local\VirtualStore 2015-10-07 19:57 - 2013-11-15 03:30 - 00000000 ____D C:\Users\Tower\Downloads\sounds 2015-10-06 20:16 - 2015-09-04 10:36 - 00000000 ____D C:\Users\Tower\AppData\Roaming\OBS 2015-10-06 17:31 - 2013-11-15 03:30 - 00000000 ____D C:\Users\Tower\Downloads\lib 2015-10-04 20:54 - 2015-08-19 15:40 - 00000000 ____D C:\Users\Tower\AppData\Roaming\CodeBlocks 2015-10-03 20:13 - 2015-08-25 14:15 - 00000000 ____D C:\WINDOWS\AutoKMS 2015-10-03 12:04 - 2015-09-24 10:23 - 00000718 _____ C:\Users\Public\Desktop\FIFA 16.lnk 2015-10-03 10:27 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12 2015-10-03 10:27 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\system32\F12 2015-10-03 10:27 - 2015-07-10 12:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog 2015-10-03 10:27 - 2015-07-10 12:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-10-03 10:27 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2015-10-03 10:27 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2015-10-03 10:27 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Provisioning 2015-10-03 10:27 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\L2Schemas ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-09-02 11:06 - 2015-05-12 17:11 - 0000034 _____ () C:\Users\Tower\AppData\Roaming\pdfdrawcodec.dll 2015-08-12 11:20 - 2015-08-12 11:20 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2015-08-24 20:19 - 2015-08-24 20:19 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt 2015-08-25 18:15 - 2015-08-25 18:15 - 0000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc Einige Dateien in TEMP: ==================== C:\Users\Tower\AppData\Local\Temp\avgnt.exe C:\Users\Tower\AppData\Local\Temp\bitool.dll C:\Users\Tower\AppData\Local\Temp\jansi-64-git-Bukkit-12698ea-1231831953736236263.dll C:\Users\Tower\AppData\Local\Temp\jansi-64-git-Bukkit-12698ea-2147131273227054406.dll C:\Users\Tower\AppData\Local\Temp\jansi-64-git-Bukkit-12698ea-3088701552036717022.dll C:\Users\Tower\AppData\Local\Temp\jansi-64-git-Bukkit-12698ea-3886152149526835255.dll C:\Users\Tower\AppData\Local\Temp\jansi-64-git-Bukkit-12698ea-5515511938404337857.dll C:\Users\Tower\AppData\Local\Temp\jansi-64-git-Bukkit-12698ea-7782766279733068079.dll C:\Users\Tower\AppData\Local\Temp\msvcp90.dll C:\Users\Tower\AppData\Local\Temp\msvcr90.dll C:\Users\Tower\AppData\Local\Temp\nvSCPAPI.dll C:\Users\Tower\AppData\Local\Temp\nvSCPAPI64.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-10-28 17:50 ==================== Ende von FRST.txt ============================ Addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-10-2015 durchgeführt von Tower (2015-11-02 19:19:32) Gestartet von C:\Users\Tower\Downloads Windows 10 Home (X64) (2015-08-12 10:25:38) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2297507985-1758812650-2133870427-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2297507985-1758812650-2133870427-503 - Limited - Disabled) Gast (S-1-5-21-2297507985-1758812650-2133870427-501 - Limited - Enabled) HomeGroupUser$ (S-1-5-21-2297507985-1758812650-2133870427-1007 - Limited - Enabled) Tower (S-1-5-21-2297507985-1758812650-2133870427-1001 - Administrator - Enabled) => C:\Users\Tower ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) µTorrent (HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.) µTorrent (HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.2.0.129 - Adobe Systems Incorporated) Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0.1 - Adobe Systems Incorporated) Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG) Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Avira Launcher (x32 Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Hidden Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.5.2.34169 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision) Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.6 - Activision) Hidden Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden Call of Duty: Black Ops III Beta (HKLM-x32\...\Steam App 388520) (Version: - Treyarch) Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine) CodeBlocks (HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team) CodeBlocks (HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team) Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd) DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.5.0.0388 - Disc Soft Ltd) Divinity: Original Sin (HKLM-x32\...\Steam App 230230) (Version: - Larian Studios) FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.4.15952.12 - Electronic Arts) Frozen Synapse (HKLM-x32\...\Steam App 98200) (Version: - Mode 7) FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games) Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios) GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.) Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden HAWKEN (HKLM-x32\...\Steam App 271290) (Version: - Reloaded Games) HearthstoneTracker (HKLM-x32\...\HearthstoneTracker) (Version: 1.9.23.39449 - HearthstoneTracker.com) Intel(R) Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel) IrfanView 64 (remove only) (HKLM\...\IrfanView) (Version: 4.40 - Irfan Skiljan) iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.) Java 7 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417060FF}) (Version: 7.0.600 - Oracle) L.A. Noire (HKLM-x32\...\Steam App 110800) (Version: - Team Bondi) LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.406 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.406 - LogMeIn, Inc.) Hidden Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM-x32\...\Steam App 287700) (Version: - Konami Digital Entertainment) Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla) MusicBee 2.4 (HKLM-x32\...\MusicBee) (Version: 2.4 - Steven Mayall) No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.1 - Vitalwerks Internet Solutions LLC) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.1 - Notepad++ Team) NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.82 - NVIDIA Corporation) NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation) NVIDIA Grafiktreiber 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.82 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) Ori and the Blind Forest (HKLM-x32\...\Steam App 261570) (Version: - Moon Studios GmbH) Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.) Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden PDF24 Creator 7.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) PDFBearbeiten V2.3 (HKLM-x32\...\PDFBearbeiten_is1) (Version: - hxxp://www.PDFBearbeiten.net) PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version: - Daybreak Games) PlanetSide 2 (HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\DG0-PlanetSide 2) (Version: - Sony Online Entertainment) PlanetSide 2 (HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\DG0-PlanetSide 2) (Version: - Sony Online Entertainment) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) Rainbow Six Siege - Closed Beta (HKLM-x32\...\Uplay Install 1001) (Version: - Ubisoft) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.1 - Rockstar Games) SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version: - ) SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - ) Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - ) SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - ) SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - ) Samsung PC Studio 3 (x32 Version: 3.0.0.80601 - Samsung Electronics Co., Ltd.) Hidden SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden Street Fighter V Beta (HKLM-x32\...\Steam App 386800) (Version: - ) Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH) Teeworlds (HKLM-x32\...\Steam App 380840) (Version: - Teeworlds Team) This War of Mine (HKLM-x32\...\Steam App 282070) (Version: - 11 bit studios) Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts) Total War - SHOGUN 2 (HKLM-x32\...\Total War - SHOGUN 2_is1) (Version: - ) Trine 3: The Artifacts of Power (HKLM-x32\...\Steam App 319910) (Version: - Frozenbyte) Unity Web Player (HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS) Unity Web Player (HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS) Uplay (HKLM-x32\...\Uplay) (Version: 10.0 - Ubisoft) Vegas Pro 13.0 (64-bit) (HKLM\...\{386F5740-091D-11E4-B13E-F04DA23A5C58}) (Version: 13.0.373 - Sony) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) 网易云音乐 (HKLM-x32\...\网易云音乐) (Version: 1.9.1.103164 - 网易公司) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-002F69BBD7D7}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Tower\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ==================== Wiederherstellungspunkte ========================= 14-10-2015 15:43:23 Windows Update 20-10-2015 15:45:51 Windows Update 24-10-2015 02:41:09 DirectX wurde installiert 27-10-2015 14:53:02 Installiert Brother Software Suite ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {0EF7F484-A2A1-4CCB-BC4F-1BEBAA7C1EFB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG Task: {3103A7F7-47E1-45AA-BB56-31DEE52C63F0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {37EADF21-3C7F-48E8-8C9C-4445B3436696} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {3CD9976C-156F-4F90-81D0-1E6EE8B7089D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {405A312C-32D4-4C21-A517-8611DDF46B42} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {482CCEFB-1C55-48DE-8049-C553467578E1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {4F887DC4-853A-414A-AFAF-CC003426D02C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {5318F88C-6368-4F60-8D2B-12C3F2D0F415} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-14] (Microsoft Corporation) Task: {5CED3E29-586D-48D8-ACC7-2CE3021DD750} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {5FD55ECE-FA49-4715-AD46-B307532B1748} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {67044DCA-FB30-4576-96AB-C6094527DB3F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {67E21DB9-3BDA-46A6-BF2A-21663854C9BD} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe Task: {6E80604B-F248-4ABE-BF50-35385DC0C639} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {75599DED-4069-4648-8CE1-607683C6A986} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-12] (Google Inc.) Task: {9D3219E3-DCAD-435B-8E70-8C706263AD67} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {C7D86003-6247-4CAE-B201-7FE1E63430B3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {CEBABB8A-00EE-4F46-8DC1-9EFB8B2FC8FC} - \AutoKMS -> Keine Datei <==== ACHTUNG Task: {D277D2C2-149D-4398-94F0-E54DAE68B6D2} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {EB12AB54-FC61-4830-9A96-A9971EFFEF12} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-12] (Google Inc.) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-08-12 12:18 - 2015-08-12 12:18 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll 2015-08-12 11:20 - 2015-08-25 16:57 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-08-12 11:20 - 2013-07-04 02:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe 2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-05-15 15:26 - 2015-05-15 15:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-08-19 11:24 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll 2015-08-29 16:47 - 2015-08-29 16:47 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe 2015-10-02 09:24 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-10-02 09:24 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-07-22 00:02 - 2015-07-22 00:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2012-10-01 19:34 - 2012-10-01 19:34 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2015-10-02 09:24 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-10-02 09:25 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-10-02 09:24 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-10-02 09:24 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-10-02 09:24 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-07-10 12:00 - 2015-07-10 17:45 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll 2015-08-12 11:33 - 2015-08-27 01:37 - 00708216 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll 2015-08-12 11:33 - 2015-08-27 01:37 - 00854136 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll 2015-07-22 00:02 - 2015-07-22 00:02 - 31535264 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe 2015-10-23 10:12 - 2015-10-20 15:55 - 01908040 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libglesv2.dll 2015-10-23 10:12 - 2015-10-20 15:55 - 00093512 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libegl.dll 2015-10-23 10:12 - 2015-10-20 15:55 - 28860744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\PepperFlash\pepflashplayer.dll 2015-08-12 11:20 - 2015-11-02 18:03 - 00038544 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll 2015-08-12 11:20 - 2013-07-04 02:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll 2015-08-12 11:33 - 2015-08-27 01:37 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2015-08-20 14:56 - 2015-08-20 14:56 - 00182128 _____ () C:\Program Files (x86)\Netease\CloudMusic\ExceptionHandler.dll 2015-08-20 14:56 - 2015-08-20 14:56 - 08699760 _____ () C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.dll 2015-08-20 14:56 - 2015-08-20 14:56 - 38797680 _____ () C:\Program Files (x86)\Netease\CloudMusic\libcef.dll 2015-08-20 14:56 - 2015-08-20 14:56 - 02561904 _____ () C:\Program Files (x86)\Netease\CloudMusic\ffmpegsumo.dll 2015-08-20 14:56 - 2015-08-20 14:56 - 00111984 _____ () C:\Program Files (x86)\Netease\CloudMusic\libFLAC++_dynamic.dll 2015-08-20 14:56 - 2015-08-20 14:56 - 00262000 _____ () C:\Program Files (x86)\Netease\CloudMusic\libFLAC_dynamic.dll 2015-08-20 14:56 - 2015-08-20 14:56 - 00877936 _____ () C:\Program Files (x86)\Netease\CloudMusic\libglesv2.dll 2015-08-20 14:56 - 2015-08-20 14:56 - 00135024 _____ () C:\Program Files (x86)\Netease\CloudMusic\libegl.dll 2015-08-16 19:31 - 2015-10-27 14:35 - 01016832 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll 2015-08-16 19:31 - 2015-10-27 14:35 - 00028160 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll 2015-08-16 19:31 - 2015-10-27 14:35 - 00029696 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll 2015-08-16 19:31 - 2015-10-27 14:35 - 00256000 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll 2015-08-16 19:31 - 2015-10-27 14:35 - 00266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll 2015-08-16 19:31 - 2015-10-27 14:35 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll 2015-08-16 19:31 - 2015-10-27 14:35 - 00346112 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll 2015-08-16 19:31 - 2015-10-27 14:35 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll 2015-07-22 14:32 - 2015-07-22 14:32 - 36732592 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll 2015-09-02 11:03 - 2015-09-01 13:28 - 00074272 _____ () C:\Program Files (x86)\PDF24\zlib.dll 2015-09-02 11:03 - 2015-09-01 13:28 - 00051744 _____ () C:\Program Files (x86)\PDF24\OperationUI.dll 2015-07-28 16:11 - 2015-10-05 17:18 - 00778752 _____ () D:\Programme\Steam\SDL2.dll 2015-07-28 16:11 - 2015-07-03 17:12 - 04962816 _____ () D:\Programme\Steam\v8.dll 2015-07-28 16:11 - 2015-10-14 21:56 - 02423376 _____ () D:\Programme\Steam\video.dll 2015-07-28 16:11 - 2015-07-03 17:12 - 01556992 _____ () D:\Programme\Steam\icui18n.dll 2015-07-28 16:11 - 2015-07-03 17:12 - 01187840 _____ () D:\Programme\Steam\icuuc.dll 2015-07-28 16:11 - 2015-09-24 01:33 - 02549248 _____ () D:\Programme\Steam\libavcodec-56.dll 2015-07-28 16:11 - 2015-09-24 01:33 - 00491008 _____ () D:\Programme\Steam\libavformat-56.dll 2015-07-28 16:11 - 2015-09-24 01:33 - 00332800 _____ () D:\Programme\Steam\libavresample-2.dll 2015-07-28 16:11 - 2015-09-24 01:33 - 00442880 _____ () D:\Programme\Steam\libavutil-54.dll 2015-07-28 16:11 - 2015-09-24 01:33 - 00485888 _____ () D:\Programme\Steam\libswscale-3.dll 2015-07-28 16:11 - 2015-10-14 21:56 - 00705104 _____ () D:\Programme\Steam\bin\chromehtml.DLL 2015-07-28 16:11 - 2015-10-09 19:13 - 00193024 _____ () D:\Programme\Steam\bin\openvr_api.dll 2015-07-28 16:11 - 2015-10-08 23:20 - 45010208 _____ () D:\Programme\Steam\bin\libcef.dll 2015-07-28 16:11 - 2015-09-25 00:56 - 00119208 _____ () D:\Programme\Steam\winh264.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\battelog.com -> hxxps://www.battelog.com IE trusted site: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\battlefield.com -> hxxps://www.battlefield.com IE trusted site: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\battelog.com -> hxxps://www.battelog.com IE trusted site: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\battlefield.com -> hxxps://www.battlefield.com ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tower\Desktop\The-Witcher-3-Wild-Hunt-Sword-of-Destiny-Ultra-HD-Wallpaper-4k.jpg HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Tower\Desktop\The-Witcher-3-Wild-Hunt-Sword-of-Destiny-Ultra-HD-Wallpaper-4k.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [UDP Query User{215677AC-B348-41EA-8E64-054E930B0D2E}D:\games\hearthstone\hearthstone.exe] => (Allow) D:\games\hearthstone\hearthstone.exe FirewallRules: [TCP Query User{1F6834EA-E9EA-4661-81F6-1DBA87896036}D:\games\hearthstone\hearthstone.exe] => (Allow) D:\games\hearthstone\hearthstone.exe FirewallRules: [{62560D05-0E68-4C92-8652-79E97FA5A63E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{152FB88E-325F-4319-8919-F423068C7B85}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{3AF06DFB-CD6B-47AE-BC97-F335B05AD05C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{50226629-B020-46F4-B85B-48DA999A836D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{6DB57B98-E4FF-4D63-8E1A-DFCF8778B300}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{1BAAB5C5-A4F0-46EA-9A01-B592694C097B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{81B8C514-5E12-4762-A840-45A704554C69}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{07E84485-22C8-4A03-8DAF-AEB4A883022D}] => (Allow) D:\Programme\Steam\Steam.exe FirewallRules: [{2BCFA7B4-2341-4A3E-BBDE-5F92021931C4}] => (Allow) D:\Programme\Steam\Steam.exe FirewallRules: [{E54E2D6D-D675-4FD8-8BCE-9048E6EB69F9}] => (Allow) D:\Programme\Steam\bin\steamwebhelper.exe FirewallRules: [{D086F43C-5864-443D-A8C3-82AFED5D6D23}] => (Allow) D:\Programme\Steam\bin\steamwebhelper.exe FirewallRules: [{69CE53C6-AFAD-4DD5-8D8F-4AAABDE7F94B}] => (Allow) D:\Games\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe FirewallRules: [{67C8F4E3-E03D-4996-B96B-33679096207D}] => (Allow) D:\Games\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe FirewallRules: [{109084FB-B8E6-4541-BEA6-2AD5E43D7A23}] => (Allow) D:\Games\steamapps\common\The Witcher 3\bin\x64\witcher3.exe FirewallRules: [{F0CF891D-4E94-48CC-8A13-96209E98B07C}] => (Allow) D:\Games\steamapps\common\The Witcher 3\bin\x64\witcher3.exe FirewallRules: [TCP Query User{57195384-9343-43DF-86A7-C0D472413BEE}D:\program files (x86)\world of tanks\wotlauncher.exe] => (Allow) D:\program files (x86)\world of tanks\wotlauncher.exe FirewallRules: [UDP Query User{D07FCF13-8259-44C3-BEBA-338032B3437A}D:\program files (x86)\world of tanks\wotlauncher.exe] => (Allow) D:\program files (x86)\world of tanks\wotlauncher.exe FirewallRules: [TCP Query User{266EF9D3-30FE-48F1-AA40-5A93B0F45D03}D:\program files (x86)\world of tanks\worldoftanks.exe] => (Allow) D:\program files (x86)\world of tanks\worldoftanks.exe FirewallRules: [UDP Query User{F9B2AA14-CEBC-4632-8098-F8D72C99C64E}D:\program files (x86)\world of tanks\worldoftanks.exe] => (Allow) D:\program files (x86)\world of tanks\worldoftanks.exe FirewallRules: [{8A1A20A6-D30D-4B13-BF3A-AE0E28414132}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{7BD0F7F3-49AF-413C-A5FF-AE034AA607CC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{A8FC48FC-BA07-43E4-B6D9-708C56BEA990}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC 2015\Photoshop.exe FirewallRules: [{72849705-37C9-4060-BDC9-CEE33E0939EA}] => (Allow) D:\Games\steamapps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{2CA8930D-7020-429F-8F42-B43D15FF844D}] => (Allow) D:\Games\steamapps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{A6CD5491-F9FF-4298-9BE5-26FCB05D13B2}] => (Allow) D:\Games\steamapps\common\Divinity - Original Sin\Shipping\EoCApp.exe FirewallRules: [{7CA4CB26-0B8C-4810-9F5B-AA241CD5D79D}] => (Allow) D:\Games\steamapps\common\Divinity - Original Sin\Shipping\EoCApp.exe FirewallRules: [{BDF14615-009D-4596-8AC5-D8718DC8C429}] => (Allow) D:\Games\steamapps\common\Frozen Synapse\FrozenSynapse.exe FirewallRules: [{4363C883-4DB8-4C3A-90AB-F10D722B4913}] => (Allow) D:\Games\steamapps\common\Frozen Synapse\FrozenSynapse.exe FirewallRules: [{4B7E6B4F-0E0D-41A7-A4A9-4E21DD738937}] => (Allow) D:\Games\steamapps\common\FTL Faster Than Light\FTLGame.exe FirewallRules: [{3968E51C-72D4-4BA0-99F3-5B992E890E6F}] => (Allow) D:\Games\steamapps\common\FTL Faster Than Light\FTLGame.exe FirewallRules: [{076ED1FB-1271-4BCC-AF26-9B8154292883}] => (Allow) D:\Games\steamapps\common\Ori\ori.exe FirewallRules: [{91271E76-35CC-4814-9E5B-A88FE15CD32E}] => (Allow) D:\Games\steamapps\common\Ori\ori.exe FirewallRules: [{0BEC11EB-9A5C-4222-8BAF-B18AD7AFEBDB}] => (Allow) D:\Games\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{6CDE77F7-6DD8-4E7F-BA75-43D12A92354A}] => (Allow) D:\Games\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{EFBFE8C1-F7B0-449C-986F-0DD016DEAE27}] => (Allow) D:\Games\steamapps\common\This War of Mine\This War of Mine.exe FirewallRules: [{B828E6C0-070A-43E5-9939-A09D3E334CF0}] => (Allow) D:\Games\steamapps\common\This War of Mine\This War of Mine.exe FirewallRules: [{4BDA12D5-7BC9-40BB-A8DC-7B56F67E904E}] => (Allow) D:\Games\steamapps\common\Trine 3\trine3_launcher.exe FirewallRules: [{4C27179C-E104-4C58-A315-3E9E5DAB6A53}] => (Allow) D:\Games\steamapps\common\Trine 3\trine3_launcher.exe FirewallRules: [TCP Query User{4244FD84-9DE8-4C07-BB86-8EC1C5F24F45}D:\games\steamapps\common\trine 3\trine3_64bit.exe] => (Allow) D:\games\steamapps\common\trine 3\trine3_64bit.exe FirewallRules: [UDP Query User{52497E54-E682-4AB3-883F-849F47B23A79}D:\games\steamapps\common\trine 3\trine3_64bit.exe] => (Allow) D:\games\steamapps\common\trine 3\trine3_64bit.exe FirewallRules: [{61E3AB01-64CA-4EDB-8D42-8B0C46D1FAFB}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{3B7D9F2D-8B89-4774-8268-B52CB11C0CAB}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{02811CCC-14CA-46BA-BDD9-B19EB613CD01}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{CD7F6DA3-5642-4F69-90FD-1FCD177A8442}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{88A0DF53-007A-4168-816C-A042A5F586D1}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{95F1CA0C-6ABE-44BB-9451-813E34D976F9}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{97EF4662-8C20-4E72-8197-E9ABAF052C0A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{974261BA-2D19-402F-A90A-CCF0B9337250}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{37DB4CEE-58C9-42D4-B35C-1662D82C8D7A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{50782609-FE39-4BCD-8E3F-55EFD7AF549C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{68D279F5-6EE3-4A4D-A535-A2AE4E25B293}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{FBE9AF85-E0EC-42D9-88BB-1D5DA3F27F63}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{6145B0F5-5E48-4B99-971F-C01E517CB48B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{158BC71F-C0F4-462B-BBE5-A4D2391136B1}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{2C35DD76-FABF-49B3-86C4-B0A7A4C2F37D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{AE010B00-8F61-46F5-A274-E8C3420493E0}] => (Allow) C:\BF4\Battlefield 4\bf4_x86.exe FirewallRules: [{AFF40177-E21C-4A4D-B553-6F9BA118AEF3}] => (Allow) C:\BF4\Battlefield 4\bf4_x86.exe FirewallRules: [{4CB0CE31-0DFD-459C-889D-CFFA11AE0249}] => (Allow) C:\BF4\Battlefield 4\bf4.exe FirewallRules: [{EEB4A72A-456C-4E4A-A348-7C3AA2B01398}] => (Allow) C:\BF4\Battlefield 4\bf4.exe FirewallRules: [{436743DC-1772-4708-A4EB-E0FE3A60F26A}] => (Allow) D:\Games\steamapps\common\Call of Duty Black Ops III Beta\BlackOps3.exe FirewallRules: [{B45BAA1D-E649-4516-9537-F76D4C00702F}] => (Allow) D:\Games\steamapps\common\Call of Duty Black Ops III Beta\BlackOps3.exe FirewallRules: [{D21675F9-5B8D-475E-B6A1-2480E104FCAF}] => (Allow) D:\Games\steamapps\common\MGS_TPP\mgsvtpp.exe FirewallRules: [{370A9F65-F427-4B89-85B5-D5F0214D7A38}] => (Allow) D:\Games\steamapps\common\MGS_TPP\mgsvtpp.exe FirewallRules: [{28EA1612-19AF-4EEE-B3BA-954692851E6A}] => (Allow) C:\BF4\Battlefield 4\BF4X86WebHelper.exe FirewallRules: [{DF08077B-32BC-4009-849C-80955750613D}] => (Allow) C:\BF4\Battlefield 4\BF4X86WebHelper.exe FirewallRules: [{BB601256-8945-4C90-874A-27CD3C44788B}] => (Allow) C:\BF4\Battlefield 4\BF4WebHelper.exe FirewallRules: [{A8057CA9-268D-43FB-B024-8A22AB8790BE}] => (Allow) C:\BF4\Battlefield 4\BF4WebHelper.exe FirewallRules: [TCP Query User{3040D893-5F64-4BEE-9CE2-DF68577547C6}C:\bf4\fifa 16\fifa16.exe] => (Allow) C:\bf4\fifa 16\fifa16.exe FirewallRules: [UDP Query User{4138D23D-0C9F-4CC6-880B-171C209D1102}C:\bf4\fifa 16\fifa16.exe] => (Allow) C:\bf4\fifa 16\fifa16.exe FirewallRules: [{A3FD0448-4283-468A-99C2-68309D9AD031}] => (Allow) D:\Program Files (x86)\Ubisoft Game Launcher\games\Rainbow Six Siege - Closed Beta\RainbowSix.exe FirewallRules: [{5DD752B2-2E87-48D0-BBDC-00093E989646}] => (Allow) D:\Program Files (x86)\Ubisoft Game Launcher\games\Rainbow Six Siege - Closed Beta\RainbowSix.exe FirewallRules: [{2C2CCE4E-A1EA-4CF0-83B5-E196E55E9BC1}] => (Allow) D:\Games\steamapps\common\PlanetSide 2\LaunchPad.exe FirewallRules: [{1EF74477-6E6F-4D71-8D24-3EFDF165A04C}] => (Allow) D:\Games\steamapps\common\PlanetSide 2\LaunchPad.exe FirewallRules: [{D78CA598-FA88-49BB-A7CD-97E5BC89F748}] => (Allow) D:\Games\steamapps\common\Hawken\Binaries\Win32\HawkenGame-Win32-Shipping.exe FirewallRules: [{C243C51F-F277-47A0-8A62-064B4647E3C9}] => (Allow) D:\Games\steamapps\common\Hawken\Binaries\Win32\HawkenGame-Win32-Shipping.exe FirewallRules: [{C17B1139-63C2-4D41-85C2-DE2050AB6FA1}] => (Allow) C:\BF4\FIFA 16\fifasetup\fifaconfig.exe FirewallRules: [{D8882855-F8DF-4F53-BD02-ADC4FCDDD921}] => (Allow) C:\BF4\FIFA 16\fifasetup\fifaconfig.exe FirewallRules: [TCP Query User{F8CE605B-91E5-464C-88F2-4A3DAF6A8B24}D:\games\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) D:\games\steamapps\common\planetside 2\planetside2_x64.exe FirewallRules: [UDP Query User{4A3496E0-53BC-4D42-A622-66CCEBA7F70E}D:\games\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) D:\games\steamapps\common\planetside 2\planetside2_x64.exe FirewallRules: [{96064DD7-CE03-4F0D-B338-2D8D1E52FBB9}] => (Allow) D:\Games\steamapps\common\GarrysMod\hl2.exe FirewallRules: [{EF9EE171-C2EC-403D-A593-862522BB4E83}] => (Allow) D:\Games\steamapps\common\GarrysMod\hl2.exe FirewallRules: [TCP Query User{3161F613-58BA-490A-BF32-BB378B669BC6}C:\users\tower\downloads\lib\[www.mpc-g.com]rcktlg105\binaries\win32\rocketleague.exe] => (Allow) C:\users\tower\downloads\lib\[www.mpc-g.com]rcktlg105\binaries\win32\rocketleague.exe FirewallRules: [UDP Query User{FAE1244A-5DB1-47E3-B4B4-E15817C68733}C:\users\tower\downloads\lib\[www.mpc-g.com]rcktlg105\binaries\win32\rocketleague.exe] => (Allow) C:\users\tower\downloads\lib\[www.mpc-g.com]rcktlg105\binaries\win32\rocketleague.exe FirewallRules: [{6794FD39-FAD4-4CE1-BFF0-9110FE13801F}] => (Allow) C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{4D402FFE-0A88-4204-9D26-F66313A82FBD}] => (Allow) C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{49414156-6D04-4ED4-843D-44E19C46866C}] => (Allow) C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{8AD2136B-FD93-4F18-A945-D2E70D07B6E8}] => (Allow) C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{7935BB68-7D2C-4E8A-B506-E95946F20444}] => (Allow) C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{19FD221F-0A03-43F3-8919-B3992E72175E}] => (Allow) C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{5F58A196-190C-486C-BFC3-DC39693AC853}D:\program files (x86)\total war - shogun 2\shogun2.exe] => (Allow) D:\program files (x86)\total war - shogun 2\shogun2.exe FirewallRules: [UDP Query User{7D8AA4CC-F861-47F0-9842-317D204A9198}D:\program files (x86)\total war - shogun 2\shogun2.exe] => (Allow) D:\program files (x86)\total war - shogun 2\shogun2.exe FirewallRules: [{640B579A-8F7C-40D3-86A5-25A0E53B9B96}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe FirewallRules: [{51CD6A31-7EB4-49F4-BA82-2700A2428173}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe FirewallRules: [{83277662-335B-4596-A8A1-185AC754DE67}] => (Allow) D:\Games\steamapps\common\Teeworlds\teeworlds.exe FirewallRules: [{251D4361-3957-4E8A-8CCF-583405B6A0BA}] => (Allow) D:\Games\steamapps\common\Teeworlds\teeworlds.exe FirewallRules: [{8EF908CA-3F7A-4C61-B3A3-E7BCD95F4AEF}] => (Allow) D:\Games\steamapps\common\L.A.Noire\LANLauncher.exe FirewallRules: [{08C86DD2-F657-4DF3-BB92-2F40D37D1402}] => (Allow) D:\Games\steamapps\common\L.A.Noire\LANLauncher.exe FirewallRules: [{B0777CE3-1F8E-4180-9C31-18C5F3B19A39}] => (Allow) D:\Games\Titanfall\Titanfall.exe FirewallRules: [{0D19F0F3-324A-4D66-85B4-94F8CD4BA36F}] => (Allow) D:\Games\Titanfall\Titanfall.exe FirewallRules: [TCP Query User{A90948F1-0257-4F3E-A2B0-24A88EF02EF9}D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{1C09ABD3-1321-4D90-8AA9-8E02EFBC285F}D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{346C6197-2990-41F2-A816-B2AC493AB97C}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{54CB7B40-80F0-4E83-AF83-696FA9E2E203}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [{31981CE6-90D0-4002-8284-213407374F40}] => (Allow) D:\Games\steamapps\common\Team Fortress 2\hl2.exe FirewallRules: [{360DD666-147F-465D-B92F-5EE5ABACFBD9}] => (Allow) D:\Games\steamapps\common\Team Fortress 2\hl2.exe FirewallRules: [TCP Query User{615D134D-28D0-4ADE-AA26-9F09B503E8F8}D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe] => (Allow) D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe FirewallRules: [UDP Query User{04594715-5C3D-4CA3-B4D4-9A6300CC718A}D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe] => (Allow) D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe FirewallRules: [{998C1B58-163B-476D-AF20-0AC2110B2BDC}] => (Allow) D:\Games\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{FD6686CE-F6FE-4BD0-83F1-ECAB9B09A597}] => (Allow) D:\Games\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{8B9E0380-799D-4102-A481-C34A283A2584}] => (Allow) D:\Games\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{B7631C0D-93B7-44D9-ACA3-5D5F47FEA85E}] => (Allow) D:\Games\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{72F906CB-AD23-4E4A-BF4D-D37FEFD163FF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{E74C905D-ED71-45D6-BBD4-1579A84E6195}] => (Allow) D:\Games\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{9824A515-66D8-4007-B4AF-F4A54DC532B9}] => (Allow) D:\Games\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{E60C9963-847C-4B88-B53C-4CAF9D696165}] => (Allow) D:\Games\steamapps\common\StreetFighterVBeta\StreetFighterVBeta.exe FirewallRules: [{75FEF355-9E2C-4DCE-B3F0-61D8CF3DE1C5}] => (Allow) D:\Games\steamapps\common\StreetFighterVBeta\StreetFighterVBeta.exe FirewallRules: [{DBE33EBB-49E7-4198-960A-BC4B7EA46CAB}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [{09E3F538-B087-48B5-BAB4-45CCF1CAC801}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [{E81C4C61-4ECD-412D-BDB9-F223447A610A}] => (Allow) D:\Games\steamapps\common\Super Street Fighter IV - Arcade Edition\SSFIV.exe FirewallRules: [{F24956A8-4923-4429-9A31-7AD4C7BFFB10}] => (Allow) D:\Games\steamapps\common\Super Street Fighter IV - Arcade Edition\SSFIV.exe ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: SM-Bus-Controller Description: SM-Bus-Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.) Description: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.) Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard-USB-Hostcontroller) Service: Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (11/02/2015 04:45:26 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: avscan.exe, Version: 15.0.13.202, Zeitstempel: 0x55e5b9fd Name des fehlerhaften Moduls: avscan.exe, Version: 15.0.13.202, Zeitstempel: 0x55e5b9fd Ausnahmecode: 0xc0000005 Fehleroffset: 0x00043612 ID des fehlerhaften Prozesses: 0x17e0 Startzeit der fehlerhaften Anwendung: 0xavscan.exe0 Pfad der fehlerhaften Anwendung: avscan.exe1 Pfad des fehlerhaften Moduls: avscan.exe2 Berichtskennung: avscan.exe3 Vollständiger Name des fehlerhaften Pakets: avscan.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: avscan.exe5 Error: (11/01/2015 11:43:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TOWER-PC) Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (11/01/2015 11:17:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TOWER-PC) Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (11/01/2015 06:09:32 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: witcher3.exe, Version: 3.0.6.7903, Zeitstempel: 0x561eca18 Name des fehlerhaften Moduls: debug-console-enabler.dll, Version: 0.0.0.0, Zeitstempel: 0x55ced693 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000000410f ID des fehlerhaften Prozesses: 0x23c8 Startzeit der fehlerhaften Anwendung: 0xwitcher3.exe0 Pfad der fehlerhaften Anwendung: witcher3.exe1 Pfad des fehlerhaften Moduls: witcher3.exe2 Berichtskennung: witcher3.exe3 Vollständiger Name des fehlerhaften Pakets: witcher3.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: witcher3.exe5 Error: (11/01/2015 06:09:25 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: witcher3.exe, Version: 3.0.6.7903, Zeitstempel: 0x561eca18 Name des fehlerhaften Moduls: debug-console-enabler.dll, Version: 0.0.0.0, Zeitstempel: 0x55ced693 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000000410f ID des fehlerhaften Prozesses: 0x23e4 Startzeit der fehlerhaften Anwendung: 0xwitcher3.exe0 Pfad der fehlerhaften Anwendung: witcher3.exe1 Pfad des fehlerhaften Moduls: witcher3.exe2 Berichtskennung: witcher3.exe3 Vollständiger Name des fehlerhaften Pakets: witcher3.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: witcher3.exe5 Error: (11/01/2015 05:23:41 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm LiLi USB Creator.exe, Version 2.9.88.82 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 242c Startzeit: 01d114c1892da7e9 Beendigungszeit: 2 Anwendungspfad: C:\Program Files (x86)\LinuxLive USB Creator\LiLi USB Creator.exe Berichts-ID: e84b88f9-80b4-11e5-829a-1c872c435803 Vollständiger Name des fehlerhaften Pakets: Auf das fehlerhafte Paket bezogene Anwendungs-ID: Error: (11/01/2015 05:22:29 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm LiLi USB Creator.exe, Version 2.9.88.82 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 2768 Startzeit: 01d114c1651ea9c5 Beendigungszeit: 13 Anwendungspfad: C:\Program Files (x86)\LinuxLive USB Creator\LiLi USB Creator.exe Berichts-ID: bdb677ee-80b4-11e5-829a-1c872c435803 Vollständiger Name des fehlerhaften Pakets: Auf das fehlerhafte Paket bezogene Anwendungs-ID: Error: (11/01/2015 05:21:39 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm LiLi USB Creator.exe, Version 2.9.88.82 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 12ec Startzeit: 01d114c153bb6134 Beendigungszeit: 2 Anwendungspfad: C:\Program Files (x86)\LinuxLive USB Creator\LiLi USB Creator.exe Berichts-ID: 9fa6baf1-80b4-11e5-829a-1c872c435803 Vollständiger Name des fehlerhaften Pakets: Auf das fehlerhafte Paket bezogene Anwendungs-ID: Error: (11/01/2015 05:21:08 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm LiLi USB Creator.exe, Version 2.9.88.82 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 23c4 Startzeit: 01d114c1411ee2f7 Beendigungszeit: 3 Anwendungspfad: C:\Program Files (x86)\LinuxLive USB Creator\LiLi USB Creator.exe Berichts-ID: 8b5051f7-80b4-11e5-829a-1c872c435803 Vollständiger Name des fehlerhaften Pakets: Auf das fehlerhafte Paket bezogene Anwendungs-ID: Error: (11/01/2015 04:26:31 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Local Hostname Tower-PC.local already in use; will try Tower-PC-2.local instead Systemfehler: ============= Error: (11/02/2015 06:09:45 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (11/02/2015 06:09:45 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (11/02/2015 06:09:44 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (11/02/2015 06:09:43 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (11/02/2015 06:09:42 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (11/02/2015 06:09:42 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (11/02/2015 06:09:41 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (11/02/2015 06:09:40 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (11/02/2015 06:09:39 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (11/02/2015 06:09:39 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar CodeIntegrity: =================================== Date: 2015-11-01 21:33:39.326 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-01 21:33:39.318 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-01 18:41:14.353 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-01 18:41:14.345 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-01 17:24:20.935 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-01 17:24:20.924 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-01 16:37:41.302 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-10-29 19:26:56.311 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-10-28 17:50:46.255 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-10-26 18:56:55.660 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz Prozentuale Nutzung des RAM: 28% Installierter physikalischer RAM: 16326.53 MB Verfügbarer physikalischer RAM: 11701.77 MB Summe virtueller Speicher: 18758.53 MB Verfügbarer virtueller Speicher: 12654.57 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:232.1 GB) (Free:49.41 GB) NTFS Drive d: (Games/Programme) (Fixed) (Total:1863.01 GB) (Free:1064.69 GB) NTFS Drive e: (Daten) (Fixed) (Total:1863.01 GB) (Free:1860.36 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 1863 GB) (Disk ID: 12F312F3) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 82563300) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=232.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ======================================================== Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 1863 GB) (Disk ID: 117B117C) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt ============================ |
02.11.2015, 19:35 | #4 |
| Virusname: "searchinterneat-a.akamaihd". Öffnet selbstständig Browser-FensterCode:
ATTFilter 19:27:17.0296 0x214c TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57 19:27:26.0486 0x214c ============================================================ 19:27:26.0486 0x214c Current date / time: 2015/11/02 19:27:26.0486 19:27:26.0486 0x214c SystemInfo: 19:27:26.0486 0x214c 19:27:26.0486 0x214c OS Version: 10.0.10240 ServicePack: 0.0 19:27:26.0486 0x214c Product type: Workstation 19:27:26.0486 0x214c ComputerName: TOWER-PC 19:27:26.0486 0x214c UserName: Tower 19:27:26.0486 0x214c Windows directory: C:\WINDOWS 19:27:26.0486 0x214c System windows directory: C:\WINDOWS 19:27:26.0486 0x214c Running under WOW64 19:27:26.0486 0x214c Processor architecture: Intel x64 19:27:26.0486 0x214c Number of processors: 8 19:27:26.0486 0x214c Page size: 0x1000 19:27:26.0486 0x214c Boot type: Normal boot 19:27:26.0486 0x214c ============================================================ 19:27:26.0603 0x214c KLMD registered as C:\WINDOWS\system32\drivers\32704632.sys 19:27:26.0677 0x214c System UUID: {FF421625-5855-4E20-BE13-03D8062D5163} 19:27:26.0893 0x214c Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 19:27:26.0893 0x214c Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 19:27:26.0893 0x214c Drive \Device\Harddisk2\DR2 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 19:27:26.0895 0x214c ============================================================ 19:27:26.0895 0x214c \Device\Harddisk0\DR0: 19:27:26.0895 0x214c MBR partitions: 19:27:26.0895 0x214c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800 19:27:26.0895 0x214c \Device\Harddisk1\DR1: 19:27:26.0895 0x214c MBR partitions: 19:27:26.0895 0x214c \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAF000 19:27:26.0895 0x214c \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0x1D034800 19:27:26.0895 0x214c \Device\Harddisk2\DR2: 19:27:26.0895 0x214c MBR partitions: 19:27:26.0895 0x214c \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800 19:27:26.0895 0x214c ============================================================ 19:27:26.0896 0x214c C: <-> \Device\Harddisk1\DR1\Partition2 19:27:26.0902 0x214c D: <-> \Device\Harddisk0\DR0\Partition1 19:27:27.0551 0x214c E: <-> \Device\Harddisk2\DR2\Partition1 19:27:27.0551 0x214c ============================================================ 19:27:27.0551 0x214c Initialize success 19:27:27.0551 0x214c ============================================================ 19:27:57.0391 0x2310 ============================================================ 19:27:57.0391 0x2310 Scan started 19:27:57.0391 0x2310 Mode: Manual; SigCheck; TDLFS; 19:27:57.0391 0x2310 ============================================================ 19:27:57.0391 0x2310 KSN ping started 19:27:59.0747 0x2310 KSN ping finished: true 19:28:01.0388 0x2310 ================ Scan system memory ======================== 19:28:01.0388 0x2310 System memory - ok 19:28:01.0389 0x2310 ================ Scan services ============================= 19:28:01.0416 0x2310 [ 22CE801AD25C51E2553F41A076BB0CB2, 0520216417F1619FB642734EC937C59D5E79A24306C1E9B793C82FAE077851E6 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys 19:28:01.0469 0x2310 1394ohci - ok 19:28:01.0476 0x2310 [ 2C49A2441EBB24C6ACFB524C1459115F, 0ABACB6F21C41C0297994E61F1BFABB3905AF6B569D0446FE8E174EB9225B8EF ] 3ware C:\WINDOWS\system32\drivers\3ware.sys 19:28:01.0484 0x2310 3ware - ok 19:28:01.0494 0x2310 [ B87D3D07FE6F15328C6860D542F0E2BD, 46CF069EDD7DBFB4DB800BABA3081DAB363DD2CFD724AFF5916D3419F62A3574 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys 19:28:01.0509 0x2310 ACPI - ok 19:28:01.0513 0x2310 [ 1E3C4EDBB7F3F668B7205E351010BB79, A3CA12F72836C4F77B671264828B370B9EBA9CD71110E2C0514994760B6B12FF ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys 19:28:01.0521 0x2310 acpiex - ok 19:28:01.0524 0x2310 [ 13B1C26AEDCB40082CDD97506F968129, 883442206B4C60AA493E84CC3037B6C1568441E1F43D2B1FCBFD8D87D135D511 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys 19:28:01.0530 0x2310 acpipagr - ok 19:28:01.0533 0x2310 [ B3D64FF927D611721DA73A61BF3A18B3, 96B51AFDC3078B5088AAF66F0CF3E07D2FCBBC84A19D309A25DF0A5C6CECB958 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys 19:28:01.0539 0x2310 AcpiPmi - ok 19:28:01.0541 0x2310 [ 19F793B2203D94AC1F8AEDB08B494E2E, DC98CCF9935E1F1C32FA88575A9A678B74916EFF48E39A64CF1FF92232F64A52 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys 19:28:01.0548 0x2310 acpitime - ok 19:28:01.0562 0x2310 [ 0F6A17DC2DA7CFF449C9293CB772DAD5, 74A88837F8BBD0B6A17E863FAC7B9DAA36968DAF0032EA349D0B39BC11531E91 ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe 19:28:01.0574 0x2310 AdobeUpdateService - ok 19:28:01.0593 0x2310 [ 2A24E10C1A1DE0E0035E353EED494A1C, CBBFA86578BE74CAADDCA923D65E3BFFC57BC17B887936ADE5C6952530546A22 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS 19:28:01.0615 0x2310 ADP80XX - ok 19:28:01.0626 0x2310 [ 6C12C7E01A4F64E0AA9C88AF66955CC9, 81A413702909341F8694823EC83FBA0089523D7EC927B80E55E0779BB83AD263 ] AFD C:\WINDOWS\system32\drivers\afd.sys 19:28:01.0640 0x2310 AFD - ok 19:28:01.0643 0x2310 [ EF09D07626820F7F89519514C17FE768, C3EC1DC163CD5946270ED876CD414889BBF2C586A8AF5DC7825FA5D77001E827 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys 19:28:01.0649 0x2310 agp440 - ok 19:28:01.0654 0x2310 [ 8A289EF0721F95267BF2404BABEE146D, E263D258F03DF3BB405D49AE7230C37E7EB8F392FDEE48059C7C1E3709520D35 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys 19:28:01.0664 0x2310 ahcache - ok 19:28:01.0666 0x2310 [ C301499987AF909258774AE9DC5778BB, 3ED539C999847116AE9DB9C8C5A34AB09703BAE3018E1EAF6DBC779BB6736F32 ] AJRouter C:\WINDOWS\System32\AJRouter.dll 19:28:01.0673 0x2310 AJRouter - ok 19:28:01.0676 0x2310 [ DD69535D379F9E40AD0D6002887AAA99, 579DD18CE2B264B4058C6069B8AEE6FD9FE6A882B7DA19E300DFE40B37A4E5BE ] ALG C:\WINDOWS\System32\alg.exe 19:28:01.0685 0x2310 ALG - ok 19:28:01.0688 0x2310 [ 6763084E8322A4876D1613854640F914, 89EEEB47517A9964FA799821E5E45BDD6009EBDC628D6DADE6A7F03DE7CDA6CD ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys 19:28:01.0697 0x2310 AmdK8 - ok 19:28:01.0701 0x2310 [ DE29D8AB57AD67D4940CAB4A48B3E230, 4E92AFCD9107573DAB8E65AC6318E4B8851DCCBE17E135DFF8CF5733210B52E6 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys 19:28:01.0709 0x2310 AmdPPM - ok 19:28:01.0712 0x2310 [ 4C1F9BBAF5CCD76D4642F3B92B97B454, 514CCAA8B586B1019658BE101046386EB727AD48D7913AEF9A168763E91F0DE5 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys 19:28:01.0718 0x2310 amdsata - ok 19:28:01.0724 0x2310 [ F8195C1A15955180DD663E7FF4C2F6DD, F3C0C6B38FB9478217EE25EBDBDF7A18F01B97655BC38373E70E71171705D5E9 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys 19:28:01.0732 0x2310 amdsbs - ok 19:28:01.0735 0x2310 [ DD2F5BBCFAC4D8E48DB1A95A7EEBFF08, 619E3106072C6F785144D785C4AFB4C607CAF7ED29AAA4A1411BE262E62B7ADE ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys 19:28:01.0741 0x2310 amdxata - ok 19:28:01.0758 0x2310 [ 6B31C215750CD41567E962D22839EE44, FF0B92807296B88DE37F9F2EB27FF7B73AA998B98074AA54A949A2B79690AFE5 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe 19:28:01.0777 0x2310 AntiVirMailService - ok 19:28:01.0785 0x2310 [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe 19:28:01.0794 0x2310 AntiVirSchedulerService - ok 19:28:01.0802 0x2310 [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirService C:\Program Files (x86)\Avira\Antivirus\avguard.exe 19:28:01.0811 0x2310 AntiVirService - ok 19:28:01.0828 0x2310 [ D84E576299C73B0B1DC477D2B99958C4, D6703C2B63B9FA87C2DA009CC7B6DF76C3603C6A9874B152D685A1B92EE2DF28 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe 19:28:01.0846 0x2310 AntiVirWebService - ok 19:28:01.0851 0x2310 [ 46AAF119090573A80D603745582229ED, 8D7C4AED66DD32A104965DC23D17C0815CD1BE2E3D52375C1A63863664EE174F ] AppID C:\WINDOWS\system32\drivers\appid.sys 19:28:01.0859 0x2310 AppID - ok 19:28:01.0861 0x2310 [ 24315B385F515D6D5476757EAFD62633, CE645397BF43CC54B864A0E4FCB86F76C10B9C2D2482E85DBBE15EF7BF045F17 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll 19:28:01.0871 0x2310 AppIDSvc - ok 19:28:01.0874 0x2310 [ 2CE396457D5C18F034D243EC7E159010, DDF588A568DF5EAE058DF315535BD746760363E2242EF8C705F8DCBA2D5DA4A7 ] Appinfo C:\WINDOWS\System32\appinfo.dll 19:28:01.0884 0x2310 Appinfo - ok 19:28:01.0889 0x2310 [ 6EB87FDB59AABF6D19C927492DEA0D36, 36168F8CC75D16917A30FA1FACF57659BC2ADF870D20DEE93F851D5348E605BB ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 19:28:01.0893 0x2310 Apple Mobile Device Service - ok 19:28:01.0903 0x2310 [ A8AC0B8ED134888731D1A1BCEF930FA1, 917D2C99CB28C5F20BA386148B6A93541AEF900A9A99D310D732B501322945E5 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll 19:28:01.0922 0x2310 AppReadiness - ok 19:28:01.0952 0x2310 [ 2E71E6B389976FD78609A1AB44F7EEB1, 24F7A6D7B4C3DFFE128AFE70F37FFA6258928DF7CCFF3AB2490A41F595529299 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll 19:28:02.0005 0x2310 AppXSvc - ok 19:28:02.0012 0x2310 [ 0756EECAC010BE449D07502DF27E7701, 6A895CA80050D021DB5E130102F626027339A22673B7C15C51A375C0401F03D2 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys 19:28:02.0019 0x2310 arcsas - ok 19:28:02.0034 0x2310 [ BBF8F831C7720DD5135D8C4C8325187A, 2630C68200D7BD49A5772830D6B369C0EC337C2558A9562DD564DF042249ECC0 ] asComSvc C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe 19:28:02.0050 0x2310 asComSvc - ok 19:28:02.0059 0x2310 [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO C:\WINDOWS\syswow64\drivers\AsIO.sys 19:28:02.0064 0x2310 AsIO - ok 19:28:02.0066 0x2310 [ A5792F971EFE86B7F56EE7299ED1082B, 82DCD15E2C9D8A3EA663941C9CE73020FEEF2F91354D0BB51E8A142AA1E30217 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys 19:28:02.0075 0x2310 AsyncMac - ok 19:28:02.0079 0x2310 [ 8921DF6060DB5C7700AA48CB12E9EA08, 8F18841B454CDE4926C50B23F818D00ECE0AE884DB198E396445CB44CB39B2C4 ] atapi C:\WINDOWS\system32\drivers\atapi.sys 19:28:02.0084 0x2310 atapi - ok 19:28:02.0090 0x2310 [ 240FF83DD79546B26F187FAB20F83864, C4DC0159016B4A4630357131E614814C068D07BEA94AAF6393E882A78C9FCA1E ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll 19:28:02.0103 0x2310 AudioEndpointBuilder - ok 19:28:02.0120 0x2310 [ 4C86961C71396D2BA39DAD9783437546, C36A428701D6C0E2FFDF0ECB8917FB6ED48E8014F7C3DD911387DE6E161D7EAD ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll 19:28:02.0148 0x2310 Audiosrv - ok 19:28:02.0153 0x2310 [ AC82CC4F2A41E098EB34C0A9F8125DDC, CC416DD5FC8E14A1F99F8DF52D795CA6E16EDBF8FD7C9624B10BA83D9D954BF2 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys 19:28:02.0159 0x2310 avgntflt - ok 19:28:02.0165 0x2310 [ 45061BD6F11B80BF1C07A9253A659BF1, 9A1AFE963672E23F3C19FACE2CEB64766C964B165ECB26F36B6FB5730CEAFD2D ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys 19:28:02.0170 0x2310 avipbb - ok 19:28:02.0175 0x2310 [ 6C4B9A2FF6924405E9ABFB558049D4DD, 9AB314B9ECF41832589726556A93CEAAE2AE774B1738A46A027E833B73A72118 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe 19:28:02.0182 0x2310 Avira.ServiceHost - ok 19:28:02.0185 0x2310 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys 19:28:02.0188 0x2310 avkmgr - ok 19:28:02.0192 0x2310 [ 74179E7C103F3A44B33D7D982E21E35D, 7F2384B065EA9959734D65426781D901CDB0DA8DFCAD13BF05044DDF33CA5688 ] avnetflt C:\WINDOWS\system32\DRIVERS\avnetflt.sys 19:28:02.0197 0x2310 avnetflt - ok 19:28:02.0201 0x2310 [ 2F7F80543129210CA75995D0DCA488E8, 353E598FF26FA363C02A2B44BA8D7D1ED97B8AC8C69F1B5C5D521BD0D5D5AB94 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll 19:28:02.0213 0x2310 AxInstSV - ok 19:28:02.0224 0x2310 [ 00D64E82900E4EC9062805ED87C2D75A, 577110F9A7C6C2C4CF86FFF4F60E23F61623ED325FC950033900A5102754A677 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys 19:28:02.0237 0x2310 b06bdrv - ok 19:28:02.0241 0x2310 [ 5164A66EC1565711A7B4CF2F143B4979, DA29F0FB63F3EB2BF92D51FEB4BB7D2B964553D2F634556325953927464CB3A5 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys 19:28:02.0248 0x2310 BasicDisplay - ok 19:28:02.0251 0x2310 [ F4C58BBF2972BD84C73F6A14CA35AC4E, B7A226EB861B63ACF4BF9B5A331ACA6FFC9B787DCCAA7697EEFC4F634508A6D5 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys 19:28:02.0259 0x2310 BasicRender - ok 19:28:02.0263 0x2310 [ 25349D0B334E528667980948ED107D89, 70EF9D3B8DCAC6E9720C6F3EBC77392FADC182A6925F9024FE30A21321E0137F ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys 19:28:02.0267 0x2310 bcmfn2 - ok 19:28:02.0273 0x2310 [ DF78B56EEE6004DEE8CE57763128075E, 5758CAF4B0182F3F2E2508B3BB58B0271F2689808D09675B2753FE373D1D77D2 ] BDESVC C:\WINDOWS\System32\bdesvc.dll 19:28:02.0287 0x2310 BDESVC - ok 19:28:02.0290 0x2310 [ 1E8A9267F8886803AAE02982FC1B5BC4, 655DF84E037BD6E582A6BA89737A4388956219171AF7253D126E54A23F16BE59 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 19:28:02.0298 0x2310 Beep - ok 19:28:02.0311 0x2310 [ 7FAFFFC4C59F5010D6E7CEA152076B92, 945FD6C04E109D4E5A4164BAA9A8120EC85AB809555AAD83E61B9F179F976FD7 ] BFE C:\WINDOWS\System32\bfe.dll 19:28:02.0333 0x2310 BFE - ok 19:28:02.0351 0x2310 [ BD60F5633F6BD617D9ECCA3FFDC0D37E, 2F0DECAEB7096CD628387263381E123C883F483BD87F7F2BA6DEFBB5A184BAA3 ] BITS C:\WINDOWS\System32\qmgr.dll 19:28:02.0381 0x2310 BITS - ok 19:28:02.0391 0x2310 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 19:28:02.0401 0x2310 Bonjour Service - ok 19:28:02.0404 0x2310 [ C9FD65687EF89715999C582D3E568812, 42BA59A78A47C510CB2AFDC6C6080B33F9F611F84FEE5262DFF16D7633C50EB1 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys 19:28:02.0413 0x2310 bowser - ok 19:28:02.0424 0x2310 [ 3A4A543F135DE9A06ABA9DF982D79DD7, ABA165435C27BE15D7EBD3E7D023E295CB7AE2A099DF9E253C78EC45EADD75EA ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll 19:28:02.0440 0x2310 BrokerInfrastructure - ok 19:28:02.0445 0x2310 [ 2AAD720B32904B97EDD8C3211344F79E, 41B1AEA5FAA48033B2581E18D68EFC986C3D65B383847E250C054CE3133A893C ] Browser C:\WINDOWS\System32\browser.dll 19:28:02.0453 0x2310 Browser - ok 19:28:02.0459 0x2310 [ 065818B8A2CD7F08D6DC8C598191548C, 08982EB22484ECCA1A7FD0C6A10E6D0BB09F624CEBC397C9B241C2D75C984C70 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe 19:28:02.0466 0x2310 BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 ) 19:28:04.0806 0x2310 Detect skipped due to KSN trusted 19:28:04.0807 0x2310 BrYNSvc - ok 19:28:04.0820 0x2310 [ F8DD3B0EAC1EF1D087AE47E5819540AC, 866C951B52E3202AC89552AEA72A45123367199335578F03815E2ED55DA2FDAE ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys 19:28:04.0855 0x2310 BthAvrcpTg - ok 19:28:04.0859 0x2310 [ 647E2A425AD43637EAA01096A58B7089, 8F76D024FEBCBA1AC54363133DE1E0DD5B9D696E5E688EFEBC3B79F7F1B9C568 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys 19:28:04.0873 0x2310 BthHFEnum - ok 19:28:04.0878 0x2310 [ B95040CAD3434D9EE003065363A0FAFF, D441E0676EA1AE1ABC305732024311CA59715E6763B3D7ADB728DEEFC403E182 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys 19:28:04.0888 0x2310 bthhfhid - ok 19:28:04.0894 0x2310 [ F334BF7B0737CEB3B6822631EAD55A87, 4E5AEB1F8E109BA01A5D1CDE2E3C677FF07F2AFE8B195CB5F82AA28816D2060E ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll 19:28:04.0908 0x2310 BthHFSrv - ok 19:28:04.0911 0x2310 [ 29AEE352AED4FCD2191436D263D75347, 3D21262EA26BF423BFA4A9146E53F8B036B2A1157DBE91A11C5603AF7A670B6F ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys 19:28:04.0919 0x2310 BTHMODEM - ok 19:28:04.0923 0x2310 [ 26DD0127A05B333E36316E6EA9A6AAE2, A2DC4483FF5639EE8DD315AB2989865CA6A6992C578FD7F7D31698A015355941 ] bthserv C:\WINDOWS\system32\bthserv.dll 19:28:04.0931 0x2310 bthserv - ok 19:28:04.0933 0x2310 [ 854AF190F55E6D70EC65A85798F896E2, 6D39F9131BE93F934502BA1DB109E7AD35D3987B636F7B32F9C34823DF25746B ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys 19:28:04.0941 0x2310 buttonconverter - ok 19:28:04.0945 0x2310 [ A10A1E05A943B10ECE5D57D131B7404D, 71BB816B6841001A4305DF1814926B639265E91895CA5D06284B0970E40CE386 ] CapImg C:\WINDOWS\System32\drivers\capimg.sys 19:28:04.0954 0x2310 CapImg - ok 19:28:04.0957 0x2310 [ F2829DC6D292DCAC5029893BB2E9FEE3, AF2A25722D3BE37BABD1F6668786AAF39E9D6CA18CE8E845E63266E218C64526 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys 19:28:04.0965 0x2310 cdfs - ok 19:28:04.0969 0x2310 [ F3A9E38AE23AD4015764AF89E4AE3519, 57ED6AC834177E128720FEC5B5793F35C7C36474E2D787F182B6730933222CC9 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll 19:28:04.0979 0x2310 CDPSvc - ok 19:28:04.0984 0x2310 [ CA160E02F35A61C6F5C681FB4669C519, E6BC66156EE226F16804C4FDC8A60EB15CE6212EAFB9FB841FAC899979E140E2 ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys 19:28:04.0993 0x2310 cdrom - ok 19:28:04.0998 0x2310 [ 320E7A02D81A468E8C1FEEFDB856AFAE, E65127D3D6B628F9D19EA509FEBD9E4DC1BF20D0C62C3C9E1D7087DF972B2AA7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll 19:28:05.0010 0x2310 CertPropSvc - ok 19:28:05.0013 0x2310 [ 60D7D304DF75DFF6A46CF633F583B592, 4141D8D1C6FE829C02053DA91AC6B0628BDEB3322CAAD4AD958190F9D173340E ] circlass C:\WINDOWS\System32\drivers\circlass.sys 19:28:05.0020 0x2310 circlass - ok 19:28:05.0027 0x2310 [ FF9D4BCE19E5D36CB3A845A3286DA6C3, A0E2C38D629359EEC6F8EEC6F92A3E571AEF018BAF259F395DC497ED4827460B ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys 19:28:05.0037 0x2310 CLFS - ok 19:28:05.0048 0x2310 [ 5C4648673693724C8D4A1A92E1AA06E6, 5D548241715687BFA52E40B867EF73CB45D01B7F9A9B7F00B92BF2B4C97BE1D0 ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll 19:28:05.0064 0x2310 ClipSVC - ok 19:28:05.0070 0x2310 [ 8EBA63416EC166EBA6EF6D34A505D8C8, 5EB0236ABEA2277B71D9F009DA71934C618606B20BBEC07B8595195E40C12A2B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys 19:28:05.0077 0x2310 CmBatt - ok 19:28:05.0087 0x2310 [ 3B64DA873CEA5BEC42570BFF1054A014, 3649B25855CB9BE5BA3B3FEE4221575381FB2D488B8B050B5DD0088386AA0F7B ] CNG C:\WINDOWS\system32\Drivers\cng.sys 19:28:05.0101 0x2310 CNG - ok 19:28:05.0104 0x2310 [ 5EEA0856000F81B3D709BC81B3AA1EF2, C04E4E31D3FC38102BA410D312F58AF848920EE37004A5C306D79229C9B6079A ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys 19:28:05.0110 0x2310 cnghwassist - ok 19:28:05.0118 0x2310 [ 74CD3BF688E2B408227FE012A2F2D8ED, CC01AC79CEB9DC94FA5675D66F048928C9968B8944E34F5482A73C14B70EE8A8 ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys 19:28:05.0125 0x2310 CompositeBus - ok 19:28:05.0128 0x2310 COMSysApp - ok 19:28:05.0130 0x2310 [ D38774D1D383A2CDB9A4F64B7206913B, 6CDDC46D1D431342F00CA537FC327B23B8AA4D513CEEEE61F3E19C77975DF9C8 ] condrv C:\WINDOWS\system32\drivers\condrv.sys 19:28:05.0137 0x2310 condrv - ok 19:28:05.0149 0x2310 [ 8AFDD74F2DC5BAD9B2215FB19DB65240, A2BDDA4C77C63D3D8E9F1D397D7B41EC1BF093A6399C14D311D4D230B5F1E093 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll 19:28:05.0168 0x2310 CoreMessagingRegistrar - ok 19:28:05.0172 0x2310 [ 35DB06AACD8AD5999161DA71FF0E16F0, 22AD27811AAD14666ACEF4115447B0CFAA70D1E73923059FB2A9B4C3CBE500A6 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll 19:28:05.0181 0x2310 CryptSvc - ok 19:28:05.0184 0x2310 [ F038EAF73AAB72A4A89185A5A7B9FD75, 8213A60B3BEAFC1C554C5D049DFE3C6E44CEFE639EDD6A335AC18A9DAEDA2D4B ] dam C:\WINDOWS\system32\drivers\dam.sys 19:28:05.0190 0x2310 dam - ok 19:28:05.0204 0x2310 [ 5E57B9FBB4E9C43EE5B69BEE01A1819F, A1F8D1E52AF446CEA2EB50064E3A24B713B19197D61C3EAECB81B3CCD80558E7 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 19:28:05.0230 0x2310 DcomLaunch - ok 19:28:05.0235 0x2310 [ 0605AB12BF1856DF21AB708F28EA91CF, 3A6A7F8F84044DC1EA490A007E6DBC52203BA237ECF1B845961D9BB95E9BF8C8 ] DcpSvc C:\WINDOWS\system32\dcpsvc.dll 19:28:05.0248 0x2310 DcpSvc - ok 19:28:05.0256 0x2310 [ BABB7BB5AD3CECFF466E6080F43CFC58, 1B8FF66557EC4C749156ED6DACC4D61D5DC4E25DD58F6DB3713C356214B80FDA ] defragsvc C:\WINDOWS\System32\defragsvc.dll 19:28:05.0275 0x2310 defragsvc - ok 19:28:05.0283 0x2310 [ 63C9464B165D31ACC46B6B089AB36B41, DE38DE4E6331D07630B63224F8014C27368C29791EDB58CC5DAE7CBACD37160A ] DeviceAssociationService C:\WINDOWS\system32\das.dll 19:28:05.0300 0x2310 DeviceAssociationService - ok 19:28:05.0303 0x2310 [ 7B3DA16FAA498838BB457E0B7E380EDF, B73DCFFA60886F10765E4B76A58CFF18C08CAFEE620700361FC8FEC7E80B5958 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll 19:28:05.0315 0x2310 DeviceInstall - ok 19:28:05.0318 0x2310 [ CF3895DD260ADE05BC91D8FBE0A82907, D7D8A29E873BE5C3832C9264F0165F6CD50D42ED0E04B0FCF07F054793092334 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll 19:28:05.0324 0x2310 DevQueryBroker - ok 19:28:05.0329 0x2310 [ 25435407D97419627F4B10653433BF2B, 5429B0DB7C5302E9A6AF92C046637183D4147D4A206963ABEA3A611214D6AB04 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys 19:28:05.0338 0x2310 Dfsc - ok 19:28:05.0341 0x2310 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys 19:28:05.0346 0x2310 dg_ssudbus - ok 19:28:05.0352 0x2310 [ E59C209F1F633C1AEAF151B2CA46BBAA, 6A4DA927418B56A228CC8D9DFA3351B2B53A9328F5C56C10F0C7B19974B2ED89 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll 19:28:05.0365 0x2310 Dhcp - ok 19:28:05.0368 0x2310 [ 95AA7877FD4161BFBC8493F9279B1901, F6B7DF75D763A89901BD12454BEF92D161B392F721B8568505073929D9F419BD ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe 19:28:05.0375 0x2310 diagnosticshub.standardcollector.service - ok 19:28:05.0399 0x2310 [ 58395E37ED838B93A56F1D089C2F53CF, 57D167B58DF5B33F7E2A98E1B8B33C8F076D34CA032D22F050AE6F83A48DC8E6 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll 19:28:05.0429 0x2310 DiagTrack - ok 19:28:05.0449 0x2310 [ 91DF13EC831BDCFA36A7A12CD13D66B9, 5054281FE91D4BE0DB446F6F30E3D59E669185555F6C20B988DEC250713FFCED ] Disc Soft Lite Bus Service C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe 19:28:05.0470 0x2310 Disc Soft Lite Bus Service - ok 19:28:05.0474 0x2310 [ FDCD449AE9E75D7690593D16ADAF4DB4, 3366C4BDB031EB525F85850E903C46802A2AC762C0772C6F6E543DDA4AF1E9D5 ] disk C:\WINDOWS\system32\drivers\disk.sys 19:28:05.0481 0x2310 disk - ok 19:28:05.0487 0x2310 [ 43A1B8B43CA4E213E0FD920F2FD6BCBA, 839C6047FD6EA951538209C30C9D8AE68F9B47A58DA151D071C03408250B0ECD ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll 19:28:05.0499 0x2310 DmEnrollmentSvc - ok 19:28:05.0502 0x2310 [ F10A8F6D036CEDD14A5471782C52F041, E0DA3C4F76DBBEAED549375E57819F8825B33A118F7674D417D294054863F648 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys 19:28:05.0509 0x2310 dmvsc - ok 19:28:05.0513 0x2310 [ 7228733177F673B4D51BD1AA082D47C1, DBE155CDCFAA7C32407A207F637F252FA0CE30F1DE7E7DBEC42DB37FADB5BFA7 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll 19:28:05.0522 0x2310 dmwappushservice - ok 19:28:05.0528 0x2310 [ 592E41B3C11CA12203D3708AD8FC3D37, 6C69D5D603FBF038C069EDDCE29F7C6A60CAAE58B985AB218E1497F2BA934D42 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 19:28:05.0540 0x2310 Dnscache - ok 19:28:05.0546 0x2310 [ 6184C7A2F12625C108AEFD3A43429967, 689153F319BB1013FF60F71317E8380A6945EEE8141EDBDD6B185A966E23BB93 ] dot3svc C:\WINDOWS\System32\dot3svc.dll 19:28:05.0559 0x2310 dot3svc - ok 19:28:05.0564 0x2310 [ A616D8297C1BEA690BBC796736A7A78D, 9365470F4609606410AD79D98E1E77D815DC7C5AA924FB639FCF713EE8EDEA76 ] DPS C:\WINDOWS\system32\dps.dll 19:28:05.0573 0x2310 DPS - ok 19:28:05.0575 0x2310 [ 45771610FF181434073B5A0A00F20F8D, 6A17DB09AA6D021F000F7315317235E1FCF41FD58EA7DF81A7C9F5A6DE999984 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 19:28:05.0581 0x2310 drmkaud - ok 19:28:05.0586 0x2310 [ 00D9A948FB7344C62CEBED88E50EE39A, EF33FE7FB34DE571F3956C1F7AC8EFAA25BFD9F3AFA3ECD25DD34C5890873245 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll 19:28:05.0597 0x2310 DsmSvc - ok 19:28:05.0601 0x2310 [ EA354224BAD970CF0F438E6567F26A49, 900F2454F085BC6D2C2149A96452F3375111C601C4464066B6DA1DD7B795021A ] DsSvc C:\WINDOWS\System32\DsSvc.dll 19:28:05.0610 0x2310 DsSvc - ok 19:28:05.0612 0x2310 [ 496C3C6BC3D930D0960C9E75AA30F4A7, 3FE0E86DA8C2C6A990BB2F1B92C22BD3483882B8D69FF8025BB68A199362C234 ] dtlitescsibus C:\WINDOWS\System32\drivers\dtlitescsibus.sys 19:28:05.0616 0x2310 dtlitescsibus - ok 19:28:05.0622 0x2310 [ E2CA2BC3B16BDA6E6F80F54C88486877, CBD455286ACA247363BFEDC9745CBFB251FE632101AF6D1128CB2F99AD31238E ] dtsoftbus01 C:\WINDOWS\System32\drivers\dtsoftbus01.sys 19:28:05.0629 0x2310 dtsoftbus01 - ok 19:28:05.0656 0x2310 [ 89C9C3745F270EF93988DA57BC6AA62B, 947886F3121919427BDCB123C6FC28E29CA73D427E92025E1BEAA743D27306D3 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys 19:28:05.0691 0x2310 DXGKrnl - ok 19:28:05.0702 0x2310 [ C413D1219AFF3005E1318CC8EA38DB4F, 2DBED36CA9B9BCC443C0D8FD41BAED5FFD38F5531FF9BE5B7A9DAD22087C5707 ] e1iexpress C:\WINDOWS\System32\drivers\e1i63x64.sys 19:28:05.0728 0x2310 e1iexpress - ok 19:28:05.0731 0x2310 [ 6E36BDBB46DF7F865D0DD30663AE3891, 98967B01EA450AD4D5FE8085F710359C022D783B839A51BD4A266718156B01EB ] Eaphost C:\WINDOWS\System32\eapsvc.dll 19:28:05.0746 0x2310 Eaphost - ok 19:28:05.0790 0x2310 [ 3070013B01EDA42C7EB67D731340C396, C083CA05650750876E70CB6AB51D5C047C06098C2ED86B083A74C97830247BFC ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys 19:28:05.0847 0x2310 ebdrv - ok 19:28:05.0852 0x2310 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] EFS C:\WINDOWS\System32\lsass.exe 19:28:05.0859 0x2310 EFS - ok 19:28:05.0862 0x2310 [ 59EE187E333EE9914DD9BEA5F4E0D85D, E34BB8075E38FC6AEC056323C6E3B5B4E7041EE6F4D51699B706DEEA18BDB911 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys 19:28:05.0869 0x2310 EhStorClass - ok 19:28:05.0873 0x2310 [ 9297F1CC486F24BDFD2874156AC5430F, 1AF8689ADE4E658FC9418F7886B6C19F7D005EAB2AEF9B0E14FC81C61A74CECF ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys 19:28:05.0880 0x2310 EhStorTcgDrv - ok 19:28:05.0883 0x2310 [ 9E8FF6B95FD420FA9E40BE548E5C8D92, 8825B81418335D03CFAADB792C1466023C459BE489ACACBD6686FFB544F22D30 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll 19:28:05.0891 0x2310 embeddedmode - ok 19:28:05.0898 0x2310 [ DC2F91EAE9A28FA8C6610A9B7701B70D, 480DB509BF944AAC3617594F1245B4603069DE39186BC1FA7EDB8E0536B05E79 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll 19:28:05.0909 0x2310 EntAppSvc - ok 19:28:05.0912 0x2310 [ F7FCCA6300485EF60CEA6D991D6C8C78, 24080D80CF1FD678DF4C9CAE70F65F8D9232F5F6A6F2B73A77B5E3C91E6505F3 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys 19:28:05.0918 0x2310 ErrDev - ok 19:28:05.0928 0x2310 [ 2093F65AA84478E28C8E9D05BC413845, 086D4E0D4B993F4041AA8A9DCBEEDB53BD05B88E2BEFB218837FB10FACDF4233 ] EventSystem C:\WINDOWS\system32\es.dll 19:28:05.0944 0x2310 EventSystem - ok 19:28:05.0950 0x2310 [ DCCDC3F35F0618692117DF90800A4284, B636B2A39AE89A9C2CDE17EC52DA669DA8AA9E2B04CA5CA19926DA8009655244 ] exfat C:\WINDOWS\system32\drivers\exfat.sys 19:28:05.0963 0x2310 exfat - ok 19:28:05.0969 0x2310 [ 5A1C6AFFF6946C5C21A27AE05084C0D1, 558CB87E596E85182F6976F215EE0E35F57BF901409A2805E6A3C29D8984B048 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys 19:28:05.0980 0x2310 fastfat - ok 19:28:05.0991 0x2310 [ 046FC9CF53A91E2FBA498CA7B0C3B028, BCFB06DF53065706DD6287E8C47BF5047F8A1E33981E1881E6ED7510337F5BC8 ] Fax C:\WINDOWS\system32\fxssvc.exe 19:28:06.0010 0x2310 Fax - ok 19:28:06.0013 0x2310 [ 4E4B7D935DBF522B2F23D3573596181D, 9D0EC9F65920EE0FFFB2D49C58E4D5151C8CEEB7AA82543D226E4B84EEE4B3F0 ] fcvsc C:\WINDOWS\System32\drivers\fcvsc.sys 19:28:06.0021 0x2310 fcvsc - ok 19:28:06.0023 0x2310 [ 583EB1C7690E361213BBD0472155128B, 5F5871490A6DAC4A824F4428941AC86FBFA9AA349B99B5D9544E5D62EB459FA8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys 19:28:06.0030 0x2310 fdc - ok 19:28:06.0033 0x2310 [ 94B1A46EDD335F0C54C7BDAFC43348E6, 58073D58D0BE7389C2A4736AFE108835E5AE9C9950FF630644F585C99B964043 ] fdPHost C:\WINDOWS\system32\fdPHost.dll 19:28:06.0042 0x2310 fdPHost - ok 19:28:06.0046 0x2310 [ BC855BB7DFE06F27F78E0EB2A8CCB70D, D16C3DAB99C16B077BA5DA5E9E0646B0B9237B00ABAE867D9F81A2D072D583B1 ] FDResPub C:\WINDOWS\system32\fdrespub.dll 19:28:06.0055 0x2310 FDResPub - ok 19:28:06.0059 0x2310 [ F1125F20D56F28DDCD1A6F3E81EB4F5F, A6620ECCB15FAA70E4A43ADA4CE82CF97D708B6FA07F3FAED276359E7F92FD0F ] fhsvc C:\WINDOWS\system32\fhsvc.dll 19:28:06.0070 0x2310 fhsvc - ok 19:28:06.0073 0x2310 [ CDFD81CACE0E11596A3BB61EC4CF6467, 569FA86A215B054131AA9AFEECFEE7FD7143DCFFE275B84196004AEA538B2476 ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys 19:28:06.0081 0x2310 FileCrypt - ok 19:28:06.0084 0x2310 [ 3F02FEDAE894CBF4BAADDF8C8E1D53A8, DA32ABB1CDA867B8456C46F8581FA7F3A8D8B89D9F6E7422F51941D5FFA15B13 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys 19:28:06.0090 0x2310 FileInfo - ok 19:28:06.0093 0x2310 [ 2824933386E30DE5BA089DF539CE19A3, 7B33E514576C68B444AE99CBA1360EBFAE8A46EEE5C01F4EE4CF471A712AB148 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys 19:28:06.0102 0x2310 Filetrace - ok 19:28:06.0104 0x2310 [ 6A598249640F8BEDD79EC73917E1664F, A675238EA19E6632CDEB4EEFF7CF509EAAEF76AD8DFD247664E5607555D9CEE1 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys 19:28:06.0112 0x2310 flpydisk - ok 19:28:06.0118 0x2310 [ 44B6A6832134DF651E887E941478CA35, FCF4EB726D00F5A17DD66C81CFDA49427281C94CF9CA2008397D591AEA61AE05 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 19:28:06.0129 0x2310 FltMgr - ok 19:28:06.0153 0x2310 [ C197284A9D565A38497733AF2BDFA111, C6615AF0D366C2DD6D431B073901EED02D49AA3F252230735DBB52A90BCFA833 ] FontCache C:\WINDOWS\system32\FntCache.dll 19:28:06.0193 0x2310 FontCache - ok 19:28:06.0197 0x2310 [ 109AACC7FB0170535F71491F673AFD38, 212B6761ABBAC29993DA0A47C3DDE8074EA9E5A8FFA8FF6EAB95AC69D8FDD5A0 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 19:28:06.0203 0x2310 FontCache3.0.0.0 - ok 19:28:06.0206 0x2310 [ 3F3B9E8CECD5604BC7746EF3A852EB67, 51AF62A9563379266C0C873E82F55427900032DFD7AC3EBDCDF77F8F8DE91A5D ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys 19:28:06.0213 0x2310 FsDepends - ok 19:28:06.0215 0x2310 [ A60583221C7BB7CEC35C63285A297BE1, 3C842FBEAD1FA2BD8D37B2B0E8EDF77F4F50508C56FB25DFA81DE9679090D51D ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 19:28:06.0221 0x2310 Fs_Rec - ok 19:28:06.0232 0x2310 [ 58013A50225174EEF1410E37795D7908, F8E557CA4110ABB203192DEAF59D91A5FEF2A5EA394637276DAB7F4D2E7BFA39 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys 19:28:06.0246 0x2310 fvevol - ok 19:28:06.0250 0x2310 [ 0DAAE3EFCE00133AB3E383A36C47CDAF, 9145665F4F0575F951803AAFAA1A7DC0FAA35430CAE7D90E902074D60D6F4C62 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys 19:28:06.0256 0x2310 gagp30kx - ok 19:28:06.0258 0x2310 [ F59155B95D01C08F9ED774B626B504A1, EF0FCF35AD9CD5E5D695F0C064244D2B327E7FB10FD7CBB0586253EC75562918 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys 19:28:06.0265 0x2310 gencounter - ok 19:28:06.0267 0x2310 [ AE24452F55C6F1784CBD7489D0CDDB02, 4E13C51CBF30A8662B1180AC74E968CFC428B6EA7931F09357E7D120063D4823 ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys 19:28:06.0274 0x2310 genericusbfn - ok 19:28:06.0291 0x2310 [ 21931B9C5FDE6087F47F710AC1BE16E9, A727A8922A9769AAC77F5D85ED3475853655E9483C8DA091653D0B1F3D479398 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe 19:28:06.0310 0x2310 GfExperienceService - ok 19:28:06.0315 0x2310 [ 96F0D3A583A91B634EE2AC2507356EDC, 43D2575F33D28F61C13D2DCF358BFA9DCEAE276C83152DBE7AE2020A66929CD9 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys 19:28:06.0323 0x2310 GPIOClx0101 - ok 19:28:06.0342 0x2310 [ E50CE978F571B900D9A7E2F1C5BCC070, EA14873A5F1B700D7CDBE55B9D214DC457262866A90D80B3E8325A8EB7932CE7 ] gpsvc C:\WINDOWS\System32\gpsvc.dll 19:28:06.0376 0x2310 gpsvc - ok 19:28:06.0379 0x2310 [ BA2455D93BD57989A04FE4094AA6F941, B579FB367C063EA30C034381148410D49D38E183A5A4D51D2334A81DAEE95CEC ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys 19:28:06.0388 0x2310 GpuEnergyDrv - ok 19:28:06.0392 0x2310 [ C6FF00DA1605982E616C03BE809FFE2D, 4D9C86B9FF2FA291DC320677D28DF00C26834409F7AD94D6C07D2233ED746B19 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 19:28:06.0397 0x2310 gupdate - ok 19:28:06.0400 0x2310 [ C6FF00DA1605982E616C03BE809FFE2D, 4D9C86B9FF2FA291DC320677D28DF00C26834409F7AD94D6C07D2233ED746B19 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 19:28:06.0405 0x2310 gupdatem - ok 19:28:06.0407 0x2310 [ 7F79205B4EFA98F0767309479C8C01C6, 4B576903A83F33A8CF31D3887144A3D51C56D1187115C83AC99C0E9F6B4BF128 ] Hamachi C:\WINDOWS\system32\DRIVERS\Hamdrv.sys 19:28:06.0414 0x2310 Hamachi - ok 19:28:06.0447 0x2310 [ 467E489AB87260D6035F9F4C8F28D15A, 4079195CA7F91332F63B050E1D66378DC5C796977024B4EF6B2CFD3227F0E49C ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe 19:28:06.0482 0x2310 Hamachi2Svc - ok 19:28:06.0487 0x2310 [ C277A49F8A8295840DEBC9240B75A282, 8B2BA0E6A8300323765D95ECD843105B0FC4B80B85EE2220E677C4E9A760C9D8 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys 19:28:06.0495 0x2310 HDAudBus - ok 19:28:06.0498 0x2310 [ D5A57EF4822A0388352FFF9F5CD53495, 509F365386859157E9078821FAA56D2A3C0BA296CA129E0D42453428A14687A5 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys 19:28:06.0504 0x2310 HidBatt - ok 19:28:06.0508 0x2310 [ 39575B53EB80C77FF2A3F1449D00B7F5, 37E66B38BACE00AFEF7093F990A234399D8451A9D2C2C8CBECAB69C664E63EA6 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys 19:28:06.0516 0x2310 HidBth - ok 19:28:06.0519 0x2310 [ 35C3B602664116E737FF729F9A7156AD, 7A3C5CAD716E819CC53405971F3ACD135BCF023EC2228C1095E2116BCC384E62 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys 19:28:06.0526 0x2310 hidi2c - ok 19:28:06.0529 0x2310 [ C4ABE526BBF2A18E8AF70177FBAD9C6E, 4DA06B563A08AC15D949F4599F73F172B3BFCB5D23B34240D1E2114438A11929 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys 19:28:06.0535 0x2310 hidinterrupt - ok 19:28:06.0537 0x2310 [ 348416C7D7EB05BC3099FE2F2B27985C, F30E8682E9DD731A1AD7328FB8A48A2BB7D6E52780AE1FDE839D26E84B4FA7B5 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys 19:28:06.0545 0x2310 HidIr - ok 19:28:06.0547 0x2310 [ 5576DF399CF2D3B63608F7F282151249, 04939E79B8B8035547CE6FFE9001252CA810BAD46D8DB75FF5C13EB10EEB5C57 ] hidserv C:\WINDOWS\system32\hidserv.dll 19:28:06.0555 0x2310 hidserv - ok 19:28:06.0558 0x2310 [ 01F732724AF6EFE69886DA95A4E51820, E048A480F9396418BDE9659596E7EDA5FF97D3CE029D186048609B47575BEAE1 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys 19:28:06.0565 0x2310 HidUsb - ok 19:28:06.0571 0x2310 [ 7433A8D28EE11A661C7A45AF28BA7987, 8A73DB423924E84CD3629BF6C7298CD093D2437B73B3F4520D39330923DDA2D6 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll 19:28:06.0583 0x2310 HomeGroupListener - ok 19:28:06.0591 0x2310 [ 3FDBFBE5AE639996EB8D482C16BA7EA9, 7E48304818AABB4C5B0CB7FD32D96D6F90F4180AB0F668A2FE653A7097A40673 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll 19:28:06.0608 0x2310 HomeGroupProvider - ok 19:28:06.0611 0x2310 [ 3844CE7DD23530CAD59D8CABA57CCB05, A44BB60686A0E98FF370D9DED5B32C3F34F0352ACFA3B3052BA4023922B53DB7 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys 19:28:06.0617 0x2310 HpSAMD - ok 19:28:06.0632 0x2310 [ CA6EADBB8731CA27BDA4037BF290AC14, 31EC9397D55D4EEC416AD722134E2D6B5D14E46D2150CB94889C4BFDAACBF421 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys 19:28:06.0653 0x2310 HTTP - ok 19:28:06.0657 0x2310 [ 8841D927EB1F7FFC8B1805BC0CF190ED, B063E686380EEF582CF736E33751812F0041C593C7F30EE97D13DEDC9B246AB5 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys 19:28:06.0662 0x2310 hwpolicy - ok 19:28:06.0664 0x2310 [ 53436C3835E80F4421652A67F44D6313, 8731091945A839713348DF3060A4C96033874E2B3DC7E099BEEC8C65B07F98CF ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys 19:28:06.0671 0x2310 hyperkbd - ok 19:28:06.0673 0x2310 [ B2DC6C2F313EBB967B556B4E73A75451, B1816A0AE15705F0325F167EA76166779607D6086EC36A4A960E3BA47B4EBC4B ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys 19:28:06.0680 0x2310 HyperVideo - ok 19:28:06.0683 0x2310 [ D4CDEE4A62BDFFF6E8558A9552148EA7, 55306786CB45082AE374937EBA256FF9CD640BB2E8C19DC6C704489D4743F5CC ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys 19:28:06.0692 0x2310 i8042prt - ok 19:28:06.0695 0x2310 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys 19:28:06.0700 0x2310 iaLPSSi_GPIO - ok 19:28:06.0703 0x2310 [ F1DF87463AC308047B089E9F0456B4C8, DFFF3C63D3124C2B879B888104042406FE326D4E7C8C1881A269BD4287B9CD33 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys 19:28:06.0708 0x2310 iaLPSSi_I2C - ok 19:28:06.0720 0x2310 [ 9FDD4763A115D04F565C38183DE4646F, A8B0653E7C5F5B3CB2A1B642F502269FB1BB1E35DBB1CBABDBDADF92C9815727 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys 19:28:06.0735 0x2310 iaStorAV - ok 19:28:06.0743 0x2310 [ 4E69EE8F8E5DA036535D433C544AF9E2, 2ADE9B97CE1C19FF984D8BB99CF31415872C2D9628864BD78C0E44D21CC94EE3 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys 19:28:06.0754 0x2310 iaStorV - ok 19:28:06.0762 0x2310 [ 15C59DF20F74A0C2C764B991FED7F4A5, 6E9804775E815F32A4D73C346E627D64A3096525E78FAE3B6E43CFECAE270428 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys 19:28:06.0774 0x2310 ibbus - ok 19:28:06.0778 0x2310 [ 88E6A429944544346EC3AE1FD7D24BCC, B6B8D51E5491C91D2FCDC77C1D82A5168B0C860252208E1B4612D8D5C19401AD ] icssvc C:\WINDOWS\System32\tetheringservice.dll 19:28:06.0789 0x2310 icssvc - ok 19:28:06.0791 0x2310 IEEtwCollectorService - ok 19:28:06.0805 0x2310 [ 6F9C31435DD3E3D3BC247212EA144EBF, 05C4A0BD4BABD27783CEFEE6108C1A05911A212189233F09AF1A56BDC60F60F8 ] IKEEXT C:\WINDOWS\System32\ikeext.dll 19:28:06.0830 0x2310 IKEEXT - ok 19:28:06.0888 0x2310 [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys 19:28:06.0948 0x2310 IntcAzAudAddService - ok 19:28:06.0957 0x2310 [ E42505363945956ECB5D38A4EB21CB39, C6A46A7621721EB1EA46E5F7D2E560D8022A97241F0792814015F803D96A2C92 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe 19:28:06.0965 0x2310 Intel(R) PROSet Monitoring Service - ok 19:28:06.0968 0x2310 [ 498759139F71142888CF7EFA1ABE18C8, 9CD0CD748B143F947B4DEDE39344A8C284717CC8AC97E25827EB73CF10831419 ] intelide C:\WINDOWS\system32\drivers\intelide.sys 19:28:06.0974 0x2310 intelide - ok 19:28:06.0976 0x2310 [ DC270DDCDDC2EF65D484A65CC5166222, A88BEAD819ABEFE28B6F9A10586ADCB0EE2A5ED9273F176E9313750609C7892F ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys 19:28:06.0983 0x2310 intelpep - ok 19:28:06.0988 0x2310 [ B4D9C777762B1F7356958B9C0AA93BEB, F11B07FE939A107AB4EED4857854DF269C2D86A80C8507C8B1E95F7805975EDB ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys 19:28:06.0997 0x2310 intelppm - ok 19:28:07.0001 0x2310 [ 22BD83268B80A8C89AAC0BDF46E4EB5D, E7DC0C2E4104B51EA545BA8D0CFF11FD6A15BFD8EE16E546E8FC220853402CB3 ] IoQos C:\WINDOWS\system32\drivers\ioqos.sys 19:28:07.0007 0x2310 IoQos - ok 19:28:07.0010 0x2310 [ A49E47A6E1429123F46A7CA9C05AEFC1, FFD68CA46DFAA4954FD76145808E2C74BDC34FFD6979BB3FB6A3EE4DC33CDC78 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 19:28:07.0020 0x2310 IpFilterDriver - ok 19:28:07.0036 0x2310 [ 8FBA61B7CB44F136226BE3B346FC6D19, 2190A523AC948B18C2C7B6DC96ABB654DAB471AD5E5E13F79899416E91777AED ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll 19:28:07.0064 0x2310 iphlpsvc - ok 19:28:07.0069 0x2310 [ E0C276985AF968CE295B8E09C121321F, 07B54165E80D4254C29A6CF00CC634E70F190EF0EB8EEF73EC14F38B841087A5 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys 19:28:07.0077 0x2310 IPMIDRV - ok 19:28:07.0082 0x2310 [ 5D3744E6FDEC1A6FB3FA9B1DD4AF0694, 209BE9FC25C8BF8CE058B7E993B6A902B881380DADC69F5208733077DA7F4382 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys 19:28:07.0091 0x2310 IPNAT - ok 19:28:07.0102 0x2310 [ E8D96F840994291789F0CDE6800AC1A4, 35B39474B6385DA828D4212047F5C94775FC3C55E8C72EAA503D763D86F9BFB7 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 19:28:07.0113 0x2310 iPod Service - ok 19:28:07.0117 0x2310 [ B18202D72C0EF4B53CEC6F59E3E1B955, 6DA244E6485372C16CF0B38838DC90B48079A85F5D22B0F2F197C8DA37F0A293 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys 19:28:07.0126 0x2310 IRENUM - ok 19:28:07.0129 0x2310 [ CD04CBCCCB4C0E4BB06B98E0F45C888A, 106B3E823C188BD14328F2BEA28559D2F637C270064B2FD214522FAC4E616F4C ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys 19:28:07.0136 0x2310 isapnp - ok 19:28:07.0142 0x2310 [ 5D90E942C94B20E0F321015C0ABF3EEA, 4110551B172D4A5524DD857D7CB65FAF2594310BE7883D5641BC0DF5EF49C82C ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys 19:28:07.0152 0x2310 iScsiPrt - ok 19:28:07.0155 0x2310 [ 4192DFE6CA143C0AD8AF42C51A82BECA, 31FB3A261D0D5241CC87EF7DFF8BFC1A1EACE8CEC42138918EC5958DAEE100CD ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys 19:28:07.0161 0x2310 kbdclass - ok 19:28:07.0164 0x2310 [ B63C0DB341DCB46CF7AA259333A737DD, F1B43BA68707F3F99CD31AB2035F5E86CD967AE4E5393928C69861785E960872 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys 19:28:07.0173 0x2310 kbdhid - ok 19:28:07.0175 0x2310 [ 53C79A7FABDAAFD11EAB31963FB2CED7, 357418645DDCEFA5546AE78EDCAE86D50928710CA7A3F65F01CF721AADA36623 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys 19:28:07.0183 0x2310 kdnic - ok 19:28:07.0186 0x2310 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] KeyIso C:\WINDOWS\system32\lsass.exe 19:28:07.0193 0x2310 KeyIso - ok 19:28:07.0197 0x2310 [ 1E99B26BDB9B9C9BC775ED4543558560, 890870A6737B4910735D1B23F714AA73FCCD1C131D135FACBA6909F06D31B3FF ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys 19:28:07.0205 0x2310 KSecDD - ok 19:28:07.0209 0x2310 [ 6198A79011C67497B324798B3D4272CE, C587F7D86837550D07918F6AACF26BF65EBAF7FF57475DC9196B4D011E83AE47 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys 19:28:07.0219 0x2310 KSecPkg - ok 19:28:07.0222 0x2310 [ 503597D9B72DBD9998F722F12A51ACFC, 9B3585282191163AA70243BAD921ED8725A98454E0D3879E0F671E0E4F56AB4F ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys 19:28:07.0229 0x2310 ksthunk - ok 19:28:07.0237 0x2310 [ ED5AE20C27F27F293C6C61AEC9881054, 4D5BE394D129BD559B0A9D237F3F59CB3D24C15ABDD97AE2E64931D6B9D14FF1 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll 19:28:07.0253 0x2310 KtmRm - ok 19:28:07.0259 0x2310 [ C529DA0AD5A21878E318801B024AF8E7, A14E8ADCA33C37B1D256CB4926A19F56D2D19B94EDF314A4ED34A8B5AB62CA5A ] LanmanServer C:\WINDOWS\system32\srvsvc.dll 19:28:07.0273 0x2310 LanmanServer - ok 19:28:07.0279 0x2310 [ D6D9F4CAFD3F1A7E30AD02E508552CD2, F0D225E5951CFE1D8349F634CC91BDD5B3F9DCF6233CCB965E99BFEAFE642265 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll 19:28:07.0292 0x2310 LanmanWorkstation - ok 19:28:07.0296 0x2310 [ 24881F16D2829764681F5FAE7B86D7D3, 290348CFAF3165847E4B53965D22E9D417EE20FFD23293B5C1855C57E6328599 ] lfsvc C:\WINDOWS\System32\lfsvc.dll 19:28:07.0305 0x2310 lfsvc - ok 19:28:07.0307 0x2310 [ 6ED675774BDC3735AB6DA12D29F825CF, 4317C7CF491F4E806975E7A973CFF11CFEE9E94730DDABCC67C3D693691DDDE5 ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll 19:28:07.0314 0x2310 LicenseManager - ok 19:28:07.0317 0x2310 [ DB789F57CE94C827FBFF709CA5ABD29E, 4CA4DD079A63649C36F76A31C4081F11F5CF6574AC573B63EF930DB19B1D1C95 ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys 19:28:07.0327 0x2310 lltdio - ok 19:28:07.0334 0x2310 [ FECBC6C4981772E5D0F517B34A5496EE, 15DB097BFB221B91E580E5CD1DD6B34A9A2C78A1A6FCE4162A855BB4AFE673E9 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll 19:28:07.0348 0x2310 lltdsvc - ok 19:28:07.0352 0x2310 [ 24C87BDC66AB192FEB273BEE5FD5AA38, BFAAE1F2450DEBD1A14877C046C6EBA91014DB0B5D0FB95EC14CB714B773B3C0 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll 19:28:07.0358 0x2310 lmhosts - ok 19:28:07.0365 0x2310 [ D6BF6FD055BD719F3D62E51B90857159, A7777D18E404164B4DA531AD94D2A712D9CC6A9288795B7388037752A558E96F ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe 19:28:07.0374 0x2310 LMIGuardianSvc - ok 19:28:07.0379 0x2310 [ 3BB39166E446D456C277C17DFEA3DAC6, 1A08E1D017BBCE91E508D876835FA7AD2DA0859A8CFE8F8F31B4F12B48E2573D ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys 19:28:07.0387 0x2310 LSI_SAS - ok 19:28:07.0390 0x2310 [ 25CF625E46307A5D6674C8DFA1A289AA, 1D00EB70B6B0157013A7C15EF194F51B8596612066EF31B337D8134D6BD0BBBE ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys 19:28:07.0398 0x2310 LSI_SAS2i - ok 19:28:07.0402 0x2310 [ 722C52B12EA4C198D56994934C9DDAB6, 5F4AB818251C770821BAF41C19B1C483A31CCC28EB96F2084D4092E33EAF906B ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys 19:28:07.0409 0x2310 LSI_SAS3i - ok 19:28:07.0413 0x2310 [ 3371FF1D5D745C3306C6A2C4E99C25A9, DD6F0099001501BAEDDF8411FBCD930BD6472662D209199249203CB2FDAA23FB ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys 19:28:07.0420 0x2310 LSI_SSS - ok 19:28:07.0432 0x2310 [ E2EEF074F5260378F9AAFBCD592319A3, DC56674A08FA03FA7AF7DD8B3CC55D8324D1CB51546092A990A935FF9AB48A3C ] LSM C:\WINDOWS\System32\lsm.dll 19:28:07.0454 0x2310 LSM - ok 19:28:07.0458 0x2310 [ C692B9C0352315417CF49FFA664957A3, C2D4F9A936B809889F7C51FE48214A1923175913A6C5D0B72D3BA469214B5174 ] luafv C:\WINDOWS\system32\drivers\luafv.sys 19:28:07.0469 0x2310 luafv - ok 19:28:07.0473 0x2310 [ 6A4C75FD28F60062FEA3DF3B15D956C0, 4FC58F3320D33BDACCF759A50C623A3E58E4320749E6691B397DF0C8EAAA8A6F ] MapsBroker C:\WINDOWS\System32\moshost.dll 19:28:07.0481 0x2310 MapsBroker - ok 19:28:07.0484 0x2310 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys 19:28:07.0487 0x2310 MBAMProtector - ok 19:28:07.0503 0x2310 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe 19:28:07.0520 0x2310 MBAMService - ok 19:28:07.0524 0x2310 [ 08DECFCB9BA97786165A69AB1015BC30, EDC8C8447B57BD412E2DEBCA9B5B1B58C19D40105DC7CE9520DE214081696B05 ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys 19:28:07.0528 0x2310 MBAMWebAccessControl - ok 19:28:07.0531 0x2310 [ B2ED9A7A5587A128A0EFD0DBE7662E95, 63070AAFD44E3CD2A4B262DF27222B103455A4D8C2E45914502BFA03D84D32C9 ] megasas C:\WINDOWS\system32\drivers\megasas.sys 19:28:07.0537 0x2310 megasas - ok 19:28:07.0547 0x2310 [ 083F71488E6780A67290273180256EA5, 5F43CE66F5A48850BABB70F4D219FDD002F9BC2B2F0E58E66FE2C492AA335E50 ] megasr C:\WINDOWS\system32\drivers\megasr.sys 19:28:07.0561 0x2310 megasr - ok 19:28:07.0565 0x2310 [ 1BC9159CF58BABD89419072EA180A8F6, 6C9AB779C2355A341800A8F93AAAF9B19FAFF444CD6A7BD27C63D53F379A75EF ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys 19:28:07.0571 0x2310 MEIx64 - ok 19:28:07.0583 0x2310 [ 5907A10D46747A2B6DBFD6A198254DC2, 6C283E9DC75C7ABFD270D6FABBF4F54628A1786E7CE2F603BF664CBB9E4FE583 ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys 19:28:07.0598 0x2310 mlx4_bus - ok 19:28:07.0601 0x2310 [ 91ED6F0EDF4158D63C52194F17D4F42E, ACF543978E253650C167C6C370699AEA7340EBCECF7CAB904CBDD334D1BD6928 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys 19:28:07.0608 0x2310 MMCSS - ok 19:28:07.0611 0x2310 [ 2C4CC9F6ADBED5A6D131FDB97A78FF68, 04DC76E3F0959C0A9B00DF2133B075194FB7DCBD76832B9D25B0E37223D300DC ] Modem C:\WINDOWS\system32\drivers\modem.sys 19:28:07.0619 0x2310 Modem - ok 19:28:07.0622 0x2310 [ D8DB13529C8AD6FBAF8E2F382024374F, 13025035C479E2EF76EDCB90D83BE65B4ADD9F7000AD31FEAD628D5DDFE69158 ] monitor C:\WINDOWS\System32\drivers\monitor.sys 19:28:07.0629 0x2310 monitor - ok 19:28:07.0632 0x2310 [ 2DAAF1EE1C30F2FCF59851A64ADA0422, 08CD801E63E2862DE058CD732C3DB3D87B1A2898732365440E3F8919932E96FC ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys 19:28:07.0638 0x2310 mouclass - ok 19:28:07.0640 0x2310 [ D30FE074503283829ED194BCAE6239C3, A3A127381ECC798417D01F6B8A1894EED7D71989047BC4D1D74D0E7C8394AD65 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys 19:28:07.0647 0x2310 mouhid - ok 19:28:07.0651 0x2310 [ D5EC9413527B286CFEEB0294C53ABB95, B094C611F5A7E33D2F8667B2A4D6260E1D57BD135867F984EE5B674C7EE72B95 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys 19:28:07.0657 0x2310 mountmgr - ok 19:28:07.0661 0x2310 [ C34AB4280614658903BE848CE79ACDB5, 9A943D9B3CF941DAE4EA4E2771B5EC5DA37AB16AD43095EF092B4259D62FF810 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 19:28:07.0667 0x2310 MozillaMaintenance - ok 19:28:07.0670 0x2310 [ 989A1BBD9C49B107B4A47D06E6827A69, 62D90B22AE13AC84324DFD5FEBA595813AD07469B7FEC41380CE223D93020CCA ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys 19:28:07.0678 0x2310 mpsdrv - ok 19:28:07.0691 0x2310 [ A0DBB9386BEA8DA1A159C2A2E07081A3, 9D3F26005A76A72F9512F040D45C16124D17F8C8DA45C51FFAF74F066357D0A4 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll 19:28:07.0714 0x2310 MpsSvc - ok 19:28:07.0719 0x2310 [ C1E74DD1D84861D8F12FF8BC0BA11975, 5912A0455C840F5C8AD6383823C9C7DE6FF8B5CAF1B72EA181864999891EAF30 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys 19:28:07.0730 0x2310 MRxDAV - ok 19:28:07.0738 0x2310 [ 1DF2C5FD2710A13B07E663A12F0E0EEA, 8EBCA9269F52A5CF602F5DE2B0C2AB2BFD82F415465DBB74C73D43F321D9FD46 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 19:28:07.0752 0x2310 mrxsmb - ok 19:28:07.0758 0x2310 [ 185932B1149BD707F8A13174CDAB365B, BC26CB10DD6E81A94477564444E91F76D47E685E897BD77B9C1393F0D31AB718 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys 19:28:07.0770 0x2310 mrxsmb10 - ok 19:28:07.0774 0x2310 [ 99E24D4DBACBC569833B9A67710D65E7, 93BC765E7B6E19E83AFF783DE8080A80A1D69A406B496F1E36C47AE6E86AFB76 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys 19:28:07.0785 0x2310 mrxsmb20 - ok 19:28:07.0788 0x2310 [ 6F8BE4FB6262012E61BBADB5444628DC, E87489207AA48106C08E4BADDD8D66D14BC9DD6AD2A4CDD880BA655932CDDE60 ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys 19:28:07.0798 0x2310 MsBridge - ok 19:28:07.0802 0x2310 [ 283BDF3602F442336DAF242BDD07FB98, 185F046B6AA24FFD1567F00AA70357C82002FF627E329CEF9B926645A6DDB172 ] MSDTC C:\WINDOWS\System32\msdtc.exe 19:28:07.0812 0x2310 MSDTC - ok 19:28:07.0815 0x2310 [ 7C55F1751CAC199680D4489D1EE46544, 967EC8137D321F6139C3382D19A338FD97A3023EB654747AC57C2008BE4AF677 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 19:28:07.0823 0x2310 Msfs - ok 19:28:07.0826 0x2310 [ 988588C16A53C2581488C15FF18934BF, F021FD31163CB5C7012CF96EF642C5E551708C835039075268F4CBED002D441D ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys 19:28:07.0832 0x2310 msgpiowin32 - ok 19:28:07.0834 0x2310 [ 09622DBC24D0178F15DB8461BB6970DF, C0B3F9B2219AAF87E417EE9FF54C64B8AD9944E101EA79B5DC81D99E8C2ECF30 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys 19:28:07.0841 0x2310 mshidkmdf - ok 19:28:07.0843 0x2310 [ 34BB07495C0159BE4189841E16F3BC2F, 264B5735D9A68C85BEDE363D4C0AE1FCC381B39EA884B4BAEE185EB8A873184A ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys 19:28:07.0849 0x2310 mshidumdf - ok 19:28:07.0851 0x2310 [ 7BF3F0DA362C053918F5F2EC43CE39E2, AA773FA3F83C0C572160D3D0286A697DC628FF4F3655EF21D01C6D1B7BE5DF1C ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys 19:28:07.0857 0x2310 msisadrv - ok 19:28:07.0861 0x2310 [ 669DA2006C0B9D882D2014617E1E88F5, 090F558818806CAEF6C81D369F8BFFE4A8240295EF37CAA7102A18F4CD20D868 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll 19:28:07.0871 0x2310 MSiSCSI - ok 19:28:07.0872 0x2310 msiserver - ok 19:28:07.0874 0x2310 [ B2D0FD21FE67D6434769CC6F7A7883CA, B2368BD72952C6EE6DAF1AA006DF575A3019E4721BEFB108D3DF1B9E07B2BC5D ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 19:28:07.0881 0x2310 MSKSSRV - ok 19:28:07.0884 0x2310 [ FB3801F176376286A3F8F20FFB8CDC53, EEF89081665B9BBA93AE9F5912C40C1698E8BA8DBBCCC3BBE0BAB5A86B7E05D4 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys 19:28:07.0893 0x2310 MsLldp - ok 19:28:07.0896 0x2310 [ 8CBDF0E7A6CD824352F37A682A33DF7E, 4567FF4C73648FF26EA68EAE2B524B767099789086C158875C97768C77B81359 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 19:28:07.0902 0x2310 MSPCLOCK - ok 19:28:07.0904 0x2310 [ 33E5B6261D69ACD4948A5C64B9D8F29F, 1D32340640312372E52E59AFB5DB872E6F9DFE3AC16B56F9D928AE230DA02B8A ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 19:28:07.0911 0x2310 MSPQM - ok 19:28:07.0918 0x2310 [ 557DF8C0DBBBF518AC395C6EB1B179AE, B294B5A7882C0C60D91FB853FC87505B6E7638D25E360FDAE002AEBB714ED471 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys 19:28:07.0929 0x2310 MsRPC - ok 19:28:07.0932 0x2310 [ 0A29AFA668F5DD50482A98ECE70C77A7, 4C1F23B062361D97B1C8D864AB227E5F398F774A99B5E60A1149A4F78D5BEC20 ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys 19:28:07.0939 0x2310 mssmbios - ok 19:28:07.0940 0x2310 [ 30CE30877FD5BFADE74FA27D7829BF89, B5EA1F8C91E75722DB1E3E2172C8607FEDBF35BDC4141258A3E6D29D8B0E193B ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys 19:28:07.0947 0x2310 MSTEE - ok 19:28:07.0950 0x2310 [ 13D88C0B8A2FA001CD72D454955A6974, 19DD5C8BBD07B64F355737436BF702FFC209D84A8855D2224D3377E233D4BB34 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys 19:28:07.0957 0x2310 MTConfig - ok 19:28:07.0960 0x2310 [ 00C7F0F06A0A48B9CDB6B3AC3BE288F0, BF469A2DDF495ACB9FEE9063C6680C95BCC8686682C9EDAE6D1893D4058E8AA6 ] Mup C:\WINDOWS\system32\Drivers\mup.sys 19:28:07.0967 0x2310 Mup - ok 19:28:07.0969 0x2310 [ 8E237527CA260C71D39ED4081BDF3419, CA52DD174C756A404B1FAD3F2A70E50085C2820BF12369259F61DA649101A179 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys 19:28:07.0975 0x2310 mvumis - ok 19:28:07.0986 0x2310 [ 48D0587A8302FD3302CFE6F59F7345B0, 26D48AF3F7FF4867E179347CD635055DEA9A751C6C61CE2C391A7F74FC0DC1DE ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys 19:28:08.0003 0x2310 NativeWifiP - ok 19:28:08.0007 0x2310 [ 11BE8117653C542D264788A700AC5BFE, 87EAAC2DF62BB26619DA72950F5EE41DCA1DBDF93F098647F9D200D588F14003 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll 19:28:08.0017 0x2310 NcaSvc - ok 19:28:08.0024 0x2310 [ 286C6276B2BA86F29A0F687D05466277, AC8551536F37717A0ACE4A260F5696D1276F7AC62F669E8F12AA158DD86F71A5 ] NcbService C:\WINDOWS\System32\ncbservice.dll 19:28:08.0037 0x2310 NcbService - ok 19:28:08.0040 0x2310 [ C55DA734ED2A831E0BACAAFA01CEB7FF, 9D989B03D07BBAD287B317D238691664B0694331D6A69B7A1AA3D8AB7D1323FC ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll 19:28:08.0055 0x2310 NcdAutoSetup - ok 19:28:08.0058 0x2310 [ CF8296427834CF8BBB3EE1444C17362D, 6EFBE1F015DFFA0704C66DF5C88089DD5771E1542018E4AE98389CFF3D0B2309 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys 19:28:08.0064 0x2310 ndfltr - ok 19:28:08.0082 0x2310 [ 616F40B897DA651221F86A1741E9609B, 22D66029726313D92FC8E074BCC51C1E1560CB5FE36DCB735E7E063EA53E299A ] NDIS C:\WINDOWS\system32\drivers\ndis.sys 19:28:08.0104 0x2310 NDIS - ok 19:28:08.0107 0x2310 [ A0719D1EBA971DFC5DF5F7CC010385F8, A982487D3A74E66F3C29AAA5B46CE9A0969F07F267DDEFE58C58573573AB0024 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys 19:28:08.0114 0x2310 NdisCap - ok 19:28:08.0118 0x2310 [ 0C557932CCCC65AEB37326DD36504527, C0AF3066DEE4BCC32DB30CCC16B7A91442A8383BB36C7C4E3CC0A5EFE0FAAA9B ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys 19:28:08.0128 0x2310 NdisImPlatform - ok 19:28:08.0131 0x2310 [ 56F9345D1945826135FBAB7589592B1F, 6BC2A5900076B917823C7392C582A2648D0C8000F2F65D309D5B48E36D4FB4D6 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 19:28:08.0139 0x2310 NdisTapi - ok 19:28:08.0142 0x2310 [ AADFC340939D99E5D756E713E1D452EB, EFEFDBB2188DE82C2C5E67929861B269FD4C127D34D1DE6D0596ABC33E2C2B51 ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys 19:28:08.0149 0x2310 Ndisuio - ok 19:28:08.0151 0x2310 [ 312DFD787D99D3BF1427B0388BC04F71, C082CA1F332AD57FF2100748518D3D7B3D0F1B042F69BD7401C44B77AFE97462 ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys 19:28:08.0159 0x2310 NdisVirtualBus - ok 19:28:08.0164 0x2310 [ 2103F43E0A1ECFB14B7E1B889F5F24D7, 6A86E854C89E132DBC9183DE2B9464DC592E7492BE267BA02FE4DAFE6FA87528 ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys 19:28:08.0175 0x2310 NdisWan - ok 19:28:08.0179 0x2310 [ 2103F43E0A1ECFB14B7E1B889F5F24D7, 6A86E854C89E132DBC9183DE2B9464DC592E7492BE267BA02FE4DAFE6FA87528 ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys 19:28:08.0190 0x2310 ndiswanlegacy - ok 19:28:08.0193 0x2310 [ 6E98F16983C4AE8703FF9F90AB4B31DD, BB8BD5DB4B5FB31F3A257747C27CBEFA4B7837EC5C0CF3D4F408E626E4003F4C ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys 19:28:08.0202 0x2310 ndproxy - ok 19:28:08.0205 0x2310 [ F1B7CC77F412C8D45B2DDCF76EDA4F9D, 25F2AA76E675D9BCC0B1FD47AFEC6DF2D0B47E7B1C8AF6FB27C1ED2FB902961A ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys 19:28:08.0215 0x2310 Ndu - ok 19:28:08.0218 0x2310 [ 824FDC990A3F79069BE468A132EB6888, D09F7A9EC04E37DA504CE54EEC25C312B407B6A8B214CBB074BEB50DE420F52A ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys 19:28:08.0224 0x2310 NetBIOS - ok 19:28:08.0230 0x2310 [ F0D791348AD254360CC3C3E501CCB745, E4CAB4D3C2CD3169731283B00DEBFE26438BB66A3F0D78BDB68E876A14FC7070 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 19:28:08.0241 0x2310 NetBT - ok 19:28:08.0244 0x2310 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] Netlogon C:\WINDOWS\system32\lsass.exe 19:28:08.0251 0x2310 Netlogon - ok 19:28:08.0256 0x2310 [ 7C8A7380CBE45DFD3DF118D8601499A7, C137280B7696F8CF4258BDC8B241C66BB3AA5708C5410D85255E46C7E8284826 ] Netman C:\WINDOWS\System32\netman.dll 19:28:08.0270 0x2310 Netman - ok 19:28:08.0279 0x2310 [ BBE9D72EFC7BD66B28309C3607683DBA, FC372EFBC650CE0BDB117858D840A1FB361947B1C67D1DD16BABA95D0286856A ] netprofm C:\WINDOWS\System32\netprofmsvc.dll 19:28:08.0298 0x2310 netprofm - ok 19:28:08.0303 0x2310 [ 5D046D71B18BEFB2E4D164C3DEEDD672, 536834D020889973854830919B23DF22CC1B27236AFAEDEBDF42D432CE48FCDE ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll 19:28:08.0314 0x2310 NetSetupSvc - ok 19:28:08.0319 0x2310 [ FBF2ACE9B10DDE0B4108930D78370E86, 2A4910F071747B786EA49A638B3AAB698DCD0AD7FE702078BA83F85C533A227E ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 19:28:08.0325 0x2310 NetTcpPortSharing - ok 19:28:08.0329 0x2310 [ 46E862DA2CF8F351375EF537276B69B5, AC0FE0977E56380849DCE668AC0F5AF183AAB115ED84ADD964E390CC0BEDF6D3 ] netvsc C:\WINDOWS\System32\drivers\netvsc.sys 19:28:08.0336 0x2310 netvsc - ok 19:28:08.0343 0x2310 [ 88CE4AC85F36B6347C1D820FA373B998, E10B5DF8883928A2062FC6180DE4CF0DE33C68622C2E3E4E1AFC56A0682F8E75 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll 19:28:08.0354 0x2310 NgcCtnrSvc - ok 19:28:08.0357 0x2310 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] NgcSvc C:\WINDOWS\system32\lsass.exe 19:28:08.0364 0x2310 NgcSvc - ok 19:28:08.0371 0x2310 [ EA1C2DAB8A63712B94897A58557B086C, 98DD7E5C84F3CDF2DAA89484892D6B439F5D14297B5243436925BEEAA0C02EE1 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll 19:28:08.0385 0x2310 NlaSvc - ok 19:28:08.0387 0x2310 [ 41557BE174E9EC6AC703A8A4ADBC6650, 8CF6DF3FDC3C7C44B32851538A67BF86A54AB6444A424D7A20B7A9A94B4158D8 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 19:28:08.0395 0x2310 Npfs - ok 19:28:08.0397 0x2310 [ AC3F70FCFBCE97AA2F12BA43EE13B86E, D0AC50FB022C0F3031531CEE210D47FC3244C6FB55FAAD4AAB04081F0A21DAE4 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys 19:28:08.0404 0x2310 npsvctrig - ok 19:28:08.0406 0x2310 [ 0AF4872D3D6FD3A030E836DAC2B3EF2D, 03EE7B6FAFC0BB5C26793BC5FF8BD1019AC96B3104688009C1E062C3F4F34D6D ] nsi C:\WINDOWS\system32\nsisvc.dll 19:28:08.0414 0x2310 nsi - ok 19:28:08.0416 0x2310 [ 66A98C407085B8920DF1E6D722F1ADB8, 3FE307E4A9E41B08E0453507E50D6D0C67FA6F4245A863D90181463C749C83B5 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys 19:28:08.0423 0x2310 nsiproxy - ok 19:28:08.0452 0x2310 [ 466EC5659C02ED53DBD47DC1BC2B8086, 1F35DE75386F7D029C01D67B09D5E5157141C6892858885C11972CE73D6078AC ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys 19:28:08.0493 0x2310 NTFS - ok 19:28:08.0497 0x2310 [ 383E546EF4982262A0EF6CC2B6E9D525, 3C6C90B62E8EB094E6928C388E5081A3F73DF87B0F34F716B72EA7B6EF71FBB7 ] Null C:\WINDOWS\system32\drivers\Null.sys 19:28:08.0503 0x2310 Null - ok 19:28:08.0507 0x2310 [ B9E5A80F646DDFEF158773722A466EA3, 028979FE600D17DA70445F44D81FAE4EDA3478FCC81FA5506133CCAC37C4E2BF ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys 19:28:08.0515 0x2310 NVHDA - ok 19:28:08.0653 0x2310 [ A5EE0530F8B4AEF6B319AC4E7190D766, 0BA1A8CF3537C547EC3DC8E323340CE018A36A24975CB8BDB5B5F68A3FEF42C6 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys 19:28:08.0796 0x2310 nvlddmkm - ok 19:28:08.0831 0x2310 [ 72DD6225BA6055472522195F96473639, 27C8F847B247645061C0CD6DFCC986DA27638A9DFE686040160DFDCF7B3A6E72 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe 19:28:08.0857 0x2310 NvNetworkService - ok 19:28:08.0863 0x2310 [ 466F875F1D4C6ABB46AF28007009237C, 26F5A5579737A7CF2267F79DDE5A551149C682D5FD24663B53FCEC5AA6B448CE ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys 19:28:08.0870 0x2310 nvraid - ok 19:28:08.0875 0x2310 [ 76F19EAE7A52CBAF7B8EC428BE6E0DA0, CF1E55D92FA32744A20AB75D466A3E05E6FACF4694F9265C41F5C27C1E7243DC ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys 19:28:08.0882 0x2310 nvstor - ok 19:28:08.0885 0x2310 [ 4680DDDDDBA1CB1D56D49B4A6134155C, BF6E538BC10B23F6D93143F5C48155245852798D4846F401E0DA70A5BCFC74E1 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys 19:28:08.0888 0x2310 NvStreamKms - ok 19:28:08.0956 0x2310 [ E14F52B60581EE71849CD45186892046, 72B3E92CD34489306AB7D794C4C1F67513DE80C72A847DCF7A3EEFE2254762D0 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe 19:28:09.0030 0x2310 NvStreamSvc - ok 19:28:09.0048 0x2310 [ A26CFCA56DD4557FC8D3274D67ACD2AE, 441B84E045AC7D08FD53427CDB4B6EE3BB9F3D9722AA2428726DC4F3E2DC8331 ] nvsvc C:\WINDOWS\system32\nvvsvc.exe 19:28:09.0064 0x2310 nvsvc - ok 19:28:09.0067 0x2310 [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys 19:28:09.0072 0x2310 nvvad_WaveExtensible - ok 19:28:09.0075 0x2310 [ 0D0CB77D74B38E0EC62341C19E469D8D, A05D3CC67FEEB2FD219BFAA34BF98CB3F3718042124AF28F0E9FDFB9F132DD76 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys 19:28:09.0082 0x2310 nv_agp - ok 19:28:09.0088 0x2310 [ EA3FFE8617B9FCA1620AD9876E92F4F1, 68D5143CA71D10A2BB44E29B3C76580596669D0624076BCF6CCBA7AF3140538E ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll 19:28:09.0103 0x2310 OneSyncSvc - ok 19:28:09.0133 0x2310 [ 10202AD89DEF5E0F7CDCF2CE8C5EF1EE, F2A9CAC054A440EBF71D7372DAA7A57BC9DB1893C45EA01F21537CE714B7451B ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe 19:28:09.0164 0x2310 Origin Client Service - ok 19:28:09.0169 0x2310 [ 2B8E4C792BED0E5882702720BC528AE5, 6D7CB027BC6014CB268C49B46049CDFF3BA94D07102A65BD053335A28E83D125 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 19:28:09.0176 0x2310 ose - ok 19:28:09.0183 0x2310 [ CAFB5A95883158A0579DED2ED5CB0627, B23F7D19142DD3544F96ADB36F152F4EA7F6C524A1281EC26A2B95D7D044822C ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll 19:28:09.0197 0x2310 p2pimsvc - ok 19:28:09.0204 0x2310 [ 3612CE3432E0A2BE0081E6B488ACF84C, F1A641735FD374CA293FB98FADA2C41E2033B17FECCA3B6D225D0E591AFFF413 ] p2psvc C:\WINDOWS\system32\p2psvc.dll 19:28:09.0220 0x2310 p2psvc - ok 19:28:09.0224 0x2310 [ 38F1AE32339731F6E5A7281AE8042545, 308954518C45D29FC199525F0CC7FE4EA805322EC0B871DDDCBEEC15355514C8 ] Parport C:\WINDOWS\System32\drivers\parport.sys 19:28:09.0232 0x2310 Parport - ok 19:28:09.0235 0x2310 [ 707889D2F95AAE8C9DD254D8767AD908, BE7BD94728D7629F8B7567523FFB42B8979941CEA2EA03E11BFCD51CF119FC27 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys 19:28:09.0242 0x2310 partmgr - ok 19:28:09.0251 0x2310 [ A09B0D8F9F0FC17EBCE6481AC9FD5CDF, 8E8D68992D98CF3DBC4B70C7902B3EC28A1E2DA8D4DB38F0AD9D52B1A5A1D40F ] PcaSvc C:\WINDOWS\System32\pcasvc.dll 19:28:09.0265 0x2310 PcaSvc - ok 19:28:09.0271 0x2310 [ 2834089EA4E550FF3B96E61FB4AA34ED, D25DAB47F9778675E984E0738D2014024C2758D52D7E071167A12FF466B7898E ] pci C:\WINDOWS\system32\drivers\pci.sys 19:28:09.0281 0x2310 pci - ok 19:28:09.0283 0x2310 [ 3D587E4295B11B8480F7ACB09A89D718, 8C3BD62B3451E1B2E7197EDAE381785406DF86C03BEEC486602C642FDD37DBC1 ] pciide C:\WINDOWS\system32\drivers\pciide.sys 19:28:09.0289 0x2310 pciide - ok 19:28:09.0292 0x2310 [ B8F07002B5F1DA23CFF979C2806B09F3, AD5C589A02BB8185AA070420BF30E78BC8BE3C6F9B0F66319A8CA05B70A5ED32 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys 19:28:09.0299 0x2310 pcmcia - ok 19:28:09.0301 0x2310 [ FF588077D0C6AC2EA3FCBF1903CE08D0, 64BE1646FB6D8CC902B6F386255F7C0420E3C334E14DECD527DD541B43A1DCD6 ] pcw C:\WINDOWS\system32\drivers\pcw.sys 19:28:09.0307 0x2310 pcw - ok 19:28:09.0310 0x2310 [ 70469C8AC4AD367295E70CFDD81B754C, 3EC6FD742C7C60363939E5343477810D751D91D32A2F24285976C08A7C4477AB ] pdc C:\WINDOWS\system32\drivers\pdc.sys 19:28:09.0318 0x2310 pdc - ok 19:28:09.0330 0x2310 [ 688F47C342E1BBC87A48AB71D316233E, CE99AB67C7E7A11AC69C2F4513AEBDACA385BA7F8CC49BE6313CE04ED404A0E7 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys 19:28:09.0352 0x2310 PEAUTH - ok 19:28:09.0355 0x2310 [ 189265498945593D5256CFF7FEBB9665, 9CB88CC3C726BFE6EDCE8D9E4544306AACD3FB9E969E3A438D9FD533F25C1281 ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys 19:28:09.0361 0x2310 percsas2i - ok 19:28:09.0364 0x2310 [ 9B86965114F6831A5130EFE6657B17D9, 4C5B657DB9A9F96BFD3EAFA756ED60D911EB58857C439F5FA6E495A473ED1145 ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys 19:28:09.0370 0x2310 percsas3i - ok 19:28:09.0380 0x2310 [ 8A5A52C855FB5BFEF019AE9938AEA8AE, 77CB8A09B209DB5895319BA9D073A67148926E22C47836343050DFC178AFAEEE ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe 19:28:09.0387 0x2310 PerfHost - ok 19:28:09.0396 0x2310 [ 839BD56425530973FF3F6F7C0057CD22, 9BADF39BC4628409CFCD5F1300C6040C49B2ED72D0FA389C6BB042E5B17E1A40 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll 19:28:09.0408 0x2310 PimIndexMaintenanceSvc - ok 19:28:09.0430 0x2310 [ 82FDEC2A262728F62F2111A84CC04B16, A1FCE38D4F55F10BB9B3BFB7D9E3EF7C27D499D9C8882218C8A9A73487798188 ] pla C:\WINDOWS\system32\pla.dll 19:28:09.0468 0x2310 pla - ok 19:28:09.0473 0x2310 [ 7B3DA16FAA498838BB457E0B7E380EDF, B73DCFFA60886F10765E4B76A58CFF18C08CAFEE620700361FC8FEC7E80B5958 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll 19:28:09.0485 0x2310 PlugPlay - ok 19:28:09.0488 0x2310 [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA C:\WINDOWS\system32\PnkBstrA.exe 19:28:09.0493 0x2310 PnkBstrA - ok 19:28:09.0495 0x2310 [ F1E9C35A8DFD4D64382CFB9019A950F9, 24E0381C6909F9876D6DC4697DC6405FE18DF91531891B2CCA6DB0191B9C6DF4 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll 19:28:09.0503 0x2310 PNRPAutoReg - ok 19:28:09.0509 0x2310 [ CAFB5A95883158A0579DED2ED5CB0627, B23F7D19142DD3544F96ADB36F152F4EA7F6C524A1281EC26A2B95D7D044822C ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll 19:28:09.0523 0x2310 PNRPsvc - ok 19:28:09.0530 0x2310 [ 62C0BD179961132EF2C5B952210C11F5, 2473FBB3619D0DDA229D4BEC30CEFE7497C27ED3844A5B7655F6F2D328FEAF61 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll 19:28:09.0546 0x2310 PolicyAgent - ok 19:28:09.0550 0x2310 [ 6390391EDFC43DD11CE9E6AADCAC20EA, C8BC222FFBB9E47489D16BB5248E0E2E594011C46CFF71F5DBCC4D5CC6788098 ] Power C:\WINDOWS\system32\umpo.dll 19:28:09.0558 0x2310 Power - ok 19:28:09.0562 0x2310 [ 1433EB7908E5E1E20FFD50E4126C3484, 34D81680C8F2F2C5892FC0E0A6DFCBB241AFF493267A1FE182ED28AE9F712456 ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys 19:28:09.0571 0x2310 PptpMiniport - ok 19:28:09.0615 0x2310 [ 12E2582F69ACA40A6BAE91DA578CBF34, 648C6394763906AA4163976DA2C3308F8B706486D9D8F16258CB1D61C2929930 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll 19:28:09.0684 0x2310 PrintNotify - ok 19:28:09.0690 0x2310 [ 22DE54C3974E4FD98F61D095C22C59B7, 64E78D6DEC4A28ABB0A23F2CF078459D81796EC79235AE45976ABB4F72B1D1E6 ] Processor C:\WINDOWS\System32\drivers\processr.sys 19:28:09.0699 0x2310 Processor - ok 19:28:09.0705 0x2310 [ 27D0B024BB356C6BEB1214B61E47DE02, 8CBDD62E243CC652F2197AE83DEDD21D91D2792558A6D7D1CC680B37607DEF4B ] ProfSvc C:\WINDOWS\system32\profsvc.dll 19:28:09.0718 0x2310 ProfSvc - ok 19:28:09.0722 0x2310 [ EDD52C352CBAAAD13FD7BD5DCEA309B3, EC7D294B23FD5C309E5C4C455896937B85DC615E1B36C9F8F3BDC90E75EBF9CF ] Psched C:\WINDOWS\system32\drivers\pacer.sys 19:28:09.0730 0x2310 Psched - ok 19:28:09.0736 0x2310 [ DD3FF2053356D11C785999BBC633F3E0, E9A5B7C657F4523E5DEF7AEE7ECFCC94E911FC65F1D491BEF01239F357B8D8E0 ] QWAVE C:\WINDOWS\system32\qwave.dll 19:28:09.0748 0x2310 QWAVE - ok 19:28:09.0751 0x2310 [ 51590F442C6E5D43244BA30DDB0CE79D, 9C7FD0A19753C13FD4A27EBFD60703A2414D5A2F6F451F0B32769C8D7C953980 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys 19:28:09.0758 0x2310 QWAVEdrv - ok 19:28:09.0760 0x2310 [ E951E70019865B06126AF850BCCA2026, C590DE38C7603149AFA0271D57EEBAF956F18F50584FCF04BC2C8D8CEC5C5932 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 19:28:09.0768 0x2310 RasAcd - ok 19:28:09.0771 0x2310 [ 0BF8607133AE264BC3C41A5BAA5FFB7B, 9A4F6AC6013AB5C2A99BCFC2CCF161DD225DE8D85D61579655ADBF04A4383A61 ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys 19:28:09.0781 0x2310 RasAgileVpn - ok 19:28:09.0784 0x2310 [ FE0976379F9E7DB6F7945FCEB88C7E29, BA331CE55C02E86478714DA87FAC547B50D53BC7D02BCA5A64D484DED44BFAA5 ] RasAuto C:\WINDOWS\System32\rasauto.dll 19:28:09.0794 0x2310 RasAuto - ok 19:28:09.0797 0x2310 [ CA60F6C03611AF1710BC903ED9F566FB, B5C9E8BAC631738761E11168AB68EB1ECC5EC96BF9A8248B9127DCF744CA4691 ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys 19:28:09.0806 0x2310 Rasl2tp - ok 19:28:09.0818 0x2310 [ 586A17C10D417D889F1FF7D8636E2F34, EEDA4EE8D2BC5C8C7756AB79F1F19AF8B1C4057996748FAE4E3F37844DB0EB33 ] RasMan C:\WINDOWS\System32\rasmans.dll 19:28:09.0839 0x2310 RasMan - ok 19:28:09.0843 0x2310 [ E5FA41160F5A3D78D8F7765E5C5F6BB0, 31BA423FFFC3206717DC34B482149421EE28B27A4A3BA2DC78C3B3A9EE0C1365 ] RasPppoe C:\WINDOWS\System32\drivers\raspppoe.sys 19:28:09.0852 0x2310 RasPppoe - ok 19:28:09.0855 0x2310 [ DF0834AE921E633E05D1FDC55C318957, 851A00961224DACBEF9DA427122F6B4B73BB99849D5ECB55DBBD311B2EA84C33 ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys 19:28:09.0864 0x2310 RasSstp - ok 19:28:09.0872 0x2310 [ FC9B7AC6E2B837EF7CD6C64F7068D41D, 9B0DD842033E82BC7EE80416A62B084BF5200923EB7A6C80415BB28004E9B5E3 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 19:28:09.0886 0x2310 rdbss - ok 19:28:09.0890 0x2310 [ FB7375657F8A5932C35EAA45E9B4B416, 99594708BFD6DC9F8CECBF092058D4D0D4F1BC3204E86F9FDAD5207ED5ECF194 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys 19:28:09.0897 0x2310 rdpbus - ok 19:28:09.0901 0x2310 [ A32AED8C644734B283A7C9D08D76064D, A12F67C57E43B6A2FE6449EA3822B1108FE70C66AF9911798777F85D760E384C ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys 19:28:09.0910 0x2310 RDPDR - ok 19:28:09.0915 0x2310 [ 37CC7E41243EFBB4FBC0510E5CA32A02, 634E2F81D61F937F30E5ECE01FB581E090C6DA073EF7B1A3F6083ECAF363CB46 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys 19:28:09.0921 0x2310 RdpVideoMiniport - ok 19:28:09.0926 0x2310 [ DAF957B25A35757E9D814611FAE8FE3B, 5244A427B2DEB5349B9F336A4A39A6834A6E8118A8EDA00738C6CE09F2452C24 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys 19:28:09.0935 0x2310 rdyboost - ok 19:28:09.0949 0x2310 [ 2C72E029C153D25325CA182A669E4ADE, 5CE0E04A6B53A1F11E8159DFD1E59F2AE6631E3B5BD27BAAEC4A35BC02A55722 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys 19:28:09.0971 0x2310 ReFSv1 - ok 19:28:09.0981 0x2310 [ BABEE4A896D005BD0D205F1C932DA25E, 269FDF65BE3A226FA2A5CA25085366E32ADAD30A020484FE844962E8C61CB1D2 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 19:28:09.0998 0x2310 RemoteAccess - ok 19:28:10.0003 0x2310 [ 066062967A77867BDCF665960EFDAD32, 68143DBDFA7C68786C22F5CC4E80200255C663A844069C080E7816F423ABB1F4 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 19:28:10.0015 0x2310 RemoteRegistry - ok 19:28:10.0030 0x2310 [ 891C83BE8BA62B7547B9A6576A360C71, B808FE4B5A93B8C971C2AF6CC7F0BAE7154A43A87D6CE0826277D1D7D7948E24 ] RetailDemo C:\WINDOWS\system32\RDXService.dll 19:28:10.0057 0x2310 RetailDemo - ok 19:28:10.0061 0x2310 [ 6451FE42C35FDE3862D99579444F4A8F, BD56A1120AACF6143E6EB739E12BEE86DF142F1159865608BDF1BBE54B66AFCE ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll 19:28:10.0070 0x2310 RpcEptMapper - ok 19:28:10.0072 0x2310 [ F24131EAD1D0B73463052BB042A37B6C, 43B5772310B200DF1914C8E4D10401A0BCE9082BDEAC34736AFB2920B39D7956 ] RpcLocator C:\WINDOWS\system32\locator.exe 19:28:10.0080 0x2310 RpcLocator - ok 19:28:10.0093 0x2310 [ 5E57B9FBB4E9C43EE5B69BEE01A1819F, A1F8D1E52AF446CEA2EB50064E3A24B713B19197D61C3EAECB81B3CCD80558E7 ] RpcSs C:\WINDOWS\system32\rpcss.dll 19:28:10.0118 0x2310 RpcSs - ok 19:28:10.0121 0x2310 [ DC66C1D262D64E30A30B68E9F21AC74B, A5ED3D31BCD68DBC00A956787517ACA167C86F5FFDAF7C9A85505FA2B705C6CB ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys 19:28:10.0130 0x2310 rspndr - ok 19:28:10.0133 0x2310 [ 88F7703F2A4677C828124AE2110D3EBC, 529F6A5815806F2EA2235802BD28AF8D7A40E7799356BD3EC337C9E71B6B53E6 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys 19:28:10.0139 0x2310 s3cap - ok 19:28:10.0142 0x2310 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] SamSs C:\WINDOWS\system32\lsass.exe 19:28:10.0149 0x2310 SamSs - ok 19:28:10.0152 0x2310 [ B467E932FE4E16E201DC7E56870CB559, 6FCE9A2DFC5D222BBEA4AA271A17B830FCF8EAE44B07BEE5FF34AE50CABCBB6A ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys 19:28:10.0159 0x2310 sbp2port - ok 19:28:10.0164 0x2310 [ 3E115C63649402D321D396F8D606C9B0, F4BA7FE0E89D563A57B6865E4CF1334998987D11A0D70FF7491726A507B40DF4 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll 19:28:10.0178 0x2310 SCardSvr - ok 19:28:10.0182 0x2310 [ 67EFFD3D1BB6D2B67DF7F8FDCB1A51FC, DE41539FAC730F5CFF6C8754ECFF1253AFDC1C86743AE71B61D716B7A84E85FD ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll 19:28:10.0194 0x2310 ScDeviceEnum - ok 19:28:10.0198 0x2310 [ 31DDA0716EC265CA57DAF9D2295FD76F, E6F39C1B3CF81918277DB8C6E3DF9A82812E1C9063DEB1FB85FE433DC9A16CBA ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys 19:28:10.0207 0x2310 scfilter - ok 19:28:10.0223 0x2310 [ 1BFAC03B6422E878EFCDA934BF4C4823, 0BA537A4B9E8020E6B709A44F1382DB3B41CEF631B847201F812152FEB303CD3 ] Schedule C:\WINDOWS\system32\schedsvc.dll 19:28:10.0250 0x2310 Schedule - ok 19:28:10.0255 0x2310 [ 320E7A02D81A468E8C1FEEFDB856AFAE, E65127D3D6B628F9D19EA509FEBD9E4DC1BF20D0C62C3C9E1D7087DF972B2AA7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll 19:28:10.0267 0x2310 SCPolicySvc - ok 19:28:10.0273 0x2310 [ 004C66464D8FE76D5DA78BE6777D61AF, 58B5C436798EEBBE7081D54B55B70DEB15331856802CD45E3FF8BDE794F06A27 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys 19:28:10.0282 0x2310 sdbus - ok 19:28:10.0287 0x2310 [ A906C527B838A4922611C63EBD250F91, 6BB0054A9C2408138BDF49D834FF99B5B9764E7747ABC15016F54FBA1D28394F ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll 19:28:10.0297 0x2310 SDRSVC - ok 19:28:10.0300 0x2310 [ F4BF50A7D16A97A887BFA0F193693C42, EEBF5AAC149C72F490BAC954B25BB6882B10FC38F93CA4F4829A06702B1ECEF9 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys 19:28:10.0307 0x2310 sdstor - ok 19:28:10.0309 0x2310 [ 648A299839E8F48A946C41DE270D28F5, EEC9A5FCBE3FF78FB5E0452FF1932A8B0C7399688041E22555703CB1977A4428 ] seclogon C:\WINDOWS\system32\seclogon.dll 19:28:10.0316 0x2310 seclogon - ok 19:28:10.0319 0x2310 [ 29452A9DA3E3482F0C2963312F979053, E1782D36C336C4B4C261AD665C1E9051905AA86020E08FC94069972AF4C4DB4B ] SENS C:\WINDOWS\System32\sens.dll 19:28:10.0330 0x2310 SENS - ok 19:28:10.0345 0x2310 [ 919BA7E3054E4F1D61A3524ADCE6A970, 3C382673DF5AF2F38A5AE4A268F5856B0CC9E65D52213DE6D2C06E252753B73C ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe 19:28:10.0373 0x2310 SensorDataService - ok 19:28:10.0379 0x2310 [ 01C2EEA7870FE26A4A6CCBA5421CC7E5, 9E643AB6BCBECE4F2A5FD4C96547A4E3F2BDFEFC5FE24B802467718EC69929F8 ] SensorService C:\WINDOWS\system32\SensorService.dll 19:28:10.0391 0x2310 SensorService - ok 19:28:10.0396 0x2310 [ D2FEE824B4AA0BE377F1353E5F915BF4, 00D754C62F3482BBD0EA72C896139C39D15192B2D9FCC7B755D1FB9DF9FCFD9B ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll 19:28:10.0406 0x2310 SensrSvc - ok 19:28:10.0409 0x2310 [ 9DB0BBE3ABE1F49651AE51EC5BCABE58, 0B46C1F231F41766AB73EE7E9834D3CDACA602D12E702D9277E28B47417D9CA4 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys 19:28:10.0416 0x2310 SerCx - ok 19:28:10.0420 0x2310 [ C4AF79C37334D995D95C22C14FDBF7FD, 4D4985921261909F2123467A22EDB102B490710F60AB935624435E5BB808A0E9 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys 19:28:10.0427 0x2310 SerCx2 - ok 19:28:10.0429 0x2310 [ FC541A272F47BE03E67A9FCB87FA8C3E, 730A3616FD67E9F2832442144B2655A8EF78B9AFCB204113E73E257256491354 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys 19:28:10.0437 0x2310 Serenum - ok 19:28:10.0440 0x2310 [ 2A5F5F95FCA123DCBF53B5F603B64789, DE5C9E1D88B2C180B137DA7839F3EF6C936A171ABA49F89C10EE9C73A2226F3F ] Serial C:\WINDOWS\System32\drivers\serial.sys 19:28:10.0448 0x2310 Serial - ok 19:28:10.0451 0x2310 [ C8738887228B7BFA3B1A906816A8BB12, 328283569201791891D5E9FB3028DB5B9FD93A7BEFC00C7DEBC2CC5731DE64D5 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys 19:28:10.0457 0x2310 sermouse - ok 19:28:10.0468 0x2310 [ B1CB58853153397DFFA2D13A81451D09, CC9B3B064711E9B5CB38DC1C84DC410033939848BD31BB0D12F990E8154F357E ] SessionEnv C:\WINDOWS\system32\sessenv.dll 19:28:10.0483 0x2310 SessionEnv - ok 19:28:10.0485 0x2310 [ 67832B68752CDF7FDE56949E4A2E70BF, A72320EA8575A751DF86A1EE7969AD9D548D6185F2520197262E11B79FF8222B ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys 19:28:10.0492 0x2310 sfloppy - ok 19:28:10.0500 0x2310 [ F10E5536E1C753E01CF19FA4F466CE90, C9897F22B176D84CA233F864078895E3DAD4DAD090FACBB01BD6E59EE337B47C ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 19:28:10.0516 0x2310 SharedAccess - ok 19:28:10.0527 0x2310 [ 4AC12D495B3CB4275F74C68A7A017561, DC53EBD606ECCD8BCF6D618C0EB58B03F5C20F09E0F0AEDE9B8082D6B208B19A ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 19:28:10.0551 0x2310 ShellHWDetection - ok 19:28:10.0554 0x2310 [ ED058030296CF9B79C8D48BF43724323, 01DC7C2590DF48116CD1A126F207FE5DE439A53286BAE3736E22EE3D1CA80BE3 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys 19:28:10.0560 0x2310 SiSRaid2 - ok 19:28:10.0562 0x2310 [ 633D3D1581E9DCCD5A2D8F039104C9A5, C44B5097016C2AEC8B41F77425FE44413562F9DCF0C0C11CA69D8178970B4706 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys 19:28:10.0569 0x2310 SiSRaid4 - ok 19:28:10.0571 0x2310 [ 35B8FC714C2E7F07F7DC7C64452153F8, 6D45EB01B5F972ED0E5520E771F007FFEE892054FABDB3DD00D3E9915D3A0A31 ] smphost C:\WINDOWS\System32\smphost.dll 19:28:10.0581 0x2310 smphost - ok 19:28:10.0590 0x2310 [ DE3A5C27EC842A113F68A2705FF63B00, B134EF63708A892B673B539F544F7980FF72838D822E8E4CCDDB359B22CB8805 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll 19:28:10.0610 0x2310 SmsRouter - ok 19:28:10.0615 0x2310 [ CD1056818A6FCEF4D32BD1D6E34070D5, F5BFB61ACB220A73B0DC4487B049F52E9F9FA2D4188C001E7A5838D47CEA6343 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe 19:28:10.0624 0x2310 SNMPTRAP - ok 19:28:10.0633 0x2310 [ 187B4AD4446C59F8FCC4A10F473EE3D1, 0AAD961B3D7B3484DC89CB86F3EC96CEBFABB7224A5BFB48083DE8F1805EA7B4 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys 19:28:10.0645 0x2310 spaceport - ok 19:28:10.0652 0x2310 [ 2799FCA215919FDC9A87C5FCAB530828, BDE968BF26693AA4D70AB669896BCA49C6F533EA226386B35B0EA589A55227B5 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys 19:28:10.0666 0x2310 SpbCx - ok 19:28:10.0684 0x2310 [ 58C17D92AD61EC7A98B05F4FAD0D205A, B881134A1BD9194145A9D18BDB34D57E2C167F06C2A9368459D0C33E6E0D6501 ] Spooler C:\WINDOWS\System32\spoolsv.exe 19:28:10.0711 0x2310 Spooler - ok 19:28:10.0795 0x2310 [ 5C31E109943E67CFC801810C00AB63EE, 9A80D7CDA1135EBCE10E753986A59CFA3D8D49F9B0BE38FDF99880B1DD88C41D ] sppsvc C:\WINDOWS\system32\sppsvc.exe 19:28:10.0897 0x2310 sppsvc - ok 19:28:10.0909 0x2310 [ AA1F23501511EFE9CF9771F6B20E8D45, E786852D9877CCFD35444F8FC694467132F868D87A8C344FD1016FFDE74695A5 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys 19:28:10.0923 0x2310 srv - ok 19:28:10.0935 0x2310 [ F5B169EDF9D5E3C7200D89D30E065D13, 12BAF3A3CB76F0900FA53681C9AD16F40308F493BA22C0F60E1E268D0D6AF825 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys 19:28:10.0954 0x2310 srv2 - ok 19:28:10.0960 0x2310 [ 2E142E027F0AA698BA4DCE49CBDB43CD, A21027BBBC75A55A8B302D028113A0683016E4C72790A8C561DDB1AE7FDB4289 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys 19:28:10.0971 0x2310 srvnet - ok 19:28:10.0976 0x2310 [ BF71B3FB5B7557CB740CDB09C5FB50D9, D6F9E65FDC9C4ADAFE82D94F71A1F5960DB3BEEBF4FE5B2D087515C4FAA5F287 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 19:28:10.0990 0x2310 SSDPSRV - ok 19:28:10.0996 0x2310 [ EF1BC04215C201ADA3F7F5A2F034EA21, E1A7A0FA2032B9E7D3951100E74C04D93CD848C88D23D57FBA0BFA2816B29C61 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll 19:28:11.0008 0x2310 SstpSvc - ok 19:28:11.0013 0x2310 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys 19:28:11.0019 0x2310 ssudmdm - ok 19:28:11.0021 0x2310 StarOpen - ok 19:28:11.0056 0x2310 [ 0FC4FA53C3F666CD7AFB138A978D3CB8, F65D88324D6007CE4AAB9486B6D00EE6352CA0F3B1A2D0616811AF1279799501 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll 19:28:11.0116 0x2310 StateRepository - ok 19:28:11.0130 0x2310 [ D31201BD8782752BD69DBE1E5DDF9AC5, 98B72690B4E6CC1B694C655DD31CB1FB56B76B62A32CFB748AF78F4C072D9740 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe 19:28:11.0145 0x2310 Steam Client Service - ok 19:28:11.0154 0x2310 [ 9F40F66B0315951BC176BE29CABF9408, 5E6FF8C13A048726B8AD727981FE151AEED04C47BC2F0A1A7FFF6248B6A14567 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 19:28:11.0162 0x2310 Stereo Service - ok 19:28:11.0166 0x2310 [ DDE064A4298FD1FBF804D3ED691E7EDB, B0D117B1FC0DA2CB76F5F63699E2F108930B6C6721AC443111D48215ED624278 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys 19:28:11.0172 0x2310 stexstor - ok 19:28:11.0183 0x2310 [ 60F04DF1AB55D6D4BDA02052DD20537E, 52996EDF2C06968DADC9BDF24E4039929B81643493C7193B8CC4A6BD1A3AE761 ] stisvc C:\WINDOWS\System32\wiaservc.dll 19:28:11.0202 0x2310 stisvc - ok 19:28:11.0206 0x2310 [ 32C95F44108C3E7DB58F773346E3C9D0, F852D8ECA06080EA6DE1A90509071965A750D9CFC9627F0D4DB8ECC57133B0B5 ] storahci C:\WINDOWS\system32\drivers\storahci.sys 19:28:11.0215 0x2310 storahci - ok 19:28:11.0218 0x2310 [ 8883C8CE4942A99B84E1CC6EFA19738E, 60C1CDA4382F8EE70D810DBB1BCAF5F389433563FF23EEB84859612F396D8CE6 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys 19:28:11.0224 0x2310 storflt - ok 19:28:11.0227 0x2310 [ AE7B7E1E95BFB9340B1956C98CA52C81, 3E0214A0C486C1CD05D9BC57E58A998A3CEADDC1D24AE2A75098F56B37069160 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys 19:28:11.0234 0x2310 stornvme - ok 19:28:11.0236 0x2310 [ 63513EF3121689B3A59BD217618A2E42, DE9B89732801DEC60BD116D58CFB427F7E37F093BE8A9F6E0CAC729B5346B314 ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys 19:28:11.0244 0x2310 storqosflt - ok 19:28:11.0251 0x2310 [ CC96FF061C772340F2ED89ABBA567ADC, 028CD44405B7FAFC7BF331DD729E44E0594A63386F48CF39D7725A58B3DE22D6 ] StorSvc C:\WINDOWS\system32\storsvc.dll 19:28:11.0266 0x2310 StorSvc - ok 19:28:11.0268 0x2310 [ 000F5CFCEF0F06DC8FD1D2F568E48AE4, C1FE485E57A1B912CE79556E0EFF03CC11362E7966D250E3AA4962DCCB8F8EE6 ] storufs C:\WINDOWS\system32\drivers\storufs.sys 19:28:11.0274 0x2310 storufs - ok 19:28:11.0277 0x2310 [ 7415087F9006D6818F85F3CBD79B1A50, C768EBB2263375D285D689FEEF546147D42D7376977424A4D6FD655CC78EA7CD ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys 19:28:11.0282 0x2310 storvsc - ok 19:28:11.0284 0x2310 [ E49858EA5865A015EB78B7F7C1C07DE2, 1ADBBAC2D2E2E3C40AB0BDDE068001E76A8DAB79C54F06479F7A4567DAD7A7A8 ] svsvc C:\WINDOWS\system32\svsvc.dll 19:28:11.0294 0x2310 svsvc - ok 19:28:11.0300 0x2310 [ 802278EE4ACCE9EA1F1481DF20EB1667, E78F0DA2CA0B2C2DF3B7E3B2A22C03380FE649813EE6EB31067C5FB6727DB7BD ] swenum C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys 19:28:11.0306 0x2310 swenum - ok 19:28:11.0314 0x2310 [ 313D2C0DBA0B23A8302254FD317D2EC8, 20B98D6F33FEC7ACBCEED9757A3FEAD837FA7BA378BA25575A33EA45E076FC6B ] swprv C:\WINDOWS\System32\swprv.dll 19:28:11.0333 0x2310 swprv - ok 19:28:11.0337 0x2310 [ 12D0CB1DCAE6725B6CA54CC2038C4C8C, 7D224298E440B8C5FDD99A52485A6245DE5109C9A02E65AD38F1EC6DBF4AEEF2 ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys 19:28:11.0344 0x2310 Synth3dVsc - ok 19:28:11.0360 0x2310 [ D5B31B2F14848015C211F1D674A82F3A, 58C18254C817693DB727090D1CC518032B3A67C5B3FC7F2F8CE4613A33790CFA ] SysMain C:\WINDOWS\system32\sysmain.dll 19:28:11.0390 0x2310 SysMain - ok 19:28:11.0398 0x2310 [ D5AAA188C70146977CFEE8D128599F3F, 9ABC30982E552EAF41FE84397EEEE5A3187444062C662D7CF35A03E3B274AFB8 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll 19:28:11.0413 0x2310 SystemEventsBroker - ok 19:28:11.0419 0x2310 [ 95875059929EF91B55EA612D7967DD3D, 5F734209C8C9725376F7C146ED84999CC6D019C4C10B1795F53E72BE8853E2DD ] TabletInputService C:\WINDOWS\System32\TabSvc.dll 19:28:11.0428 0x2310 TabletInputService - ok 19:28:11.0435 0x2310 [ FE33F417DFD9847CB571D3C7EE5FA7E3, B3C7BE7998B9B093DD969A2588EE8CEBD9771331A63D4B1D86A188317B5EE71C ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 19:28:11.0448 0x2310 TapiSrv - ok 19:28:11.0481 0x2310 [ 7EBD20284AC9BF9F0A020B86769BB074, 26D8CC9C1EE069BB617973BA7CBCFC36BAF1EABF975F395077547F930197A56A ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys 19:28:11.0522 0x2310 Tcpip - ok 19:28:11.0555 0x2310 [ 7EBD20284AC9BF9F0A020B86769BB074, 26D8CC9C1EE069BB617973BA7CBCFC36BAF1EABF975F395077547F930197A56A ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys 19:28:11.0596 0x2310 Tcpip6 - ok 19:28:11.0602 0x2310 [ D378A1AF58AFA84BB6AC753F2C1BE9F4, 8BBA623193D51E6A8DD0627FA08C93B918EF1BA2EEBA46CDBB86FE6A1007FDEE ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys 19:28:11.0611 0x2310 tcpipreg - ok 19:28:11.0615 0x2310 [ 28E1E63A1AC65E17B3194238FA2CF3BF, 9A52D6DD14BEBB7B407B2703A111D1B302F1B84AA40A14D21FCA554F395E935D ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys 19:28:11.0622 0x2310 tdx - ok 19:28:11.0624 0x2310 [ CCDBD2817C10A4F631280CBB3AE44FFB, A022DEF4D3CF75F41FA26275347F4BA38A513AD32FF18385C2E756DECB61D404 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys 19:28:11.0630 0x2310 terminpt - ok 19:28:11.0649 0x2310 [ A0608264209A836821D6AB8C67B108AB, 7912C75F72BCAB7426A2E00C597C8D94C185B5DD31BD6C4BE5D56FECD5B0D9EA ] TermService C:\WINDOWS\System32\termsrv.dll 19:28:11.0676 0x2310 TermService - ok 19:28:11.0680 0x2310 [ 261830B1E3650E4471E1F98850B929B7, D281B8A93315E64C7AF5002E5BFBE6AFF8B35FD6AA747AE07D7AA96F4AFAA613 ] Themes C:\WINDOWS\system32\themeservice.dll 19:28:11.0693 0x2310 Themes - ok 19:28:11.0701 0x2310 [ 8D23F0819A00C547814409B734DD3747, 0E1B25A53C84486F8A57F309F3C016114F90F5AF5E576889BD230931F38594A5 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll 19:28:11.0719 0x2310 tiledatamodelsvc - ok 19:28:11.0724 0x2310 [ 354DAA630928CD4DA2BC84A0DA4ADA9D, AFAE4948EA4F899267DC52DF9A06450FC3E77083B563E541581DA90685C7E98C ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll 19:28:11.0735 0x2310 TimeBroker - ok 19:28:11.0740 0x2310 [ F4AEDABC8F3A9D632F8206D0C7F8CA09, 6E76749CD4B857B4D930267E3CF448AF4D14FAC851873C5E71572E62CAD2FA36 ] TPM C:\WINDOWS\system32\drivers\tpm.sys 19:28:11.0748 0x2310 TPM - ok 19:28:11.0752 0x2310 [ 2D0338A3009075FCCB119CB7F3280F82, F42F3B8DA0F8B2C99892E66CDEF471A1CD30A30CF437ADFF464A2C786A6B87A6 ] TrkWks C:\WINDOWS\System32\trkwks.dll 19:28:11.0762 0x2310 TrkWks - ok 19:28:11.0765 0x2310 [ 62D6A900C5DFF2ECF131384E5A5C85AB, 1AF1FB868C59DFF452E3351EE5070B2C746DE606B9E2F1834CE2256F41ABE7A9 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe 19:28:11.0776 0x2310 TrustedInstaller - ok 19:28:11.0779 0x2310 [ 676C801CAA61AADD0C918CC536A74B78, DB5DEC9445272E46D32DC2A9A99A9AE45729E424E61C679ECFD973AA88457BE6 ] TsUsbFlt C:\WINDOWS\system32\drivers\TsUsbFlt.sys 19:28:11.0786 0x2310 TsUsbFlt - ok 19:28:11.0789 0x2310 [ 2BB6CC0DD1CEE86330743B56FA9FE91F, EE71E3DEECA7599947AB09E8967FE8066348D82B4C17D8CBE800FCDE9CF4989D ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys 19:28:11.0795 0x2310 TsUsbGD - ok 19:28:11.0799 0x2310 [ 14B46248612DF1B1A695040FFFBCFAFC, 8C373A3C416FC9AB3872A187E64AC7A6E69FF605BD8784E8F2B1C28C293A0495 ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys 19:28:11.0810 0x2310 tunnel - ok 19:28:11.0813 0x2310 [ D0BE5EA1652D55029C9A898FB8ACFCE0, 80C4BC30B967C79B3457F43EB9B530CA2571C6158958879AC55E5A81F71CFF15 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys 19:28:11.0819 0x2310 uagp35 - ok 19:28:11.0822 0x2310 [ 13C15E4B238895FE4731DB1D612EEB5F, 211E4B05AA09F7FBE2487C3241A98D1F970FEE5B9B1BAED2788B57233BFC4104 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys 19:28:11.0828 0x2310 UASPStor - ok 19:28:11.0831 0x2310 [ BEBB8B55C5F99B69EEE39A9D7BADB21E, 08A094EA38AB58CC70108A3BDFDD3251897DC4B13FDDAD54C1B063137836EF34 ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys 19:28:11.0839 0x2310 UcmCx0101 - ok 19:28:11.0842 0x2310 [ DE3EDAF609D00EA2E54986E6459796A6, 61A9AB51869F38300CC5CC5D302B962FB966F54CBB2E393954F36372B3A479FE ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys 19:28:11.0850 0x2310 UcmUcsi - ok 19:28:11.0855 0x2310 [ FB1C1D8B96A482F3581338D6752E1D6C, 0FFAEE3E088614B3483C459513BB9D78EB76B574696FD877A3CDF6A11378F46C ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys 19:28:11.0863 0x2310 Ucx01000 - ok 19:28:11.0866 0x2310 [ 4E1543ACE2F6E2846713E5123D9D4159, 1A6AFC525A80D1F19B14CDAD38790DF7293911C4D0E8301161D92201B934C3D4 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys 19:28:11.0873 0x2310 UdeCx - ok 19:28:11.0880 0x2310 [ CDCA9CC1D8293E75218D8FF85F2337A4, 173086C08DDC7625E026E425F1E2B5D6C795771BEAE9BFF6093E3592FBEBD323 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys 19:28:11.0895 0x2310 udfs - ok 19:28:11.0898 0x2310 [ BC683E19307C533C7161DB7A58051347, 5553BE3421986FDD9992EBFD883CDA151F7166C01BBFA3E9183A3C93E41D79B6 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys 19:28:11.0904 0x2310 UEFI - ok 19:28:11.0908 0x2310 [ D14B42C26DE402F316D49667D15446F0, 61CC9FF03EF78631C800EFD8D587975CB94D53DB80E6F60BD13BA52EC5690D3D ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys 19:28:11.0917 0x2310 Ufx01000 - ok 19:28:11.0921 0x2310 [ 192470BE4321791FBB25F379D0141D6F, AD120F8F98BD99014471CE60630B5FEE7555AB261C98B7D9819FE23C386655F7 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys 19:28:11.0927 0x2310 UfxChipidea - ok 19:28:11.0931 0x2310 [ F7BD838E84E6B286DBCE068EFB8C0800, A55188C8F8BDC739A7ED7D29CDCB2A17468BBB158E13D804963B31ED73449520 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys 19:28:11.0938 0x2310 ufxsynopsys - ok 19:28:11.0942 0x2310 [ C844E39B900FFA46CA8DD2BBA670A077, 0CB6232BCE47C59821DF25D6ED33E85C3E32DDAB101AA8A2C22B5401E73F5D5B ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe 19:28:11.0952 0x2310 UI0Detect - ok 19:28:11.0955 0x2310 [ A25842AC180F0E8B02380ECB8ADA1AF5, AF22E7559C5EF8DC22A2B9E27FFFFF075B1D1B68A8307266BD9473E0FAF36BEF ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys 19:28:11.0962 0x2310 uliagpkx - ok 19:28:11.0967 0x2310 [ 21088F43172525C7E02D335A3327F46C, B04AD471A7DFE83AB557DB4540616B7DF4A1904F8BDDCB920D449FCEE6F36FD5 ] umbus C:\WINDOWS\System32\drivers\umbus.sys 19:28:11.0975 0x2310 umbus - ok 19:28:11.0978 0x2310 [ 294A291B5D48FE8F38DD94B7272442C5, 66C9139636760C92C1E04FCF440C432FF6C5A94E1577CAFE1D61FCF2D30472ED ] UmPass C:\WINDOWS\System32\drivers\umpass.sys 19:28:11.0985 0x2310 UmPass - ok 19:28:11.0991 0x2310 [ 3427889AECC3B6912A0A01D095E32B98, 322AE14B74295ACFC124719BBEF8809201150A184E262EC55E26D2B45787BF9D ] UmRdpService C:\WINDOWS\System32\umrdp.dll 19:28:12.0005 0x2310 UmRdpService - ok 19:28:12.0024 0x2310 [ 0D5C9E27E93AAEA3E30A1E59A7AC3DFF, 31A203DA03877E6B887930990C5BB53402F0DFFB22A6F8FC5A34EF0B99CD8A7E ] UnistoreSvc C:\WINDOWS\System32\unistore.dll 19:28:12.0055 0x2310 UnistoreSvc - ok 19:28:12.0065 0x2310 [ BD693208673F40BA21AA70B69F1D439C, E324947C2DD34386A83B09E73668F1CCED127AC91194B8BF7EC4C8E36CF8203E ] upnphost C:\WINDOWS\System32\upnphost.dll 19:28:12.0083 0x2310 upnphost - ok 19:28:12.0086 0x2310 [ A7A52EDDC3FAF183D6AC4774690ADF13, 630A0331F2EFA2DC7EFDACD08D8DF5C85BFDA30FF1525050FF54E069AFA45F6C ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys |
02.11.2015, 19:35 | #5 |
| Virusname: "searchinterneat-a.akamaihd". Öffnet selbstständig Browser-FensterCode:
ATTFilter 19:28:12.0093 0x2310 UrsChipidea - ok 19:28:12.0095 0x2310 [ 2EEA0897DD9E30E958B508D557F0B5E4, BE051A3AA5DFF56310FAB67AD19AC0443A3580542886EF3554EBE18F1323596F ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys 19:28:12.0102 0x2310 UrsCx01000 - ok 19:28:12.0105 0x2310 [ DC54D775A3A61E4CDE871B4E38A1459A, CC996A9D293201BBD285E7B629B12EE88574702B8AC7BB4149439D6A25A07F7E ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys 19:28:12.0112 0x2310 UrsSynopsys - ok 19:28:12.0114 0x2310 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys 19:28:12.0123 0x2310 USBAAPL64 - ok 19:28:12.0127 0x2310 [ 18B63A0980F4AA1E6D7879B253980E37, 05F96DBE0A3DE2A685DEEBA8B6838A47AEB7CE2EBE8EB6BAD67B36DCF7E73589 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys 19:28:12.0135 0x2310 usbccgp - ok 19:28:12.0140 0x2310 [ 1C60A1A3C8E1E819E16F12BAEB1C83F8, E255BD173DBF091C5EA07381862E23C1FD761489EC396E312974FBC124E1F33A ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys 19:28:12.0148 0x2310 usbcir - ok 19:28:12.0152 0x2310 [ 9A3E39F85DC6E3B9F792F1095ACFF788, 66B8E137A5232E9F717907CFD49FE624AE101F4DE14E2960849DABF7A877E87A ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys 19:28:12.0160 0x2310 usbehci - ok 19:28:12.0168 0x2310 [ 0A368247A900656CC0678117DFC3A87C, 9BEAD14DA067439D913F609955E95CFA0B88ED4F1BC60B473E00F9D9CBC01B9C ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys 19:28:12.0181 0x2310 usbhub - ok 19:28:12.0191 0x2310 [ C08449092043601887A1743350888635, 5CD916649D2CD8823B89C9E7459AD76AA8E54D70B6D9F40AD4A41144E22ACBE0 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys 19:28:12.0205 0x2310 USBHUB3 - ok 19:28:12.0208 0x2310 [ 72EA850B59F40C25A4FEDDA5FE84EFEB, FB4801AA1FB72FC1C41024916368823E88D53E338640E3BEA865B0F0E7B8EE91 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys 19:28:12.0216 0x2310 usbohci - ok 19:28:12.0219 0x2310 [ 47B2B2DE152E25546944049CA1170BB1, DDA0A806D3108B2475AB13F584EA8CE6F0932C5E394C2C3FA691DFAB8A2BCAC0 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys 19:28:12.0227 0x2310 usbprint - ok 19:28:12.0231 0x2310 [ 1F72E1A7E1858B7B3FF81522FCEBDE95, 4FAD243DA73C45CD5CA5E50F824F30EF0DC777D83957FD21FF43D8C89EC15AAC ] usbser C:\WINDOWS\System32\drivers\usbser.sys 19:28:12.0240 0x2310 usbser - ok 19:28:12.0243 0x2310 [ CD35467670DF1E6FBF36DA308F0C872B, E1F4F9B1EBD476394CBD0C934842AEE2502B030D97351B0A1E751FF23B011B57 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS 19:28:12.0251 0x2310 USBSTOR - ok 19:28:12.0254 0x2310 [ DFA92EA105DD1073B43FB210EEB03DD4, D940432458F0A04F5013B48197CEA0412C8A909C50605AA21DD08271C90E2FE3 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys 19:28:12.0262 0x2310 usbuhci - ok 19:28:12.0269 0x2310 [ C67A03F54A1EA683F4880A481EE5FF6C, 346185B378577FF14EFAD01ECB7DFC9AFC0D50F16DF081C3BA99AEFF710A0EE9 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS 19:28:12.0281 0x2310 USBXHCI - ok 19:28:12.0303 0x2310 [ 32212C0FE0556915E763C29DEB6D267E, C5BC9DA3AB0C41604E8F3D01AFC2C25351FF5D3967E766DD0CDB4C0239ED6312 ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll 19:28:12.0342 0x2310 UserDataSvc - ok 19:28:12.0355 0x2310 [ D76A6C338A81C3B14AD37B22AA422B4B, 39489B44068CAA86232B513FF7A5DA56F5AAAB595D8DBC0CCDDD4ED4A1318E07 ] UserManager C:\WINDOWS\System32\usermgr.dll 19:28:12.0377 0x2310 UserManager - ok 19:28:12.0384 0x2310 [ 0CFEA30C0217EE74FF853B2B0CC0BE6D, 1F0856D2D94F46D7B24B7EE18ED868C9EFAE972039D35D1FAA9058A12CF40493 ] UsoSvc C:\WINDOWS\system32\usocore.dll 19:28:12.0399 0x2310 UsoSvc - ok 19:28:12.0403 0x2310 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] VaultSvc C:\WINDOWS\system32\lsass.exe 19:28:12.0410 0x2310 VaultSvc - ok 19:28:12.0412 0x2310 [ 26223003DDFB347B5CF3EC0B56DB066B, 78848BE1334C05F28FA431B08225EAE8345B2C66E7D677F9936892FC941EA961 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys 19:28:12.0419 0x2310 vdrvroot - ok 19:28:12.0430 0x2310 [ 0C3F4E7684C1D72E85A98689E65A98A1, F7928D3EFC1A83125887ADA5F8E008022B58F0DBA8A711B4D60975D8CE82B595 ] vds C:\WINDOWS\System32\vds.exe 19:28:12.0453 0x2310 vds - ok 19:28:12.0458 0x2310 [ A417284BC6B5C2EEF63F2C5154473530, 55146660CDDD829630C216038E6500CFAC906E67C82881047B665BFEEB286D10 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys 19:28:12.0466 0x2310 VerifierExt - ok 19:28:12.0477 0x2310 [ 4C39C05A72EB14C0567501C7E087E564, D3DC122B7E4A5BD345517FE3A9E9E58CD3C78887F9F327AB782BADCAD0F8F2EB ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys 19:28:12.0493 0x2310 vhdmp - ok 19:28:12.0496 0x2310 [ C42206A15078596FDE8E89BB629DE342, B95F9EC2413ADE658A7CE4A9BB57A0E125C29205C24BBB120153DACAF4CF9482 ] vhf C:\WINDOWS\System32\drivers\vhf.sys 19:28:12.0503 0x2310 vhf - ok 19:28:12.0506 0x2310 [ 248D9F911A5C94CF8477125DD0C3A291, 418C7285184BCC9DE4E56175960585867A5DB21FEF761C49FF6F1AF1C07D8088 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys 19:28:12.0513 0x2310 vmbus - ok 19:28:12.0516 0x2310 [ 3E98DD4E0CBD6B4F9CBD0E9E0EDF541E, 2B5CF364F4D1D3359FBEA8BB2E72A1FCE1277E8D893977B751D9AC10A27DF018 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys 19:28:12.0523 0x2310 VMBusHID - ok 19:28:12.0532 0x2310 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll 19:28:12.0565 0x2310 vmicguestinterface - ok 19:28:12.0580 0x2310 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll 19:28:12.0596 0x2310 vmicheartbeat - ok 19:28:12.0604 0x2310 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll 19:28:12.0620 0x2310 vmickvpexchange - ok 19:28:12.0628 0x2310 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll 19:28:12.0645 0x2310 vmicrdv - ok 19:28:12.0653 0x2310 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll 19:28:12.0670 0x2310 vmicshutdown - ok 19:28:12.0678 0x2310 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll 19:28:12.0695 0x2310 vmictimesync - ok 19:28:12.0703 0x2310 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicvmsession C:\WINDOWS\System32\ICSvc.dll 19:28:12.0719 0x2310 vmicvmsession - ok 19:28:12.0727 0x2310 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicvss C:\WINDOWS\System32\ICSvc.dll 19:28:12.0743 0x2310 vmicvss - ok 19:28:12.0746 0x2310 [ 91F165C5D71D9DCB18D4661CF10D1084, 1D55C1FF0F5D860E6DB60EEFE303C0797C98BB0B053ECC255F9B316872288818 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys 19:28:12.0753 0x2310 volmgr - ok 19:28:12.0760 0x2310 [ 17042748AC05862A0283D32575220080, A85B480CB969CB7678545D2A9EE99CBD2ADFF210FA016A43E092D0711FBB633D ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys 19:28:12.0771 0x2310 volmgrx - ok 19:28:12.0779 0x2310 [ 823A237D871CD652C6BFD47BECB6810A, 99310521451CB54C29A5DEA54C3A666F95E2A1FF0979D5F9792885A161E90C65 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys 19:28:12.0790 0x2310 volsnap - ok 19:28:12.0794 0x2310 [ 78727FA284C2095EED660D71CD3C9AEF, 323F0BD5A624DF77973F28C7CF31EC6B3A525496EBF063666623A62B1DB0EA65 ] vpci C:\WINDOWS\System32\drivers\vpci.sys 19:28:12.0801 0x2310 vpci - ok 19:28:12.0805 0x2310 [ 2415961D561E02F5E46B7C1C687A6788, 68A54B9595A0D15D410D5F1656B6EBE3B913A4BA5F71C658C9B99420E6ED327A ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys 19:28:12.0813 0x2310 vsmraid - ok 19:28:12.0834 0x2310 [ 16419CBDB04DB9FF298169AA93413822, 743AD26F08AF5EFF5DD353E75C3D659B10C3FEC2FEDABB76387B87721B5B98F8 ] VSS C:\WINDOWS\system32\vssvc.exe 19:28:12.0871 0x2310 VSS - ok 19:28:12.0878 0x2310 [ 6AE9A843AE979F2DCCA5A25C07C7A5F8, 3CEC26DE2EEC97929A0FBBD87FF75F8DC387C0988B2047074C8F069ACBEF2587 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys 19:28:12.0889 0x2310 VSTXRAID - ok 19:28:12.0891 0x2310 [ BD232C761C59FA8D8EF626CA630E2D2E, E494EFDCE8F6343F49F33F1F03DCD5DEC9CB6F349B1AD302B4D3333B5F6BD8E5 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys 19:28:12.0898 0x2310 vwifibus - ok 19:28:12.0902 0x2310 [ 3039687AB65CEE26CF478C1F42FFCD7D, 40E140C6F94B6203767A1493DF8CAE6BA1FB67FBD0C13789444F72410D0E6FF1 ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys 19:28:12.0911 0x2310 vwififlt - ok 19:28:12.0920 0x2310 [ EC9B6544C569E8D7FAB91772BD7D23F2, 06CC5F21E9A9DD35099CB3E44C3E2BF2F944CE5B71284E6A85E1B681F12BD31B ] W32Time C:\WINDOWS\system32\w32time.dll 19:28:12.0940 0x2310 W32Time - ok 19:28:12.0942 0x2310 [ FC40A7527D39F06D032A6553D22E4BF6, F572FCB5EB3DE16FD6222A5B6A43C81E3A1F838890667D9F0453F82FFCA772FF ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys 19:28:12.0950 0x2310 WacomPen - ok 19:28:12.0958 0x2310 [ 2CFE8CBE358CC4D5715E010E3B13559F, 54E9BFCE202FA123EB261C226094054950429AAFA304AA714F461B003E070BD9 ] WalletService C:\WINDOWS\system32\WalletService.dll 19:28:12.0975 0x2310 WalletService - ok 19:28:12.0978 0x2310 [ E9E22E116F810DAC98C5EC207F24C916, C518DC57CECA5174E7695F5632555FA08571D5F3A7D6B0C295BA4221AEA67C04 ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 19:28:12.0988 0x2310 wanarp - ok 19:28:12.0990 0x2310 [ E9E22E116F810DAC98C5EC207F24C916, C518DC57CECA5174E7695F5632555FA08571D5F3A7D6B0C295BA4221AEA67C04 ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys 19:28:12.0999 0x2310 wanarpv6 - ok 19:28:13.0024 0x2310 [ CF9EF65FA66B0F4982FD1FACAB3009B6, 681C1CD5DCAF87EF436B907534E98B0AB4F66BD62E46B8977A7880B854766A27 ] wbengine C:\WINDOWS\system32\wbengine.exe 19:28:13.0063 0x2310 wbengine - ok 19:28:13.0075 0x2310 [ 8F2B0ED6FCA72B34BEEA37E32D0EE106, A86C641A13FDF056B7BA13641551582199DDB08E9490003C74D999518B097C00 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll 19:28:13.0096 0x2310 WbioSrvc - ok 19:28:13.0106 0x2310 [ A40484AC27EE08DBE7F8DA5E1F6651ED, E3259694450C4F1DEC5E0EA5E23BF3A51F1819374DF47FECF70282AFD46114A1 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll 19:28:13.0127 0x2310 Wcmsvc - ok 19:28:13.0136 0x2310 [ 8E7FD07D2C82ACBCA52C4100C20F6542, FB2CD88557ABB5EBE6555CD4E41BF4BDC6FE6BCF26288338F2FB034B966FCBD3 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll 19:28:13.0153 0x2310 wcncsvc - ok 19:28:13.0155 0x2310 [ 9C776ED423CD03F8ABD54C2557E34416, 282C1208977070EC0280D5ABA0E03A847AEAEE31F35CDAA3C7A02D8477614EB1 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll 19:28:13.0163 0x2310 WcsPlugInService - ok 19:28:13.0166 0x2310 [ C8BA574B3BA6AE88741AC86B1FE3C1DC, B2422CDE3A6A27B52D270D24298FF69D91D389C68456EC1805BA30AA59BAB839 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys 19:28:13.0172 0x2310 WdBoot - ok 19:28:13.0187 0x2310 [ 927AD29D7F91B9A0C5294932374DA15E, ABB2722EF4153771D15683B5CE603D2B7D8A585357F64A3DC26114F37BE2906E ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys 19:28:13.0204 0x2310 Wdf01000 - ok 19:28:13.0212 0x2310 [ C5BB7C612B4C852836BEA39593BA5F46, 1E2B123F34500C2A8E983AAAF7F14E409B88DC396A655F19F3E7F15D0C51A762 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys 19:28:13.0222 0x2310 WdFilter - ok 19:28:13.0225 0x2310 [ 9E0442D3880438D006D95C6F63C27274, DB1ED2BCF9986495EFA8A0B3B0156119F2E4F77AE9BDC6377ADF3A6B53C658F6 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll 19:28:13.0237 0x2310 WdiServiceHost - ok 19:28:13.0240 0x2310 [ 9E0442D3880438D006D95C6F63C27274, DB1ED2BCF9986495EFA8A0B3B0156119F2E4F77AE9BDC6377ADF3A6B53C658F6 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll 19:28:13.0253 0x2310 WdiSystemHost - ok 19:28:13.0264 0x2310 [ 9B2039C5673EEBF1D4E34ABC0AFB88C7, BBC85546BD86B9027426DAF148194CFE992B80FF89311B28BE0BD82C88630E8C ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys 19:28:13.0285 0x2310 wdiwifi - ok 19:28:13.0289 0x2310 [ BD193A7BD34B2E829FAF56306FEE3B09, ADD746D198E21242CEFA01840952B792074EFC473113CD3E7F1ABBA6A4E26AF6 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys 19:28:13.0295 0x2310 WdNisDrv - ok 19:28:13.0297 0x2310 WdNisSvc - ok 19:28:13.0302 0x2310 [ 6A3B5013D5C7840E8CABD63DD021C112, 371CCEEAC7816CFE79ACA8A218CDA16469D9567CB63CC9D18C55FF047011EF25 ] WebClient C:\WINDOWS\System32\webclnt.dll 19:28:13.0316 0x2310 WebClient - ok 19:28:13.0322 0x2310 [ EED4043BC3C2D00067411730EE118354, 5E268DA4DB78C06D8F181E9408B4769F8A12C38DA52C1E986EE0CEE1101E9485 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll 19:28:13.0334 0x2310 Wecsvc - ok 19:28:13.0337 0x2310 [ 6ECD7A49AFC6533821BEEA1876CEB21D, 2E972245F56F589EF1AB9DABB9214B9DE6E290878735476323A3357D8CDFC71F ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll 19:28:13.0346 0x2310 WEPHOSTSVC - ok 19:28:13.0349 0x2310 [ 09B434867028AF4895A87959EA668686, 26A7DB82E42DCBF3A77092D58AC6392754FD7C538B9EAAEFA88E9AF81DFE8E96 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll 19:28:13.0363 0x2310 wercplsupport - ok 19:28:13.0367 0x2310 [ DE4E417B867841EE55114E588098B8D5, 878708C93FC1D919E2B9E1C5F94A0EAFC5F28BDAA58D3F29DEEDC8EC3F72D9ED ] WerSvc C:\WINDOWS\System32\WerSvc.dll 19:28:13.0380 0x2310 WerSvc - ok 19:28:13.0382 0x2310 wfpcapture - ok 19:28:13.0386 0x2310 [ DBF5255B759212E5217A2748567A0B5C, 5E81A9289EC39702179038B686A35FADF9974651E74222F3354B4CBE919887B0 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys 19:28:13.0394 0x2310 WFPLWFS - ok 19:28:13.0397 0x2310 [ 4CD8826BB8320741842A9E53E48AF2BC, 97B22D9DCD0FD31D3A801946173369B0E70B1850576682C8A8180874A61CAD1A ] WiaRpc C:\WINDOWS\System32\wiarpc.dll 19:28:13.0406 0x2310 WiaRpc - ok 19:28:13.0408 0x2310 [ 4375BCBA419D19695CF566082CEF27D3, 6F86FA14B41A03F2BA51B8702F3D59B85FD488405601FA177495E4B7C576850D ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys 19:28:13.0413 0x2310 WIMMount - ok 19:28:13.0414 0x2310 WinDefend - ok 19:28:13.0420 0x2310 [ 037BC6DE5F58D4A74A5BB0C12DCECDCA, 92921A2615A41C434BADEB33594DABC166FC9418FBD311A3B2022410B14BFDAC ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys 19:28:13.0428 0x2310 WindowsTrustedRT - ok 19:28:13.0429 0x2310 [ 70BCD70BD53F2FE660ED94B025A043EB, B23B96DCAB30C62CB1651B3A2292155AEE8217CE3120574F5158D5E7DA09DE56 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys 19:28:13.0435 0x2310 WindowsTrustedRTProxy - ok 19:28:13.0449 0x2310 [ 8921ECEC2C7D1B1333D77325C60D3AEA, 67C6B6A92B34D99165B5591D0730322C31E967E599BA44924249BF5AD505C132 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll 19:28:13.0472 0x2310 WinHttpAutoProxySvc - ok 19:28:13.0475 0x2310 [ 7792AE5403BF8975B6460DFC3428D129, D88F77E973D58C2CA629CC9249877A34ABF31CA1DC2A570666921A8A0DC8DEC7 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys 19:28:13.0482 0x2310 WinMad - ok 19:28:13.0488 0x2310 [ 73B5230F03DC7002A70F11EA1B0BAA37, DFE8BBE52B58589686E402ACED51021E298A491F907EBA5689DF9DAFC3002BA5 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 19:28:13.0499 0x2310 Winmgmt - ok 19:28:13.0534 0x2310 [ 2FE85D6AFF90F56A78743CC93B9CA684, B515765C4EE64E7EC16BD6AF037C084CCA6E81180AEF59E18F260406ABE6DF58 ] WinRM C:\WINDOWS\system32\WsmSvc.dll 19:28:13.0592 0x2310 WinRM - ok 19:28:13.0599 0x2310 [ 811F30EB6EE8318C4171CB95AE30B9BD, 765F6BEA3D35D523B5D7ED7356EC0C97A48066A5C4D77C1E6EDAC6F220153385 ] WINUSB C:\WINDOWS\System32\drivers\WinUsb.sys 19:28:13.0607 0x2310 WINUSB - ok 19:28:13.0609 0x2310 [ DF00381AB8665D48DE3FF794BC6760AB, 749AC7048601061A34BFF507B574AF028FC662C0A98692E7331E667D105EC09D ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys 19:28:13.0616 0x2310 WinVerbs - ok 19:28:13.0645 0x2310 [ 3C096082A9232B7CEE4653B9C9031769, CFD4C7D0874097ED70735FD99206F21C12749B7956C4B5D4287F160EC6A21DCC ] WlanSvc C:\WINDOWS\System32\wlansvc.dll 19:28:13.0696 0x2310 WlanSvc - ok 19:28:13.0726 0x2310 [ 0968D575D9108497A6DC37749D4A6C4F, 8BFEDBE642DA0FD8AC1E60180C192527F3D36E43089090A7BB6D8B27AB6E4F7F ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll 19:28:13.0774 0x2310 wlidsvc - ok 19:28:13.0778 0x2310 [ 623ED8E10DFEEAB7AE2CD11A0451DB79, 7DDE15F22FD24556D4765F6CFD0F8E2F27370A89A962919646DE2613B33D43D6 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys 19:28:13.0785 0x2310 WmiAcpi - ok 19:28:13.0791 0x2310 [ B2BB87531C4127ED4120E9BF5566827F, 1DDC0F00F215D77D3698F81B56D4488F384E9D017267840EDFA4846742B99B6A ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe 19:28:13.0801 0x2310 wmiApSrv - ok 19:28:13.0803 0x2310 WMPNetworkSvc - ok 19:28:13.0808 0x2310 [ 78CA1FF6FE37EEFAFF99DD1C956AF60A, 883C7890C83BAB3B846A0C969D7B67031BD2EF65FA58A0620DD0CD1655C5B2C5 ] Wof C:\WINDOWS\system32\drivers\Wof.sys 19:28:13.0817 0x2310 Wof - ok 19:28:13.0844 0x2310 [ C7503A49364DB2AF7A7DE177B233081F, 85DC6D8B5631E51FCF395A884F58571A96C8C55C38CA9ABEBD9C75BABAD21E38 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll 19:28:13.0887 0x2310 workfolderssvc - ok 19:28:13.0891 0x2310 [ 388F2A3C771B8BEE76FD1AAF9614D08E, C064EC6136CC20C4EE19C86E91CA071974933BB52C9EF8521DF4AFD060FED4A2 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys 19:28:13.0897 0x2310 wpcfltr - ok 19:28:13.0900 0x2310 [ A6FCFE1F691B4A4D266F5D487FADB9FE, 2135D0C13C1295A2F76885E380CD72CB71CEB8E0D9F1C183A35935B27737D423 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll 19:28:13.0909 0x2310 WPDBusEnum - ok 19:28:13.0912 0x2310 [ 37DCE976B3935380F2F6E39ABB6BF40D, B14E875F6D6503DF0DB6D9D2363316073AEEF394D830EA2270A0DCDA56E1CEC4 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys 19:28:13.0918 0x2310 WpdUpFltr - ok 19:28:13.0921 0x2310 [ 80F0154FD4293E562D54E97811E03499, EDE920F7F95EFBE542FE3CE066B6F7CDE3B9A37DDF3411DC86EACE9EEF294C1D ] WpnService C:\WINDOWS\system32\WpnService.dll 19:28:13.0928 0x2310 WpnService - ok 19:28:13.0931 0x2310 [ 3CD22DD5A790CF7C24D65455E565EA83, 49DB06DF6F38940E7F8691C16586A78BB20E702FD48A34E50987C06B08BDF4DB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys 19:28:13.0939 0x2310 ws2ifsl - ok 19:28:13.0944 0x2310 [ EBA916109A176714E6A7BD152387F13C, 7B38B1708B83271ADA8D1CEC7F5F0A75C7F2572185C0961EFC749D5DF16A03F0 ] wscsvc C:\WINDOWS\System32\wscsvc.dll 19:28:13.0956 0x2310 wscsvc - ok 19:28:13.0958 0x2310 [ E392DFAF6D0DEFC812ECC727A61F91C5, C28B6CC8AD034157CE92C7F098A9C12ADED2769E6AF954A9AAD10CC0E811DD2A ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys 19:28:13.0965 0x2310 WSDPrintDevice - ok 19:28:13.0968 0x2310 [ 0902C63D8C836EA4D0876FCD8D627701, 0173F83CF8DA9C6D40C64CE88BF1A40EB634008D3D48F74E4E3BBBB11F1CA8D1 ] WSDScan C:\WINDOWS\system32\DRIVERS\WSDScan.sys 19:28:13.0975 0x2310 WSDScan - ok 19:28:13.0976 0x2310 WSearch - ok 19:28:14.0022 0x2310 [ 9EB85802AB625970E05879D15DE56335, B7DCE5E1924A5CEE76CC07FF3B8CEDBBD0DDBB4C4ED0A3BFB8D1ABCAD7C0AA23 ] WSService C:\WINDOWS\System32\WSService.dll 19:28:14.0079 0x2310 WSService - ok 19:28:14.0111 0x2310 [ B70FF53144AC4B3C7D98BFB7D7C239BD, 996F6253F24C6D734B777988CDE03CD3A32FFBAD6D7A198F1C590B762CD8DC0E ] wuauserv C:\WINDOWS\system32\wuaueng.dll 19:28:14.0162 0x2310 wuauserv - ok 19:28:14.0167 0x2310 [ 835F60262E7E310080EA05F6752BF248, 3010B731DF3D52B56EA16FD29B66F5D3AB9412E49CA4C547BAAECA3225C5DC40 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys 19:28:14.0176 0x2310 WudfPf - ok 19:28:14.0181 0x2310 [ 4E848DE29E4279C7F25EF5B34ED94FDD, FD7B0673F4CFA6EB66D7212288223419BFFA02EBF1F1D85F155B5397C6FB21E9 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys 19:28:14.0193 0x2310 WUDFRd - ok 19:28:14.0197 0x2310 [ 44CF3130AEC8914705487C4AEF756A19, 30B09E32DEC02141F9B99ED012E441056C1663A72E4130EF4221ECC0ED87BF4B ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll 19:28:14.0207 0x2310 wudfsvc - ok 19:28:14.0212 0x2310 [ 4E848DE29E4279C7F25EF5B34ED94FDD, FD7B0673F4CFA6EB66D7212288223419BFFA02EBF1F1D85F155B5397C6FB21E9 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys 19:28:14.0223 0x2310 WUDFWpdFs - ok 19:28:14.0227 0x2310 [ 4E848DE29E4279C7F25EF5B34ED94FDD, FD7B0673F4CFA6EB66D7212288223419BFFA02EBF1F1D85F155B5397C6FB21E9 ] WUDFWpdMtp C:\WINDOWS\System32\drivers\WUDFRd.sys 19:28:14.0239 0x2310 WUDFWpdMtp - ok 19:28:14.0256 0x2310 [ D23F211E1AA0787EFEC373D172D4A1C2, 6CCAB272D121C9946B2CF6B19F50E09946F0187713D54BFBD371B5C017367204 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll 19:28:14.0286 0x2310 WwanSvc - ok 19:28:14.0301 0x2310 [ 9BDC2AFCEF4CF1C630D728DE1DBD495A, 5CE19974380CCEC46C181315B349E9A7CE757E19118EC5978A2293D63268BA66 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll 19:28:14.0327 0x2310 XblAuthManager - ok 19:28:14.0344 0x2310 [ 3EDB6162310EA223890C2DF44C68358B, 12053291809CA9C38A30EA4B2DE7115F535531F0925220C63B0312979F9CC707 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll 19:28:14.0374 0x2310 XblGameSave - ok 19:28:14.0379 0x2310 [ 30021D1E0407B71E8D5D4F8DAE4E656A, EE2E366A1CC033C068176C7E9F876FFA0EF86A15A482B6964E170DE863CFF542 ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys 19:28:14.0391 0x2310 xboxgip - ok 19:28:14.0407 0x2310 [ 729B70C81F207541BC6A4ABAE3A8D594, 31F9BC41169D28B397C0D988C367C32FA9A95289E68AB8F38061DA478752A765 ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll 19:28:14.0435 0x2310 XboxNetApiSvc - ok 19:28:14.0438 0x2310 [ 6851673B90D8CB332439E0339F81A6B6, 4E95F1A63E6DD58BB5BD6FC1D9784837D5E6F5BCF870C7ECC92DCA1AF20B6A4C ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys 19:28:14.0444 0x2310 xinputhid - ok 19:28:14.0448 0x2310 [ 1E80EDF59994925D6AF76D87564588E1, 40D02073F3A17B6C10F496341598D39F55CE70AD626BADE1BBD2021AB1A018F9 ] xusb22 C:\WINDOWS\System32\drivers\xusb22.sys 19:28:14.0458 0x2310 xusb22 - ok 19:28:14.0458 0x2310 ================ Scan global =============================== 19:28:14.0463 0x2310 [ C6BC6E49A7F76AA2BBA58CD08196755F, D02B6B285899E966D19323566A4780D51303D00E66674D7FF4B61991430A69A6 ] C:\WINDOWS\system32\basesrv.dll 19:28:14.0472 0x2310 [ 70EC9717DC3A1CDF79C703A145E0E5B7, D5ABF42063DFF799FD4099D8A347256CC79B89582B987B3DEE240AFA5BA421BE ] C:\WINDOWS\system32\winsrv.dll 19:28:14.0481 0x2310 [ F435AFA375ACBAEE44324DD464EDCC11, 815DE470439AE5D96348BEBF971A14FBDCA1D36F31CA0D25F69E5F41817D43D5 ] C:\WINDOWS\system32\sxssrv.dll 19:28:14.0492 0x2310 [ BB3D8E1C108F7244613FF3993291A922, 1642AF23F200D46F54239C3BA743F1D5ADDC6A32D5F6481264D0C1D7F3E9D533 ] C:\WINDOWS\system32\services.exe 19:28:14.0498 0x2310 [ Global ] - ok 19:28:14.0499 0x2310 ================ Scan MBR ================================= 19:28:14.0536 0x2310 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0 19:28:14.0609 0x2310 \Device\Harddisk0\DR0 - ok 19:28:14.0610 0x2310 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1 19:28:14.0667 0x2310 \Device\Harddisk1\DR1 - ok 19:28:15.0214 0x2310 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk2\DR2 19:28:15.0287 0x2310 \Device\Harddisk2\DR2 - ok 19:28:15.0287 0x2310 ================ Scan VBR ================================== 19:28:15.0288 0x2310 [ B31538E4AB09CF2966DBCA78C7BA39F5 ] \Device\Harddisk0\DR0\Partition1 19:28:15.0369 0x2310 \Device\Harddisk0\DR0\Partition1 - ok 19:28:15.0371 0x2310 [ 0CD744ED9B81971041EC30A9F4FD7191 ] \Device\Harddisk1\DR1\Partition1 19:28:15.0372 0x2310 \Device\Harddisk1\DR1\Partition1 - ok 19:28:15.0373 0x2310 [ 0389FFBB8CED55EEFF5C2633A538B520 ] \Device\Harddisk1\DR1\Partition2 19:28:15.0374 0x2310 \Device\Harddisk1\DR1\Partition2 - ok 19:28:15.0375 0x2310 [ 7E58A817E129058B9660CF231CB12AB2 ] \Device\Harddisk2\DR2\Partition1 19:28:15.0460 0x2310 \Device\Harddisk2\DR2\Partition1 - ok 19:28:15.0461 0x2310 ================ Scan generic autorun ====================== 19:28:15.0595 0x2310 [ 22EBD5AE3B3220D713E544D1D3AB3FEE, 9EF058B096DAA5C6242FBEB3DF509108180B1EB1EA252E63C437CF6C1B743BE0 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe 19:28:15.0720 0x2310 RTHDVCPL - ok 19:28:15.0760 0x2310 [ 463C40BFC0FB8FF59049E2CA78695A40, 8D693A061A19E47CCADEEC844D4ACF59B5CD3CE97452018807884D2ACBEDA7FF ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe 19:28:15.0801 0x2310 NvBackend - ok 19:28:15.0806 0x2310 [ 5DED2A3F11AE916C8F2724947E736261, 35402466FE6D02CC85A27171F55D9F7FD0AAF018D3CC410E46F0B43DCE7EA080 ] C:\WINDOWS\system32\rundll32.exe 19:28:15.0819 0x2310 ShadowPlay - ok 19:28:15.0827 0x2310 [ 7486DEF5CC9334F58871D6D18B73C562, 68079CAEE80FB4A375EF04B6D3335FDE3A223C295D66821D13FFEF0FFD6B80C3 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe 19:28:15.0838 0x2310 AdobeAAMUpdater-1.0 - ok 19:28:15.0842 0x2310 [ 838258B7655F2309F7BE63F844AF51BB, 50E5831663E8BD4627C9D532AB4B0D451D668CFC519163E5D75952BA9BD6EE12 ] C:\Program Files\iTunes\iTunesHelper.exe 19:28:15.0847 0x2310 iTunesHelper - ok 19:28:15.0878 0x2310 [ 051B5C9492CBAF8AF8BF800A27BE0529, 27674C88CBDE020FD385C4BE81E51D67A5A1824AC6E2F85E0BB13BD6D31815AC ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe 19:28:15.0914 0x2310 Adobe Creative Cloud - ok 19:28:15.0920 0x2310 [ 49B12C13247C277EAD4C5C18D03A3636, B28A3EE22232D6E22B76EA64D75005700D5C07EA47E4C39C7913995136214D73 ] C:\Program Files (x86)\PDF24\pdf24.exe 19:28:15.0928 0x2310 PDFPrint - ok 19:28:15.0996 0x2310 [ A04D2F4D72154CBA6AE0CAF11EDE79E7, 17EF1DC93E45CB564B25155BD6A84E91ED99CF6078FB900BA7070660D107592C ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe 19:28:16.0079 0x2310 LogMeIn Hamachi Ui - ok 19:28:16.0084 0x2310 [ A8E69DA21AEEB9DAA55D90E87AC1A549, 175AF750A1DF53555D0CB6C61312CEE37E2CB182873041A8AE38C57EA01DC2F5 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe 19:28:16.0090 0x2310 Avira SystrayStartTrigger - ok 19:28:16.0105 0x2310 [ C1A86A6D6847DEFF009EAE85BA0C1F20, 7DC2A823FA281117B335B74876469C788A5C81534251179BE86F3FB35F1B6D67 ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe 19:28:16.0119 0x2310 avgnt - ok 19:28:16.0244 0x2310 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe 19:28:16.0360 0x2310 OneDriveSetup - ok 19:28:16.0481 0x2310 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe 19:28:16.0583 0x2310 OneDriveSetup - ok 19:28:16.0598 0x2310 [ 9F2ECA252720B25E8FEC1CAB2984B98D, 476EE2929901CD43F15869B763376393AA0942A3B934532055E037C6DCE3CD2D ] C:\Users\Tower\AppData\Local\Microsoft\OneDrive\OneDrive.exe 19:28:16.0611 0x2310 OneDrive - ok 19:28:16.0618 0x2310 [ 6659BE85DD83E17C664C042B3D03C60C, 556DC8369D4D5FD99C2C3FB50116A0A515C8BFEDA5C2F53793848A377930C68D ] C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe 19:28:16.0626 0x2310 cloudmusic - ok 19:28:16.0673 0x2310 [ A6C14453331A9574422A60A74705473A, CDA6BA72A6272471A8FFC8BCC704A14C967E59A6EF94EE09C7916EE40CE1E6BA ] C:\Program Files (x86)\Origin\Origin.exe 19:28:16.0728 0x2310 EADM - ok 19:28:16.0771 0x2310 [ 006A09387926B45CD228BCAE56F7653B, 4D1B1143DD5056DC11D07462318C1CE4378C7077412ABF85717BDA6D872BBEF5 ] C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe 19:28:16.0820 0x2310 DAEMON Tools Pro Agent - ok 19:28:16.0877 0x2310 [ 3D5D4137594D2EBA8868EAD504B89366, D5FEB5B8303B083A79A4617E59B2FB34FAD71BE72F3F8DD6E4B69B3D03FE658A ] C:\Program Files\DAEMON Tools Lite\DTAgent.exe 19:28:16.0944 0x2310 DAEMON Tools Lite Automount - ok 19:28:16.0947 0x2310 Waiting for KSN requests completion. In queue: 210 19:28:17.0948 0x2310 Waiting for KSN requests completion. In queue: 210 19:28:18.0948 0x2310 Waiting for KSN requests completion. In queue: 210 19:28:19.0280 0x1460 Object required for P2P: [ 7EBD20284AC9BF9F0A020B86769BB074 ] Tcpip 19:28:19.0949 0x2310 Waiting for KSN requests completion. In queue: 153 19:28:20.0949 0x2310 Waiting for KSN requests completion. In queue: 153 19:28:21.0729 0x1460 Object send P2P result: true 19:28:21.0730 0x1460 Object required for P2P: [ 7EBD20284AC9BF9F0A020B86769BB074 ] Tcpip6 19:28:21.0949 0x2310 Waiting for KSN requests completion. In queue: 152 19:28:22.0949 0x2310 Waiting for KSN requests completion. In queue: 152 19:28:23.0950 0x2310 Waiting for KSN requests completion. In queue: 152 19:28:24.0153 0x1460 Object send P2P result: true 19:28:24.0177 0x1460 Object required for P2P: [ 0968D575D9108497A6DC37749D4A6C4F ] wlidsvc 19:28:24.0950 0x2310 Waiting for KSN requests completion. In queue: 44 19:28:25.0951 0x2310 Waiting for KSN requests completion. In queue: 44 19:28:26.0589 0x1460 Object send P2P result: true 19:28:26.0978 0x2310 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.13.202 ), 0x41000 ( enabled : updated ) 19:28:26.0981 0x2310 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.10240.16384 ), 0x60100 ( disabled : updated ) 19:28:26.0994 0x2310 Win FW state via NFP2: enabled ( trusted ) 19:28:29.0361 0x2310 ============================================================ 19:28:29.0361 0x2310 Scan finished 19:28:29.0361 0x2310 ============================================================ 19:28:29.0387 0x2308 Detected object count: 0 19:28:29.0387 0x2308 Actual detected object count: 0 |
03.11.2015, 09:24 | #6 | |
/// TB-Ausbilder | Virusname: "searchinterneat-a.akamaihd". Öffnet selbstständig Browser-Fenster Servus, Zukünftig bitte beachten: Zitat:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind. Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen. Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter. Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte Malwarebytes Anti-Malware
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 4 Bitte deaktiviere dein Anti-Viren-Programm, da es das Ergebnis beeinflussen oder ggf. die Bereinigung stören kann. Bitte lade dir zoek.exe von hier: http://hijackthis.nl/smeenk/ und speichere die Datei auf deinem Desktop.
Schritt 5
Bitte poste mit deiner nächsten Antwort
|
04.11.2015, 14:48 | #7 |
| Virusname: "searchinterneat-a.akamaihd". Öffnet selbstständig Browser-Fenster AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v5.017 - Bericht erstellt am 04/11/2015 um 14:09:51 # Aktualisiert am 03/11/2015 von Xplode # Datenbank : 2015-11-03.2 [Server] # Betriebssystem : Windows 10 Home (x64) # Benutzername : Tower - TOWER-PC # Gestartet von : C:\Users\Tower\Desktop\AdwCleaner_5.017.exe # Option : Löschen # Unterstützung : hxxp://toolslib.net/forum ***** [ Dienste ] ***** ***** [ Ordner ] ***** [-] Ordner Gelöscht : C:\Program Files (x86)\myfree codec ***** [ Dateien ] ***** [-] Datei Gelöscht : C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default\user.js ***** [ DLLs ] ***** ***** [ Verknüpfungen ] ***** ***** [ Geplante Tasks ] ***** ***** [ Registrierungsdatenbank ] ***** [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE} [-] Schlüssel Gelöscht : HKCU\Software\distromatic [-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] [-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] [-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] [-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] [-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] [-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] [-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] [-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] [-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] [-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] [-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] [-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] ***** [ Internetbrowser ] ***** [-] [C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : searchinterneat-a.akamaihd.net ************************* :: Proxy Einstellungen zurückgesetzt :: Winsock Einstellungen zurückgesetzt :: Chrome Richtlinien gelöscht ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3018 Bytes] ########## [/CODE] Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 04.11.2015 Suchlaufzeit: 14:16 Protokolldatei: Malware bytes2.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2015.11.04.03 Rootkit-Datenbank: v2015.10.28.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Tower Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 381796 Abgelaufene Zeit: 4 Min., 34 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 7.6.4 (09.28.2015:1) OS: Windows 10 Home x64 Ran by Tower on 04.11.2015 at 14:25:03,24 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Tasks ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders Successfully deleted: [Folder] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\results hub Successfully deleted: [Folder] C:\ProgramData\results hub ~~~ Chrome [C:\Users\Tower\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset [C:\Users\Tower\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted: icpgjfneehieebagbmdbhnlpiopdcmna [C:\Users\Tower\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset [C:\Users\Tower\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted: [ icpgjfneehieebagbmdbhnlpiopdcmna ] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 04.11.2015 at 14:26:26,32 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Code:
ATTFilter Zoek.exe v5.0.0.1 Updated 03-November-2015 Tool run by Tower on 04.11.2015 at 14:29:07,02. Microsoft Windows 10 Home 10.0.10240 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Tower\Desktop\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 04.11.2015 14:29:32 Zoek.exe System Restore Point Created Successfully. ==== Reset Hosts File ====================== # Copyright (c) 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host 127.0.0.1 localhost ==== FireFox Fix ====================== Deleted from C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default\prefs.js: user_pref("browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser//h?eq=U0EeCFZVBB8SRggSJAkKV11EEhgbJAwOTA1BFwQOIlsPAxRDFgcWIwEMU19AEFQFIk0FA18DB0VXfV9eFElXTwhxJUpNDU0CaUBB"); user_pref("browser.search.defaultenginename", "Default"); user_pref("browser.search.selectedEngine", "Default"); Added to C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default\prefs.js: user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ==== Firefox Extensions ====================== ProfilePath: C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default - Segurana do navegador Avira - %ProfilePath%\extensions\abs@avira.com - Avira SafeSearch Plus - %ProfilePath%\extensions\safesearchplus@avira.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default CA6755C23F8E96E1A237FFB6E1D08B76 - C:\Users\Tower\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="hxxp://www.google.com" "Search Page"="hxxp://www.google.com" "Default_Search_URL"="hxxp://www.google.com" "Default_Page_URL"="hxxp://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="hxxp://www.google.com" "Default_Search_URL"="hxxp://www.google.com" "Search Page"="hxxp://www.google.com" "Start Page"="hxxp://www.google.com" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Page_URL"="hxxp://www.google.com" "Default_Search_URL"="hxxp://www.google.com" "Search Page"="hxxp://www.google.com" "Start Page"="hxxp://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896" "Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157" "Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Reset Google Chrome ====================== C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences was reset successfully C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data will be reset at reboot C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data-journal will be reset at reboot ==== shortcuts on Users Desktops ====================== C:\Users\Tower\Desktop\DUC (2).lnk - C:\Program Files (x86)\No-IP\DUC40.exe C:\Users\Tower\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Tower\Desktop\HearthstoneTracker.lnk - C:\Program Files (x86)\HearthstoneTracker\HearthCap.exe C:\Users\Tower\Desktop\Open Broadcaster Software.lnk - C:\Program Files (x86)\OBS\OBS.exe C:\Users\Tower\Desktop\RocketLeague - Shortcut.lnk - C:\Users\Tower\Downloads\lib\[www.mpc-g.com]RcktLg105\Binaries\Win32\RocketLeague.exe C:\Users\Tower\Desktop\Uplay.lnk - D:\Program Files (x86)\Ubisoft Game Launcher\Uplay.exe C:\Users\Tower\Desktop\µTorrent.lnk - ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Avira Launcher.lnk - C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe /showMiniGui C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Multiplayer.lnk - C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Singleplayer.lnk - C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3sp.exe C:\Users\Public\Desktop\DAEMON Tools Lite.lnk - C:\Program Files\DAEMON Tools Lite\DTLauncher.exe C:\Users\Public\Desktop\FIFA 16.lnk - C:\BF4\FIFA 16\fifa16.exe C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe C:\Users\Public\Desktop\LogMeIn Hamachi.lnk - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk - C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe C:\Users\Public\Desktop\Minecraft.lnk - D:\Games\Minecraft\MinecraftLauncher.exe C:\Users\Public\Desktop\PDF Bearbeiten.lnk - C:\Program Files (x86)\PDFBearbeiten\splash.exe C:\Users\Public\Desktop\Titanfall.lnk - D:\Games\Titanfall\Titanfall.exe C:\Users\Public\Desktop\Total War - SHOGUN 2.lnk - D:\Program Files (x86)\Total War - SHOGUN 2\Shogun2.exe C:\Users\Public\Desktop\Winamp.lnk - C:\Program Files (x86)\Winamp\winamp.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\MinGW Installation Manager.lnk - C:\MinGW\libexec\mingw-get\guimain.exe C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk - C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Battle.lnk - D:\Programme\Battle.net\Battle.net.exe C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView 64.lnk - C:\Program Files (x86)\IrfanView\i_view64.exe C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk - C:\Users\Tower\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Origin.lnk - D:\Origin\Origin.exe C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam.lnk - D:\Programme\Steam\Steam.exe C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uplay.lnk - D:\Ubisoft Game Launcher\Uplay.exe C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks\CB Share Config.lnk - C:\Program Files (x86)\CodeBlocks\cb_share_config.exe C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks\Code Snippets.lnk - C:\Program Files (x86)\CodeBlocks\codesnippets.exe C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks\CodeBlocks.lnk - C:\Program Files (x86)\CodeBlocks\codeblocks.exe C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks\Uninstall CodeBlocks.lnk - C:\Program Files (x86)\CodeBlocks\uninstall.exe C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthstoneTracker\HearthstoneTracker.lnk - C:\Program Files (x86)\HearthstoneTracker\HearthCap.exe C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthstoneTracker\Uninstall.lnk - C:\Program Files (x86)\HearthstoneTracker\uninstall.exe C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MusicBee\MusicBee.lnk - D:\MusicBee\MusicBee.exe C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MusicBee\Uninstall MusicBee.lnk - D:\MusicBee\Uninstall.exe C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC\DUC.lnk - C:\Program Files (x86)\No-IP\DUC40.exe C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC\License.lnk - C:\Program Files (x86)\No-IP\License.txt C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC\Uninstall.lnk - C:\Program Files (x86)\No-IP\Uninstall.exe C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software\Open Broadcaster Software (32bit).lnk - C:\Program Files (x86)\OBS\OBS.exe C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software\Open Broadcaster Software (64bit).lnk - C:\Program Files\OBS\OBS.exe C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software\Uninstall.lnk - C:\Program Files (x86)\OBS\uninstall.exe C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk - D:\Programme\Steam\Steam.exe C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uninstall.lnk - D:\Program Files (x86)\Ubisoft Game Launcher\Uninstall.exe C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uplay.lnk - D:\Program Files (x86)\Ubisoft Game Launcher\Uplay.exe C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk - C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk - C:\Program Files (x86)\WinRAR\WhatsNew.txt C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.lnk - C:\Program Files\Adobe\Adobe Photoshop CC 2015\Photoshop.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk - C:\WINDOWS\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk - C:\Program Files\GIMP 2\bin\gimp-2.8.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\?????.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision\Call of Duty(R) 4 - Modern Warfare(TM)\Call of Duty(R) 4 - Modern Warfare(TM) Multiplayer.lnk - C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision\Call of Duty(R) 4 - Modern Warfare(TM)\Call of Duty(R) 4 - Modern Warfare(TM) Singleplayer.lnk - C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3sp.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision\Call of Duty(R) 4 - Modern Warfare(TM)\Uninstall Call of Duty(R) 4 - Modern Warfare(TM).lnk - C:\Program Files (x86)\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\uninstall.exe -runfromtemp -l0x0409 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision\Call of Duty(R) 4 - Modern Warfare(TM)\Documentation\Call of Duty(R) 4 - Modern Warfare(TM) Manual.lnk - C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\Docs\manual.pdf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision\Call of Duty(R) 4 - Modern Warfare(TM)\Documentation\Customer Support.lnk - C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\Docs\Help\customer_support.htm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision\Call of Duty(R) 4 - Modern Warfare(TM)\Documentation\Readme.lnk - C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\Docs\Help\readme.htm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision\Call of Duty(R) 4 - Modern Warfare(TM)\Documentation\Technical Help.lnk - C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\Docs\help.htm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Launcher.lnk - C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe /showMiniGui C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Antivirus\Avira Antivirus Hilfe.lnk - C:\Program Files (x86)\Avira\Antivirus\208\avwin.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Antivirus\Avira Antivirus starten.lnk - C:\Program Files (x86)\Avira\Antivirus\avcenter.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Antivirus\Avira im Internet.lnk - C:\Program Files (x86)\Avira\Antivirus\weblink.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4\Battlefield 4 Endbenutzer-Lizenzvertrag.lnk - C:\BF4\Battlefield 4\Support\eula\de_DE_eula.rtf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4\Battlefield 4(64 bit).lnk - C:\BF4\Battlefield 4\BF4WebHelper.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4\Battlefield 4.lnk - C:\BF4\Battlefield 4\BF4X86WebHelper.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4\Kundendienst.lnk - C:\BF4\Battlefield 4\Support\EA Help\Kundendienst.rtf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine 6.4 (32-bit).lnk - C:\Program Files (x86)\Cheat Engine 6.4\cheatengine-i386.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine 6.4 (64-bit).lnk - C:\Program Files (x86)\Cheat Engine 6.4\cheatengine-x86_64.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine 6.4.lnk - C:\Program Files (x86)\Cheat Engine 6.4\Cheat Engine.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine help.lnk - C:\Program Files (x86)\Cheat Engine 6.4\CheatEngine.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine tutorial.lnk - C:\Program Files (x86)\Cheat Engine 6.4\Tutorial-i386.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\main.lua.lnk - C:\WINDOWS\system32\notepad.exe C:\Program Files (x86)\Cheat Engine 6.4\main.lua C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Reset settings.lnk - C:\Program Files (x86)\Cheat Engine 6.4\ceregreset.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Uninstall Cheat Engine.lnk - C:\Program Files (x86)\Cheat Engine 6.4\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Kernel stuff\Unload kernel module.lnk - C:\Program Files (x86)\Cheat Engine 6.4\Kernelmoduleunloader.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks\CodeBlocks.lnk - C:\Program Files (x86)\CodeBlocks\codeblocks.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\DAEMON Tools Lite.lnk - C:\Program Files\DAEMON Tools Lite\DTLauncher.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro\DAEMON Tools Pro.lnk - C:\Program Files (x86)\DAEMON Tools Pro\DTPro.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro\Image Editor.lnk - C:\Program Files (x86)\DAEMON Tools Pro\DTImgEditor.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 16\FIFA 16 Endbenutzer-Lizenzvertrag.lnk - C:\BF4\FIFA 16\Support\eula\de_DE_eula.rtf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 16\FIFA 16.lnk - C:\BF4\FIFA 16\fifa16.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 16\Kundendienst.lnk - C:\BF4\FIFA 16\Support\EA Help\Kundendienst.rtf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 16\Readme.lnk - C:\BF4\FIFA 16\Support\readme\readme.de.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\Über iTunes.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab about C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab update C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\LogMeIn Hamachi.lnk - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\Uninstall.lnk - C:\WINDOWS\SysWOW64\msiexec.exe /i {38DAAEA7-903D-4FBF-A5D3-F7EB8F83782A} REMOVE=ALL C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \Malwarebytes Anti-Malware entfernen.lnk - C:\Program Files (x86)\ Malwarebytes Anti-Malware \unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \Malwarebytes Anti-Malware Notifications.lnk - C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware .lnk - C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\ Malwarebytes Anti-Malware \Chameleon\Windows\chameleon.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\accicons.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\xlicons.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Designer 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\inficon.exe /design C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Filler 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\inficon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Lync 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\lyncicon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\joticon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\outicon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\pptico.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\pubs.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Send to OneNote 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\joticon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\SkyDrive Pro 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\grv_icons.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\wordicon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Database Compare 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\dbcicons.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Lync Recording Manager.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\lyncicon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Office 2013 Language Preferences.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\misc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Office 2013 Upload Center.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\msouc.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Spreadsheet Compare 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\sscicons.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Telemetry Dashboard for Office 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\osmadminicon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Telemetry Log for Office 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\osmclienticon.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft.lnk - D:\Games\Minecraft\MinecraftLauncher.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++\Notepad++.lnk - C:\Program Files (x86)\Notepad++\notepad++.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\LaunchGFExperience.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe /show C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin Fehlermelder.lnk - C:\Program Files (x86)\Origin\OriginER.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin.lnk - C:\Program Files (x86)\Origin\Origin.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24\PDF24 Creator.lnk - C:\Program Files (x86)\PDF24\pdf24-Creator.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24\PDF24 Fax.lnk - C:\Program Files (x86)\PDF24\pdf24-Fax.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFBearbeiten\PDF Bearbeiten entfernen.lnk - C:\Program Files (x86)\PDFBearbeiten\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFBearbeiten\PDF Bearbeiten.lnk - C:\Program Files (x86)\PDFBearbeiten\splash.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Smart Switch PC\Smart Switch.lnk - C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPC.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Smart Switch PC\Uninstall Smart Switch.lnk - C:\Program Files (x86)\InstallShield Installation Information\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}\setup.exe /removeonly C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung PC Studio 3\Multimedia Manager.lnk - C:\Program Files (x86)\Samsung\Samsung PC Studio 3\Launcher.exe -MManager C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung PC Studio 3\Multimedia Player.lnk - C:\Program Files (x86)\Samsung\Samsung PC Studio 3\Multimedia player.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung PC Studio 3\Samsung PC Studio 3.lnk - C:\Program Files (x86)\Samsung\Samsung PC Studio 3\Launcher.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung PC Studio 3\Uninstall Samsung PC Studio 3.lnk - C:\Program Files (x86)\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe /L000407 /removeonly Uninstall C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA\Total War - SHOGUN 2\Total War - SHOGUN 2 entfernen.lnk - D:\Program Files (x86)\Total War - SHOGUN 2\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA\Total War - SHOGUN 2\Total War - SHOGUN 2.lnk - D:\Program Files (x86)\Total War - SHOGUN 2\Shogun2.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Vegas Pro 13.0\Vegas Pro 13.0 (64-bit).lnk - C:\Program Files (x86)\Sony\Vegas Pro 13.0\vegas130.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Vegas Pro 13.0\Vegas Pro 13.0 Liesmich.lnk - C:\Program Files (x86)\Sony\Vegas Pro 13.0\Readme\Vegas_readme_deu.htm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\TeamSpeak 3 Client.lnk - C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\Uninstall.lnk - C:\Program Files (x86)\TeamSpeak 3 Client\Uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Titanfall\Kundendienst.lnk - D:\Games\Titanfall\Support\EA Help\Kundendienst.rtf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Titanfall\Titanfall Endbenutzer-Lizenzvertrag.lnk - D:\Games\Titanfall\Support\eula\de_DE_eula.rtf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Titanfall\Titanfall.lnk - D:\Games\Titanfall\Titanfall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Was ist neu.lnk - C:\Program Files (x86)\Winamp\whatsnew.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Winamp (Abgesicherter Modus).lnk - C:\Program Files (x86)\Winamp\winamp.exe /SAFE=1 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Winamp deinstallieren.lnk - C:\Program Files (x86)\Winamp\uninstwa.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Winamp.lnk - C:\Program Files (x86)\Winamp\winamp.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk - C:\Program Files (x86)\WinRAR\WhatsNew.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\?????\???????.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\?????\?????.lnk - ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\CodeBlocks.lnk - C:\Program Files (x86)\CodeBlocks\codeblocks.exe C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PDF Bearbeiten.lnk - C:\Program Files (x86)\PDFBearbeiten\splash.exe C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung PC Studio 3.lnk - C:\Program Files (x86)\Samsung\Samsung PC Studio 3\Launcher.exe C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Smart Switch.lnk - C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPC.exe C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk - C:\Program Files (x86)\Winamp\winamp.exe C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk - C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Smart Switch.lnk - C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPC.exe C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\GeForce Experience.lnk - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\LaunchGFExperience.exe C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Open Broadcaster Software.lnk - C:\Program Files (x86)\OBS\OBS.exe ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyEnable"=dword:00000000 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== C:\zoek_backup content ====================== C:\zoek_backup (files=0 folders=0 0 bytes) ==== After Reboot ====================== ==== Deleting Files / Folders ====================== "C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data" not found "C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data-journal" not found ==== EOF on 04.11.2015 at 14:31:12,20 ====================== FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-10-2015 durchgeführt von Tower (Administrator) auf TOWER-PC (04-11-2015 14:32:25) Gestartet von C:\Users\Tower\Desktop Geladene Profile: Tower (Verfügbare Profile: Tower) Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe () C:\Windows\System32\PnkBstrA.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Intel(R) Corporation) C:\Program Files\Intel\NCS2\WMIProv\ncs2prov.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) C:\Users\Tower\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (NetEase) C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe (NetEase) C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe (NetEase) C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe (Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-07-22] (Adobe Systems Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2303152 2015-07-23] (Adobe Systems Incorporated) HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [218656 2015-09-01] (Geek Software GmbH) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-10-26] (LogMeIn Inc.) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782520 2015-10-05] (Avira Operations GmbH & Co. KG) HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\Run: [cloudmusic] => C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe [356720 2015-08-20] (NetEase) HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3638256 2015-10-27] (Electronic Arts) HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3129560 2014-02-24] (Disc Soft Ltd) HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd) HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\MountPoints2: {b3db381f-6cef-11e5-8288-1c872c435803} - "H:\setup.exe" ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] () ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\..\Interfaces\{248c2f9a-a959-44e0-89c4-fb5feece3233}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.asus.com/ SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-10-10] (Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-10-10] (Oracle Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default FF NewTab: about:newtab FF Homepage: about:home FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-10-10] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-10-10] (Oracle Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-07-23] (Adobe Systems) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] () FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-25] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-25] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-07-23] (Adobe Systems) FF Plugin HKU\S-1-5-21-2297507985-1758812650-2133870427-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tower\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation) FF Extension: Avira Browser Safety - C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default\Extensions\abs@avira.com [2015-11-02] [ist nicht signiert] FF Extension: Avira SafeSearch Plus - C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default\Extensions\safesearchplus@avira.com [2015-11-02] [ist nicht signiert] Chrome: ======= CHR DefaultSearchURL: Profile 1 -> hxxps://safesearch.avira.com/#web/result?source=omnibar&q={searchTerms} CHR DefaultSearchKeyword: Profile 1 -> Avira CHR DefaultSuggestURL: Profile 1 -> hxxps://safesearch.avira.com/suggestions?q={searchTerms}&li=ff&hl=en CHR Profile: C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Default CHR Profile: C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1 CHR Extension: (Avira Browser Safety) - C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-11-04] CHR Extension: (Avira SafeSearch) - C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjilmcjipkeokomeekfnhkpbnhmgaje [2015-11-04] CHR Extension: (Chrome Web Store Payments) - C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-04] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [680112 2015-07-22] (Adobe Systems Incorporated) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [932912 2015-10-05] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-10-05] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-10-05] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1147720 2015-10-05] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] () R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [243968 2015-10-14] (Avira Operations GmbH & Co. KG) S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Datei ist nicht signiert] R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-10-26] (LogMeIn, Inc.) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2099208 2015-10-27] (Electronic Arts) R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2015-08-29] () R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2015-08-29] () R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] () R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-10-05] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-10-05] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-10-05] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-10-05] (Avira Operations GmbH & Co. KG) R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-10-07] (Disc Soft Ltd) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2015-08-25] (Disc Soft Ltd) R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation) S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] () S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-04 14:31 - 2015-11-04 14:31 - 00032719 _____ C:\Users\Tower\Desktop\zoek-results.txt 2015-11-04 14:31 - 2015-11-04 14:31 - 00016148 _____ C:\WINDOWS\system32\TOWER-PC_Tower_HistoryPrediction.bin 2015-11-04 14:30 - 2015-11-04 14:29 - 00024064 _____ C:\WINDOWS\zoek-delete.exe 2015-11-04 14:29 - 2015-11-04 14:31 - 00032719 _____ C:\zoek-results.log 2015-11-04 14:29 - 2015-11-04 14:29 - 00000000 ____D C:\zoek_backup 2015-11-04 14:28 - 2015-11-04 14:29 - 01309184 _____ C:\Users\Tower\Desktop\zoek.exe 2015-11-04 14:27 - 2015-11-04 14:27 - 00001286 _____ C:\Users\Tower\Desktop\JRT2.txt 2015-11-04 14:26 - 2015-11-04 14:26 - 00001286 _____ C:\Users\Tower\Desktop\JRT.txt 2015-11-04 14:23 - 2015-11-04 14:23 - 01798976 _____ (Malwarebytes) C:\Users\Tower\Desktop\JRT.exe 2015-11-04 14:21 - 2015-11-04 14:21 - 00001205 _____ C:\Users\Tower\Desktop\Malware bytes2.txt 2015-11-04 14:15 - 2015-11-04 14:15 - 22908888 _____ (Malwarebytes ) C:\Users\Tower\Downloads\mbam-setup-2.2.0.1024.exe 2015-11-04 14:15 - 2015-11-04 14:15 - 00003121 _____ C:\Users\Tower\Desktop\AdwCleaner[C1].txt 2015-11-04 14:09 - 2015-11-04 14:09 - 00000000 ____D C:\AdwCleaner 2015-11-04 14:07 - 2015-11-04 14:07 - 01708032 _____ C:\Users\Tower\Desktop\AdwCleaner_5.017.exe 2015-11-02 19:26 - 2015-11-02 19:27 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Tower\Desktop\tdsskiller.exe 2015-11-02 19:20 - 2015-11-04 14:32 - 00019461 _____ C:\Users\Tower\Desktop\FRST.txt 2015-11-02 19:20 - 2015-11-02 19:20 - 00058113 _____ C:\Users\Tower\Desktop\Addition.txt 2015-11-02 19:19 - 2015-11-04 14:32 - 00000000 ____D C:\FRST 2015-11-02 19:19 - 2015-11-02 19:19 - 00061499 _____ C:\Users\Tower\Downloads\FRST.txt 2015-11-02 19:19 - 2015-11-02 19:19 - 00058113 _____ C:\Users\Tower\Downloads\Addition.txt 2015-11-02 19:18 - 2015-11-02 19:19 - 02198016 _____ (Farbar) C:\Users\Tower\Desktop\FRST64.exe 2015-11-02 18:23 - 2015-11-02 18:23 - 00001356 _____ C:\Users\Tower\Desktop\malware bytes.txt 2015-11-02 15:24 - 2015-11-02 15:24 - 00000000 ____D C:\Users\Tower\AppData\Roaming\Avira 2015-11-02 15:22 - 2015-10-05 15:51 - 00148632 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys 2015-11-02 15:22 - 2015-10-05 15:51 - 00137800 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys 2015-11-02 15:22 - 2015-10-05 15:51 - 00074440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys 2015-11-02 15:22 - 2015-10-05 15:51 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys 2015-11-02 15:21 - 2015-11-02 15:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-11-02 15:21 - 2015-11-02 15:22 - 00000000 ____D C:\ProgramData\Avira 2015-11-02 15:21 - 2015-11-02 15:22 - 00000000 ____D C:\Program Files (x86)\Avira 2015-11-02 15:21 - 2015-11-02 15:21 - 00001287 _____ C:\Users\Public\Desktop\Avira Launcher.lnk 2015-11-02 15:20 - 2015-11-02 15:21 - 04577440 _____ (Avira Operations GmbH & Co. KG) C:\Users\Tower\Downloads\avira_de_av_563771342a8bc__ws.exe 2015-11-02 15:17 - 2015-11-02 15:17 - 00002336 _____ C:\Users\Tower\Desktop\Google Chrome.lnk 2015-11-02 14:05 - 2015-11-04 14:16 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-11-02 14:05 - 2015-11-02 14:05 - 00001175 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-11-02 14:05 - 2015-11-02 14:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-11-02 14:05 - 2015-11-02 14:05 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-11-02 14:05 - 2015-11-02 14:05 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-11-02 14:05 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-11-02 14:05 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2015-11-02 14:05 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2015-11-02 14:04 - 2015-11-02 14:04 - 22908888 _____ (Malwarebytes ) C:\Users\Tower\Downloads\mbam-setup-org-2.2.0.1024.exe 2015-11-01 18:36 - 2015-11-01 18:36 - 00000000 _____ C:\Users\Tower\Desktop\Neues Textdokument (2).txt 2015-11-01 17:27 - 2015-11-01 17:27 - 01088437 _____ (pendrivelinux.com) C:\Users\Tower\Downloads\Universal-USB-Installer-1.9.6.2.exe 2015-11-01 17:19 - 2015-11-01 17:20 - 06160320 _____ (LinuxLive USB Creator) C:\Users\Tower\Downloads\LinuxLive_USB_Creator_2.9.4.exe 2015-11-01 17:02 - 2015-11-01 17:04 - 1178386432 _____ C:\Users\Tower\Downloads\ubuntu-15.10-desktop-amd64.iso 2015-10-30 13:57 - 2015-10-28 00:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2015-10-30 13:57 - 2015-10-28 00:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2015-10-30 13:57 - 2015-10-21 13:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll 2015-10-30 13:57 - 2015-10-21 13:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2015-10-30 13:57 - 2015-10-21 13:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2015-10-30 13:57 - 2015-10-21 13:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-10-30 13:57 - 2015-10-21 13:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-10-30 13:57 - 2015-10-21 13:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2015-10-30 13:57 - 2015-10-21 12:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2015-10-30 13:57 - 2015-10-21 12:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2015-10-30 13:57 - 2015-10-21 12:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll 2015-10-30 13:57 - 2015-10-21 12:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2015-10-30 13:57 - 2015-10-21 12:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2015-10-30 13:57 - 2015-10-21 12:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll 2015-10-30 13:57 - 2015-10-21 12:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2015-10-30 13:57 - 2015-10-21 12:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-10-30 13:57 - 2015-10-21 12:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2015-10-30 13:57 - 2015-10-21 12:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2015-10-30 13:57 - 2015-10-21 12:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2015-10-30 13:57 - 2015-10-21 12:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2015-10-30 13:57 - 2015-10-21 12:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2015-10-30 13:57 - 2015-10-21 12:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll 2015-10-30 13:57 - 2015-10-21 12:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll 2015-10-30 13:57 - 2015-10-21 06:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2015-10-30 13:57 - 2015-10-21 06:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-10-30 13:57 - 2015-10-21 06:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-10-30 13:57 - 2015-10-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2015-10-30 13:57 - 2015-10-21 06:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2015-10-30 13:57 - 2015-10-21 06:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll 2015-10-30 13:57 - 2015-10-21 06:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-10-30 13:57 - 2015-10-21 06:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll 2015-10-30 13:57 - 2015-10-21 05:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2015-10-30 13:57 - 2015-10-21 05:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2015-10-30 13:57 - 2015-10-21 05:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll 2015-10-27 14:54 - 2015-10-27 14:54 - 00000000 ____D C:\Users\Public\Documents\BrFaxRx 2015-10-27 14:53 - 2015-10-27 14:58 - 00000009 _____ C:\WINDOWS\Brfaxrx.ini 2015-10-27 14:53 - 2015-10-27 14:58 - 00000000 ____D C:\Program Files (x86)\Brother 2015-10-27 14:53 - 2015-10-27 14:53 - 00000000 ____D C:\ProgramData\PCFaxTx 2015-10-27 14:53 - 2015-10-27 14:53 - 00000000 ____D C:\ProgramData\ControlCenter4 2015-10-27 14:53 - 2015-10-27 14:53 - 00000000 ____D C:\Program Files (x86)\ControlCenter4 2015-10-27 14:53 - 2015-10-27 14:53 - 00000000 ____D C:\Program Files (x86)\Browny02 2015-10-27 14:53 - 2013-01-10 13:56 - 00253952 ____N (brother) C:\WINDOWS\SysWOW64\NSSearch.dll 2015-10-27 14:53 - 2012-12-12 11:37 - 00318464 ____N (Brother Industries, Ltd.) C:\WINDOWS\system32\BrFaxTxAppRun64.dll 2015-10-27 14:53 - 2012-10-22 14:41 - 00002560 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2S.dll 2015-10-27 14:53 - 2010-09-29 17:07 - 00180224 ____N (Brother Industries, Ltd.) C:\WINDOWS\SysWOW64\BroSNMP.dll 2015-10-27 14:53 - 2010-03-15 19:45 - 00073728 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2.dll 2015-10-27 14:53 - 2007-12-13 22:16 - 00005632 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2L.dll 2015-10-27 14:52 - 2015-10-27 14:52 - 00000000 ____D C:\Users\Tower\Downloads\install 2015-10-27 14:52 - 2015-10-27 14:52 - 00000000 ____D C:\Users\Tower\AppData\Roaming\InstallShield 2015-10-27 14:52 - 2015-10-27 14:52 - 00000000 ____D C:\ProgramData\InstallShield 2015-10-27 14:52 - 2015-10-27 14:52 - 00000000 ____D C:\ProgramData\Brother 2015-10-27 14:45 - 2015-10-27 14:52 - 151108968 _____ (A.I.SOFT,INC.) C:\Users\Tower\Downloads\MFC-J470DW-inst-A1-OCE.EXE 2015-10-27 14:33 - 2015-10-27 14:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2015-10-27 14:33 - 2015-10-27 14:33 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi 2015-10-25 20:35 - 2015-10-25 20:35 - 00001052 _____ C:\Users\Public\Desktop\Winamp.lnk 2015-10-25 20:35 - 2015-10-25 20:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp 2015-10-25 20:34 - 2015-10-25 22:38 - 00000000 ____D C:\Users\Tower\AppData\Roaming\Winamp 2015-10-25 20:34 - 2015-10-25 20:35 - 00000000 ____D C:\Program Files (x86)\Winamp 2015-10-25 20:34 - 2015-10-25 20:34 - 12855384 _____ (Nullsoft, Inc.) C:\Users\Tower\Downloads\winamp5666_full_de-de_b3516.exe 2015-10-25 20:34 - 2015-10-25 20:34 - 12855384 _____ (Nullsoft, Inc.) C:\Users\Tower\Downloads\winamp5666_full_de-de_b3516 (1).exe 2015-10-25 20:11 - 2015-10-25 20:37 - 00000000 ____D C:\Users\Tower\Desktop\Neuer Ordner 2015-10-24 13:43 - 2015-10-24 13:43 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys 2015-10-24 13:43 - 2015-10-24 13:43 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys 2015-10-19 16:20 - 2015-10-25 16:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-10-16 10:01 - 2015-10-16 10:05 - 1671288950 _____ C:\Users\Tower\Downloads\jc3_trailer_kit.zip 2015-10-14 15:31 - 2015-10-10 08:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2015-10-14 15:31 - 2015-10-06 04:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2015-10-14 15:31 - 2015-10-06 03:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2015-10-14 15:31 - 2015-10-01 05:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2015-10-14 15:31 - 2015-10-01 05:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2015-10-14 15:31 - 2015-10-01 05:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2015-10-14 15:31 - 2015-10-01 05:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2015-10-14 15:31 - 2015-10-01 05:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-10-14 15:31 - 2015-10-01 04:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2015-10-14 15:31 - 2015-09-25 05:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2015-10-14 15:31 - 2015-09-25 05:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys 2015-10-14 15:31 - 2015-09-25 04:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2015-10-14 15:31 - 2015-09-25 04:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2015-10-14 15:31 - 2015-09-25 04:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2015-10-14 15:31 - 2015-09-25 04:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2015-10-14 15:31 - 2015-09-25 04:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll 2015-10-14 15:31 - 2015-09-25 04:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll 2015-10-14 15:31 - 2015-09-25 04:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-10-14 15:31 - 2015-09-25 04:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2015-10-14 15:31 - 2015-09-25 04:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-10-14 15:31 - 2015-09-25 04:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2015-10-14 15:31 - 2015-09-25 04:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2015-10-14 15:31 - 2015-09-25 04:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-10-14 15:31 - 2015-09-25 04:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2015-10-14 15:31 - 2015-09-25 04:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2015-10-14 15:31 - 2015-09-25 04:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2015-10-14 15:31 - 2015-09-25 04:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-10-14 15:31 - 2015-09-25 04:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2015-10-14 15:31 - 2015-09-25 04:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll 2015-10-14 15:31 - 2015-09-25 04:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2015-10-14 15:31 - 2015-09-25 04:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll 2015-10-14 15:31 - 2015-09-25 04:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll 2015-10-14 15:31 - 2015-09-25 03:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2015-10-14 15:31 - 2015-09-25 03:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll 2015-10-14 15:31 - 2015-09-25 03:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll 2015-10-14 15:31 - 2015-09-25 03:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll 2015-10-14 15:31 - 2015-09-25 03:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll 2015-10-14 15:31 - 2015-09-25 03:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll 2015-10-14 15:31 - 2015-09-25 03:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2015-10-14 15:31 - 2015-09-25 03:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll 2015-10-14 15:31 - 2015-09-25 03:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll 2015-10-14 15:31 - 2015-09-25 03:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-10-14 15:31 - 2015-09-25 03:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-10-14 15:31 - 2015-09-25 03:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2015-10-14 15:31 - 2015-09-25 03:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-10-14 15:31 - 2015-09-25 03:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2015-10-14 15:31 - 2015-09-25 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2015-10-14 15:31 - 2015-09-25 03:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2015-10-14 15:31 - 2015-09-25 03:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-10-14 15:31 - 2015-09-25 03:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2015-10-14 15:31 - 2015-09-25 03:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2015-10-14 15:31 - 2015-09-25 03:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll 2015-10-14 15:31 - 2015-09-25 03:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll 2015-10-14 15:31 - 2015-09-25 03:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll 2015-10-14 15:31 - 2015-09-25 03:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll 2015-10-14 15:31 - 2015-09-25 03:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll 2015-10-14 15:31 - 2015-09-25 03:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2015-10-14 15:31 - 2015-09-25 03:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2015-10-13 15:30 - 2015-10-13 15:35 - 00000000 ____D C:\Users\Tower\Downloads\Dead.Island-RELOADED 2015-10-13 15:29 - 2015-10-13 15:29 - 00019890 _____ C:\Users\Tower\Downloads\Dead.Island.Game.of.The.Year.Edition.PC.+.DLCs.^^nosTEAM^^.torrent 2015-10-12 20:11 - 2015-10-12 20:11 - 00537000 _____ () C:\Users\Tower\Downloads\MW2 RepZ Setup.exe 2015-10-12 20:11 - 2015-10-12 20:11 - 00000000 ____D C:\Users\Tower\AppData\Local\Deployment 2015-10-12 20:11 - 2015-10-12 20:11 - 00000000 ____D C:\Users\Tower\AppData\Local\Apps\2.0 2015-10-11 13:24 - 2015-10-11 13:24 - 00001072 _____ C:\Users\Tower\Desktop\DUC (2).lnk 2015-10-11 12:38 - 2015-11-04 14:31 - 00000000 ____D C:\Users\Tower\AppData\Local\LogMeIn Hamachi 2015-10-11 12:37 - 2015-10-27 14:33 - 00000995 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk 2015-10-11 12:37 - 2015-10-11 12:37 - 08716288 _____ C:\Users\Tower\Downloads\hamachi220383(1).msi 2015-10-11 12:19 - 2015-10-11 13:24 - 00000000 ____D C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC 2015-10-11 12:19 - 2015-10-11 12:19 - 00241720 _____ C:\Users\Tower\Downloads\DUCSetup_v4_1_1.exe 2015-10-11 12:19 - 2015-10-11 12:19 - 00000000 ____D C:\Users\Tower\AppData\Local\Vitalwerks 2015-10-11 12:19 - 2015-10-11 12:19 - 00000000 ____D C:\Program Files (x86)\No-IP 2015-10-11 12:03 - 2015-10-11 12:04 - 00000000 ____D C:\Users\Tower\Downloads\sd 2015-10-10 23:29 - 2015-10-16 11:44 - 00000000 ____D C:\Users\Tower\Desktop\Timur Vernes - Er ist wieder da 2015-10-10 23:29 - 2015-10-10 23:30 - 00000000 ____D C:\Users\Tower\Downloads\Neuer Ordner 2015-10-10 16:06 - 2015-10-10 16:06 - 00000000 ____D C:\Users\Tower\AppData\Local\LogMeIn 2015-10-10 16:06 - 2015-10-10 16:06 - 00000000 ____D C:\ProgramData\LogMeIn 2015-10-10 16:05 - 2015-10-10 16:06 - 08716288 _____ C:\Users\Tower\Downloads\hamachi220383.msi 2015-10-10 16:05 - 2015-10-10 16:06 - 08716288 _____ C:\Users\Tower\Downloads\hamachi220383 (1).msi 2015-10-10 15:38 - 2015-10-10 15:39 - 00000185 _____ C:\Users\Tower\Downloads\eula.txt 2015-10-10 15:38 - 2015-10-10 15:38 - 00000062 _____ C:\Users\Tower\Downloads\server.properties 2015-10-10 15:28 - 2015-10-10 15:38 - 08718628 _____ C:\Users\Tower\Downloads\minecraft_server.1.8.8.exe 2015-10-10 14:45 - 2015-10-10 14:45 - 30984104 _____ (Oracle Corporation) C:\Users\Tower\Downloads\jre-7u60-windows-x64.exe 2015-10-10 14:45 - 2015-10-10 14:45 - 00313256 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2015-10-10 14:45 - 2015-10-10 14:45 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2015-10-10 14:45 - 2015-10-10 14:45 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2015-10-10 14:45 - 2015-10-10 14:45 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2015-10-10 14:45 - 2015-10-10 14:45 - 00000702 _____ C:\Users\Public\Desktop\Titanfall.lnk 2015-10-10 14:45 - 2015-10-10 14:45 - 00000000 ____D C:\Users\Tower\AppData\LocalLow\Sun 2015-10-10 14:45 - 2015-10-10 14:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Titanfall 2015-10-10 14:45 - 2015-10-10 14:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-10-10 14:45 - 2015-10-10 14:45 - 00000000 ____D C:\Program Files\Java 2015-10-10 13:38 - 2015-10-11 12:23 - 00000000 ____D C:\Users\Tower\AppData\Roaming\.minecraft 2015-10-10 13:38 - 2015-10-10 13:38 - 00000000 ____D C:\Users\Tower\AppData\Roaming\java 2015-10-10 13:37 - 2015-10-10 13:37 - 02314240 _____ C:\Users\Tower\Downloads\MinecraftInstaller.msi 2015-10-10 13:37 - 2015-10-10 13:37 - 00000728 _____ C:\Users\Public\Desktop\Minecraft.lnk 2015-10-10 13:37 - 2015-10-10 13:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft 2015-10-09 20:14 - 2015-10-09 20:14 - 00000000 ____D C:\Users\Tower\Documents\Rockstar Games 2015-10-09 20:13 - 2015-10-09 20:13 - 00000000 ____D C:\Program Files\Rockstar Games 2015-10-09 20:12 - 2015-10-09 20:13 - 00000000 ____D C:\Program Files (x86)\Rockstar Games 2015-10-09 20:11 - 2015-10-09 20:11 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2015-10-09 20:11 - 2015-10-09 20:11 - 00000000 ____D C:\Program Files\Reference Assemblies 2015-10-09 20:11 - 2015-10-09 20:11 - 00000000 ____D C:\Program Files\MSBuild 2015-10-09 20:11 - 2015-10-09 20:11 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2015-10-09 20:11 - 2015-10-09 20:11 - 00000000 ____D C:\Program Files (x86)\MSBuild 2015-10-09 20:11 - 2015-06-17 17:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll 2015-10-09 20:11 - 2015-06-17 17:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll 2015-10-09 20:11 - 2015-06-17 17:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe 2015-10-09 20:11 - 2015-05-29 20:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll 2015-10-09 20:11 - 2015-05-29 20:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-10-09 20:11 - 2015-05-29 20:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe 2015-10-08 14:29 - 2015-10-08 14:30 - 00000000 ____D C:\Users\Tower\Documents\STAR WARS Battlefront Beta 2015-10-08 02:51 - 2015-10-08 03:06 - 00000000 ____D C:\Users\Tower\AppData\Roaming\Teeworlds 2015-10-08 02:40 - 2015-10-08 02:41 - 39968152 _____ (Activision ) C:\Users\Tower\Downloads\CoD4MW-1.6-1.7-PatchSetup.exe 2015-10-08 02:40 - 2015-10-08 02:40 - 296330688 _____ (Activision ) C:\Users\Tower\Downloads\cod4mw-1.6-patchsetup.exe 2015-10-08 02:39 - 2015-10-08 02:41 - 72328877 _____ (Activision ) C:\Users\Tower\Downloads\cod4mw-1.4-patchsetup.exe 2015-10-08 02:39 - 2015-10-08 02:41 - 14544960 _____ (Activision ) C:\Users\Tower\Downloads\cod4mw-1.3-patchsetup.exe 2015-10-08 02:39 - 2015-10-08 02:40 - 14532064 _____ (Activision ) C:\Users\Tower\Downloads\cod4mw-1.2-patchsetup.exe 2015-10-08 02:39 - 2015-10-08 02:40 - 11167560 _____ (Activision ) C:\Users\Tower\Downloads\cod4mw-1.4-1.5mp-patchsetup.exe 2015-10-08 02:39 - 2015-10-08 02:40 - 11149280 _____ (Activision ) C:\Users\Tower\Downloads\cod4mw-1.1-patchsetup.exe 2015-10-08 00:16 - 2015-11-02 18:02 - 00000000 ____D C:\Users\Tower\Desktop\PROPHET 2015-10-08 00:07 - 2015-10-08 00:07 - 00000823 _____ C:\Users\Public\Desktop\Total War - SHOGUN 2.lnk 2015-10-08 00:07 - 2015-10-08 00:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA 2015-10-07 23:50 - 2015-10-07 23:50 - 00000000 ____D C:\Users\Tower\AppData\Local\Disc_Soft_Ltd 2015-10-07 23:44 - 2015-03-13 17:52 - 00015159 _____ C:\Users\Tower\Desktop\prophet.nfo 2015-10-07 23:43 - 2015-10-07 23:43 - 00000000 ____D C:\ProgramData\Steam 2015-10-07 21:43 - 2015-10-07 21:44 - 00000000 ____D C:\Users\Tower\AppData\Roaming\DAEMON Tools Lite 2015-10-07 21:43 - 2015-10-07 21:43 - 00030264 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys 2015-10-07 21:43 - 2015-10-07 21:43 - 00001814 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk 2015-10-07 21:43 - 2015-10-07 21:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite 2015-10-07 21:43 - 2015-10-07 21:43 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite 2015-10-07 21:43 - 2015-10-07 21:43 - 00000000 ____D C:\Program Files\DAEMON Tools Lite 2015-10-07 21:42 - 2015-10-07 21:42 - 01709792 _____ (Disc Soft Ltd.) C:\Users\Tower\Downloads\DT101LiteInstaller.exe 2015-10-07 21:42 - 2015-10-07 21:42 - 01709792 _____ (Disc Soft Ltd.) C:\Users\Tower\Downloads\DT101LiteInstaller (1).exe 2015-10-07 20:09 - 2015-10-07 20:24 - 00000000 ____D C:\Users\Tower\Downloads\Total.War.SHOGUN.2.Complete-PROPHET 2015-10-07 20:08 - 2015-10-07 20:08 - 00044495 _____ C:\Users\Tower\Downloads\Total.War.SHOGUN.2.Complete-PROPHET-[rarbg.com].torrent 2015-10-07 19:54 - 2015-10-07 19:55 - 00008431 _____ C:\Users\Tower\Downloads\mpdata 2015-10-07 19:47 - 2015-10-07 19:47 - 00002030 _____ C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Singleplayer.lnk 2015-10-07 19:47 - 2015-10-07 19:47 - 00002030 _____ C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Multiplayer.lnk 2015-10-07 19:47 - 2015-10-07 19:47 - 00000331 _____ C:\WINDOWS\game.ini 2015-10-07 19:47 - 2015-10-07 19:47 - 00000175 _____ C:\WINDOWS\DXError.log 2015-10-07 19:47 - 2015-10-07 19:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision 2015-10-07 19:46 - 2015-10-07 19:46 - 00000000 ____D C:\Program Files (x86)\Activision 2015-10-07 19:23 - 2015-10-13 15:29 - 00000000 ____D C:\Users\Tower\AppData\LocalLow\uTorrent 2015-10-07 19:23 - 2015-10-07 19:37 - 00000000 ____D C:\Users\Tower\Downloads\cod torrentti 2015-10-07 19:23 - 2015-10-07 19:23 - 00052707 _____ C:\Users\Tower\Downloads\[kat.cr]call.of.duty.4.full.crack.and.keygen (1).torrent 2015-10-07 19:22 - 2015-10-07 19:22 - 00002722 _____ C:\Users\Tower\Desktop\µTorrent.lnk 2015-10-07 19:22 - 2015-10-07 19:22 - 00002722 _____ C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk 2015-10-07 19:21 - 2015-10-13 22:23 - 00000000 ____D C:\Users\Tower\AppData\Roaming\uTorrent 2015-10-07 19:21 - 2015-10-07 19:21 - 01822048 _____ (BitTorrent Inc.) C:\Users\Tower\Downloads\uTorrent.exe 2015-10-07 19:20 - 2015-10-07 19:20 - 00052707 _____ C:\Users\Tower\Downloads\[kat.cr]call.of.duty.4.full.crack.and.keygen.torrent 2015-10-06 17:55 - 2015-10-08 22:33 - 00002270 _____ C:\Users\Tower\Desktop\RocketLeague - Shortcut.lnk ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-04 14:31 - 2015-08-15 23:47 - 00000000 ____D C:\ProgramData\boost_interprocess 2015-11-04 14:31 - 2015-08-15 17:34 - 00000000 ____D C:\ProgramData\Origin 2015-11-04 14:31 - 2015-08-12 10:56 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-11-04 14:31 - 2015-07-10 13:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log 2015-11-04 14:30 - 2015-08-12 11:20 - 00000000 ____D C:\ProgramData\NVIDIA 2015-11-04 14:30 - 2015-08-12 11:19 - 00193510 _____ C:\WINDOWS\PFRO.log 2015-11-04 14:30 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-11-04 14:30 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru 2015-11-04 14:30 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2015-11-04 14:18 - 2015-08-12 11:27 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-11-04 14:18 - 2015-07-10 17:34 - 00771100 _____ C:\WINDOWS\system32\perfh007.dat 2015-11-04 14:18 - 2015-07-10 17:34 - 00153964 _____ C:\WINDOWS\system32\perfc007.dat 2015-11-04 14:11 - 2015-08-12 10:56 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-11-04 11:59 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-11-04 11:58 - 2015-08-12 08:07 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B0ABBCD9-80EF-444C-B833-51C5C9291BB0} 2015-11-04 11:56 - 2015-08-15 23:44 - 00000000 ____D C:\Users\Tower\AppData\Local\Adobe 2015-11-02 21:31 - 2015-08-23 12:50 - 00000000 ____D C:\Users\Tower\AppData\Roaming\TS3Client 2015-11-02 15:21 - 2015-08-12 13:07 - 00000000 ____D C:\ProgramData\Package Cache 2015-11-01 19:26 - 2015-08-12 11:37 - 00000000 ____D C:\Users\Tower\Documents\The Witcher 3 2015-11-01 17:17 - 2015-08-24 19:09 - 00011217 _____ C:\WINDOWS\setupact.log 2015-11-01 16:55 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache 2015-11-01 16:39 - 2015-08-12 11:27 - 00002396 _____ C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2015-11-01 16:39 - 2015-08-12 08:35 - 00000000 ___RD C:\Users\Tower\OneDrive 2015-11-01 16:27 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-10-30 14:03 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-10-29 18:45 - 2015-08-12 10:03 - 00000000 ____D C:\Users\Tower\AppData\Local\Battle.net 2015-10-27 14:53 - 2015-08-24 15:27 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-10-27 14:36 - 2015-08-23 12:50 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client 2015-10-27 14:35 - 2015-08-16 19:31 - 00000000 ____D C:\Program Files (x86)\Origin 2015-10-25 22:39 - 2015-08-12 11:21 - 00000000 ____D C:\Users\Tower 2015-10-25 16:49 - 2015-08-15 19:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-10-24 02:41 - 2015-08-12 11:37 - 00284825 _____ C:\WINDOWS\DirectX.log 2015-10-24 02:20 - 2015-09-01 10:36 - 00000000 ____D C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2015-10-18 21:57 - 2015-08-12 11:37 - 00000000 ____D C:\Users\Tower\Documents\My Games 2015-10-16 11:55 - 2015-08-12 21:04 - 00477184 ___SH C:\Users\Tower\Desktop\Thumbs.db 2015-10-16 04:10 - 2015-07-10 12:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-10-16 04:10 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-10-14 15:45 - 2015-08-12 08:21 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-10-14 15:43 - 2015-08-12 08:21 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-10-10 19:04 - 2015-08-16 14:18 - 00226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe 2015-10-10 19:04 - 2015-08-16 14:18 - 00214392 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0 2015-10-10 14:09 - 2015-08-29 15:08 - 00000000 ____D C:\BF4 2015-10-09 20:11 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI 2015-10-09 20:11 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\MUI 2015-10-08 11:50 - 2015-08-12 11:36 - 00000000 ____D C:\Users\Tower\AppData\Local\Steam 2015-10-08 01:32 - 2015-08-12 07:57 - 00000000 ____D C:\Users\Tower\AppData\Local\VirtualStore 2015-10-07 19:57 - 2013-11-15 03:30 - 00000000 ____D C:\Users\Tower\Downloads\sounds 2015-10-06 20:16 - 2015-09-04 10:36 - 00000000 ____D C:\Users\Tower\AppData\Roaming\OBS 2015-10-06 17:31 - 2013-11-15 03:30 - 00000000 ____D C:\Users\Tower\Downloads\lib ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-09-02 11:06 - 2015-05-12 17:11 - 0000034 _____ () C:\Users\Tower\AppData\Roaming\pdfdrawcodec.dll 2015-08-12 11:20 - 2015-08-12 11:20 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2015-08-24 20:19 - 2015-08-24 20:19 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt 2015-08-25 18:15 - 2015-08-25 18:15 - 0000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc Einige Dateien in TEMP: ==================== C:\Users\Tower\AppData\Local\Temp\avgnt.exe C:\Users\Tower\AppData\Local\Temp\bitool.dll C:\Users\Tower\AppData\Local\Temp\jansi-64-git-Bukkit-12698ea-1231831953736236263.dll C:\Users\Tower\AppData\Local\Temp\jansi-64-git-Bukkit-12698ea-2147131273227054406.dll C:\Users\Tower\AppData\Local\Temp\jansi-64-git-Bukkit-12698ea-3088701552036717022.dll C:\Users\Tower\AppData\Local\Temp\jansi-64-git-Bukkit-12698ea-3886152149526835255.dll C:\Users\Tower\AppData\Local\Temp\jansi-64-git-Bukkit-12698ea-5515511938404337857.dll C:\Users\Tower\AppData\Local\Temp\jansi-64-git-Bukkit-12698ea-7782766279733068079.dll C:\Users\Tower\AppData\Local\Temp\msvcp90.dll C:\Users\Tower\AppData\Local\Temp\msvcr90.dll C:\Users\Tower\AppData\Local\Temp\nvSCPAPI.dll C:\Users\Tower\AppData\Local\Temp\nvSCPAPI64.dll C:\Users\Tower\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-10-28 17:50 ==================== Ende von FRST.txt ============================ |
04.11.2015, 14:49 | #8 |
| Virusname: "searchinterneat-a.akamaihd". Öffnet selbstständig Browser-FensterCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-10-2015 durchgeführt von Tower (2015-11-04 14:33:04) Gestartet von C:\Users\Tower\Desktop Windows 10 Home (X64) (2015-08-12 10:25:38) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2297507985-1758812650-2133870427-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2297507985-1758812650-2133870427-503 - Limited - Disabled) Gast (S-1-5-21-2297507985-1758812650-2133870427-501 - Limited - Enabled) HomeGroupUser$ (S-1-5-21-2297507985-1758812650-2133870427-1007 - Limited - Enabled) Tower (S-1-5-21-2297507985-1758812650-2133870427-1001 - Administrator - Enabled) => C:\Users\Tower ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) µTorrent (HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.2.0.129 - Adobe Systems Incorporated) Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0.1 - Adobe Systems Incorporated) Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG) Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Avira Launcher (x32 Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Hidden Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.5.2.34169 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision) Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.6 - Activision) Hidden Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden Call of Duty: Black Ops III Beta (HKLM-x32\...\Steam App 388520) (Version: - Treyarch) Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine) CodeBlocks (HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team) Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd) DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.5.0.0388 - Disc Soft Ltd) Divinity: Original Sin (HKLM-x32\...\Steam App 230230) (Version: - Larian Studios) FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.4.15952.12 - Electronic Arts) Frozen Synapse (HKLM-x32\...\Steam App 98200) (Version: - Mode 7) FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games) Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios) GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.) Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden HAWKEN (HKLM-x32\...\Steam App 271290) (Version: - Reloaded Games) HearthstoneTracker (HKLM-x32\...\HearthstoneTracker) (Version: 1.9.23.39449 - HearthstoneTracker.com) Intel(R) Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel) IrfanView 64 (remove only) (HKLM\...\IrfanView) (Version: 4.40 - Irfan Skiljan) iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.) Java 7 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417060FF}) (Version: 7.0.600 - Oracle) L.A. Noire (HKLM-x32\...\Steam App 110800) (Version: - Team Bondi) LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.406 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.406 - LogMeIn, Inc.) Hidden Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM-x32\...\Steam App 287700) (Version: - Konami Digital Entertainment) Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla) MusicBee 2.4 (HKLM-x32\...\MusicBee) (Version: 2.4 - Steven Mayall) No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.1 - Vitalwerks Internet Solutions LLC) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.1 - Notepad++ Team) NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.82 - NVIDIA Corporation) NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation) NVIDIA Grafiktreiber 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.82 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) Ori and the Blind Forest (HKLM-x32\...\Steam App 261570) (Version: - Moon Studios GmbH) Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.) Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden PDF24 Creator 7.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) PDFBearbeiten V2.3 (HKLM-x32\...\PDFBearbeiten_is1) (Version: - hxxp://www.PDFBearbeiten.net) PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version: - Daybreak Games) PlanetSide 2 (HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\DG0-PlanetSide 2) (Version: - Sony Online Entertainment) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) Rainbow Six Siege - Closed Beta (HKLM-x32\...\Uplay Install 1001) (Version: - Ubisoft) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.1 - Rockstar Games) SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version: - ) SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - ) Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - ) SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - ) SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - ) Samsung PC Studio 3 (x32 Version: 3.0.0.80601 - Samsung Electronics Co., Ltd.) Hidden SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden Street Fighter V Beta (HKLM-x32\...\Steam App 386800) (Version: - ) Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH) Teeworlds (HKLM-x32\...\Steam App 380840) (Version: - Teeworlds Team) This War of Mine (HKLM-x32\...\Steam App 282070) (Version: - 11 bit studios) Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts) Total War - SHOGUN 2 (HKLM-x32\...\Total War - SHOGUN 2_is1) (Version: - ) Trine 3: The Artifacts of Power (HKLM-x32\...\Steam App 319910) (Version: - Frozenbyte) Unity Web Player (HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS) Uplay (HKLM-x32\...\Uplay) (Version: 10.0 - Ubisoft) Vegas Pro 13.0 (64-bit) (HKLM\...\{386F5740-091D-11E4-B13E-F04DA23A5C58}) (Version: 13.0.373 - Sony) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) 网易云音乐 (HKLM-x32\...\网易云音乐) (Version: 1.9.1.103164 - 网易公司) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-002F69BBD7D7}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Tower\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ==================== Wiederherstellungspunkte ========================= 20-10-2015 15:45:51 Windows Update 24-10-2015 02:41:09 DirectX wurde installiert 27-10-2015 14:53:02 Installiert Brother Software Suite 04-11-2015 14:25:03 JRT Pre-Junkware Removal ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 14:25 - 2015-11-04 14:29 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {0EF7F484-A2A1-4CCB-BC4F-1BEBAA7C1EFB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG Task: {3103A7F7-47E1-45AA-BB56-31DEE52C63F0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {37EADF21-3C7F-48E8-8C9C-4445B3436696} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {3CD9976C-156F-4F90-81D0-1E6EE8B7089D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {405A312C-32D4-4C21-A517-8611DDF46B42} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {482CCEFB-1C55-48DE-8049-C553467578E1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {4F887DC4-853A-414A-AFAF-CC003426D02C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {5CED3E29-586D-48D8-ACC7-2CE3021DD750} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {5FD55ECE-FA49-4715-AD46-B307532B1748} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {67044DCA-FB30-4576-96AB-C6094527DB3F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {67E21DB9-3BDA-46A6-BF2A-21663854C9BD} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe Task: {6E80604B-F248-4ABE-BF50-35385DC0C639} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {75599DED-4069-4648-8CE1-607683C6A986} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-12] (Google Inc.) Task: {9D3219E3-DCAD-435B-8E70-8C706263AD67} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {AC4A6034-9A87-49DA-9CD9-E5E4EC53DFB6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-14] (Microsoft Corporation) Task: {C7D86003-6247-4CAE-B201-7FE1E63430B3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {CEBABB8A-00EE-4F46-8DC1-9EFB8B2FC8FC} - \AutoKMS -> Keine Datei <==== ACHTUNG Task: {D277D2C2-149D-4398-94F0-E54DAE68B6D2} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {EB12AB54-FC61-4830-9A96-A9971EFFEF12} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-12] (Google Inc.) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-08-12 12:18 - 2015-08-12 12:18 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll 2015-08-12 11:20 - 2015-08-25 16:57 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-08-19 11:24 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll 2015-08-12 11:20 - 2013-07-04 02:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe 2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-05-15 15:26 - 2015-05-15 15:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-08-29 16:47 - 2015-08-29 16:47 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe 2015-10-02 09:24 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-10-02 09:24 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-07-22 00:02 - 2015-07-22 00:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2012-10-01 19:34 - 2012-10-01 19:34 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2015-10-02 09:24 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-10-02 09:25 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-10-02 09:24 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-10-02 09:24 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-10-02 09:24 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-07-10 12:00 - 2015-07-10 17:45 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll 2015-08-12 11:33 - 2015-08-27 01:37 - 00708216 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll 2015-08-12 11:33 - 2015-08-27 01:37 - 00854136 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll 2015-10-23 10:12 - 2015-10-20 15:55 - 01908040 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libglesv2.dll 2015-10-23 10:12 - 2015-10-20 15:55 - 00093512 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libegl.dll 2015-07-22 00:02 - 2015-07-22 00:02 - 31535264 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe 2015-08-12 11:20 - 2015-11-04 14:30 - 00038544 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll 2015-08-12 11:20 - 2013-07-04 02:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll 2015-08-12 11:33 - 2015-08-27 01:37 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2015-08-20 14:56 - 2015-08-20 14:56 - 00182128 _____ () C:\Program Files (x86)\Netease\CloudMusic\ExceptionHandler.dll 2015-08-20 14:56 - 2015-08-20 14:56 - 08699760 _____ () C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.dll 2015-08-20 14:56 - 2015-08-20 14:56 - 38797680 _____ () C:\Program Files (x86)\Netease\CloudMusic\libcef.dll 2015-08-20 14:56 - 2015-08-20 14:56 - 02561904 _____ () C:\Program Files (x86)\Netease\CloudMusic\ffmpegsumo.dll 2015-08-20 14:56 - 2015-08-20 14:56 - 00111984 _____ () C:\Program Files (x86)\Netease\CloudMusic\libFLAC++_dynamic.dll 2015-08-20 14:56 - 2015-08-20 14:56 - 00262000 _____ () C:\Program Files (x86)\Netease\CloudMusic\libFLAC_dynamic.dll 2015-08-20 14:56 - 2015-08-20 14:56 - 00877936 _____ () C:\Program Files (x86)\Netease\CloudMusic\libglesv2.dll 2015-08-20 14:56 - 2015-08-20 14:56 - 00135024 _____ () C:\Program Files (x86)\Netease\CloudMusic\libegl.dll 2015-08-16 19:31 - 2015-10-27 14:35 - 01016832 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll 2015-08-16 19:31 - 2015-10-27 14:35 - 00028160 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll 2015-08-16 19:31 - 2015-10-27 14:35 - 00029696 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll 2015-08-16 19:31 - 2015-10-27 14:35 - 00256000 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll 2015-08-16 19:31 - 2015-10-27 14:35 - 00266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll 2015-08-16 19:31 - 2015-10-27 14:35 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll 2015-08-16 19:31 - 2015-10-27 14:35 - 00346112 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll 2015-08-16 19:31 - 2015-10-27 14:35 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll 2015-07-22 14:32 - 2015-07-22 14:32 - 36732592 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll 2015-09-02 11:03 - 2015-09-01 13:28 - 00074272 _____ () C:\Program Files (x86)\PDF24\zlib.dll 2015-09-02 11:03 - 2015-09-01 13:28 - 00051744 _____ () C:\Program Files (x86)\PDF24\OperationUI.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\battelog.com -> hxxps://www.battelog.com IE trusted site: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\battlefield.com -> hxxps://www.battlefield.com ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tower\Desktop\The-Witcher-3-Wild-Hunt-Sword-of-Destiny-Ultra-HD-Wallpaper-4k.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [UDP Query User{215677AC-B348-41EA-8E64-054E930B0D2E}D:\games\hearthstone\hearthstone.exe] => (Allow) D:\games\hearthstone\hearthstone.exe FirewallRules: [TCP Query User{1F6834EA-E9EA-4661-81F6-1DBA87896036}D:\games\hearthstone\hearthstone.exe] => (Allow) D:\games\hearthstone\hearthstone.exe FirewallRules: [{62560D05-0E68-4C92-8652-79E97FA5A63E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{152FB88E-325F-4319-8919-F423068C7B85}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{3AF06DFB-CD6B-47AE-BC97-F335B05AD05C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{50226629-B020-46F4-B85B-48DA999A836D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{6DB57B98-E4FF-4D63-8E1A-DFCF8778B300}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{1BAAB5C5-A4F0-46EA-9A01-B592694C097B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{81B8C514-5E12-4762-A840-45A704554C69}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{07E84485-22C8-4A03-8DAF-AEB4A883022D}] => (Allow) D:\Programme\Steam\Steam.exe FirewallRules: [{2BCFA7B4-2341-4A3E-BBDE-5F92021931C4}] => (Allow) D:\Programme\Steam\Steam.exe FirewallRules: [{E54E2D6D-D675-4FD8-8BCE-9048E6EB69F9}] => (Allow) D:\Programme\Steam\bin\steamwebhelper.exe FirewallRules: [{D086F43C-5864-443D-A8C3-82AFED5D6D23}] => (Allow) D:\Programme\Steam\bin\steamwebhelper.exe FirewallRules: [{69CE53C6-AFAD-4DD5-8D8F-4AAABDE7F94B}] => (Allow) D:\Games\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe FirewallRules: [{67C8F4E3-E03D-4996-B96B-33679096207D}] => (Allow) D:\Games\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe FirewallRules: [{109084FB-B8E6-4541-BEA6-2AD5E43D7A23}] => (Allow) D:\Games\steamapps\common\The Witcher 3\bin\x64\witcher3.exe FirewallRules: [{F0CF891D-4E94-48CC-8A13-96209E98B07C}] => (Allow) D:\Games\steamapps\common\The Witcher 3\bin\x64\witcher3.exe FirewallRules: [TCP Query User{57195384-9343-43DF-86A7-C0D472413BEE}D:\program files (x86)\world of tanks\wotlauncher.exe] => (Allow) D:\program files (x86)\world of tanks\wotlauncher.exe FirewallRules: [UDP Query User{D07FCF13-8259-44C3-BEBA-338032B3437A}D:\program files (x86)\world of tanks\wotlauncher.exe] => (Allow) D:\program files (x86)\world of tanks\wotlauncher.exe FirewallRules: [TCP Query User{266EF9D3-30FE-48F1-AA40-5A93B0F45D03}D:\program files (x86)\world of tanks\worldoftanks.exe] => (Allow) D:\program files (x86)\world of tanks\worldoftanks.exe FirewallRules: [UDP Query User{F9B2AA14-CEBC-4632-8098-F8D72C99C64E}D:\program files (x86)\world of tanks\worldoftanks.exe] => (Allow) D:\program files (x86)\world of tanks\worldoftanks.exe FirewallRules: [{8A1A20A6-D30D-4B13-BF3A-AE0E28414132}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{7BD0F7F3-49AF-413C-A5FF-AE034AA607CC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{A8FC48FC-BA07-43E4-B6D9-708C56BEA990}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC 2015\Photoshop.exe FirewallRules: [{72849705-37C9-4060-BDC9-CEE33E0939EA}] => (Allow) D:\Games\steamapps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{2CA8930D-7020-429F-8F42-B43D15FF844D}] => (Allow) D:\Games\steamapps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{A6CD5491-F9FF-4298-9BE5-26FCB05D13B2}] => (Allow) D:\Games\steamapps\common\Divinity - Original Sin\Shipping\EoCApp.exe FirewallRules: [{7CA4CB26-0B8C-4810-9F5B-AA241CD5D79D}] => (Allow) D:\Games\steamapps\common\Divinity - Original Sin\Shipping\EoCApp.exe FirewallRules: [{BDF14615-009D-4596-8AC5-D8718DC8C429}] => (Allow) D:\Games\steamapps\common\Frozen Synapse\FrozenSynapse.exe FirewallRules: [{4363C883-4DB8-4C3A-90AB-F10D722B4913}] => (Allow) D:\Games\steamapps\common\Frozen Synapse\FrozenSynapse.exe FirewallRules: [{4B7E6B4F-0E0D-41A7-A4A9-4E21DD738937}] => (Allow) D:\Games\steamapps\common\FTL Faster Than Light\FTLGame.exe FirewallRules: [{3968E51C-72D4-4BA0-99F3-5B992E890E6F}] => (Allow) D:\Games\steamapps\common\FTL Faster Than Light\FTLGame.exe FirewallRules: [{076ED1FB-1271-4BCC-AF26-9B8154292883}] => (Allow) D:\Games\steamapps\common\Ori\ori.exe FirewallRules: [{91271E76-35CC-4814-9E5B-A88FE15CD32E}] => (Allow) D:\Games\steamapps\common\Ori\ori.exe FirewallRules: [{0BEC11EB-9A5C-4222-8BAF-B18AD7AFEBDB}] => (Allow) D:\Games\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{6CDE77F7-6DD8-4E7F-BA75-43D12A92354A}] => (Allow) D:\Games\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{EFBFE8C1-F7B0-449C-986F-0DD016DEAE27}] => (Allow) D:\Games\steamapps\common\This War of Mine\This War of Mine.exe FirewallRules: [{B828E6C0-070A-43E5-9939-A09D3E334CF0}] => (Allow) D:\Games\steamapps\common\This War of Mine\This War of Mine.exe FirewallRules: [{4BDA12D5-7BC9-40BB-A8DC-7B56F67E904E}] => (Allow) D:\Games\steamapps\common\Trine 3\trine3_launcher.exe FirewallRules: [{4C27179C-E104-4C58-A315-3E9E5DAB6A53}] => (Allow) D:\Games\steamapps\common\Trine 3\trine3_launcher.exe FirewallRules: [TCP Query User{4244FD84-9DE8-4C07-BB86-8EC1C5F24F45}D:\games\steamapps\common\trine 3\trine3_64bit.exe] => (Allow) D:\games\steamapps\common\trine 3\trine3_64bit.exe FirewallRules: [UDP Query User{52497E54-E682-4AB3-883F-849F47B23A79}D:\games\steamapps\common\trine 3\trine3_64bit.exe] => (Allow) D:\games\steamapps\common\trine 3\trine3_64bit.exe FirewallRules: [{61E3AB01-64CA-4EDB-8D42-8B0C46D1FAFB}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{3B7D9F2D-8B89-4774-8268-B52CB11C0CAB}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{02811CCC-14CA-46BA-BDD9-B19EB613CD01}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{CD7F6DA3-5642-4F69-90FD-1FCD177A8442}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{88A0DF53-007A-4168-816C-A042A5F586D1}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{95F1CA0C-6ABE-44BB-9451-813E34D976F9}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{97EF4662-8C20-4E72-8197-E9ABAF052C0A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{974261BA-2D19-402F-A90A-CCF0B9337250}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{37DB4CEE-58C9-42D4-B35C-1662D82C8D7A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{50782609-FE39-4BCD-8E3F-55EFD7AF549C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{68D279F5-6EE3-4A4D-A535-A2AE4E25B293}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{FBE9AF85-E0EC-42D9-88BB-1D5DA3F27F63}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{6145B0F5-5E48-4B99-971F-C01E517CB48B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{158BC71F-C0F4-462B-BBE5-A4D2391136B1}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{2C35DD76-FABF-49B3-86C4-B0A7A4C2F37D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{AE010B00-8F61-46F5-A274-E8C3420493E0}] => (Allow) C:\BF4\Battlefield 4\bf4_x86.exe FirewallRules: [{AFF40177-E21C-4A4D-B553-6F9BA118AEF3}] => (Allow) C:\BF4\Battlefield 4\bf4_x86.exe FirewallRules: [{4CB0CE31-0DFD-459C-889D-CFFA11AE0249}] => (Allow) C:\BF4\Battlefield 4\bf4.exe FirewallRules: [{EEB4A72A-456C-4E4A-A348-7C3AA2B01398}] => (Allow) C:\BF4\Battlefield 4\bf4.exe FirewallRules: [{436743DC-1772-4708-A4EB-E0FE3A60F26A}] => (Allow) D:\Games\steamapps\common\Call of Duty Black Ops III Beta\BlackOps3.exe FirewallRules: [{B45BAA1D-E649-4516-9537-F76D4C00702F}] => (Allow) D:\Games\steamapps\common\Call of Duty Black Ops III Beta\BlackOps3.exe FirewallRules: [{D21675F9-5B8D-475E-B6A1-2480E104FCAF}] => (Allow) D:\Games\steamapps\common\MGS_TPP\mgsvtpp.exe FirewallRules: [{370A9F65-F427-4B89-85B5-D5F0214D7A38}] => (Allow) D:\Games\steamapps\common\MGS_TPP\mgsvtpp.exe FirewallRules: [{28EA1612-19AF-4EEE-B3BA-954692851E6A}] => (Allow) C:\BF4\Battlefield 4\BF4X86WebHelper.exe FirewallRules: [{DF08077B-32BC-4009-849C-80955750613D}] => (Allow) C:\BF4\Battlefield 4\BF4X86WebHelper.exe FirewallRules: [{BB601256-8945-4C90-874A-27CD3C44788B}] => (Allow) C:\BF4\Battlefield 4\BF4WebHelper.exe FirewallRules: [{A8057CA9-268D-43FB-B024-8A22AB8790BE}] => (Allow) C:\BF4\Battlefield 4\BF4WebHelper.exe FirewallRules: [TCP Query User{3040D893-5F64-4BEE-9CE2-DF68577547C6}C:\bf4\fifa 16\fifa16.exe] => (Allow) C:\bf4\fifa 16\fifa16.exe FirewallRules: [UDP Query User{4138D23D-0C9F-4CC6-880B-171C209D1102}C:\bf4\fifa 16\fifa16.exe] => (Allow) C:\bf4\fifa 16\fifa16.exe FirewallRules: [{A3FD0448-4283-468A-99C2-68309D9AD031}] => (Allow) D:\Program Files (x86)\Ubisoft Game Launcher\games\Rainbow Six Siege - Closed Beta\RainbowSix.exe FirewallRules: [{5DD752B2-2E87-48D0-BBDC-00093E989646}] => (Allow) D:\Program Files (x86)\Ubisoft Game Launcher\games\Rainbow Six Siege - Closed Beta\RainbowSix.exe FirewallRules: [{2C2CCE4E-A1EA-4CF0-83B5-E196E55E9BC1}] => (Allow) D:\Games\steamapps\common\PlanetSide 2\LaunchPad.exe FirewallRules: [{1EF74477-6E6F-4D71-8D24-3EFDF165A04C}] => (Allow) D:\Games\steamapps\common\PlanetSide 2\LaunchPad.exe FirewallRules: [{D78CA598-FA88-49BB-A7CD-97E5BC89F748}] => (Allow) D:\Games\steamapps\common\Hawken\Binaries\Win32\HawkenGame-Win32-Shipping.exe FirewallRules: [{C243C51F-F277-47A0-8A62-064B4647E3C9}] => (Allow) D:\Games\steamapps\common\Hawken\Binaries\Win32\HawkenGame-Win32-Shipping.exe FirewallRules: [{C17B1139-63C2-4D41-85C2-DE2050AB6FA1}] => (Allow) C:\BF4\FIFA 16\fifasetup\fifaconfig.exe FirewallRules: [{D8882855-F8DF-4F53-BD02-ADC4FCDDD921}] => (Allow) C:\BF4\FIFA 16\fifasetup\fifaconfig.exe FirewallRules: [TCP Query User{F8CE605B-91E5-464C-88F2-4A3DAF6A8B24}D:\games\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) D:\games\steamapps\common\planetside 2\planetside2_x64.exe FirewallRules: [UDP Query User{4A3496E0-53BC-4D42-A622-66CCEBA7F70E}D:\games\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) D:\games\steamapps\common\planetside 2\planetside2_x64.exe FirewallRules: [{96064DD7-CE03-4F0D-B338-2D8D1E52FBB9}] => (Allow) D:\Games\steamapps\common\GarrysMod\hl2.exe FirewallRules: [{EF9EE171-C2EC-403D-A593-862522BB4E83}] => (Allow) D:\Games\steamapps\common\GarrysMod\hl2.exe FirewallRules: [TCP Query User{3161F613-58BA-490A-BF32-BB378B669BC6}C:\users\tower\downloads\lib\[www.mpc-g.com]rcktlg105\binaries\win32\rocketleague.exe] => (Allow) C:\users\tower\downloads\lib\[www.mpc-g.com]rcktlg105\binaries\win32\rocketleague.exe FirewallRules: [UDP Query User{FAE1244A-5DB1-47E3-B4B4-E15817C68733}C:\users\tower\downloads\lib\[www.mpc-g.com]rcktlg105\binaries\win32\rocketleague.exe] => (Allow) C:\users\tower\downloads\lib\[www.mpc-g.com]rcktlg105\binaries\win32\rocketleague.exe FirewallRules: [{6794FD39-FAD4-4CE1-BFF0-9110FE13801F}] => (Allow) C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{4D402FFE-0A88-4204-9D26-F66313A82FBD}] => (Allow) C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{49414156-6D04-4ED4-843D-44E19C46866C}] => (Allow) C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{8AD2136B-FD93-4F18-A945-D2E70D07B6E8}] => (Allow) C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{7935BB68-7D2C-4E8A-B506-E95946F20444}] => (Allow) C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{19FD221F-0A03-43F3-8919-B3992E72175E}] => (Allow) C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{5F58A196-190C-486C-BFC3-DC39693AC853}D:\program files (x86)\total war - shogun 2\shogun2.exe] => (Allow) D:\program files (x86)\total war - shogun 2\shogun2.exe FirewallRules: [UDP Query User{7D8AA4CC-F861-47F0-9842-317D204A9198}D:\program files (x86)\total war - shogun 2\shogun2.exe] => (Allow) D:\program files (x86)\total war - shogun 2\shogun2.exe FirewallRules: [{640B579A-8F7C-40D3-86A5-25A0E53B9B96}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe FirewallRules: [{51CD6A31-7EB4-49F4-BA82-2700A2428173}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe FirewallRules: [{83277662-335B-4596-A8A1-185AC754DE67}] => (Allow) D:\Games\steamapps\common\Teeworlds\teeworlds.exe FirewallRules: [{251D4361-3957-4E8A-8CCF-583405B6A0BA}] => (Allow) D:\Games\steamapps\common\Teeworlds\teeworlds.exe FirewallRules: [{8EF908CA-3F7A-4C61-B3A3-E7BCD95F4AEF}] => (Allow) D:\Games\steamapps\common\L.A.Noire\LANLauncher.exe FirewallRules: [{08C86DD2-F657-4DF3-BB92-2F40D37D1402}] => (Allow) D:\Games\steamapps\common\L.A.Noire\LANLauncher.exe FirewallRules: [{B0777CE3-1F8E-4180-9C31-18C5F3B19A39}] => (Allow) D:\Games\Titanfall\Titanfall.exe FirewallRules: [{0D19F0F3-324A-4D66-85B4-94F8CD4BA36F}] => (Allow) D:\Games\Titanfall\Titanfall.exe FirewallRules: [TCP Query User{A90948F1-0257-4F3E-A2B0-24A88EF02EF9}D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{1C09ABD3-1321-4D90-8AA9-8E02EFBC285F}D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{346C6197-2990-41F2-A816-B2AC493AB97C}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{54CB7B40-80F0-4E83-AF83-696FA9E2E203}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [{31981CE6-90D0-4002-8284-213407374F40}] => (Allow) D:\Games\steamapps\common\Team Fortress 2\hl2.exe FirewallRules: [{360DD666-147F-465D-B92F-5EE5ABACFBD9}] => (Allow) D:\Games\steamapps\common\Team Fortress 2\hl2.exe FirewallRules: [TCP Query User{615D134D-28D0-4ADE-AA26-9F09B503E8F8}D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe] => (Allow) D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe FirewallRules: [UDP Query User{04594715-5C3D-4CA3-B4D4-9A6300CC718A}D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe] => (Allow) D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe FirewallRules: [{998C1B58-163B-476D-AF20-0AC2110B2BDC}] => (Allow) D:\Games\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{FD6686CE-F6FE-4BD0-83F1-ECAB9B09A597}] => (Allow) D:\Games\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{8B9E0380-799D-4102-A481-C34A283A2584}] => (Allow) D:\Games\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{B7631C0D-93B7-44D9-ACA3-5D5F47FEA85E}] => (Allow) D:\Games\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{72F906CB-AD23-4E4A-BF4D-D37FEFD163FF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{E74C905D-ED71-45D6-BBD4-1579A84E6195}] => (Allow) D:\Games\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{9824A515-66D8-4007-B4AF-F4A54DC532B9}] => (Allow) D:\Games\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{E60C9963-847C-4B88-B53C-4CAF9D696165}] => (Allow) D:\Games\steamapps\common\StreetFighterVBeta\StreetFighterVBeta.exe FirewallRules: [{75FEF355-9E2C-4DCE-B3F0-61D8CF3DE1C5}] => (Allow) D:\Games\steamapps\common\StreetFighterVBeta\StreetFighterVBeta.exe FirewallRules: [{DBE33EBB-49E7-4198-960A-BC4B7EA46CAB}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [{09E3F538-B087-48B5-BAB4-45CCF1CAC801}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [{E81C4C61-4ECD-412D-BDB9-F223447A610A}] => (Allow) D:\Games\steamapps\common\Super Street Fighter IV - Arcade Edition\SSFIV.exe FirewallRules: [{F24956A8-4923-4429-9A31-7AD4C7BFFB10}] => (Allow) D:\Games\steamapps\common\Super Street Fighter IV - Arcade Edition\SSFIV.exe ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: SM-Bus-Controller Description: SM-Bus-Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (11/04/2015 02:30:56 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Local Hostname Tower-PC.local already in use; will try Tower-PC-2.local instead Error: (11/04/2015 02:30:56 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Tower-PC.local. Addr 192.168.0.10 Error: (11/04/2015 02:30:56 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.0.10:5353 16 Tower-PC.local. AAAA 2A02:810D:29BF:ED58:F01C:688F:9F5C:8E46 Error: (11/04/2015 02:25:04 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (11/04/2015 11:55:47 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Local Hostname Tower-PC.local already in use; will try Tower-PC-2.local instead Error: (11/04/2015 11:55:47 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: ProbeCount 0; will deregister 4 Tower-PC.local. Addr 192.168.0.10 Error: (11/04/2015 11:55:47 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.0.10:5353 16 Tower-PC.local. AAAA 2A02:810D:29BF:ED58:F01C:688F:9F5C:8E46 Error: (11/02/2015 04:45:26 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: avscan.exe, Version: 15.0.13.202, Zeitstempel: 0x55e5b9fd Name des fehlerhaften Moduls: avscan.exe, Version: 15.0.13.202, Zeitstempel: 0x55e5b9fd Ausnahmecode: 0xc0000005 Fehleroffset: 0x00043612 ID des fehlerhaften Prozesses: 0x17e0 Startzeit der fehlerhaften Anwendung: 0xavscan.exe0 Pfad der fehlerhaften Anwendung: avscan.exe1 Pfad des fehlerhaften Moduls: avscan.exe2 Berichtskennung: avscan.exe3 Vollständiger Name des fehlerhaften Pakets: avscan.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: avscan.exe5 Error: (11/01/2015 11:43:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TOWER-PC) Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (11/01/2015 11:17:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TOWER-PC) Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Systemfehler: ============= Error: (11/04/2015 02:30:51 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \SystemRoot\SysWow64\Drivers\StarOpen.SYS Error: (11/04/2015 02:30:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Benutzerdatenzugriff_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (11/04/2015 02:30:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Benutzerdatenspeicher _Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (11/04/2015 02:30:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Kontaktdaten_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (11/04/2015 02:30:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Synchronisierungshost_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (11/04/2015 02:25:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts. Error: (11/04/2015 02:25:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Disc Soft Lite Bus Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (11/04/2015 02:25:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (11/04/2015 02:25:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (11/04/2015 02:25:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. CodeIntegrity: =================================== Date: 2015-11-01 21:33:39.326 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-01 21:33:39.318 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-01 18:41:14.353 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-01 18:41:14.345 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-01 17:24:20.935 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-01 17:24:20.924 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-01 16:37:41.302 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-10-29 19:26:56.311 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-10-28 17:50:46.255 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-10-26 18:56:55.660 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz Prozentuale Nutzung des RAM: 18% Installierter physikalischer RAM: 16326.53 MB Verfügbarer physikalischer RAM: 13277 MB Summe virtueller Speicher: 18758.53 MB Verfügbarer virtueller Speicher: 15075.54 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:232.1 GB) (Free:54.65 GB) NTFS Drive d: (Games/Programme) (Fixed) (Total:1863.01 GB) (Free:1059.53 GB) NTFS Drive e: (Daten) (Fixed) (Total:1863.01 GB) (Free:1860.36 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 1863 GB) (Disk ID: 12F312F3) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 82563300) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=232.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ======================================================== Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 1863 GB) (Disk ID: 117B117C) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt ============================ Das Problem besteht weiterhin. Dankesehr |
05.11.2015, 13:15 | #9 |
/// TB-Ausbilder | Virusname: "searchinterneat-a.akamaihd". Öffnet selbstständig Browser-Fenster Servus, in welchem Browser tritt das Problem aktuell auf?
|
10.11.2015, 15:51 | #10 |
| Virusname: "searchinterneat-a.akamaihd". Öffnet selbstständig Browser-FensterCode:
ATTFilter Farbar Recovery Scan Tool (x64) Version:05-11-2015 durchgeführt von Tower (2015-11-07 02:02:48) Gestartet von C:\Users\Tower\Desktop Start-Modus: Normal ================== Registry-Suche: "akamaihd;results hub;resultshub" =========== ===================== Suchergebnis für "akamaihd" ========== [HKEY_USERS\S-1-5-21-2297507985-1758812650-2133870427-1001\SOFTWARE\Microsoft\Internet Explorer\TypedURLs] "url1"="hxxp://192.168.0.1/index.html?zteRurl=searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggSJAkKV11EEhgbJAwOTA1BFwQOIlsPAxRDFgcWIwEMU19AEFQFIk0FA1oDB0VXfVtUBlpXTwhxJUpNDU0CaUBB?zteRurl=#home" ===================== Suchergebnis für "resultshub" ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{112732dc-ea3d-4d9d-bb68-652be21810c2}] "LocalService"="Service Mgr ResultsHub" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\AppID\{112732dc-ea3d-4d9d-bb68-652be21810c2}] "LocalService"="Service Mgr ResultsHub" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\AppID\{112732dc-ea3d-4d9d-bb68-652be21810c2}] "LocalService"="Service Mgr ResultsHub" ====== Ende von Suche ====== |
10.11.2015, 16:57 | #11 |
/// TB-Ausbilder | Virusname: "searchinterneat-a.akamaihd". Öffnet selbstständig Browser-Fenster Servus, Hinweis: Der Suchlauf mit ESET kann länger dauern. Schritt 0 Starte AdwCleaner, das Programm wird dir einen Hinweis geben, dass eine neue Version verfügbar ist. Klicke auf Ok und lade dir die neuste Version herunter. Führe AdwCleaner nochmals aus (Suchen > Löschen) und poste mir die neue Logdatei. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start CloseProcesses: Task: {0EF7F484-A2A1-4CCB-BC4F-1BEBAA7C1EFB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG Task: {3103A7F7-47E1-45AA-BB56-31DEE52C63F0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {37EADF21-3C7F-48E8-8C9C-4445B3436696} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {3CD9976C-156F-4F90-81D0-1E6EE8B7089D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {405A312C-32D4-4C21-A517-8611DDF46B42} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {482CCEFB-1C55-48DE-8049-C553467578E1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {5FD55ECE-FA49-4715-AD46-B307532B1748} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {67044DCA-FB30-4576-96AB-C6094527DB3F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {9D3219E3-DCAD-435B-8E70-8C706263AD67} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {C7D86003-6247-4CAE-B201-7FE1E63430B3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {CEBABB8A-00EE-4F46-8DC1-9EFB8B2FC8FC} - \AutoKMS -> Keine Datei <==== ACHTUNG Task: {D277D2C2-149D-4398-94F0-E54DAE68B6D2} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{112732dc-ea3d-4d9d-bb68-652be21810c2} CMD: reg delete "HKEY_USERS\S-1-5-21-2297507985-1758812650-2133870427-1001\SOFTWARE\Microsoft\Internet Explorer\TypedURLs" /v url1 /f RemoveProxy: CMD: ipconfig /flushdns CMD: netsh winsock reset EmptyTemp: end Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Downloade dir ZHPCleaner auf deinen Desktop.
Schritt 3 Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
Schritt 4 ESET Online Scanner
Bitte poste mit deiner nächsten Antwort
Geändert von M-K-D-B (10.11.2015 um 17:03 Uhr) |
11.11.2015, 15:28 | #12 |
| Virusname: "searchinterneat-a.akamaihd". Öffnet selbstständig Browser-Fenster AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v5.019 - Bericht erstellt am 11/11/2015 um 13:53:30 # Aktualisiert am 08/11/2015 von Xplode # Datenbank : 2015-11-09.1 [Server] # Betriebssystem : Windows 10 Home (x64) # Benutzername : Tower - TOWER-PC # Gestartet von : C:\Users\Tower\Desktop\adwcleaner_5.019.exe # Option : Suchlauf # Unterstützung : hxxp://toolslib.net/forum ***** [ Dienste ] ***** ***** [ Ordner ] ***** ***** [ Dateien ] ***** ***** [ DLL ] ***** ***** [ Verknüpfungen ] ***** ***** [ Aufgabenplanung ] ***** ***** [ Registrierungsdatenbank ] ***** ***** [ Internetbrowser ] ***** ########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [616 Bytes] ########## [/CODE] Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-11-2015 durchgeführt von Tower (2015-11-11 13:56:12) Run:1 Gestartet von C:\Users\Tower\Desktop Geladene Profile: Tower (Verfügbare Profile: Tower) Start-Modus: Normal ============================================== fixlist Inhalt: ***************** start CloseProcesses: Task: {0EF7F484-A2A1-4CCB-BC4F-1BEBAA7C1EFB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG Task: {3103A7F7-47E1-45AA-BB56-31DEE52C63F0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {37EADF21-3C7F-48E8-8C9C-4445B3436696} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {3CD9976C-156F-4F90-81D0-1E6EE8B7089D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {405A312C-32D4-4C21-A517-8611DDF46B42} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {482CCEFB-1C55-48DE-8049-C553467578E1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {5FD55ECE-FA49-4715-AD46-B307532B1748} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {67044DCA-FB30-4576-96AB-C6094527DB3F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {9D3219E3-DCAD-435B-8E70-8C706263AD67} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {C7D86003-6247-4CAE-B201-7FE1E63430B3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {CEBABB8A-00EE-4F46-8DC1-9EFB8B2FC8FC} - \AutoKMS -> Keine Datei <==== ACHTUNG Task: {D277D2C2-149D-4398-94F0-E54DAE68B6D2} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{112732dc-ea3d-4d9d-bb68-652be21810c2} CMD: reg delete "HKEY_USERS\S-1-5-21-2297507985-1758812650-2133870427-1001\SOFTWARE\Microsoft\Internet Explorer\TypedURLs" /v url1 /f RemoveProxy: CMD: ipconfig /flushdns CMD: netsh winsock reset EmptyTemp: end ***************** Prozess erfolgreich geschlossen. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0EF7F484-A2A1-4CCB-BC4F-1BEBAA7C1EFB}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0EF7F484-A2A1-4CCB-BC4F-1BEBAA7C1EFB}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3103A7F7-47E1-45AA-BB56-31DEE52C63F0}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3103A7F7-47E1-45AA-BB56-31DEE52C63F0}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{37EADF21-3C7F-48E8-8C9C-4445B3436696}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37EADF21-3C7F-48E8-8C9C-4445B3436696}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3CD9976C-156F-4F90-81D0-1E6EE8B7089D}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3CD9976C-156F-4F90-81D0-1E6EE8B7089D}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{405A312C-32D4-4C21-A517-8611DDF46B42}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{405A312C-32D4-4C21-A517-8611DDF46B42}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{482CCEFB-1C55-48DE-8049-C553467578E1}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{482CCEFB-1C55-48DE-8049-C553467578E1}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5FD55ECE-FA49-4715-AD46-B307532B1748}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FD55ECE-FA49-4715-AD46-B307532B1748}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{67044DCA-FB30-4576-96AB-C6094527DB3F}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{67044DCA-FB30-4576-96AB-C6094527DB3F}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9D3219E3-DCAD-435B-8E70-8C706263AD67}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D3219E3-DCAD-435B-8E70-8C706263AD67}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C7D86003-6247-4CAE-B201-7FE1E63430B3}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C7D86003-6247-4CAE-B201-7FE1E63430B3}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{CEBABB8A-00EE-4F46-8DC1-9EFB8B2FC8FC}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEBABB8A-00EE-4F46-8DC1-9EFB8B2FC8FC}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D277D2C2-149D-4398-94F0-E54DAE68B6D2}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D277D2C2-149D-4398-94F0-E54DAE68B6D2}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => Schlüssel erfolgreich entfernt HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{112732dc-ea3d-4d9d-bb68-652be21810c2} => Schlüssel erfolgreich entfernt ========= reg delete "HKEY_USERS\S-1-5-21-2297507985-1758812650-2133870427-1001\SOFTWARE\Microsoft\Internet Explorer\TypedURLs" /v url1 /f ========= Der Vorgang wurde erfolgreich beendet. ========= Ende von CMD: ========= ========= RemoveProxy: ========= HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt ========= Ende von RemoveProxy: ========= ========= ipconfig /flushdns ========= Windows-IP-Konfiguration Der DNS-Aufl�sungscache wurde geleert. ========= Ende von CMD: ========= ========= netsh winsock reset ========= Der Winsock-Katalog wurde zur�ckgesetzt. Sie m�ssen den Computer neu starten, um den Vorgang abzuschlie�en. ========= Ende von CMD: ========= EmptyTemp: => 1.4 GB temporäre Dateien entfernt. Das System musste neu gestartet werden. ==== Ende von Fixlog 13:57:16 ==== Code:
ATTFilter ~ ZHPCleaner v2015.11.11.376 by Nicolas Coolman (2015/11/11) ~ Run by Tower (Administrator) (11/11/2015 14:05:22) ~ Site : hxxp://www.nicolascoolman.fr ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ State version : Version OK ~ Type : Scanner ~ Report : C:\Users\Tower\Desktop\ZHPCleaner.txt ~ Quarantine : C:\Users\Tower\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt ~ UAC : Activate ~ Boot Mode : Normal (Normal boot) Windows 10 Home, 64-bit (Build 10240) ---\\ Dienst. (0) ~ Alle bösartigen oder unnötige Element gefunden. ---\\ Browser. (0) ~ Alle bösartigen oder unnötige Element gefunden. ---\\ Datei Host. (2) GEFUNDEN: ~ Anzahl der Weiterleitungen gefunden1/20 ---\\ Geplante Tasks (0) ~ Alle bösartigen oder unnötige Element gefunden. ---\\ Explorer (Ordner, Dateien). (18) GEFUNDEN Datei: C:\Windows\AutoKMS\AutoKMS.log =>HackTool.AutoKMS GEFUNDEN Datei: C:\ProgramData\Microsoft Toolkit\Settings.xml =>HackTool.AutoKMS GEFUNDEN Ordner: C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS GEFUNDEN Ordner: C:\WINDOWS\AutoKMS =>HackTool.AutoKMS GEFUNDEN Ordner: C:\WINDOWS\Installer\MSIE1AE.tmp- =>Empty GEFUNDEN Ordner: C:\WINDOWS\Installer\MSIE328.tmp- =>Empty GEFUNDEN Ordner: C:\WINDOWS\Installer\MSIE3C9.tmp- =>Empty GEFUNDEN Ordner: C:\WINDOWS\Installer\MSIE457.tmp- =>Empty GEFUNDEN Ordner: C:\WINDOWS\Installer\MSIE4D5.tmp- =>Empty GEFUNDEN Ordner: C:\WINDOWS\Installer\MSIE582.tmp- =>Empty GEFUNDEN Ordner: C:\WINDOWS\Installer\MSIE6AC.tmp- =>Empty GEFUNDEN Ordner: C:\WINDOWS\Installer\MSIE739.tmp- =>Empty GEFUNDEN Ordner: C:\WINDOWS\Installer\MSIE7B7.tmp- =>Empty GEFUNDEN Ordner: C:\WINDOWS\Installer\MSIECA1.tmp- =>Empty GEFUNDEN Ordner: C:\WINDOWS\Installer\MSIED2F.tmp- =>Empty GEFUNDEN Ordner: C:\WINDOWS\Installer\MSIEDAD.tmp- =>Empty GEFUNDEN Ordner: C:\WINDOWS\Installer\MSIEE2B.tmp- =>Empty GEFUNDEN Ordner: C:\WINDOWS\Installer\MSIEE9A.tmp- =>Empty ---\\ Registrierung (Schlüssel, Werte, Daten). (0) ~ Alle bösartigen oder unnötige Element gefunden. ---\\Reparieren Check ~ keine Reparaturen. ~ dieser Browser fehlt (Google Chrome) ~ dieser Browser fehlt (Opera Software) ---\\Statistiken ~ Elemente gescannt : 95099 ~ Einträge gefunden : 21 ~ Elemente abgesagt : 0 ~ Elemente repariert : 0 ~ End of search in 2 minutes =================== ZHPCleaner-[S]-11112015-14_08_13.txt Code:
ATTFilter
Code:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=1e31a1de79a9f34380d75ebec5d196f2 # end=init # utc_time=2015-11-11 01:16:25 # local_time=2015-11-11 02:16:25 (+0100, Mitteleuropäische Zeit) # country="Germany" # osver=6.2.9200 NT Update Init Update Download Update Finalize Updated modules version: 26674 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=1e31a1de79a9f34380d75ebec5d196f2 # end=updated # utc_time=2015-11-11 01:18:25 # local_time=2015-11-11 02:18:25 (+0100, Mitteleuropäische Zeit) # country="Germany" # osver=6.2.9200 NT # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7777 # api_version=3.1.1 # EOSSerial=1e31a1de79a9f34380d75ebec5d196f2 # engine=26674 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2015-11-11 02:26:43 # local_time=2015-11-11 03:26:43 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1031 # osver=6.2.9200 NT # compatibility_mode_1='' # compatibility_mode=5893 16776573 100 94 11596 10726015 0 0 # scanned=342301 # found=1 # cleaned=0 # scan_time=4098 sh=6D8DEB6A0C5052D5C2DE108B4DD18103F8561432 ft=1 fh=d429baf8742ea515 vn="Win32/Somoto.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tower\AppData\Local\Microsoft\Windows\INetCache\IE\V7KE23AR\BiTool[1].dll" |
11.11.2015, 16:06 | #13 |
/// TB-Ausbilder | Virusname: "searchinterneat-a.akamaihd". Öffnet selbstständig Browser-Fenster Servus, Downloade dir bitte Shortcut Cleaner (by Grinler) auf deinen Desktop.
Gib mir Bescheid, ob sich danach immer noch Tabs mit "akamaihd" öffnen.
|
11.11.2015, 17:57 | #14 |
| Virusname: "searchinterneat-a.akamaihd". Öffnet selbstständig Browser-FensterCode:
ATTFilter Shortcut Cleaner 1.3.8 by Lawrence Abrams (Grinler) hxxp://www.bleepingcomputer.com/ Copyright 2008-2015 BleepingComputer.com More Information about Shortcut Cleaner can be found at this link: hxxp://www.bleepingcomputer.com/download/shortcut-cleaner/ Windows Version: Windows 10 Home Program started at: 11/11/2015 05:53:29 PM. Scanning for registry hijacks: * No issues found in the Registry. Searching for Hijacked Shortcuts: Searching C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\ Searching C:\ProgramData\Microsoft\Windows\Start Menu\ Searching C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ Searching C:\Users\Public\Desktop\ Searching C:\Users\Tower\Desktop\ Searching C:\Users\Public\Desktop\ 0 bad shortcuts found. Program finished at: 11/11/2015 05:53:30 PM Execution time: 0 hours(s), 0 minute(s), and 0 seconds(s) FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-11-2015 durchgeführt von Tower (Administrator) auf TOWER-PC (11-11-2015 17:54:41) Gestartet von C:\Users\Tower\Desktop Geladene Profile: Tower (Verfügbare Profile: Tower) Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe () C:\Windows\System32\PnkBstrA.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (NetEase) C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe (NetEase) C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe (NetEase) C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe (Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe (Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avcenter.exe () C:\Users\Tower\Desktop\ZHPCleaner.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Valve Corporation) D:\Programme\Steam\Steam.exe (Valve Corporation) D:\Programme\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) D:\Programme\Steam\bin\steamwebhelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\ipmgui.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Valve Corporation) D:\Programme\Steam\bin\steamwebhelper.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-07-22] (Adobe Systems Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2303152 2015-07-23] (Adobe Systems Incorporated) HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [218656 2015-09-01] (Geek Software GmbH) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-10-26] (LogMeIn Inc.) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782520 2015-10-05] (Avira Operations GmbH & Co. KG) HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\Run: [cloudmusic] => C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe [356720 2015-08-20] (NetEase) HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3638256 2015-10-27] (Electronic Arts) HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3129560 2014-02-24] (Disc Soft Ltd) HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd) HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\MountPoints2: {b3db381f-6cef-11e5-8288-1c872c435803} - "H:\setup.exe" ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] () ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\..\Interfaces\{19d1f25f-d8ef-4596-925b-0d54695feb79}: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{248c2f9a-a959-44e0-89c4-fb5feece3233}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.asus.com/ SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-10-10] (Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-10-10] (Oracle Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default FF NewTab: about:newtab FF Homepage: about:home FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-10-10] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-10-10] (Oracle Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-07-23] (Adobe Systems) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] () FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-25] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-25] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-07-23] (Adobe Systems) FF Plugin HKU\S-1-5-21-2297507985-1758812650-2133870427-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tower\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation) FF Extension: Avira Browser Safety - C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default\Extensions\abs@avira.com [2015-11-02] [ist nicht signiert] FF Extension: Avira SafeSearch Plus - C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default\Extensions\safesearchplus@avira.com [2015-11-02] [ist nicht signiert] Chrome: ======= CHR DefaultSearchURL: Profile 1 -> hxxps://safesearch.avira.com/#web/result?source=omnibar&q={searchTerms} CHR DefaultSearchKeyword: Profile 1 -> Avira CHR DefaultSuggestURL: Profile 1 -> hxxps://safesearch.avira.com/suggestions?q={searchTerms}&li=ff&hl=en CHR Profile: C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Default CHR Profile: C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1 CHR Extension: (Google Drive) - C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-11] CHR Extension: (Adblock Plus) - C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-10] CHR Extension: (Chrome Web Store Payments) - C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-04] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [680112 2015-07-22] (Adobe Systems Incorporated) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [932912 2015-10-05] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-10-05] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-10-05] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1147720 2015-10-05] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] () R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [243968 2015-10-14] (Avira Operations GmbH & Co. KG) S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Datei ist nicht signiert] R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-10-26] (LogMeIn, Inc.) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2099208 2015-10-27] (Electronic Arts) R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2015-08-29] () R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2015-08-29] () R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] () S3 athur; C:\Windows\System32\drivers\athuwbx.sys [2702336 2013-11-20] (Qualcomm Atheros Communications, Inc.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-10-05] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-10-05] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-10-05] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-10-05] (Avira Operations GmbH & Co. KG) R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-10-07] (Disc Soft Ltd) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2015-08-25] (Disc Soft Ltd) R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation) S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] () S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-11 17:53 - 2015-11-11 17:53 - 00463688 _____ (Bleeping Computer, LLC) C:\Users\Tower\Downloads\sc-cleaner.exe 2015-11-11 17:53 - 2015-11-11 17:53 - 00001832 _____ C:\Users\Tower\Desktop\sc-cleaner.txt 2015-11-11 17:48 - 2015-11-11 17:48 - 00016148 _____ C:\WINDOWS\system32\TOWER-PC_Tower_HistoryPrediction.bin 2015-11-11 14:16 - 2015-11-11 14:16 - 00000000 ____D C:\Program Files (x86)\ESET 2015-11-11 14:15 - 2015-11-11 14:16 - 02870984 _____ (ESET) C:\Users\Tower\Downloads\esetsmartinstaller_deu.exe 2015-11-11 14:14 - 2015-11-11 14:14 - 00011014 _____ C:\Users\Tower\Desktop\HitmanPro_20151111_1414.log 2015-11-11 14:12 - 2015-11-11 14:14 - 00000000 ____D C:\ProgramData\HitmanPro 2015-11-11 14:10 - 2015-11-11 14:12 - 11337112 _____ (SurfRight B.V.) C:\Users\Tower\Desktop\HitmanPro_x64.exe 2015-11-11 14:04 - 2015-11-11 14:08 - 00000000 ____D C:\Users\Tower\AppData\Roaming\ZHP 2015-11-11 14:04 - 2015-11-11 14:05 - 00000913 _____ C:\Users\Tower\Desktop\ZHPCleaner.lnk 2015-11-11 14:03 - 2015-11-11 14:04 - 01875968 _____ C:\Users\Tower\Desktop\ZHPCleaner.exe 2015-11-11 13:51 - 2015-11-11 13:53 - 01712128 _____ C:\Users\Tower\Desktop\adwcleaner_5.019.exe 2015-11-11 13:15 - 2015-11-05 06:13 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys 2015-11-11 13:15 - 2015-11-05 06:06 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-11-11 13:15 - 2015-11-05 05:24 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-11-11 13:15 - 2015-11-05 05:20 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2015-11-11 13:15 - 2015-11-05 05:18 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-11-11 13:15 - 2015-11-05 05:18 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2015-11-11 13:15 - 2015-11-05 05:10 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll 2015-11-11 13:15 - 2015-11-05 05:03 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2015-11-11 13:15 - 2015-11-05 04:59 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2015-11-11 13:15 - 2015-11-05 04:58 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2015-11-11 13:15 - 2015-11-05 04:56 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2015-11-11 13:15 - 2015-11-05 04:42 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2015-11-11 13:15 - 2015-11-05 04:35 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2015-11-11 13:15 - 2015-11-05 04:35 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll 2015-11-11 13:15 - 2015-11-05 04:27 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2015-11-11 13:14 - 2015-11-05 06:15 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-11-11 13:14 - 2015-11-05 06:15 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll 2015-11-11 13:14 - 2015-11-05 06:14 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2015-11-11 13:14 - 2015-11-05 06:11 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2015-11-11 13:14 - 2015-11-05 06:06 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2015-11-11 13:14 - 2015-11-05 06:01 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2015-11-11 13:14 - 2015-11-05 05:56 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2015-11-11 13:14 - 2015-11-05 05:56 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys 2015-11-11 13:14 - 2015-11-05 05:56 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2015-11-11 13:14 - 2015-11-05 05:30 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2015-11-11 13:14 - 2015-11-05 05:23 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2015-11-11 13:14 - 2015-11-05 05:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2015-11-11 13:14 - 2015-11-05 05:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2015-11-11 13:14 - 2015-11-05 05:17 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2015-11-11 13:14 - 2015-11-05 05:12 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll 2015-11-11 13:14 - 2015-11-05 05:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2015-11-11 13:14 - 2015-11-05 05:10 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-11-11 13:14 - 2015-11-05 05:07 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2015-11-11 13:14 - 2015-11-05 05:06 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll 2015-11-11 13:14 - 2015-11-05 05:05 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-11-11 13:14 - 2015-11-05 05:05 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-11-11 13:14 - 2015-11-05 05:03 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2015-11-11 13:14 - 2015-11-05 05:01 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2015-11-11 13:14 - 2015-11-05 05:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2015-11-11 13:14 - 2015-11-05 05:01 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2015-11-11 13:14 - 2015-11-05 04:59 - 03587072 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2015-11-11 13:14 - 2015-11-05 04:58 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2015-11-11 13:14 - 2015-11-05 04:55 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll 2015-11-11 13:14 - 2015-11-05 04:54 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll 2015-11-11 13:14 - 2015-11-05 04:47 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-11-11 13:14 - 2015-11-05 04:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2015-11-11 13:14 - 2015-11-05 04:34 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll 2015-11-11 13:14 - 2015-11-05 04:33 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-11-11 13:14 - 2015-11-05 04:33 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-11-11 13:14 - 2015-11-05 04:30 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2015-11-11 13:14 - 2015-11-05 04:28 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-11-11 13:14 - 2015-11-05 04:27 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2015-11-11 13:14 - 2015-11-05 04:23 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll 2015-11-10 15:48 - 2015-11-10 15:48 - 10919784 _____ C:\WINDOWS\SysWOW64\LogiDPP.dll 2015-11-10 15:48 - 2015-11-10 15:48 - 10919784 _____ C:\WINDOWS\system32\LogiDPP.dll 2015-11-10 15:48 - 2015-11-10 15:48 - 04758176 _____ (Logitech Inc.) C:\WINDOWS\system32\Drivers\lvuvc64.sys 2015-11-10 15:48 - 2015-11-10 15:48 - 00768288 _____ (Logitech Inc.) C:\WINDOWS\system32\LVUI64.dll 2015-11-10 15:48 - 2015-11-10 15:48 - 00560416 _____ (Logitech Inc.) C:\WINDOWS\system32\LVUIRC64.dll 2015-11-10 15:48 - 2015-11-10 15:48 - 00542568 _____ (Logitech Inc.) C:\WINDOWS\SysWOW64\LVUI2.dll 2015-11-10 15:48 - 2015-11-10 15:48 - 00538472 _____ (Logitech Inc.) C:\WINDOWS\SysWOW64\LVUI2RC.dll 2015-11-10 15:48 - 2015-11-10 15:48 - 00351520 _____ (Logitech Inc.) C:\WINDOWS\system32\Drivers\lvrs64.sys 2015-11-10 15:48 - 2015-11-10 15:48 - 00336232 _____ C:\WINDOWS\SysWOW64\DevManagerCore.dll 2015-11-10 15:48 - 2015-11-10 15:48 - 00336232 _____ C:\WINDOWS\system32\DevManagerCore.dll 2015-11-10 15:48 - 2015-11-10 15:48 - 00305000 _____ (Logitech Inc.) C:\WINDOWS\SysWOW64\lvcodec2.dll 2015-11-10 15:48 - 2015-11-10 15:48 - 00266828 _____ C:\WINDOWS\system32\Drivers\LVAFT.cfg 2015-11-10 15:48 - 2015-11-10 15:48 - 00262432 _____ (Logitech Inc.) C:\WINDOWS\system32\lvco1380853.dll 2015-11-10 15:48 - 2015-11-10 15:48 - 00175392 _____ (Logitech Inc.) C:\WINDOWS\system32\lvcod64.dll 2015-11-10 15:48 - 2015-11-10 15:48 - 00103272 _____ C:\WINDOWS\SysWOW64\LogiDPPApp.exe 2015-11-10 15:48 - 2015-11-10 15:48 - 00103272 _____ C:\WINDOWS\system32\LogiDPPApp.exe 2015-11-10 15:48 - 2015-11-10 15:48 - 00040398 _____ C:\WINDOWS\system32\Repository.reg 2015-11-10 15:48 - 2015-11-10 15:48 - 00029494 _____ C:\WINDOWS\system32\lvcoin64.ini 2015-11-10 15:48 - 2015-11-10 15:48 - 00006943 _____ C:\WINDOWS\system32\lvcoinst.log 2015-11-10 15:48 - 2015-11-10 15:48 - 00000000 ____D C:\Program Files\Common Files\logishrd 2015-11-08 22:47 - 2015-11-08 22:47 - 00000000 ____D C:\Users\Tower\AppData\Roaming\aacs 2015-11-08 22:13 - 2015-11-08 22:13 - 00000000 ____D C:\Users\Tower\AppData\Roaming\dvdcss 2015-11-08 22:12 - 2015-11-08 22:13 - 00000000 ____D C:\Users\Tower\AppData\Local\Cyberlink 2015-11-08 22:04 - 2015-11-08 22:12 - 00000000 ____D C:\Users\Tower\Documents\CyberLink 2015-11-08 22:04 - 2015-11-08 22:04 - 00000000 ____D C:\Users\Tower\AppData\Roaming\CyberLink 2015-11-08 22:03 - 2015-11-08 22:48 - 00000000 ____D C:\ProgramData\CyberLink 2015-11-07 02:45 - 2015-11-07 02:45 - 00001123 _____ C:\Users\Tower\Desktop\Dasposten.txt 2015-11-07 02:02 - 2015-11-07 02:02 - 00001123 _____ C:\Users\Tower\Desktop\Search.txt 2015-11-07 02:01 - 2015-11-07 02:01 - 00000000 ____D C:\Users\Tower\Desktop\FRST-OlderVersion 2015-11-07 00:18 - 2015-11-07 00:18 - 00000000 ____D C:\Users\Tower\AppData\Local\NetworkTiles 2015-11-07 00:12 - 2013-11-20 12:43 - 02702336 _____ (Qualcomm Atheros Communications, Inc.) C:\WINDOWS\system32\Drivers\athuwbx.sys 2015-11-07 00:11 - 2015-11-07 00:08 - 07368965 _____ C:\Users\Tower\Desktop\TL-WN721N_V1_140915.zip 2015-11-04 14:31 - 2015-11-04 14:31 - 00032719 _____ C:\Users\Tower\Desktop\zoek-results.txt 2015-11-04 14:30 - 2015-11-04 14:29 - 00024064 _____ C:\WINDOWS\zoek-delete.exe 2015-11-04 14:29 - 2015-11-04 14:31 - 00032719 _____ C:\zoek-results.log 2015-11-04 14:29 - 2015-11-04 14:29 - 00000000 ____D C:\zoek_backup 2015-11-04 14:28 - 2015-11-04 14:29 - 01309184 _____ C:\Users\Tower\Desktop\zoek.exe 2015-11-04 14:27 - 2015-11-04 14:27 - 00001286 _____ C:\Users\Tower\Desktop\JRT2.txt 2015-11-04 14:26 - 2015-11-04 14:26 - 00001286 _____ C:\Users\Tower\Desktop\JRT.txt 2015-11-04 14:23 - 2015-11-04 14:23 - 01798976 _____ (Malwarebytes) C:\Users\Tower\Desktop\JRT.exe 2015-11-04 14:21 - 2015-11-04 14:21 - 00001205 _____ C:\Users\Tower\Desktop\Malware bytes2.txt 2015-11-04 14:15 - 2015-11-04 14:15 - 22908888 _____ (Malwarebytes ) C:\Users\Tower\Downloads\mbam-setup-2.2.0.1024.exe 2015-11-04 14:15 - 2015-11-04 14:15 - 00003121 _____ C:\Users\Tower\Desktop\AdwCleaner[C1].txt 2015-11-04 14:09 - 2015-11-11 13:53 - 00000000 ____D C:\AdwCleaner 2015-11-02 19:26 - 2015-11-02 19:27 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Tower\Desktop\tdsskiller.exe 2015-11-02 19:20 - 2015-11-11 17:54 - 00020691 _____ C:\Users\Tower\Desktop\FRST.txt 2015-11-02 19:20 - 2015-11-04 14:33 - 00051512 _____ C:\Users\Tower\Desktop\Addition.txt 2015-11-02 19:19 - 2015-11-11 17:54 - 00000000 ____D C:\FRST 2015-11-02 19:19 - 2015-11-02 19:19 - 00061499 _____ C:\Users\Tower\Downloads\FRST.txt 2015-11-02 19:19 - 2015-11-02 19:19 - 00058113 _____ C:\Users\Tower\Downloads\Addition.txt 2015-11-02 19:18 - 2015-11-07 02:01 - 02198528 _____ (Farbar) C:\Users\Tower\Desktop\FRST64.exe 2015-11-02 18:23 - 2015-11-02 18:23 - 00001356 _____ C:\Users\Tower\Desktop\malware bytes.txt 2015-11-02 15:24 - 2015-11-02 15:24 - 00000000 ____D C:\Users\Tower\AppData\Roaming\Avira 2015-11-02 15:22 - 2015-10-05 15:51 - 00148632 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys 2015-11-02 15:22 - 2015-10-05 15:51 - 00137800 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys 2015-11-02 15:22 - 2015-10-05 15:51 - 00074440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys 2015-11-02 15:22 - 2015-10-05 15:51 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys 2015-11-02 15:21 - 2015-11-02 15:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-11-02 15:21 - 2015-11-02 15:22 - 00000000 ____D C:\ProgramData\Avira 2015-11-02 15:21 - 2015-11-02 15:22 - 00000000 ____D C:\Program Files (x86)\Avira 2015-11-02 15:21 - 2015-11-02 15:21 - 00001287 _____ C:\Users\Public\Desktop\Avira Launcher.lnk 2015-11-02 15:20 - 2015-11-02 15:21 - 04577440 _____ (Avira Operations GmbH & Co. KG) C:\Users\Tower\Downloads\avira_de_av_563771342a8bc__ws.exe 2015-11-02 15:17 - 2015-11-02 15:17 - 00002336 _____ C:\Users\Tower\Desktop\Google Chrome.lnk 2015-11-02 14:05 - 2015-11-04 14:16 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-11-02 14:05 - 2015-11-02 14:05 - 00001175 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-11-02 14:05 - 2015-11-02 14:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-11-02 14:05 - 2015-11-02 14:05 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-11-02 14:05 - 2015-11-02 14:05 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-11-02 14:05 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-11-02 14:05 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2015-11-02 14:05 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2015-11-02 14:04 - 2015-11-02 14:04 - 22908888 _____ (Malwarebytes ) C:\Users\Tower\Downloads\mbam-setup-org-2.2.0.1024.exe 2015-11-01 18:36 - 2015-11-01 18:36 - 00000000 _____ C:\Users\Tower\Desktop\Neues Textdokument (2).txt 2015-11-01 17:27 - 2015-11-01 17:27 - 01088437 _____ (pendrivelinux.com) C:\Users\Tower\Downloads\Universal-USB-Installer-1.9.6.2.exe 2015-11-01 17:19 - 2015-11-01 17:20 - 06160320 _____ (LinuxLive USB Creator) C:\Users\Tower\Downloads\LinuxLive_USB_Creator_2.9.4.exe 2015-11-01 17:02 - 2015-11-01 17:04 - 1178386432 _____ C:\Users\Tower\Downloads\ubuntu-15.10-desktop-amd64.iso 2015-10-27 14:54 - 2015-10-27 14:54 - 00000000 ____D C:\Users\Public\Documents\BrFaxRx 2015-10-27 14:53 - 2015-10-27 14:58 - 00000009 _____ C:\WINDOWS\Brfaxrx.ini 2015-10-27 14:53 - 2015-10-27 14:58 - 00000000 ____D C:\Program Files (x86)\Brother 2015-10-27 14:53 - 2015-10-27 14:53 - 00000000 ____D C:\ProgramData\PCFaxTx 2015-10-27 14:53 - 2015-10-27 14:53 - 00000000 ____D C:\ProgramData\ControlCenter4 2015-10-27 14:53 - 2015-10-27 14:53 - 00000000 ____D C:\Program Files (x86)\ControlCenter4 2015-10-27 14:53 - 2015-10-27 14:53 - 00000000 ____D C:\Program Files (x86)\Browny02 2015-10-27 14:53 - 2013-01-10 13:56 - 00253952 ____N (brother) C:\WINDOWS\SysWOW64\NSSearch.dll 2015-10-27 14:53 - 2012-12-12 11:37 - 00318464 ____N (Brother Industries, Ltd.) C:\WINDOWS\system32\BrFaxTxAppRun64.dll 2015-10-27 14:53 - 2012-10-22 14:41 - 00002560 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2S.dll 2015-10-27 14:53 - 2010-09-29 17:07 - 00180224 ____N (Brother Industries, Ltd.) C:\WINDOWS\SysWOW64\BroSNMP.dll 2015-10-27 14:53 - 2010-03-15 19:45 - 00073728 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2.dll 2015-10-27 14:53 - 2007-12-13 22:16 - 00005632 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2L.dll 2015-10-27 14:52 - 2015-10-27 14:52 - 00000000 ____D C:\Users\Tower\Downloads\install 2015-10-27 14:52 - 2015-10-27 14:52 - 00000000 ____D C:\Users\Tower\AppData\Roaming\InstallShield 2015-10-27 14:52 - 2015-10-27 14:52 - 00000000 ____D C:\ProgramData\InstallShield 2015-10-27 14:52 - 2015-10-27 14:52 - 00000000 ____D C:\ProgramData\Brother 2015-10-27 14:45 - 2015-10-27 14:52 - 151108968 _____ (A.I.SOFT,INC.) C:\Users\Tower\Downloads\MFC-J470DW-inst-A1-OCE.EXE 2015-10-27 14:33 - 2015-10-27 14:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2015-10-27 14:33 - 2015-10-27 14:33 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi 2015-10-25 20:35 - 2015-10-25 20:35 - 00001052 _____ C:\Users\Public\Desktop\Winamp.lnk 2015-10-25 20:35 - 2015-10-25 20:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp 2015-10-25 20:34 - 2015-10-25 22:38 - 00000000 ____D C:\Users\Tower\AppData\Roaming\Winamp 2015-10-25 20:34 - 2015-10-25 20:35 - 00000000 ____D C:\Program Files (x86)\Winamp 2015-10-25 20:34 - 2015-10-25 20:34 - 12855384 _____ (Nullsoft, Inc.) C:\Users\Tower\Downloads\winamp5666_full_de-de_b3516.exe 2015-10-25 20:34 - 2015-10-25 20:34 - 12855384 _____ (Nullsoft, Inc.) C:\Users\Tower\Downloads\winamp5666_full_de-de_b3516 (1).exe 2015-10-25 20:11 - 2015-10-25 20:37 - 00000000 ____D C:\Users\Tower\Desktop\Neuer Ordner 2015-10-24 13:43 - 2015-10-24 13:43 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys 2015-10-24 13:43 - 2015-10-24 13:43 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys 2015-10-19 16:20 - 2015-10-25 16:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-10-16 10:01 - 2015-10-16 10:05 - 1671288950 _____ C:\Users\Tower\Downloads\jc3_trailer_kit.zip 2015-10-14 15:31 - 2015-10-10 08:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2015-10-14 15:31 - 2015-10-06 04:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2015-10-14 15:31 - 2015-10-06 03:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2015-10-14 15:31 - 2015-10-01 05:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2015-10-14 15:31 - 2015-10-01 05:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2015-10-14 15:31 - 2015-10-01 05:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2015-10-14 15:31 - 2015-10-01 05:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2015-10-14 15:31 - 2015-10-01 04:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2015-10-14 15:31 - 2015-09-25 05:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2015-10-14 15:31 - 2015-09-25 05:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys 2015-10-14 15:31 - 2015-09-25 04:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2015-10-14 15:31 - 2015-09-25 04:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2015-10-14 15:31 - 2015-09-25 04:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2015-10-14 15:31 - 2015-09-25 04:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2015-10-14 15:31 - 2015-09-25 04:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll 2015-10-14 15:31 - 2015-09-25 04:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll 2015-10-14 15:31 - 2015-09-25 04:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2015-10-14 15:31 - 2015-09-25 04:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2015-10-14 15:31 - 2015-09-25 04:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2015-10-14 15:31 - 2015-09-25 04:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-10-14 15:31 - 2015-09-25 04:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2015-10-14 15:31 - 2015-09-25 04:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2015-10-14 15:31 - 2015-09-25 04:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-10-14 15:31 - 2015-09-25 04:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll 2015-10-14 15:31 - 2015-09-25 04:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll 2015-10-14 15:31 - 2015-09-25 04:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll 2015-10-14 15:31 - 2015-09-25 03:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2015-10-14 15:31 - 2015-09-25 03:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll 2015-10-14 15:31 - 2015-09-25 03:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll 2015-10-14 15:31 - 2015-09-25 03:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll 2015-10-14 15:31 - 2015-09-25 03:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll 2015-10-14 15:31 - 2015-09-25 03:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll 2015-10-14 15:31 - 2015-09-25 03:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2015-10-14 15:31 - 2015-09-25 03:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll 2015-10-14 15:31 - 2015-09-25 03:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll 2015-10-14 15:31 - 2015-09-25 03:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-10-14 15:31 - 2015-09-25 03:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2015-10-14 15:31 - 2015-09-25 03:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-10-14 15:31 - 2015-09-25 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2015-10-14 15:31 - 2015-09-25 03:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2015-10-14 15:31 - 2015-09-25 03:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2015-10-14 15:31 - 2015-09-25 03:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2015-10-14 15:31 - 2015-09-25 03:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll 2015-10-14 15:31 - 2015-09-25 03:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll 2015-10-14 15:31 - 2015-09-25 03:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll 2015-10-14 15:31 - 2015-09-25 03:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll 2015-10-14 15:31 - 2015-09-25 03:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll 2015-10-14 15:31 - 2015-09-25 03:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2015-10-14 15:31 - 2015-09-25 03:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2015-10-13 15:30 - 2015-10-13 15:35 - 00000000 ____D C:\Users\Tower\Downloads\Dead.Island-RELOADED 2015-10-13 15:29 - 2015-10-13 15:29 - 00019890 _____ C:\Users\Tower\Downloads\Dead.Island.Game.of.The.Year.Edition.PC.+.DLCs.^^nosTEAM^^.torrent 2015-10-12 20:11 - 2015-10-12 20:11 - 00537000 _____ () C:\Users\Tower\Downloads\MW2 RepZ Setup.exe 2015-10-12 20:11 - 2015-10-12 20:11 - 00000000 ____D C:\Users\Tower\AppData\Local\Deployment 2015-10-12 20:11 - 2015-10-12 20:11 - 00000000 ____D C:\Users\Tower\AppData\Local\Apps\2.0 ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-11 17:43 - 2015-07-10 13:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log 2015-11-11 17:38 - 2015-08-12 11:37 - 00000000 ____D C:\Users\Tower\Documents\The Witcher 3 2015-11-11 17:11 - 2015-08-12 10:56 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-11-11 17:01 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru 2015-11-11 14:22 - 2015-08-12 08:21 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-11-11 14:21 - 2015-08-12 08:21 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-11-11 14:06 - 2015-08-12 08:07 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B0ABBCD9-80EF-444C-B833-51C5C9291BB0} 2015-11-11 14:04 - 2015-08-12 11:27 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-11-11 14:04 - 2015-07-10 17:34 - 00771100 _____ C:\WINDOWS\system32\perfh007.dat 2015-11-11 14:04 - 2015-07-10 17:34 - 00153964 _____ C:\WINDOWS\system32\perfc007.dat 2015-11-11 14:01 - 2015-10-11 12:38 - 00000000 ____D C:\Users\Tower\AppData\Local\LogMeIn Hamachi 2015-11-11 14:01 - 2015-08-15 23:47 - 00000000 ____D C:\ProgramData\boost_interprocess 2015-11-11 14:01 - 2015-08-15 17:34 - 00000000 ____D C:\ProgramData\Origin 2015-11-11 14:01 - 2015-08-12 21:04 - 00477184 ___SH C:\Users\Tower\Desktop\Thumbs.db 2015-11-11 14:01 - 2015-08-12 10:56 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-11-11 13:58 - 2015-08-12 11:20 - 00000000 ____D C:\ProgramData\NVIDIA 2015-11-11 13:58 - 2015-08-12 11:19 - 00194264 _____ C:\WINDOWS\PFRO.log 2015-11-11 13:58 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-11-11 13:58 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2015-11-11 13:57 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-11-11 13:56 - 2015-09-02 11:13 - 00000000 ____D C:\Users\Tower\AppData\LocalLow\Temp 2015-11-11 13:28 - 2015-08-15 23:44 - 00000000 ____D C:\Users\Tower\AppData\Local\Adobe 2015-11-11 13:19 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-11-10 22:01 - 2015-08-23 12:50 - 00000000 ____D C:\Users\Tower\AppData\Roaming\TS3Client 2015-11-10 19:33 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-11-10 15:48 - 2015-08-24 19:09 - 00013119 _____ C:\WINDOWS\setupact.log 2015-11-08 22:48 - 2015-08-12 11:33 - 00000000 ____D C:\Users\Tower\AppData\Roaming\vlc 2015-11-08 22:01 - 2015-08-12 11:21 - 00000000 ____D C:\Users\Tower 2015-11-07 00:39 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF 2015-11-03 19:20 - 2015-07-10 12:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-11-03 19:20 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-11-02 18:02 - 2015-10-08 00:16 - 00000000 ____D C:\Users\Tower\Desktop\PROPHET 2015-11-02 15:21 - 2015-08-12 13:07 - 00000000 ____D C:\ProgramData\Package Cache 2015-11-01 16:55 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache 2015-11-01 16:39 - 2015-08-12 11:27 - 00002396 _____ C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2015-11-01 16:39 - 2015-08-12 08:35 - 00000000 ___RD C:\Users\Tower\OneDrive 2015-10-29 18:45 - 2015-08-12 10:03 - 00000000 ____D C:\Users\Tower\AppData\Local\Battle.net 2015-10-27 14:53 - 2015-08-24 15:27 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-10-27 14:36 - 2015-08-23 12:50 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client 2015-10-27 14:35 - 2015-08-16 19:31 - 00000000 ____D C:\Program Files (x86)\Origin 2015-10-27 14:33 - 2015-10-11 12:37 - 00000995 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk 2015-10-25 16:49 - 2015-08-15 19:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-10-24 02:41 - 2015-08-12 11:37 - 00284825 _____ C:\WINDOWS\DirectX.log 2015-10-24 02:20 - 2015-09-01 10:36 - 00000000 ____D C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2015-10-18 21:57 - 2015-08-12 11:37 - 00000000 ____D C:\Users\Tower\Documents\My Games 2015-10-16 11:44 - 2015-10-10 23:29 - 00000000 ____D C:\Users\Tower\Desktop\Timur Vernes - Er ist wieder da 2015-10-13 22:23 - 2015-10-07 19:21 - 00000000 ____D C:\Users\Tower\AppData\Roaming\uTorrent 2015-10-13 15:29 - 2015-10-07 19:23 - 00000000 ____D C:\Users\Tower\AppData\LocalLow\uTorrent ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-09-02 11:06 - 2015-05-12 17:11 - 0000034 _____ () C:\Users\Tower\AppData\Roaming\pdfdrawcodec.dll 2015-08-12 11:20 - 2015-08-12 11:20 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2015-08-24 20:19 - 2015-08-24 20:19 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt 2015-08-25 18:15 - 2015-08-25 18:15 - 0000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc Einige Dateien in TEMP: ==================== C:\Users\Tower\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-11-08 22:34 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-11-2015 durchgeführt von Tower (2015-11-11 17:55:09) Gestartet von C:\Users\Tower\Desktop Windows 10 Home (X64) (2015-08-12 10:25:38) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2297507985-1758812650-2133870427-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2297507985-1758812650-2133870427-503 - Limited - Disabled) Gast (S-1-5-21-2297507985-1758812650-2133870427-501 - Limited - Enabled) HomeGroupUser$ (S-1-5-21-2297507985-1758812650-2133870427-1007 - Limited - Enabled) Tower (S-1-5-21-2297507985-1758812650-2133870427-1001 - Administrator - Enabled) => C:\Users\Tower ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) µTorrent (HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.2.0.129 - Adobe Systems Incorporated) Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0.1 - Adobe Systems Incorporated) Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG) Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Avira Launcher (x32 Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Hidden Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.5.2.34169 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision) Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.6 - Activision) Hidden Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden Call of Duty: Black Ops III Beta (HKLM-x32\...\Steam App 388520) (Version: - Treyarch) Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine) CodeBlocks (HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team) Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd) DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.5.0.0388 - Disc Soft Ltd) Divinity: Original Sin (HKLM-x32\...\Steam App 230230) (Version: - Larian Studios) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.4.15952.12 - Electronic Arts) Frozen Synapse (HKLM-x32\...\Steam App 98200) (Version: - Mode 7) FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games) Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios) GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.) Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden HAWKEN (HKLM-x32\...\Steam App 271290) (Version: - Reloaded Games) HearthstoneTracker (HKLM-x32\...\HearthstoneTracker) (Version: 1.9.23.39449 - HearthstoneTracker.com) Intel(R) Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel) IrfanView 64 (remove only) (HKLM\...\IrfanView) (Version: 4.40 - Irfan Skiljan) iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.) Java 7 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417060FF}) (Version: 7.0.600 - Oracle) L.A. Noire (HKLM-x32\...\Steam App 110800) (Version: - Team Bondi) LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.406 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.406 - LogMeIn, Inc.) Hidden Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM-x32\...\Steam App 287700) (Version: - Konami Digital Entertainment) Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla) MusicBee 2.4 (HKLM-x32\...\MusicBee) (Version: 2.4 - Steven Mayall) No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.1 - Vitalwerks Internet Solutions LLC) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.1 - Notepad++ Team) NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.82 - NVIDIA Corporation) NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation) NVIDIA Grafiktreiber 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.82 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) Ori and the Blind Forest (HKLM-x32\...\Steam App 261570) (Version: - Moon Studios GmbH) Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.) Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden PDF24 Creator 7.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) PDFBearbeiten V2.3 (HKLM-x32\...\PDFBearbeiten_is1) (Version: - hxxp://www.PDFBearbeiten.net) PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version: - Daybreak Games) PlanetSide 2 (HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\DG0-PlanetSide 2) (Version: - Sony Online Entertainment) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) Rainbow Six Siege - Closed Beta (HKLM-x32\...\Uplay Install 1001) (Version: - Ubisoft) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.1 - Rockstar Games) SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version: - ) SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - ) Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - ) SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - ) SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - ) Samsung PC Studio 3 (x32 Version: 3.0.0.80601 - Samsung Electronics Co., Ltd.) Hidden SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden Street Fighter V Beta (HKLM-x32\...\Steam App 386800) (Version: - ) Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH) Teeworlds (HKLM-x32\...\Steam App 380840) (Version: - Teeworlds Team) This War of Mine (HKLM-x32\...\Steam App 282070) (Version: - 11 bit studios) Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts) Total War - SHOGUN 2 (HKLM-x32\...\Total War - SHOGUN 2_is1) (Version: - ) Trine 3: The Artifacts of Power (HKLM-x32\...\Steam App 319910) (Version: - Frozenbyte) Unity Web Player (HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS) Uplay (HKLM-x32\...\Uplay) (Version: 10.0 - Ubisoft) Vegas Pro 13.0 (64-bit) (HKLM\...\{386F5740-091D-11E4-B13E-F04DA23A5C58}) (Version: 13.0.373 - Sony) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) 网易云音乐 (HKLM-x32\...\网易云音乐) (Version: 1.9.1.103164 - 网易公司) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-002F69BBD7D7}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Tower\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ==================== Wiederherstellungspunkte ========================= 27-10-2015 14:53:02 Installiert Brother Software Suite 04-11-2015 14:25:03 JRT Pre-Junkware Removal 11-11-2015 13:18:54 Windows Update ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 14:25 - 2015-11-04 14:29 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {2D8ECE30-32ED-4F8E-9638-C64275D53012} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-11] (Microsoft Corporation) Task: {4F887DC4-853A-414A-AFAF-CC003426D02C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {5CED3E29-586D-48D8-ACC7-2CE3021DD750} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {67E21DB9-3BDA-46A6-BF2A-21663854C9BD} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe Task: {6E80604B-F248-4ABE-BF50-35385DC0C639} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {75599DED-4069-4648-8CE1-607683C6A986} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-12] (Google Inc.) Task: {EB12AB54-FC61-4830-9A96-A9971EFFEF12} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-12] (Google Inc.) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-08-12 12:18 - 2015-08-12 12:18 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll 2015-08-12 11:20 - 2015-08-25 16:57 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-08-19 11:24 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll 2015-08-12 11:20 - 2013-07-04 02:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe 2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-05-15 15:26 - 2015-05-15 15:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-08-29 16:47 - 2015-08-29 16:47 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe 2015-10-02 09:24 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-07-22 00:02 - 2015-07-22 00:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2012-10-01 19:34 - 2012-10-01 19:34 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2015-04-15 21:13 - 2015-04-15 21:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll 2015-10-02 09:24 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-10-02 09:24 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-10-02 09:25 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-10-02 09:24 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-10-02 09:24 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-10-02 09:24 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-07-10 12:00 - 2015-07-10 17:45 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll 2015-08-12 11:33 - 2015-08-27 01:37 - 00708216 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll 2015-08-12 11:33 - 2015-08-27 01:37 - 00854136 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll 2015-07-22 00:02 - 2015-07-22 00:02 - 31535264 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe 2015-11-11 14:03 - 2015-11-11 14:04 - 01875968 _____ () C:\Users\Tower\Desktop\ZHPCleaner.exe 2015-10-23 10:12 - 2015-10-20 15:55 - 01908040 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libglesv2.dll 2015-10-23 10:12 - 2015-10-20 15:55 - 00093512 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libegl.dll 2015-08-12 11:20 - 2015-11-11 13:58 - 00038544 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll 2015-08-12 11:20 - 2013-07-04 02:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll 2015-08-12 11:33 - 2015-08-27 01:37 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2015-08-20 14:56 - 2015-08-20 14:56 - 00182128 _____ () C:\Program Files (x86)\Netease\CloudMusic\ExceptionHandler.dll 2015-08-20 14:56 - 2015-08-20 14:56 - 08699760 _____ () C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.dll 2015-08-20 14:56 - 2015-08-20 14:56 - 38797680 _____ () C:\Program Files (x86)\Netease\CloudMusic\libcef.dll 2015-08-20 14:56 - 2015-08-20 14:56 - 02561904 _____ () C:\Program Files (x86)\Netease\CloudMusic\ffmpegsumo.dll 2015-08-20 14:56 - 2015-08-20 14:56 - 00111984 _____ () C:\Program Files (x86)\Netease\CloudMusic\libFLAC++_dynamic.dll 2015-08-20 14:56 - 2015-08-20 14:56 - 00262000 _____ () C:\Program Files (x86)\Netease\CloudMusic\libFLAC_dynamic.dll 2015-08-20 14:56 - 2015-08-20 14:56 - 00877936 _____ () C:\Program Files (x86)\Netease\CloudMusic\libglesv2.dll 2015-08-20 14:56 - 2015-08-20 14:56 - 00135024 _____ () C:\Program Files (x86)\Netease\CloudMusic\libegl.dll 2015-08-16 19:31 - 2015-10-27 14:35 - 01016832 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll 2015-08-16 19:31 - 2015-10-27 14:35 - 00028160 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll 2015-08-16 19:31 - 2015-10-27 14:35 - 00029696 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll 2015-08-16 19:31 - 2015-10-27 14:35 - 00256000 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll 2015-08-16 19:31 - 2015-10-27 14:35 - 00266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll 2015-08-16 19:31 - 2015-10-27 14:35 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll 2015-08-16 19:31 - 2015-10-27 14:35 - 00346112 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll 2015-08-16 19:31 - 2015-10-27 14:35 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll 2015-07-22 14:32 - 2015-07-22 14:32 - 36732592 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll 2015-09-02 11:03 - 2015-09-01 13:28 - 00074272 _____ () C:\Program Files (x86)\PDF24\zlib.dll 2015-09-02 11:03 - 2015-09-01 13:28 - 00051744 _____ () C:\Program Files (x86)\PDF24\OperationUI.dll 2015-07-28 16:11 - 2015-10-05 17:18 - 00778752 _____ () D:\Programme\Steam\SDL2.dll 2015-07-28 16:11 - 2015-07-03 17:12 - 04962816 _____ () D:\Programme\Steam\v8.dll 2015-07-28 16:11 - 2015-11-10 03:44 - 02541648 _____ () D:\Programme\Steam\video.dll 2015-07-28 16:11 - 2015-09-24 01:33 - 02549248 _____ () D:\Programme\Steam\libavcodec-56.dll 2015-07-28 16:11 - 2015-09-24 01:33 - 00491008 _____ () D:\Programme\Steam\libavformat-56.dll 2015-07-28 16:11 - 2015-09-24 01:33 - 00332800 _____ () D:\Programme\Steam\libavresample-2.dll 2015-07-28 16:11 - 2015-09-24 01:33 - 00442880 _____ () D:\Programme\Steam\libavutil-54.dll 2015-07-28 16:11 - 2015-09-24 01:33 - 00485888 _____ () D:\Programme\Steam\libswscale-3.dll 2015-07-28 16:11 - 2015-07-03 17:12 - 01556992 _____ () D:\Programme\Steam\icui18n.dll 2015-07-28 16:11 - 2015-07-03 17:12 - 01187840 _____ () D:\Programme\Steam\icuuc.dll 2015-07-28 16:11 - 2015-11-10 03:44 - 00806992 _____ () D:\Programme\Steam\bin\chromehtml.DLL 2015-07-28 16:11 - 2015-11-03 23:00 - 00201728 _____ () D:\Programme\Steam\bin\openvr_api.dll 2015-07-28 16:11 - 2015-10-08 23:20 - 45010208 _____ () D:\Programme\Steam\bin\libcef.dll 2015-07-28 16:11 - 2015-09-25 00:56 - 00119208 _____ () D:\Programme\Steam\winh264.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\battelog.com -> hxxps://www.battelog.com IE trusted site: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\battlefield.com -> hxxps://www.battlefield.com ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tower\Desktop\The-Witcher-3-Wild-Hunt-Sword-of-Destiny-Ultra-HD-Wallpaper-4k.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist deaktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [UDP Query User{215677AC-B348-41EA-8E64-054E930B0D2E}D:\games\hearthstone\hearthstone.exe] => (Allow) D:\games\hearthstone\hearthstone.exe FirewallRules: [TCP Query User{1F6834EA-E9EA-4661-81F6-1DBA87896036}D:\games\hearthstone\hearthstone.exe] => (Allow) D:\games\hearthstone\hearthstone.exe FirewallRules: [{62560D05-0E68-4C92-8652-79E97FA5A63E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{152FB88E-325F-4319-8919-F423068C7B85}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{3AF06DFB-CD6B-47AE-BC97-F335B05AD05C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{50226629-B020-46F4-B85B-48DA999A836D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{6DB57B98-E4FF-4D63-8E1A-DFCF8778B300}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{1BAAB5C5-A4F0-46EA-9A01-B592694C097B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{81B8C514-5E12-4762-A840-45A704554C69}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{07E84485-22C8-4A03-8DAF-AEB4A883022D}] => (Allow) D:\Programme\Steam\Steam.exe FirewallRules: [{2BCFA7B4-2341-4A3E-BBDE-5F92021931C4}] => (Allow) D:\Programme\Steam\Steam.exe FirewallRules: [{E54E2D6D-D675-4FD8-8BCE-9048E6EB69F9}] => (Allow) D:\Programme\Steam\bin\steamwebhelper.exe FirewallRules: [{D086F43C-5864-443D-A8C3-82AFED5D6D23}] => (Allow) D:\Programme\Steam\bin\steamwebhelper.exe FirewallRules: [{69CE53C6-AFAD-4DD5-8D8F-4AAABDE7F94B}] => (Allow) D:\Games\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe FirewallRules: [{67C8F4E3-E03D-4996-B96B-33679096207D}] => (Allow) D:\Games\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe FirewallRules: [{109084FB-B8E6-4541-BEA6-2AD5E43D7A23}] => (Allow) D:\Games\steamapps\common\The Witcher 3\bin\x64\witcher3.exe FirewallRules: [{F0CF891D-4E94-48CC-8A13-96209E98B07C}] => (Allow) D:\Games\steamapps\common\The Witcher 3\bin\x64\witcher3.exe FirewallRules: [TCP Query User{57195384-9343-43DF-86A7-C0D472413BEE}D:\program files (x86)\world of tanks\wotlauncher.exe] => (Allow) D:\program files (x86)\world of tanks\wotlauncher.exe FirewallRules: [UDP Query User{D07FCF13-8259-44C3-BEBA-338032B3437A}D:\program files (x86)\world of tanks\wotlauncher.exe] => (Allow) D:\program files (x86)\world of tanks\wotlauncher.exe FirewallRules: [TCP Query User{266EF9D3-30FE-48F1-AA40-5A93B0F45D03}D:\program files (x86)\world of tanks\worldoftanks.exe] => (Allow) D:\program files (x86)\world of tanks\worldoftanks.exe FirewallRules: [UDP Query User{F9B2AA14-CEBC-4632-8098-F8D72C99C64E}D:\program files (x86)\world of tanks\worldoftanks.exe] => (Allow) D:\program files (x86)\world of tanks\worldoftanks.exe FirewallRules: [{8A1A20A6-D30D-4B13-BF3A-AE0E28414132}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{7BD0F7F3-49AF-413C-A5FF-AE034AA607CC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{A8FC48FC-BA07-43E4-B6D9-708C56BEA990}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC 2015\Photoshop.exe FirewallRules: [{72849705-37C9-4060-BDC9-CEE33E0939EA}] => (Allow) D:\Games\steamapps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{2CA8930D-7020-429F-8F42-B43D15FF844D}] => (Allow) D:\Games\steamapps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{A6CD5491-F9FF-4298-9BE5-26FCB05D13B2}] => (Allow) D:\Games\steamapps\common\Divinity - Original Sin\Shipping\EoCApp.exe FirewallRules: [{7CA4CB26-0B8C-4810-9F5B-AA241CD5D79D}] => (Allow) D:\Games\steamapps\common\Divinity - Original Sin\Shipping\EoCApp.exe FirewallRules: [{BDF14615-009D-4596-8AC5-D8718DC8C429}] => (Allow) D:\Games\steamapps\common\Frozen Synapse\FrozenSynapse.exe FirewallRules: [{4363C883-4DB8-4C3A-90AB-F10D722B4913}] => (Allow) D:\Games\steamapps\common\Frozen Synapse\FrozenSynapse.exe FirewallRules: [{4B7E6B4F-0E0D-41A7-A4A9-4E21DD738937}] => (Allow) D:\Games\steamapps\common\FTL Faster Than Light\FTLGame.exe FirewallRules: [{3968E51C-72D4-4BA0-99F3-5B992E890E6F}] => (Allow) D:\Games\steamapps\common\FTL Faster Than Light\FTLGame.exe FirewallRules: [{076ED1FB-1271-4BCC-AF26-9B8154292883}] => (Allow) D:\Games\steamapps\common\Ori\ori.exe FirewallRules: [{91271E76-35CC-4814-9E5B-A88FE15CD32E}] => (Allow) D:\Games\steamapps\common\Ori\ori.exe FirewallRules: [{0BEC11EB-9A5C-4222-8BAF-B18AD7AFEBDB}] => (Allow) D:\Games\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{6CDE77F7-6DD8-4E7F-BA75-43D12A92354A}] => (Allow) D:\Games\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{EFBFE8C1-F7B0-449C-986F-0DD016DEAE27}] => (Allow) D:\Games\steamapps\common\This War of Mine\This War of Mine.exe FirewallRules: [{B828E6C0-070A-43E5-9939-A09D3E334CF0}] => (Allow) D:\Games\steamapps\common\This War of Mine\This War of Mine.exe FirewallRules: [{4BDA12D5-7BC9-40BB-A8DC-7B56F67E904E}] => (Allow) D:\Games\steamapps\common\Trine 3\trine3_launcher.exe FirewallRules: [{4C27179C-E104-4C58-A315-3E9E5DAB6A53}] => (Allow) D:\Games\steamapps\common\Trine 3\trine3_launcher.exe FirewallRules: [TCP Query User{4244FD84-9DE8-4C07-BB86-8EC1C5F24F45}D:\games\steamapps\common\trine 3\trine3_64bit.exe] => (Allow) D:\games\steamapps\common\trine 3\trine3_64bit.exe FirewallRules: [UDP Query User{52497E54-E682-4AB3-883F-849F47B23A79}D:\games\steamapps\common\trine 3\trine3_64bit.exe] => (Allow) D:\games\steamapps\common\trine 3\trine3_64bit.exe FirewallRules: [{61E3AB01-64CA-4EDB-8D42-8B0C46D1FAFB}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{3B7D9F2D-8B89-4774-8268-B52CB11C0CAB}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{02811CCC-14CA-46BA-BDD9-B19EB613CD01}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{CD7F6DA3-5642-4F69-90FD-1FCD177A8442}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{88A0DF53-007A-4168-816C-A042A5F586D1}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{95F1CA0C-6ABE-44BB-9451-813E34D976F9}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{97EF4662-8C20-4E72-8197-E9ABAF052C0A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{974261BA-2D19-402F-A90A-CCF0B9337250}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{37DB4CEE-58C9-42D4-B35C-1662D82C8D7A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{50782609-FE39-4BCD-8E3F-55EFD7AF549C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{68D279F5-6EE3-4A4D-A535-A2AE4E25B293}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{FBE9AF85-E0EC-42D9-88BB-1D5DA3F27F63}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{6145B0F5-5E48-4B99-971F-C01E517CB48B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{158BC71F-C0F4-462B-BBE5-A4D2391136B1}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{2C35DD76-FABF-49B3-86C4-B0A7A4C2F37D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{AE010B00-8F61-46F5-A274-E8C3420493E0}] => (Allow) C:\BF4\Battlefield 4\bf4_x86.exe FirewallRules: [{AFF40177-E21C-4A4D-B553-6F9BA118AEF3}] => (Allow) C:\BF4\Battlefield 4\bf4_x86.exe FirewallRules: [{4CB0CE31-0DFD-459C-889D-CFFA11AE0249}] => (Allow) C:\BF4\Battlefield 4\bf4.exe FirewallRules: [{EEB4A72A-456C-4E4A-A348-7C3AA2B01398}] => (Allow) C:\BF4\Battlefield 4\bf4.exe FirewallRules: [{436743DC-1772-4708-A4EB-E0FE3A60F26A}] => (Allow) D:\Games\steamapps\common\Call of Duty Black Ops III Beta\BlackOps3.exe FirewallRules: [{B45BAA1D-E649-4516-9537-F76D4C00702F}] => (Allow) D:\Games\steamapps\common\Call of Duty Black Ops III Beta\BlackOps3.exe FirewallRules: [{D21675F9-5B8D-475E-B6A1-2480E104FCAF}] => (Allow) D:\Games\steamapps\common\MGS_TPP\mgsvtpp.exe FirewallRules: [{370A9F65-F427-4B89-85B5-D5F0214D7A38}] => (Allow) D:\Games\steamapps\common\MGS_TPP\mgsvtpp.exe FirewallRules: [{28EA1612-19AF-4EEE-B3BA-954692851E6A}] => (Allow) C:\BF4\Battlefield 4\BF4X86WebHelper.exe FirewallRules: [{DF08077B-32BC-4009-849C-80955750613D}] => (Allow) C:\BF4\Battlefield 4\BF4X86WebHelper.exe FirewallRules: [{BB601256-8945-4C90-874A-27CD3C44788B}] => (Allow) C:\BF4\Battlefield 4\BF4WebHelper.exe FirewallRules: [{A8057CA9-268D-43FB-B024-8A22AB8790BE}] => (Allow) C:\BF4\Battlefield 4\BF4WebHelper.exe FirewallRules: [TCP Query User{3040D893-5F64-4BEE-9CE2-DF68577547C6}C:\bf4\fifa 16\fifa16.exe] => (Allow) C:\bf4\fifa 16\fifa16.exe FirewallRules: [UDP Query User{4138D23D-0C9F-4CC6-880B-171C209D1102}C:\bf4\fifa 16\fifa16.exe] => (Allow) C:\bf4\fifa 16\fifa16.exe FirewallRules: [{A3FD0448-4283-468A-99C2-68309D9AD031}] => (Allow) D:\Program Files (x86)\Ubisoft Game Launcher\games\Rainbow Six Siege - Closed Beta\RainbowSix.exe FirewallRules: [{5DD752B2-2E87-48D0-BBDC-00093E989646}] => (Allow) D:\Program Files (x86)\Ubisoft Game Launcher\games\Rainbow Six Siege - Closed Beta\RainbowSix.exe FirewallRules: [{2C2CCE4E-A1EA-4CF0-83B5-E196E55E9BC1}] => (Allow) D:\Games\steamapps\common\PlanetSide 2\LaunchPad.exe FirewallRules: [{1EF74477-6E6F-4D71-8D24-3EFDF165A04C}] => (Allow) D:\Games\steamapps\common\PlanetSide 2\LaunchPad.exe FirewallRules: [{D78CA598-FA88-49BB-A7CD-97E5BC89F748}] => (Allow) D:\Games\steamapps\common\Hawken\Binaries\Win32\HawkenGame-Win32-Shipping.exe FirewallRules: [{C243C51F-F277-47A0-8A62-064B4647E3C9}] => (Allow) D:\Games\steamapps\common\Hawken\Binaries\Win32\HawkenGame-Win32-Shipping.exe FirewallRules: [{C17B1139-63C2-4D41-85C2-DE2050AB6FA1}] => (Allow) C:\BF4\FIFA 16\fifasetup\fifaconfig.exe FirewallRules: [{D8882855-F8DF-4F53-BD02-ADC4FCDDD921}] => (Allow) C:\BF4\FIFA 16\fifasetup\fifaconfig.exe FirewallRules: [TCP Query User{F8CE605B-91E5-464C-88F2-4A3DAF6A8B24}D:\games\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) D:\games\steamapps\common\planetside 2\planetside2_x64.exe FirewallRules: [UDP Query User{4A3496E0-53BC-4D42-A622-66CCEBA7F70E}D:\games\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) D:\games\steamapps\common\planetside 2\planetside2_x64.exe FirewallRules: [{96064DD7-CE03-4F0D-B338-2D8D1E52FBB9}] => (Allow) D:\Games\steamapps\common\GarrysMod\hl2.exe FirewallRules: [{EF9EE171-C2EC-403D-A593-862522BB4E83}] => (Allow) D:\Games\steamapps\common\GarrysMod\hl2.exe FirewallRules: [TCP Query User{3161F613-58BA-490A-BF32-BB378B669BC6}C:\users\tower\downloads\lib\[www.mpc-g.com]rcktlg105\binaries\win32\rocketleague.exe] => (Allow) C:\users\tower\downloads\lib\[www.mpc-g.com]rcktlg105\binaries\win32\rocketleague.exe FirewallRules: [UDP Query User{FAE1244A-5DB1-47E3-B4B4-E15817C68733}C:\users\tower\downloads\lib\[www.mpc-g.com]rcktlg105\binaries\win32\rocketleague.exe] => (Allow) C:\users\tower\downloads\lib\[www.mpc-g.com]rcktlg105\binaries\win32\rocketleague.exe FirewallRules: [{6794FD39-FAD4-4CE1-BFF0-9110FE13801F}] => (Allow) C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{4D402FFE-0A88-4204-9D26-F66313A82FBD}] => (Allow) C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{49414156-6D04-4ED4-843D-44E19C46866C}] => (Allow) C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{8AD2136B-FD93-4F18-A945-D2E70D07B6E8}] => (Allow) C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{7935BB68-7D2C-4E8A-B506-E95946F20444}] => (Allow) C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{19FD221F-0A03-43F3-8919-B3992E72175E}] => (Allow) C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{5F58A196-190C-486C-BFC3-DC39693AC853}D:\program files (x86)\total war - shogun 2\shogun2.exe] => (Allow) D:\program files (x86)\total war - shogun 2\shogun2.exe FirewallRules: [UDP Query User{7D8AA4CC-F861-47F0-9842-317D204A9198}D:\program files (x86)\total war - shogun 2\shogun2.exe] => (Allow) D:\program files (x86)\total war - shogun 2\shogun2.exe FirewallRules: [{640B579A-8F7C-40D3-86A5-25A0E53B9B96}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe FirewallRules: [{51CD6A31-7EB4-49F4-BA82-2700A2428173}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe FirewallRules: [{83277662-335B-4596-A8A1-185AC754DE67}] => (Allow) D:\Games\steamapps\common\Teeworlds\teeworlds.exe FirewallRules: [{251D4361-3957-4E8A-8CCF-583405B6A0BA}] => (Allow) D:\Games\steamapps\common\Teeworlds\teeworlds.exe FirewallRules: [{8EF908CA-3F7A-4C61-B3A3-E7BCD95F4AEF}] => (Allow) D:\Games\steamapps\common\L.A.Noire\LANLauncher.exe FirewallRules: [{08C86DD2-F657-4DF3-BB92-2F40D37D1402}] => (Allow) D:\Games\steamapps\common\L.A.Noire\LANLauncher.exe FirewallRules: [{B0777CE3-1F8E-4180-9C31-18C5F3B19A39}] => (Allow) D:\Games\Titanfall\Titanfall.exe FirewallRules: [{0D19F0F3-324A-4D66-85B4-94F8CD4BA36F}] => (Allow) D:\Games\Titanfall\Titanfall.exe FirewallRules: [TCP Query User{A90948F1-0257-4F3E-A2B0-24A88EF02EF9}D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{1C09ABD3-1321-4D90-8AA9-8E02EFBC285F}D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{346C6197-2990-41F2-A816-B2AC493AB97C}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{54CB7B40-80F0-4E83-AF83-696FA9E2E203}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [{31981CE6-90D0-4002-8284-213407374F40}] => (Allow) D:\Games\steamapps\common\Team Fortress 2\hl2.exe FirewallRules: [{360DD666-147F-465D-B92F-5EE5ABACFBD9}] => (Allow) D:\Games\steamapps\common\Team Fortress 2\hl2.exe FirewallRules: [TCP Query User{615D134D-28D0-4ADE-AA26-9F09B503E8F8}D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe] => (Allow) D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe FirewallRules: [UDP Query User{04594715-5C3D-4CA3-B4D4-9A6300CC718A}D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe] => (Allow) D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe FirewallRules: [{998C1B58-163B-476D-AF20-0AC2110B2BDC}] => (Allow) D:\Games\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{FD6686CE-F6FE-4BD0-83F1-ECAB9B09A597}] => (Allow) D:\Games\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{72F906CB-AD23-4E4A-BF4D-D37FEFD163FF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{E74C905D-ED71-45D6-BBD4-1579A84E6195}] => (Allow) D:\Games\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{9824A515-66D8-4007-B4AF-F4A54DC532B9}] => (Allow) D:\Games\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{E60C9963-847C-4B88-B53C-4CAF9D696165}] => (Allow) D:\Games\steamapps\common\StreetFighterVBeta\StreetFighterVBeta.exe FirewallRules: [{75FEF355-9E2C-4DCE-B3F0-61D8CF3DE1C5}] => (Allow) D:\Games\steamapps\common\StreetFighterVBeta\StreetFighterVBeta.exe FirewallRules: [{DBE33EBB-49E7-4198-960A-BC4B7EA46CAB}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [{09E3F538-B087-48B5-BAB4-45CCF1CAC801}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [{E81C4C61-4ECD-412D-BDB9-F223447A610A}] => (Allow) D:\Games\steamapps\common\Super Street Fighter IV - Arcade Edition\SSFIV.exe FirewallRules: [{F24956A8-4923-4429-9A31-7AD4C7BFFB10}] => (Allow) D:\Games\steamapps\common\Super Street Fighter IV - Arcade Edition\SSFIV.exe FirewallRules: [{AEBD6FD7-156D-4F0E-9C9F-E01A8E5FE337}] => (Allow) D:\Games\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{85EFCEED-92F1-468D-A63B-4B9283AC50D7}] => (Allow) D:\Games\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: SM-Bus-Controller Description: SM-Bus-Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.) Description: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.) Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard-USB-Hostcontroller) Service: Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (11/11/2015 03:27:51 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest. Error: (11/11/2015 02:16:23 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest. Error: (11/11/2015 02:16:21 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest. Error: (11/11/2015 02:16:18 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest. Error: (11/11/2015 02:05:08 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm ZHPCleaner.exe, Version 2015.11.11.376 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1dc0 Startzeit: 01d11c8170b6aefe Beendigungszeit: 4294967295 Anwendungspfad: C:\Users\Tower\Desktop\ZHPCleaner.exe Berichts-ID: d33e7483-8874-11e5-82a9-1c872c435803 Vollständiger Name des fehlerhaften Pakets: Auf das fehlerhafte Paket bezogene Anwendungs-ID: Error: (11/11/2015 01:58:41 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Local Hostname Tower-PC.local already in use; will try Tower-PC-2.local instead Error: (11/11/2015 01:58:41 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: ProbeCount 0; will deregister 4 Tower-PC.local. Addr 192.168.0.10 Error: (11/11/2015 01:58:41 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.0.10:5353 16 Tower-PC.local. AAAA 2A02:810D:29BF:ED58:0000:0000:0000:0002 Error: (11/11/2015 01:18:55 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (11/11/2015 01:08:52 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Local Hostname Tower-PC.local already in use; will try Tower-PC-2.local instead Systemfehler: ============= Error: (11/11/2015 03:07:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (11/11/2015 03:07:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht. Error: (11/11/2015 02:59:22 PM) (Source: bowser) (EventID: 8003) (User: ) Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "BEKKI-PC", der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{248C2F9A-A959-44E0-89C4-FB5FEECE3233}-Transport zu sein scheint. Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen. Error: (11/11/2015 02:18:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 Error: (11/11/2015 02:18:23 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Tower\AppData\Local\Temp\ehdrv.sys Error: (11/11/2015 02:18:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 Error: (11/11/2015 02:18:22 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Tower\AppData\Local\Temp\ehdrv.sys Error: (11/11/2015 02:18:22 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\Tower\AppData\Local\Temp\ehdrv.sys Error: (11/11/2015 02:18:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 Error: (11/11/2015 02:17:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 CodeIntegrity: =================================== Date: 2015-11-11 15:13:56.617 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-11 15:13:56.608 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-11 15:13:41.416 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-11 15:13:41.407 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-11 14:54:58.473 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-11 14:29:14.065 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-11 14:29:14.054 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-11 14:28:59.290 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-11 14:28:59.278 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-11 14:05:04.609 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz Prozentuale Nutzung des RAM: 28% Installierter physikalischer RAM: 16326.53 MB Verfügbarer physikalischer RAM: 11607.41 MB Summe virtueller Speicher: 18758.53 MB Verfügbarer virtueller Speicher: 12073.67 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:232.1 GB) (Free:54.1 GB) NTFS Drive d: (Games/Programme) (Fixed) (Total:1863.01 GB) (Free:1041.73 GB) NTFS Drive e: (Daten) (Fixed) (Total:1863.01 GB) (Free:1860.36 GB) NTFS Drive f: (GUARDIANS_OF_THE_GALAXY) (CDROM) (Total:43.6 GB) (Free:0 GB) UDF ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 1863 GB) (Disk ID: 12F312F3) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 82563300) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=232.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ======================================================== Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 1863 GB) (Disk ID: 117B117C) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt ============================ |
11.11.2015, 17:58 | #15 |
| Virusname: "searchinterneat-a.akamaihd". Öffnet selbstständig Browser-FensterCode:
ATTFilter Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version:05-11-2015 durchgeführt von Tower (2015-11-11 17:55:41) Gestartet von C:\Users\Tower\Desktop Start-Modus: Normal ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\01 - File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\03 - Documents.lnk -> C:\Users\Tower\Documents () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\04 - Downloads.lnk -> C:\Users\Tower\Downloads () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\05 - Music.lnk -> C:\Users\Tower\Music () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\06 - Pictures.lnk -> C:\Users\Tower\Pictures () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\07 - Videos.lnk -> C:\Users\Tower\Videos () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\10 - UserProfile.lnk -> C:\Users\Tower () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.lnk -> C:\Program Files\Adobe\Adobe Photoshop CC 2015\Photoshop.exe (Adobe Systems, Incorporated) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk -> C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Devices Flow.lnk -> C:\Windows\DevicesFlow\DevicesFlow.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk -> C:\Program Files\GIMP 2\bin\gimp-2.8.exe (Spencer Kimball, Peter Mattis and the GIMP Development Team) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk -> C:\Windows\MiracastView\MiracastView.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk -> C:\Windows\PrintDialog\PrintDialog.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\网易云音乐.lnk -> C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe (NetEase) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\网易云音乐\卸载网易云音乐.lnk -> C:\Program Files (x86)\Netease\CloudMusic\UnInstall.exe (网易公司) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\网易云音乐\网易云音乐.lnk -> C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe (NetEase) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Was ist neu.lnk -> C:\Program Files (x86)\Winamp\whatsnew.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Winamp deinstallieren.lnk -> C:\Program Files (x86)\Winamp\UninstWA.exe (Nullsoft, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Winamp.lnk -> C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft, Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Titanfall\Kundendienst.lnk -> D:\Games\Titanfall\Support\EA Help\Kundendienst.rtf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Titanfall\Titanfall Endbenutzer-Lizenzvertrag.lnk -> D:\Games\Titanfall\Support\eula\de_DE_eula.rtf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Titanfall\Titanfall.lnk -> D:\Games\Titanfall\Titanfall.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\Uninstall.lnk -> C:\Program Files\TeamSpeak 3 Client\Uninstall.exe (TeamSpeak Systems GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Vegas Pro 13.0\Vegas Pro 13.0 (64-bit).lnk -> C:\Program Files\Sony\Vegas Pro 13.0\vegas130.exe (Sony Creative Software Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Vegas Pro 13.0\Vegas Pro 13.0 Liesmich.lnk -> C:\Program Files\Sony\Vegas Pro 13.0\Readme\Vegas_readme_deu.htm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA\Total War - SHOGUN 2\Total War - SHOGUN 2 entfernen.lnk -> D:\Program Files (x86)\Total War - SHOGUN 2\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA\Total War - SHOGUN 2\Total War - SHOGUN 2.lnk -> D:\Program Files (x86)\Total War - SHOGUN 2\Shogun2.exe (The Creative Assembly Ltd) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung PC Studio 3\Multimedia Manager.lnk -> C:\Program Files (x86)\Samsung\Samsung PC Studio 3\Launcher.exe (Keine Datei) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung PC Studio 3\Multimedia Player.lnk -> C:\Program Files (x86)\Samsung\Samsung PC Studio 3\Multimedia player.exe (Keine Datei) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung PC Studio 3\Samsung PC Studio 3.lnk -> C:\Program Files (x86)\Samsung\Samsung PC Studio 3\Launcher.exe (Keine Datei) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Smart Switch PC\Smart Switch.lnk -> C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPC.exe (Samsung) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFBearbeiten\PDF Bearbeiten entfernen.lnk -> C:\Program Files (x86)\PDFBearbeiten\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFBearbeiten\PDF Bearbeiten.lnk -> C:\Program Files (x86)\PDFBearbeiten\splash.exe (hxxp://www.PDFBearbeiten.net) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24\PDF24 Creator.lnk -> C:\Program Files (x86)\PDF24\pdf24-Creator.exe (Geek Software GmbH) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24\PDF24 Fax.lnk -> C:\Program Files (x86)\PDF24\pdf24-Fax.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin Fehlermelder.lnk -> C:\Program Files (x86)\Origin\OriginER.exe (Electronic Arts) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\LaunchGFExperience.exe (NVIDIA Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe (NVIDIA Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++\Notepad++.lnk -> C:\Program Files (x86)\Notepad++\notepad++.exe (Don HO don.h@free.fr) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft.lnk -> D:\Games\Minecraft\MinecraftLauncher.exe (Mojang) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\accicons.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\xlicons.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Filler 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\inficon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Lync 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\lyncicon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\joticon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\outicon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\pptico.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\pubs.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Send to OneNote 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\joticon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\SkyDrive Pro 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\grv_icons.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\wordicon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Database Compare 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\dbcicons.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Lync Recording Manager.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\lyncicon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Office 2013 Language Preferences.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\misc.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Office 2013 Upload Center.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\msouc.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Spreadsheet Compare 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\sscicons.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Telemetry Dashboard for Office 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\osmadminicon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Telemetry Log for Office 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\osmclienticon.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \Malwarebytes Anti-Malware entfernen.lnk -> C:\Program Files (x86)\ Malwarebytes Anti-Malware \unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \Malwarebytes Anti-Malware Notifications.lnk -> C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Malwarebytes) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware .lnk -> C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Malwarebytes) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\ Malwarebytes Anti-Malware \Chameleon\Windows\chameleon.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\LogMeIn Hamachi.lnk -> C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files\Java\jre7\bin\javacpl.exe (Oracle Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\Über iTunes.lnk -> C:\Program Files\iTunes\iTunes.Resources\de.lproj\About iTunes.rtf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 16\FIFA 16 Endbenutzer-Lizenzvertrag.lnk -> C:\BF4\FIFA 16\Support\eula\de_DE_eula.rtf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 16\FIFA 16.lnk -> C:\BF4\FIFA 16\fifa16.exe (Electronic Arts) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 16\Kundendienst.lnk -> C:\BF4\FIFA 16\Support\EA Help\Kundendienst.rtf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 16\Readme.lnk -> C:\BF4\FIFA 16\Support\readme\readme.de.txt () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro\DAEMON Tools Pro.lnk -> C:\Program Files (x86)\DAEMON Tools Pro\DTPro.exe (Disc Soft Ltd) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro\Image Editor.lnk -> C:\Program Files (x86)\DAEMON Tools Pro\DTImgEditor.exe (Disc Soft Ltd) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\DAEMON Tools Lite.lnk -> C:\Program Files\DAEMON Tools Lite\DTLauncher.exe (Disc Soft Ltd) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks\CodeBlocks.lnk -> C:\Program Files (x86)\CodeBlocks\codeblocks.exe (Code::Blocks Team) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine 6.4 (32-bit).lnk -> C:\Program Files (x86)\Cheat Engine 6.4\cheatengine-i386.exe (Cheat Engine) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine 6.4 (64-bit).lnk -> C:\Program Files (x86)\Cheat Engine 6.4\cheatengine-x86_64.exe (Cheat Engine) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine 6.4.lnk -> C:\Program Files (x86)\Cheat Engine 6.4\Cheat Engine.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine help.lnk -> C:\Program Files (x86)\Cheat Engine 6.4\CheatEngine.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine tutorial.lnk -> C:\Program Files (x86)\Cheat Engine 6.4\Tutorial-i386.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Reset settings.lnk -> C:\Program Files (x86)\Cheat Engine 6.4\ceregreset.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Uninstall Cheat Engine.lnk -> C:\Program Files (x86)\Cheat Engine 6.4\unins000.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Kernel stuff\Unload kernel module.lnk -> C:\Program Files (x86)\Cheat Engine 6.4\Kernelmoduleunloader.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4\Battlefield 4 Endbenutzer-Lizenzvertrag.lnk -> C:\BF4\Battlefield 4\Support\eula\de_DE_eula.rtf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4\Battlefield 4(64 bit).lnk -> C:\BF4\Battlefield 4\BF4WebHelper.exe (EA Digital Illusions CE AB) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4\Battlefield 4.lnk -> C:\BF4\Battlefield 4\BF4X86WebHelper.exe (EA Digital Illusions CE AB) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4\Kundendienst.lnk -> C:\BF4\Battlefield 4\Support\EA Help\Kundendienst.rtf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Antivirus\Avira Antivirus Hilfe.lnk -> C:\Program Files (x86)\Avira\Antivirus\208\avwin.chm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Antivirus\Avira Antivirus starten.lnk -> C:\Program Files (x86)\Avira\Antivirus\avcenter.exe (Avira Operations GmbH & Co. KG) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Antivirus\Avira im Internet.lnk -> C:\Program Files (x86)\Avira\Antivirus\weblink.url () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision\Call of Duty(R) 4 - Modern Warfare(TM)\Call of Duty(R) 4 - Modern Warfare(TM) Multiplayer.lnk -> C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision\Call of Duty(R) 4 - Modern Warfare(TM)\Call of Duty(R) 4 - Modern Warfare(TM) Singleplayer.lnk -> C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3sp.exe () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision\Call of Duty(R) 4 - Modern Warfare(TM)\Documentation\Call of Duty(R) 4 - Modern Warfare(TM) Manual.lnk -> C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\Docs\manual.pdf () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision\Call of Duty(R) 4 - Modern Warfare(TM)\Documentation\Customer Support.lnk -> C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\Docs\Help\customer_support.htm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision\Call of Duty(R) 4 - Modern Warfare(TM)\Documentation\Readme.lnk -> C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\Docs\Help\readme.htm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision\Call of Duty(R) 4 - Modern Warfare(TM)\Documentation\Technical Help.lnk -> C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\Docs\help.htm () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk -> C:\Users\Tower\Documents () Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk -> C:\Users\Tower\Pictures () Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) Shortcut: C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Multiplayer.lnk -> C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe () Shortcut: C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Singleplayer.lnk -> C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3sp.exe () Shortcut: C:\Users\Public\Desktop\DAEMON Tools Lite.lnk -> C:\Program Files\DAEMON Tools Lite\DTLauncher.exe (Disc Soft Ltd) Shortcut: C:\Users\Public\Desktop\FIFA 16.lnk -> C:\BF4\FIFA 16\fifa16.exe (Electronic Arts) Shortcut: C:\Users\Public\Desktop\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Inc.) Shortcut: C:\Users\Public\Desktop\LogMeIn Hamachi.lnk -> C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) Shortcut: C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk -> C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Malwarebytes) Shortcut: C:\Users\Public\Desktop\Minecraft.lnk -> D:\Games\Minecraft\MinecraftLauncher.exe (Mojang) Shortcut: C:\Users\Public\Desktop\PDF Bearbeiten.lnk -> C:\Program Files (x86)\PDFBearbeiten\splash.exe (hxxp://www.PDFBearbeiten.net) Shortcut: C:\Users\Public\Desktop\Titanfall.lnk -> D:\Games\Titanfall\Titanfall.exe () Shortcut: C:\Users\Public\Desktop\Total War - SHOGUN 2.lnk -> D:\Program Files (x86)\Total War - SHOGUN 2\Shogun2.exe (The Creative Assembly Ltd) Shortcut: C:\Users\Public\Desktop\Winamp.lnk -> C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft, Inc.) Shortcut: C:\Users\Tower\Links\Desktop.lnk -> C:\Users\Tower\Desktop () Shortcut: C:\Users\Tower\Links\Downloads.lnk -> C:\Users\Tower\Downloads () Shortcut: C:\Users\Tower\Desktop\DUC (2).lnk -> C:\Program Files (x86)\No-IP\DUC40.exe () Shortcut: C:\Users\Tower\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) Shortcut: C:\Users\Tower\Desktop\HearthstoneTracker.lnk -> C:\Program Files (x86)\HearthstoneTracker\HearthCap.exe (HearthstoneTracker.com) Shortcut: C:\Users\Tower\Desktop\Open Broadcaster Software.lnk -> C:\Program Files (x86)\OBS\OBS.exe () Shortcut: C:\Users\Tower\Desktop\RocketLeague - Shortcut.lnk -> C:\Users\Tower\Downloads\lib\[www.mpc-g.com]RcktLg105\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) Shortcut: C:\Users\Tower\Desktop\Uplay.lnk -> D:\Program Files (x86)\Ubisoft Game Launcher\Uplay.exe (Ubisoft) Shortcut: C:\Users\Tower\Desktop\ZHPCleaner.lnk -> C:\Users\Tower\AppData\Roaming\ZHP\ZHPCleaner.exe () Shortcut: C:\Users\Tower\Desktop\µTorrent.lnk -> C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\MinGW Installation Manager.lnk -> C:\MinGW\libexec\mingw-get\guimain.exe (MinGW.org Project) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -> C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Battle.lnk -> D:\Programme\Battle.net\Battle.net.exe (Blizzard Entertainment) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView 64.lnk -> C:\Program Files\IrfanView\i_view64.exe (Irfan Skiljan) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Tower\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Origin.lnk -> D:\Origin\Origin.exe (Electronic Arts) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam.lnk -> D:\Programme\Steam\Steam.exe (Valve Corporation) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uplay.lnk -> D:\Ubisoft Game Launcher\Uplay.exe (Ubisoft) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt () Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm () Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt () Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uninstall.lnk -> D:\Program Files (x86)\Ubisoft Game Launcher\Uninstall.exe (Ubisoft) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uplay.lnk -> D:\Program Files (x86)\Ubisoft Game Launcher\Uplay.exe (Ubisoft) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> D:\Programme\Steam\Steam.exe (Valve Corporation) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software\Open Broadcaster Software (32bit).lnk -> C:\Program Files (x86)\OBS\OBS.exe () Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software\Open Broadcaster Software (64bit).lnk -> C:\Program Files\OBS\OBS.exe () Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software\Uninstall.lnk -> C:\Program Files (x86)\OBS\uninstall.exe () Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC\DUC.lnk -> C:\Program Files (x86)\No-IP\DUC40.exe () Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC\License.lnk -> C:\Program Files (x86)\No-IP\License.txt () Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC\Uninstall.lnk -> C:\Program Files (x86)\No-IP\Uninstall.exe () Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MusicBee\MusicBee.lnk -> D:\MusicBee\MusicBee.exe (Steven Mayall) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MusicBee\Uninstall MusicBee.lnk -> D:\MusicBee\Uninstall.exe () Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthstoneTracker\HearthstoneTracker.lnk -> C:\Program Files (x86)\HearthstoneTracker\HearthCap.exe (HearthstoneTracker.com) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthstoneTracker\Uninstall.lnk -> C:\Program Files (x86)\HearthstoneTracker\uninstall.exe (HearthstoneTracker.com) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks\CB Share Config.lnk -> C:\Program Files (x86)\CodeBlocks\cb_share_config.exe () Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks\Code Snippets.lnk -> C:\Program Files (x86)\CodeBlocks\codesnippets.exe () Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks\CodeBlocks.lnk -> C:\Program Files (x86)\CodeBlocks\codeblocks.exe (Code::Blocks Team) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks\Uninstall CodeBlocks.lnk -> C:\Program Files (x86)\CodeBlocks\uninstall.exe (The Code::Blocks Team) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\SendTo\PDF24 Creator.lnk -> C:\Program Files (x86)\PDF24\pdf24-DocTool.exe (Geek Software GmbH) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\CodeBlocks.lnk -> C:\Program Files (x86)\CodeBlocks\codeblocks.exe (Code::Blocks Team) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PDF Bearbeiten.lnk -> C:\Program Files (x86)\PDFBearbeiten\splash.exe (hxxp://www.PDFBearbeiten.net) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung PC Studio 3.lnk -> C:\Program Files (x86)\Samsung\Samsung PC Studio 3\Launcher.exe (Keine Datei) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Smart Switch.lnk -> C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPC.exe (Samsung) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk -> C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft, Inc.) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -> C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\LaunchGFExperience.exe (NVIDIA Corporation) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Open Broadcaster Software.lnk -> C:\Program Files (x86)\OBS\OBS.exe () Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Smart Switch.lnk -> C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPC.exe (Samsung) Shortcut: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) Shortcut: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) Shortcut: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () Shortcut: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc () Shortcut: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation) Shortcut: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) Shortcut: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> -sta {C90FB8CA-3295-4462-A721-2935E83694BA} ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Winamp (Abgesicherter Modus).lnk -> C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft, Inc.) -> /SAFE=1 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung PC Studio 3\Uninstall Samsung PC Studio 3.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe (Macrovision Corporation) -> /L000407 /removeonly Uninstall ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Smart Switch PC\Uninstall Smart Switch.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}\setup.exe (Samsung Electronics Co., Ltd.) -> /removeonly ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /show ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Designer 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\inficon.exe () -> /design ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\Uninstall.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i {38DAAEA7-903D-4FBF-A5D3-F7EB8F83782A} REMOVE=ALL ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab about ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab update ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\main.lua.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) -> C:\Program Files (x86)\Cheat Engine 6.4\main.lua ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Launcher.lnk -> C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Avira Operations GmbH & Co. KG) -> /showMiniGui ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision\Call of Duty(R) 4 - Modern Warfare(TM)\Uninstall Call of Duty(R) 4 - Modern Warfare(TM).lnk -> C:\Program Files (x86)\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\uninstall.exe (Activision ) -> -runfromtemp -l0x0409 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1} ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0 ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} ShortcutWithArgument: C:\Users\Public\Desktop\Avira Launcher.lnk -> C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Avira Operations GmbH & Co. KG) -> /showMiniGui ShortcutWithArgument: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo ShortcutWithArgument: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E} ShortcutWithArgument: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager ShortcutWithArgument: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System ShortcutWithArgument: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions ShortcutWithArgument: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures ShortcutWithArgument: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0} ShortcutWithArgument: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D} ShortcutWithArgument: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0 ShortcutWithArgument: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257} InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFBearbeiten\PDF Bearbeiten im Internet.url -> hxxp://www.PDFBearbeiten.net InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro\Online Help.URL -> hxxp://www.daemonpro.com/help/ InternetURL: C:\Users\Tower\Favorites\Bing.url -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255142 InternetURL: C:\Users\Tower\Favorites\ASUS E-Service\ASUS Homepage.url -> hxxp://www.asus.com/ InternetURL: C:\Users\Tower\Favorites\ASUS E-Service\ASUS Member.url -> hxxp://member.asus.com/ InternetURL: C:\Users\Tower\Favorites\ASUS E-Service\ASUS Software Download.url -> hxxp://support.asus.com/download InternetURL: C:\Users\Tower\Favorites\ASUS E-Service\ASUS Technical Support.url -> hxxp://support.asus.com/ InternetURL: C:\Users\Tower\Downloads\lib\The REVOLT Forum.url -> hxxp://revolt.loginto.me/ InternetURL: C:\Users\Tower\Downloads\lib\[www.mpc-g.com]RcktLg105\Binaries\Win32\The REVOLT Forum.url -> hxxp://revolt.loginto.me/ InternetURL: C:\Users\Tower\Desktop\Rainbow Six Siege - Closed Beta.url -> uplay://launch/1001/0 InternetURL: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Company of Heroes 2.url -> steam://rungameid/231430 InternetURL: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Counter-Strike Global Offensive.url -> steam://rungameid/730 InternetURL: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Garry's Mod.url -> steam://rungameid/4000 InternetURL: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\HAWKEN.url -> steam://rungameid/271290 InternetURL: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\L.A. Noire.url -> steam://rungameid/110800 InternetURL: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\METAL GEAR SOLID V THE PHANTOM PAIN.url -> steam://rungameid/287700 InternetURL: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\PlanetSide 2.url -> steam://rungameid/218230 InternetURL: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Rocket League.url -> steam://rungameid/252950 InternetURL: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Street Fighter V Beta.url -> steam://rungameid/386800 InternetURL: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Team Fortress 2.url -> steam://rungameid/440 InternetURL: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Teeworlds.url -> steam://rungameid/380840 ==================== Ende von Shortcut.txt ============================= Geändert von Redgrieve (11.11.2015 um 18:06 Uhr) |
Themen zu Virusname: "searchinterneat-a.akamaihd". Öffnet selbstständig Browser-Fenster |
anleitung, anschluss, appdata, avira, einfach, eingefangen, erkannt, firefox, gelöscht, gen, google, guten, installiert, kostenlose, log, malwarebytes, mozilla, neue, neuen, programm, roaming, tab, virus, websites, windows |