Virusname: "searchinterneat-a.akamaihd". Öffnet selbstständig Browser-Fenster

Redgrieve · 02.11.2015, 19:11

Guten Abend Trojaner-Board Community

Und zwar habe ich mir einen Plagegeist eingefangen der wohl unter den Namen
"searchinterneat-a.akamaihd" im Netz bekannt zu sein scheint.

Ich habe mehrere Anleitung im Netz durchgelesen und hier auch die Suchfunktion genutzt.
Aber ich habe kein Programm welches unseriös wirken würde installiert, welches ich nun deinstallieren könnte.

Desweiteren habe ich alle Chrome Extentions gelöscht und einen neuen Nutzer angelegt. Avira und Malwarebytes konnten den Frechdachs auch nicht aufspüren.

Der Virus äußert sich wie folgt:
IMMER wenn ich einen neuen Tab öffne, kommt eine Yahoo-Startseite.
Desöfteren erscheint diese auch wenn ich bspw. Google oder andere Websites eingebe.

Wenn ich in Google einen Suchbegriff eingebe, werde ich einfach auf diese Yahoo-Site verwiesen.

Im Anschluss folgt der Malware-Bytes Log,

Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlaufdatum: 02.11.2015
Suchlaufzeit: 18:17
Protokolldatei: malware bytes.txt
Administrator: Ja
Version: 2.2.0.1024
Malware-Datenbank: v2015.11.02.04
Rootkit-Datenbank: v2015.10.28.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Tower
Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 381664
Abgelaufene Zeit: 4 Min., 41 Sek.
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(keine bösartigen Elemente erkannt)
Module: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswerte: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Dateien: 1
PUP.Optional.Yontoo, C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default\extensions\{811c6c06-2e47-4388-b9e3-03f23e3139de}.xpi, , [75c780f99deecb6ba2b1eadf05fe4eb2],
Physische Sektoren: 0
(keine bösartigen Elemente erkannt)

(end)

Avira findet gar nichts.

Danke und grüße,
Red

M-K-D-B · 02.11.2015, 19:14

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

Redgrieve · 02.11.2015, 19:33

Dankesehr. Hoffe ich habe es richtig gemacht.

FRST:

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-10-2015
durchgeführt von Tower (Administrator) auf TOWER-PC (02-11-2015 19:19:16)
Gestartet von C:\Users\Tower\Downloads
Geladene Profile: Tower &  (Verfügbare Profile: Tower)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\System32\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(NetEase) C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe
(NetEase) C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe
(NetEase) C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) D:\Programme\Steam\Steam.exe
(Valve Corporation) D:\Programme\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) D:\Programme\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) D:\Programme\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-07-22] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2303152 2015-07-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [218656 2015-09-01] (Geek Software GmbH)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-10-26] (LogMeIn Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782520 2015-10-05] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\Run: [cloudmusic] => C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe [356720 2015-08-20] (NetEase)
HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3638256 2015-10-27] (Electronic Arts)
HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3129560 2014-02-24] (Disc Soft Ltd)
HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\MountPoints2: {b3db381f-6cef-11e5-8288-1c872c435803} - "H:\setup.exe" 
HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [cloudmusic] => C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe [356720 2015-08-20] (NetEase)
HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3638256 2015-10-27] (Electronic Arts)
HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3129560 2014-02-24] (Disc Soft Ltd)
HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b3db381f-6cef-11e5-8288-1c872c435803} - "H:\setup.exe" 
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{248c2f9a-a959-44e0-89c4-fb5feece3233}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.asus.com/
HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.asus.com/
HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-10-10] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-10-10] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default
FF Homepage: hxxps://www.malwarebytes.org/restorebrowser//h?eq=U0EeCFZVBB8SRggSJAkKV11EEhgbJAwOTA1BFwQOIlsPAxRDFgcWIwEMU19AEFQFIk0FA18DB0VXfV9eFElXTwhxJUpNDU0CaUBB
FF SelectedSearchEngine: Default
FF DefaultSearchEngine: Default
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-10-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-10-10] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-07-23] (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-07-23] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2297507985-1758812650-2133870427-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tower\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tower\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default\user.js [2015-11-01]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Extension: Avira Browser Safety - C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default\Extensions\abs@avira.com [2015-11-02] [ist nicht signiert]
FF Extension: Avira SafeSearch Plus - C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default\Extensions\safesearchplus@avira.com [2015-11-02] [ist nicht signiert]

Chrome: 
=======
CHR NewTab: Profile 1 -> "chrome-extension://khjilmcjipkeokomeekfnhkpbnhmgaje/html/newtab.html"
CHR DefaultSearchURL: Profile 1 -> hxxps://safesearch.avira.com/#web/result?source=omnibar&q={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> Avira
CHR DefaultSuggestURL: Profile 1 -> hxxps://safesearch.avira.com/suggestions?q={searchTerms}&li=ff&hl=en
CHR Profile: C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Default
CHR Profile: C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-02]
CHR Extension: (Google Docs) - C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-02]
CHR Extension: (Google Drive) - C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-02]
CHR Extension: (YouTube) - C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-02]
CHR Extension: (Google Search) - C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (Google Sheets) - C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-02]
CHR Extension: (Avira Browser Safety) - C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-11-02]
CHR Extension: (Google Docs Offline) - C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-02]
CHR Extension: (Avira SafeSearch) - C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjilmcjipkeokomeekfnhkpbnhmgaje [2015-11-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-02]
CHR Extension: (Gmail) - C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-02]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [680112 2015-07-22] (Adobe Systems Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [932912 2015-10-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-10-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-10-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1147720 2015-10-05] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [243968 2015-10-14] (Avira Operations GmbH & Co. KG)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-10-26] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2099208 2015-10-27] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2015-08-29] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2015-08-29] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-10-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-10-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-10-05] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-10-05] (Avira Operations GmbH & Co. KG)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-10-07] (Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2015-08-25] (Disc Soft Ltd)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] ()
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-02 19:19 - 2015-11-02 19:19 - 00026211 _____ C:\Users\Tower\Downloads\FRST.txt
2015-11-02 19:19 - 2015-11-02 19:19 - 00000000 ____D C:\FRST
2015-11-02 19:18 - 2015-11-02 19:19 - 02198016 _____ (Farbar) C:\Users\Tower\Downloads\FRST64.exe
2015-11-02 19:04 - 2015-11-02 19:04 - 00016148 _____ C:\WINDOWS\system32\TOWER-PC_Tower_HistoryPrediction.bin
2015-11-02 18:23 - 2015-11-02 18:23 - 00001356 _____ C:\Users\Tower\Desktop\malware bytes.txt
2015-11-02 15:24 - 2015-11-02 15:24 - 00000000 ____D C:\Users\Tower\AppData\Roaming\Avira
2015-11-02 15:22 - 2015-10-05 15:51 - 00148632 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-11-02 15:22 - 2015-10-05 15:51 - 00137800 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-11-02 15:22 - 2015-10-05 15:51 - 00074440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-11-02 15:22 - 2015-10-05 15:51 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2015-11-02 15:21 - 2015-11-02 15:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-11-02 15:21 - 2015-11-02 15:22 - 00000000 ____D C:\ProgramData\Avira
2015-11-02 15:21 - 2015-11-02 15:22 - 00000000 ____D C:\Program Files (x86)\Avira
2015-11-02 15:21 - 2015-11-02 15:21 - 00001287 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-11-02 15:20 - 2015-11-02 15:21 - 04577440 _____ (Avira Operations GmbH & Co. KG) C:\Users\Tower\Downloads\avira_de_av_563771342a8bc__ws.exe
2015-11-02 15:17 - 2015-11-02 15:17 - 00002336 _____ C:\Users\Tower\Desktop\Google Chrome.lnk
2015-11-02 14:05 - 2015-11-02 18:17 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-02 14:05 - 2015-11-02 14:05 - 00001175 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-11-02 14:05 - 2015-11-02 14:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-11-02 14:05 - 2015-11-02 14:05 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-02 14:05 - 2015-11-02 14:05 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-11-02 14:05 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-11-02 14:05 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-11-02 14:05 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-11-02 14:04 - 2015-11-02 14:04 - 22908888 _____ (Malwarebytes ) C:\Users\Tower\Downloads\mbam-setup-org-2.2.0.1024.exe
2015-11-01 21:33 - 2015-11-02 15:00 - 00000000 ____D C:\ProgramData\Results Hub
2015-11-01 21:33 - 2015-11-01 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Results Hub
2015-11-01 18:36 - 2015-11-01 18:36 - 00000000 _____ C:\Users\Tower\Desktop\Neues Textdokument (2).txt
2015-11-01 17:27 - 2015-11-01 17:27 - 01088437 _____ (pendrivelinux.com) C:\Users\Tower\Downloads\Universal-USB-Installer-1.9.6.2.exe
2015-11-01 17:19 - 2015-11-01 17:20 - 06160320 _____ (LinuxLive USB Creator) C:\Users\Tower\Downloads\LinuxLive_USB_Creator_2.9.4.exe
2015-11-01 17:02 - 2015-11-01 17:04 - 1178386432 _____ C:\Users\Tower\Downloads\ubuntu-15.10-desktop-amd64.iso
2015-10-30 13:57 - 2015-10-28 00:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-30 13:57 - 2015-10-28 00:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-30 13:57 - 2015-10-21 13:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-10-30 13:57 - 2015-10-21 13:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-10-30 13:57 - 2015-10-21 13:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-30 13:57 - 2015-10-21 13:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-30 13:57 - 2015-10-21 13:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-30 13:57 - 2015-10-21 13:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-30 13:57 - 2015-10-21 12:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-10-30 13:57 - 2015-10-21 12:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-30 13:57 - 2015-10-21 12:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-30 13:57 - 2015-10-21 12:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-10-30 13:57 - 2015-10-21 12:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-30 13:57 - 2015-10-21 12:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-10-30 13:57 - 2015-10-21 12:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-30 13:57 - 2015-10-21 12:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-30 13:57 - 2015-10-21 12:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-10-30 13:57 - 2015-10-21 12:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-30 13:57 - 2015-10-21 12:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-10-30 13:57 - 2015-10-21 12:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-30 13:57 - 2015-10-21 12:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-30 13:57 - 2015-10-21 12:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-10-30 13:57 - 2015-10-21 12:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-10-30 13:57 - 2015-10-21 06:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-30 13:57 - 2015-10-21 06:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-30 13:57 - 2015-10-21 06:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-30 13:57 - 2015-10-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-30 13:57 - 2015-10-21 06:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-30 13:57 - 2015-10-21 06:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-30 13:57 - 2015-10-21 06:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-30 13:57 - 2015-10-21 06:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-10-30 13:57 - 2015-10-21 05:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-10-30 13:57 - 2015-10-21 05:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-30 13:57 - 2015-10-21 05:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-10-27 14:54 - 2015-10-27 14:54 - 00000000 ____D C:\Users\Public\Documents\BrFaxRx
2015-10-27 14:53 - 2015-10-27 14:58 - 00000009 _____ C:\WINDOWS\Brfaxrx.ini
2015-10-27 14:53 - 2015-10-27 14:58 - 00000000 ____D C:\Program Files (x86)\Brother
2015-10-27 14:53 - 2015-10-27 14:53 - 00000000 ____D C:\ProgramData\PCFaxTx
2015-10-27 14:53 - 2015-10-27 14:53 - 00000000 ____D C:\ProgramData\ControlCenter4
2015-10-27 14:53 - 2015-10-27 14:53 - 00000000 ____D C:\Program Files (x86)\ControlCenter4
2015-10-27 14:53 - 2015-10-27 14:53 - 00000000 ____D C:\Program Files (x86)\Browny02
2015-10-27 14:53 - 2013-01-10 13:56 - 00253952 ____N (brother) C:\WINDOWS\SysWOW64\NSSearch.dll
2015-10-27 14:53 - 2012-12-12 11:37 - 00318464 ____N (Brother Industries, Ltd.) C:\WINDOWS\system32\BrFaxTxAppRun64.dll
2015-10-27 14:53 - 2012-10-22 14:41 - 00002560 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2S.dll
2015-10-27 14:53 - 2010-09-29 17:07 - 00180224 ____N (Brother Industries, Ltd.) C:\WINDOWS\SysWOW64\BroSNMP.dll
2015-10-27 14:53 - 2010-03-15 19:45 - 00073728 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2.dll
2015-10-27 14:53 - 2007-12-13 22:16 - 00005632 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2L.dll
2015-10-27 14:52 - 2015-10-27 14:52 - 00000000 ____D C:\Users\Tower\Downloads\install
2015-10-27 14:52 - 2015-10-27 14:52 - 00000000 ____D C:\Users\Tower\AppData\Roaming\InstallShield
2015-10-27 14:52 - 2015-10-27 14:52 - 00000000 ____D C:\ProgramData\InstallShield
2015-10-27 14:52 - 2015-10-27 14:52 - 00000000 ____D C:\ProgramData\Brother
2015-10-27 14:45 - 2015-10-27 14:52 - 151108968 _____ (A.I.SOFT,INC.) C:\Users\Tower\Downloads\MFC-J470DW-inst-A1-OCE.EXE
2015-10-27 14:33 - 2015-10-27 14:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-10-27 14:33 - 2015-10-27 14:33 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-10-25 20:35 - 2015-10-25 20:35 - 00001052 _____ C:\Users\Public\Desktop\Winamp.lnk
2015-10-25 20:35 - 2015-10-25 20:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2015-10-25 20:34 - 2015-10-25 22:38 - 00000000 ____D C:\Users\Tower\AppData\Roaming\Winamp
2015-10-25 20:34 - 2015-10-25 20:35 - 00000000 ____D C:\Program Files (x86)\Winamp
2015-10-25 20:34 - 2015-10-25 20:34 - 12855384 _____ (Nullsoft, Inc.) C:\Users\Tower\Downloads\winamp5666_full_de-de_b3516.exe
2015-10-25 20:34 - 2015-10-25 20:34 - 12855384 _____ (Nullsoft, Inc.) C:\Users\Tower\Downloads\winamp5666_full_de-de_b3516 (1).exe
2015-10-25 20:11 - 2015-10-25 20:37 - 00000000 ____D C:\Users\Tower\Desktop\Neuer Ordner
2015-10-24 13:43 - 2015-10-24 13:43 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2015-10-24 13:43 - 2015-10-24 13:43 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
2015-10-19 16:20 - 2015-10-25 16:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-16 10:01 - 2015-10-16 10:05 - 1671288950 _____ C:\Users\Tower\Downloads\jc3_trailer_kit.zip
2015-10-14 15:31 - 2015-10-10 08:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-14 15:31 - 2015-10-06 04:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-14 15:31 - 2015-10-06 03:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-14 15:31 - 2015-10-01 05:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-14 15:31 - 2015-10-01 05:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-14 15:31 - 2015-10-01 05:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-14 15:31 - 2015-10-01 05:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-14 15:31 - 2015-10-01 05:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-14 15:31 - 2015-10-01 04:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-14 15:31 - 2015-09-25 05:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-14 15:31 - 2015-09-25 05:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-14 15:31 - 2015-09-25 04:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-14 15:31 - 2015-09-25 04:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-14 15:31 - 2015-09-25 04:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-14 15:31 - 2015-09-25 04:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-14 15:31 - 2015-09-25 04:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-14 15:31 - 2015-09-25 04:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-14 15:31 - 2015-09-25 04:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-14 15:31 - 2015-09-25 04:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-14 15:31 - 2015-09-25 04:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-14 15:31 - 2015-09-25 04:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-14 15:31 - 2015-09-25 04:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-14 15:31 - 2015-09-25 04:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-14 15:31 - 2015-09-25 04:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-14 15:31 - 2015-09-25 04:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-14 15:31 - 2015-09-25 04:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-14 15:31 - 2015-09-25 04:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-14 15:31 - 2015-09-25 04:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-14 15:31 - 2015-09-25 04:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-14 15:31 - 2015-09-25 04:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-14 15:31 - 2015-09-25 04:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-14 15:31 - 2015-09-25 04:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-14 15:31 - 2015-09-25 03:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-14 15:31 - 2015-09-25 03:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-14 15:31 - 2015-09-25 03:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-14 15:31 - 2015-09-25 03:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-14 15:31 - 2015-09-25 03:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-14 15:31 - 2015-09-25 03:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-14 15:31 - 2015-09-25 03:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-14 15:31 - 2015-09-25 03:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-14 15:31 - 2015-09-25 03:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-14 15:31 - 2015-09-25 03:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-14 15:31 - 2015-09-25 03:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-14 15:31 - 2015-09-25 03:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-14 15:31 - 2015-09-25 03:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-14 15:31 - 2015-09-25 03:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-14 15:31 - 2015-09-25 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-14 15:31 - 2015-09-25 03:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-14 15:31 - 2015-09-25 03:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-14 15:31 - 2015-09-25 03:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-14 15:31 - 2015-09-25 03:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-14 15:31 - 2015-09-25 03:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-14 15:31 - 2015-09-25 03:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-14 15:31 - 2015-09-25 03:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-14 15:31 - 2015-09-25 03:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-14 15:31 - 2015-09-25 03:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-14 15:31 - 2015-09-25 03:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-14 15:31 - 2015-09-25 03:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-13 15:30 - 2015-10-13 15:35 - 00000000 ____D C:\Users\Tower\Downloads\Dead.Island-RELOADED
2015-10-13 15:29 - 2015-10-13 15:29 - 00019890 _____ C:\Users\Tower\Downloads\Dead.Island.Game.of.The.Year.Edition.PC.+.DLCs.^^nosTEAM^^.torrent
2015-10-12 20:11 - 2015-10-12 20:11 - 00537000 _____ () C:\Users\Tower\Downloads\MW2 RepZ Setup.exe
2015-10-12 20:11 - 2015-10-12 20:11 - 00000000 ____D C:\Users\Tower\AppData\Local\Deployment
2015-10-12 20:11 - 2015-10-12 20:11 - 00000000 ____D C:\Users\Tower\AppData\Local\Apps\2.0
2015-10-11 13:24 - 2015-10-11 13:24 - 00001072 _____ C:\Users\Tower\Desktop\DUC (2).lnk
2015-10-11 12:38 - 2015-11-02 18:06 - 00000000 ____D C:\Users\Tower\AppData\Local\LogMeIn Hamachi
2015-10-11 12:37 - 2015-10-27 14:33 - 00000995 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-10-11 12:37 - 2015-10-11 12:37 - 08716288 _____ C:\Users\Tower\Downloads\hamachi220383(1).msi
2015-10-11 12:19 - 2015-10-11 13:24 - 00000000 ____D C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC
2015-10-11 12:19 - 2015-10-11 12:19 - 00241720 _____ C:\Users\Tower\Downloads\DUCSetup_v4_1_1.exe
2015-10-11 12:19 - 2015-10-11 12:19 - 00000000 ____D C:\Users\Tower\AppData\Local\Vitalwerks
2015-10-11 12:19 - 2015-10-11 12:19 - 00000000 ____D C:\Program Files (x86)\No-IP
2015-10-11 12:03 - 2015-10-11 12:04 - 00000000 ____D C:\Users\Tower\Downloads\sd
2015-10-10 23:29 - 2015-10-16 11:44 - 00000000 ____D C:\Users\Tower\Desktop\Timur Vernes - Er ist wieder da
2015-10-10 23:29 - 2015-10-10 23:30 - 00000000 ____D C:\Users\Tower\Downloads\Neuer Ordner
2015-10-10 16:06 - 2015-10-10 16:06 - 00000000 ____D C:\Users\Tower\AppData\Local\LogMeIn
2015-10-10 16:06 - 2015-10-10 16:06 - 00000000 ____D C:\ProgramData\LogMeIn
2015-10-10 16:05 - 2015-10-10 16:06 - 08716288 _____ C:\Users\Tower\Downloads\hamachi220383.msi
2015-10-10 16:05 - 2015-10-10 16:06 - 08716288 _____ C:\Users\Tower\Downloads\hamachi220383 (1).msi
2015-10-10 15:38 - 2015-10-10 15:39 - 00000185 _____ C:\Users\Tower\Downloads\eula.txt
2015-10-10 15:38 - 2015-10-10 15:38 - 00000062 _____ C:\Users\Tower\Downloads\server.properties
2015-10-10 15:28 - 2015-10-10 15:38 - 08718628 _____ C:\Users\Tower\Downloads\minecraft_server.1.8.8.exe
2015-10-10 14:45 - 2015-10-10 14:45 - 30984104 _____ (Oracle Corporation) C:\Users\Tower\Downloads\jre-7u60-windows-x64.exe
2015-10-10 14:45 - 2015-10-10 14:45 - 00313256 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2015-10-10 14:45 - 2015-10-10 14:45 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2015-10-10 14:45 - 2015-10-10 14:45 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2015-10-10 14:45 - 2015-10-10 14:45 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-10-10 14:45 - 2015-10-10 14:45 - 00000702 _____ C:\Users\Public\Desktop\Titanfall.lnk
2015-10-10 14:45 - 2015-10-10 14:45 - 00000000 ____D C:\Users\Tower\AppData\LocalLow\Sun
2015-10-10 14:45 - 2015-10-10 14:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Titanfall
2015-10-10 14:45 - 2015-10-10 14:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-10 14:45 - 2015-10-10 14:45 - 00000000 ____D C:\Program Files\Java
2015-10-10 13:38 - 2015-10-11 12:23 - 00000000 ____D C:\Users\Tower\AppData\Roaming\.minecraft
2015-10-10 13:38 - 2015-10-10 13:38 - 00000000 ____D C:\Users\Tower\AppData\Roaming\java
2015-10-10 13:37 - 2015-10-10 13:37 - 02314240 _____ C:\Users\Tower\Downloads\MinecraftInstaller.msi
2015-10-10 13:37 - 2015-10-10 13:37 - 00000728 _____ C:\Users\Public\Desktop\Minecraft.lnk
2015-10-10 13:37 - 2015-10-10 13:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2015-10-09 20:14 - 2015-10-09 20:14 - 00000000 ____D C:\Users\Tower\Documents\Rockstar Games
2015-10-09 20:13 - 2015-10-09 20:13 - 00000000 ____D C:\Program Files\Rockstar Games
2015-10-09 20:12 - 2015-10-09 20:13 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-10-09 20:11 - 2015-10-09 20:11 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-10-09 20:11 - 2015-10-09 20:11 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-10-09 20:11 - 2015-10-09 20:11 - 00000000 ____D C:\Program Files\MSBuild
2015-10-09 20:11 - 2015-10-09 20:11 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-10-09 20:11 - 2015-10-09 20:11 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-10-09 20:11 - 2015-06-17 17:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-10-09 20:11 - 2015-06-17 17:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-10-09 20:11 - 2015-06-17 17:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-10-09 20:11 - 2015-05-29 20:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-10-09 20:11 - 2015-05-29 20:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-10-09 20:11 - 2015-05-29 20:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-10-08 14:29 - 2015-10-08 14:30 - 00000000 ____D C:\Users\Tower\Documents\STAR WARS Battlefront Beta
2015-10-08 02:51 - 2015-10-08 03:06 - 00000000 ____D C:\Users\Tower\AppData\Roaming\Teeworlds
2015-10-08 02:40 - 2015-10-08 02:41 - 39968152 _____ (Activision ) C:\Users\Tower\Downloads\CoD4MW-1.6-1.7-PatchSetup.exe
2015-10-08 02:40 - 2015-10-08 02:40 - 296330688 _____ (Activision ) C:\Users\Tower\Downloads\cod4mw-1.6-patchsetup.exe
2015-10-08 02:39 - 2015-10-08 02:41 - 72328877 _____ (Activision ) C:\Users\Tower\Downloads\cod4mw-1.4-patchsetup.exe
2015-10-08 02:39 - 2015-10-08 02:41 - 14544960 _____ (Activision ) C:\Users\Tower\Downloads\cod4mw-1.3-patchsetup.exe
2015-10-08 02:39 - 2015-10-08 02:40 - 14532064 _____ (Activision ) C:\Users\Tower\Downloads\cod4mw-1.2-patchsetup.exe
2015-10-08 02:39 - 2015-10-08 02:40 - 11167560 _____ (Activision ) C:\Users\Tower\Downloads\cod4mw-1.4-1.5mp-patchsetup.exe
2015-10-08 02:39 - 2015-10-08 02:40 - 11149280 _____ (Activision ) C:\Users\Tower\Downloads\cod4mw-1.1-patchsetup.exe
2015-10-08 00:16 - 2015-11-02 18:02 - 00000000 ____D C:\Users\Tower\Desktop\PROPHET
2015-10-08 00:07 - 2015-10-08 00:07 - 00000823 _____ C:\Users\Public\Desktop\Total War - SHOGUN 2.lnk
2015-10-08 00:07 - 2015-10-08 00:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA
2015-10-07 23:50 - 2015-10-07 23:50 - 00000000 ____D C:\Users\Tower\AppData\Local\Disc_Soft_Ltd
2015-10-07 23:44 - 2015-03-13 17:52 - 00015159 _____ C:\Users\Tower\Desktop\prophet.nfo
2015-10-07 23:43 - 2015-10-07 23:43 - 00000000 ____D C:\ProgramData\Steam
2015-10-07 21:43 - 2015-10-07 21:44 - 00000000 ____D C:\Users\Tower\AppData\Roaming\DAEMON Tools Lite
2015-10-07 21:43 - 2015-10-07 21:43 - 00030264 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2015-10-07 21:43 - 2015-10-07 21:43 - 00001814 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2015-10-07 21:43 - 2015-10-07 21:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-10-07 21:43 - 2015-10-07 21:43 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2015-10-07 21:43 - 2015-10-07 21:43 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2015-10-07 21:42 - 2015-10-07 21:42 - 01709792 _____ (Disc Soft Ltd.) C:\Users\Tower\Downloads\DT101LiteInstaller.exe
2015-10-07 21:42 - 2015-10-07 21:42 - 01709792 _____ (Disc Soft Ltd.) C:\Users\Tower\Downloads\DT101LiteInstaller (1).exe
2015-10-07 20:09 - 2015-10-07 20:24 - 00000000 ____D C:\Users\Tower\Downloads\Total.War.SHOGUN.2.Complete-PROPHET
2015-10-07 20:08 - 2015-10-07 20:08 - 00044495 _____ C:\Users\Tower\Downloads\Total.War.SHOGUN.2.Complete-PROPHET-[rarbg.com].torrent
2015-10-07 19:54 - 2015-10-07 19:55 - 00008431 _____ C:\Users\Tower\Downloads\mpdata
2015-10-07 19:47 - 2015-10-07 19:47 - 00002030 _____ C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Singleplayer.lnk
2015-10-07 19:47 - 2015-10-07 19:47 - 00002030 _____ C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Multiplayer.lnk
2015-10-07 19:47 - 2015-10-07 19:47 - 00000331 _____ C:\WINDOWS\game.ini
2015-10-07 19:47 - 2015-10-07 19:47 - 00000175 _____ C:\WINDOWS\DXError.log
2015-10-07 19:47 - 2015-10-07 19:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
2015-10-07 19:46 - 2015-10-07 19:46 - 00000000 ____D C:\Program Files (x86)\Activision
2015-10-07 19:23 - 2015-10-13 15:29 - 00000000 ____D C:\Users\Tower\AppData\LocalLow\uTorrent
2015-10-07 19:23 - 2015-10-07 19:37 - 00000000 ____D C:\Users\Tower\Downloads\cod torrentti
2015-10-07 19:23 - 2015-10-07 19:23 - 00052707 _____ C:\Users\Tower\Downloads\[kat.cr]call.of.duty.4.full.crack.and.keygen (1).torrent
2015-10-07 19:22 - 2015-10-07 19:22 - 00002722 _____ C:\Users\Tower\Desktop\µTorrent.lnk
2015-10-07 19:22 - 2015-10-07 19:22 - 00002722 _____ C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-10-07 19:21 - 2015-10-13 22:23 - 00000000 ____D C:\Users\Tower\AppData\Roaming\uTorrent
2015-10-07 19:21 - 2015-10-07 19:21 - 01822048 _____ (BitTorrent Inc.) C:\Users\Tower\Downloads\uTorrent.exe
2015-10-07 19:20 - 2015-10-07 19:20 - 00052707 _____ C:\Users\Tower\Downloads\[kat.cr]call.of.duty.4.full.crack.and.keygen.torrent
2015-10-06 17:55 - 2015-10-08 22:33 - 00002270 _____ C:\Users\Tower\Desktop\RocketLeague - Shortcut.lnk
2015-10-03 12:58 - 2015-10-03 13:02 - 00000000 ____D C:\Users\Tower\AppData\LocalLow\Daybreak Game Company
2015-10-03 12:58 - 2015-10-03 12:58 - 00000000 ____D C:\Users\Tower\AppData\Local\SCE
2015-10-03 12:58 - 2015-10-03 12:58 - 00000000 ____D C:\Users\Tower\AppData\Local\Daybreak Game Company

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-02 19:11 - 2015-08-12 10:56 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-02 19:06 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-02 19:05 - 2015-07-10 13:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-02 18:09 - 2015-08-12 11:27 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-02 18:09 - 2015-07-10 17:34 - 00771100 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-02 18:09 - 2015-07-10 17:34 - 00153964 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-02 18:06 - 2015-08-15 23:47 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-11-02 18:06 - 2015-08-15 23:44 - 00000000 ____D C:\Users\Tower\AppData\Local\Adobe
2015-11-02 18:06 - 2015-08-15 17:34 - 00000000 ____D C:\ProgramData\Origin
2015-11-02 18:06 - 2015-08-12 10:56 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-02 18:03 - 2015-08-12 11:20 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-02 18:03 - 2015-08-12 11:19 - 00192850 _____ C:\WINDOWS\PFRO.log
2015-11-02 18:03 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-02 18:03 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-11-02 17:41 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-02 16:47 - 2015-08-12 08:07 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B0ABBCD9-80EF-444C-B833-51C5C9291BB0}
2015-11-02 15:21 - 2015-08-12 13:07 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-01 19:26 - 2015-08-12 11:37 - 00000000 ____D C:\Users\Tower\Documents\The Witcher 3
2015-11-01 17:17 - 2015-08-24 19:09 - 00011217 _____ C:\WINDOWS\setupact.log
2015-11-01 16:55 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-11-01 16:39 - 2015-08-12 11:27 - 00002396 _____ C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-11-01 16:39 - 2015-08-12 08:35 - 00000000 ___RD C:\Users\Tower\OneDrive
2015-11-01 16:27 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-30 15:33 - 2015-08-23 12:50 - 00000000 ____D C:\Users\Tower\AppData\Roaming\TS3Client
2015-10-30 14:03 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-29 18:45 - 2015-08-12 10:03 - 00000000 ____D C:\Users\Tower\AppData\Local\Battle.net
2015-10-27 14:53 - 2015-08-24 15:27 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-10-27 14:36 - 2015-08-23 12:50 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-10-27 14:35 - 2015-08-16 19:31 - 00000000 ____D C:\Program Files (x86)\Origin
2015-10-25 22:39 - 2015-08-12 11:21 - 00000000 ____D C:\Users\Tower
2015-10-25 16:49 - 2015-08-15 19:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-24 02:41 - 2015-08-12 11:37 - 00284825 _____ C:\WINDOWS\DirectX.log
2015-10-24 02:20 - 2015-09-01 10:36 - 00000000 ____D C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-10-18 21:57 - 2015-08-12 11:37 - 00000000 ____D C:\Users\Tower\Documents\My Games
2015-10-16 11:55 - 2015-08-12 21:04 - 00477184 ___SH C:\Users\Tower\Desktop\Thumbs.db
2015-10-16 04:10 - 2015-07-10 12:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-16 04:10 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-14 15:45 - 2015-08-12 08:21 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-14 15:43 - 2015-08-12 08:21 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-10 19:04 - 2015-08-16 14:18 - 00226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2015-10-10 19:04 - 2015-08-16 14:18 - 00214392 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2015-10-10 14:09 - 2015-08-29 15:08 - 00000000 ____D C:\BF4
2015-10-09 20:11 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-10-09 20:11 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-10-08 11:50 - 2015-08-12 11:36 - 00000000 ____D C:\Users\Tower\AppData\Local\Steam
2015-10-08 01:32 - 2015-08-12 07:57 - 00000000 ____D C:\Users\Tower\AppData\Local\VirtualStore
2015-10-07 19:57 - 2013-11-15 03:30 - 00000000 ____D C:\Users\Tower\Downloads\sounds
2015-10-06 20:16 - 2015-09-04 10:36 - 00000000 ____D C:\Users\Tower\AppData\Roaming\OBS
2015-10-06 17:31 - 2013-11-15 03:30 - 00000000 ____D C:\Users\Tower\Downloads\lib
2015-10-04 20:54 - 2015-08-19 15:40 - 00000000 ____D C:\Users\Tower\AppData\Roaming\CodeBlocks
2015-10-03 20:13 - 2015-08-25 14:15 - 00000000 ____D C:\WINDOWS\AutoKMS
2015-10-03 12:04 - 2015-09-24 10:23 - 00000718 _____ C:\Users\Public\Desktop\FIFA 16.lnk
2015-10-03 10:27 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-03 10:27 - 2015-07-10 12:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-03 10:27 - 2015-07-10 12:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-03 10:27 - 2015-07-10 12:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-03 10:27 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-03 10:27 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-03 10:27 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-03 10:27 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\L2Schemas

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-09-02 11:06 - 2015-05-12 17:11 - 0000034 _____ () C:\Users\Tower\AppData\Roaming\pdfdrawcodec.dll
2015-08-12 11:20 - 2015-08-12 11:20 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-08-24 20:19 - 2015-08-24 20:19 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt
2015-08-25 18:15 - 2015-08-25 18:15 - 0000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Einige Dateien in TEMP:
====================
C:\Users\Tower\AppData\Local\Temp\avgnt.exe
C:\Users\Tower\AppData\Local\Temp\bitool.dll
C:\Users\Tower\AppData\Local\Temp\jansi-64-git-Bukkit-12698ea-1231831953736236263.dll
C:\Users\Tower\AppData\Local\Temp\jansi-64-git-Bukkit-12698ea-2147131273227054406.dll
C:\Users\Tower\AppData\Local\Temp\jansi-64-git-Bukkit-12698ea-3088701552036717022.dll
C:\Users\Tower\AppData\Local\Temp\jansi-64-git-Bukkit-12698ea-3886152149526835255.dll
C:\Users\Tower\AppData\Local\Temp\jansi-64-git-Bukkit-12698ea-5515511938404337857.dll
C:\Users\Tower\AppData\Local\Temp\jansi-64-git-Bukkit-12698ea-7782766279733068079.dll
C:\Users\Tower\AppData\Local\Temp\msvcp90.dll
C:\Users\Tower\AppData\Local\Temp\msvcr90.dll
C:\Users\Tower\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Tower\AppData\Local\Temp\nvSCPAPI64.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-10-28 17:50

==================== Ende von FRST.txt ============================

--- --- ---

Addition:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-10-2015
durchgeführt von Tower (2015-11-02 19:19:32)
Gestartet von C:\Users\Tower\Downloads
Windows 10 Home (X64) (2015-08-12 10:25:38)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2297507985-1758812650-2133870427-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2297507985-1758812650-2133870427-503 - Limited - Disabled)
Gast (S-1-5-21-2297507985-1758812650-2133870427-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2297507985-1758812650-2133870427-1007 - Limited - Enabled)
Tower (S-1-5-21-2297507985-1758812650-2133870427-1001 - Administrator - Enabled) => C:\Users\Tower

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.2.0.129 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0.1 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Hidden
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.5.2.34169 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
Call of Duty: Black Ops III Beta (HKLM-x32\...\Steam App 388520) (Version:  - Treyarch)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
CodeBlocks (HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team)
CodeBlocks (HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version:  - Relic Entertainment)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.5.0.0388 - Disc Soft Ltd)
Divinity: Original Sin (HKLM-x32\...\Steam App 230230) (Version:  - Larian Studios)
FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.4.15952.12 - Electronic Arts)
Frozen Synapse (HKLM-x32\...\Steam App 98200) (Version:  - Mode 7)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HAWKEN (HKLM-x32\...\Steam App 271290) (Version:  - Reloaded Games)
HearthstoneTracker (HKLM-x32\...\HearthstoneTracker) (Version: 1.9.23.39449 - HearthstoneTracker.com)
Intel(R) Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel)
IrfanView 64 (remove only) (HKLM\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
Java 7 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417060FF}) (Version: 7.0.600 - Oracle)
L.A. Noire (HKLM-x32\...\Steam App 110800) (Version:  - Team Bondi)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.406 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.406 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM-x32\...\Steam App 287700) (Version:  - Konami Digital Entertainment)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
MusicBee 2.4 (HKLM-x32\...\MusicBee) (Version: 2.4 - Steven Mayall)
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.1 - Vitalwerks Internet Solutions LLC)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.1 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.82 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.82 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Ori and the Blind Forest (HKLM-x32\...\Steam App 261570) (Version:  - Moon Studios GmbH)
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PDF24 Creator 7.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFBearbeiten V2.3 (HKLM-x32\...\PDFBearbeiten_is1) (Version:  - hxxp://www.PDFBearbeiten.net)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Daybreak Games)
PlanetSide 2 (HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Rainbow Six Siege - Closed Beta (HKLM-x32\...\Uplay Install 1001) (Version:  - Ubisoft)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.1 - Rockstar Games)
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version:  - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version:  - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version:  - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version:  - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version:  - )
Samsung PC Studio 3 (x32 Version: 3.0.0.80601 - Samsung Electronics Co., Ltd.) Hidden
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Street Fighter V Beta (HKLM-x32\...\Steam App 386800) (Version:  - )
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH)
Teeworlds (HKLM-x32\...\Steam App 380840) (Version:  - Teeworlds Team)
This War of Mine (HKLM-x32\...\Steam App 282070) (Version:  - 11 bit studios)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts)
Total War - SHOGUN 2 (HKLM-x32\...\Total War - SHOGUN 2_is1) (Version:  - )
Trine 3: The Artifacts of Power (HKLM-x32\...\Steam App 319910) (Version:  - Frozenbyte)
Unity Web Player (HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 10.0 - Ubisoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{386F5740-091D-11E4-B13E-F04DA23A5C58}) (Version: 13.0.373 - Sony)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
网易云音乐 (HKLM-x32\...\网易云音乐) (Version: 1.9.1.103164 - 网易公司)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-002F69BBD7D7}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Tower\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Wiederherstellungspunkte =========================

14-10-2015 15:43:23 Windows Update
20-10-2015 15:45:51 Windows Update
24-10-2015 02:41:09 DirectX wurde installiert
27-10-2015 14:53:02 Installiert Brother Software Suite

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0EF7F484-A2A1-4CCB-BC4F-1BEBAA7C1EFB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {3103A7F7-47E1-45AA-BB56-31DEE52C63F0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {37EADF21-3C7F-48E8-8C9C-4445B3436696} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {3CD9976C-156F-4F90-81D0-1E6EE8B7089D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {405A312C-32D4-4C21-A517-8611DDF46B42} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {482CCEFB-1C55-48DE-8049-C553467578E1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {4F887DC4-853A-414A-AFAF-CC003426D02C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {5318F88C-6368-4F60-8D2B-12C3F2D0F415} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-14] (Microsoft Corporation)
Task: {5CED3E29-586D-48D8-ACC7-2CE3021DD750} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5FD55ECE-FA49-4715-AD46-B307532B1748} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {67044DCA-FB30-4576-96AB-C6094527DB3F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {67E21DB9-3BDA-46A6-BF2A-21663854C9BD} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {6E80604B-F248-4ABE-BF50-35385DC0C639} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {75599DED-4069-4648-8CE1-607683C6A986} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-12] (Google Inc.)
Task: {9D3219E3-DCAD-435B-8E70-8C706263AD67} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {C7D86003-6247-4CAE-B201-7FE1E63430B3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {CEBABB8A-00EE-4F46-8DC1-9EFB8B2FC8FC} - \AutoKMS -> Keine Datei <==== ACHTUNG
Task: {D277D2C2-149D-4398-94F0-E54DAE68B6D2} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {EB12AB54-FC61-4830-9A96-A9971EFFEF12} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-12] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-08-12 12:18 - 2015-08-12 12:18 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-12 11:20 - 2015-08-25 16:57 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-12 11:20 - 2013-07-04 02:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-19 11:24 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-08-29 16:47 - 2015-08-29 16:47 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2015-10-02 09:24 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-02 09:24 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-07-22 00:02 - 2015-07-22 00:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2012-10-01 19:34 - 2012-10-01 19:34 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-10-02 09:24 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-02 09:25 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-02 09:24 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-02 09:24 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-02 09:24 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 12:00 - 2015-07-10 17:45 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-08-12 11:33 - 2015-08-27 01:37 - 00708216 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2015-08-12 11:33 - 2015-08-27 01:37 - 00854136 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2015-07-22 00:02 - 2015-07-22 00:02 - 31535264 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2015-10-23 10:12 - 2015-10-20 15:55 - 01908040 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libglesv2.dll
2015-10-23 10:12 - 2015-10-20 15:55 - 00093512 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libegl.dll
2015-10-23 10:12 - 2015-10-20 15:55 - 28860744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\PepperFlash\pepflashplayer.dll
2015-08-12 11:20 - 2015-11-02 18:03 - 00038544 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2015-08-12 11:20 - 2013-07-04 02:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-08-12 11:33 - 2015-08-27 01:37 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-08-20 14:56 - 2015-08-20 14:56 - 00182128 _____ () C:\Program Files (x86)\Netease\CloudMusic\ExceptionHandler.dll
2015-08-20 14:56 - 2015-08-20 14:56 - 08699760 _____ () C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.dll
2015-08-20 14:56 - 2015-08-20 14:56 - 38797680 _____ () C:\Program Files (x86)\Netease\CloudMusic\libcef.dll
2015-08-20 14:56 - 2015-08-20 14:56 - 02561904 _____ () C:\Program Files (x86)\Netease\CloudMusic\ffmpegsumo.dll
2015-08-20 14:56 - 2015-08-20 14:56 - 00111984 _____ () C:\Program Files (x86)\Netease\CloudMusic\libFLAC++_dynamic.dll
2015-08-20 14:56 - 2015-08-20 14:56 - 00262000 _____ () C:\Program Files (x86)\Netease\CloudMusic\libFLAC_dynamic.dll
2015-08-20 14:56 - 2015-08-20 14:56 - 00877936 _____ () C:\Program Files (x86)\Netease\CloudMusic\libglesv2.dll
2015-08-20 14:56 - 2015-08-20 14:56 - 00135024 _____ () C:\Program Files (x86)\Netease\CloudMusic\libegl.dll
2015-08-16 19:31 - 2015-10-27 14:35 - 01016832 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2015-08-16 19:31 - 2015-10-27 14:35 - 00028160 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2015-08-16 19:31 - 2015-10-27 14:35 - 00029696 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2015-08-16 19:31 - 2015-10-27 14:35 - 00256000 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2015-08-16 19:31 - 2015-10-27 14:35 - 00266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2015-08-16 19:31 - 2015-10-27 14:35 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2015-08-16 19:31 - 2015-10-27 14:35 - 00346112 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2015-08-16 19:31 - 2015-10-27 14:35 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2015-07-22 14:32 - 2015-07-22 14:32 - 36732592 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2015-09-02 11:03 - 2015-09-01 13:28 - 00074272 _____ () C:\Program Files (x86)\PDF24\zlib.dll
2015-09-02 11:03 - 2015-09-01 13:28 - 00051744 _____ () C:\Program Files (x86)\PDF24\OperationUI.dll
2015-07-28 16:11 - 2015-10-05 17:18 - 00778752 _____ () D:\Programme\Steam\SDL2.dll
2015-07-28 16:11 - 2015-07-03 17:12 - 04962816 _____ () D:\Programme\Steam\v8.dll
2015-07-28 16:11 - 2015-10-14 21:56 - 02423376 _____ () D:\Programme\Steam\video.dll
2015-07-28 16:11 - 2015-07-03 17:12 - 01556992 _____ () D:\Programme\Steam\icui18n.dll
2015-07-28 16:11 - 2015-07-03 17:12 - 01187840 _____ () D:\Programme\Steam\icuuc.dll
2015-07-28 16:11 - 2015-09-24 01:33 - 02549248 _____ () D:\Programme\Steam\libavcodec-56.dll
2015-07-28 16:11 - 2015-09-24 01:33 - 00491008 _____ () D:\Programme\Steam\libavformat-56.dll
2015-07-28 16:11 - 2015-09-24 01:33 - 00332800 _____ () D:\Programme\Steam\libavresample-2.dll
2015-07-28 16:11 - 2015-09-24 01:33 - 00442880 _____ () D:\Programme\Steam\libavutil-54.dll
2015-07-28 16:11 - 2015-09-24 01:33 - 00485888 _____ () D:\Programme\Steam\libswscale-3.dll
2015-07-28 16:11 - 2015-10-14 21:56 - 00705104 _____ () D:\Programme\Steam\bin\chromehtml.DLL
2015-07-28 16:11 - 2015-10-09 19:13 - 00193024 _____ () D:\Programme\Steam\bin\openvr_api.dll
2015-07-28 16:11 - 2015-10-08 23:20 - 45010208 _____ () D:\Programme\Steam\bin\libcef.dll
2015-07-28 16:11 - 2015-09-25 00:56 - 00119208 _____ () D:\Programme\Steam\winh264.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\battelog.com -> hxxps://www.battelog.com
IE trusted site: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\battlefield.com -> hxxps://www.battlefield.com
IE trusted site: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\battelog.com -> hxxps://www.battelog.com
IE trusted site: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\battlefield.com -> hxxps://www.battlefield.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tower\Desktop\The-Witcher-3-Wild-Hunt-Sword-of-Destiny-Ultra-HD-Wallpaper-4k.jpg
HKU\S-1-5-21-2297507985-1758812650-2133870427-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Tower\Desktop\The-Witcher-3-Wild-Hunt-Sword-of-Destiny-Ultra-HD-Wallpaper-4k.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{215677AC-B348-41EA-8E64-054E930B0D2E}D:\games\hearthstone\hearthstone.exe] => (Allow) D:\games\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{1F6834EA-E9EA-4661-81F6-1DBA87896036}D:\games\hearthstone\hearthstone.exe] => (Allow) D:\games\hearthstone\hearthstone.exe
FirewallRules: [{62560D05-0E68-4C92-8652-79E97FA5A63E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{152FB88E-325F-4319-8919-F423068C7B85}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3AF06DFB-CD6B-47AE-BC97-F335B05AD05C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{50226629-B020-46F4-B85B-48DA999A836D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{6DB57B98-E4FF-4D63-8E1A-DFCF8778B300}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{1BAAB5C5-A4F0-46EA-9A01-B592694C097B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{81B8C514-5E12-4762-A840-45A704554C69}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{07E84485-22C8-4A03-8DAF-AEB4A883022D}] => (Allow) D:\Programme\Steam\Steam.exe
FirewallRules: [{2BCFA7B4-2341-4A3E-BBDE-5F92021931C4}] => (Allow) D:\Programme\Steam\Steam.exe
FirewallRules: [{E54E2D6D-D675-4FD8-8BCE-9048E6EB69F9}] => (Allow) D:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{D086F43C-5864-443D-A8C3-82AFED5D6D23}] => (Allow) D:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{69CE53C6-AFAD-4DD5-8D8F-4AAABDE7F94B}] => (Allow) D:\Games\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{67C8F4E3-E03D-4996-B96B-33679096207D}] => (Allow) D:\Games\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{109084FB-B8E6-4541-BEA6-2AD5E43D7A23}] => (Allow) D:\Games\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{F0CF891D-4E94-48CC-8A13-96209E98B07C}] => (Allow) D:\Games\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [TCP Query User{57195384-9343-43DF-86A7-C0D472413BEE}D:\program files (x86)\world of tanks\wotlauncher.exe] => (Allow) D:\program files (x86)\world of tanks\wotlauncher.exe
FirewallRules: [UDP Query User{D07FCF13-8259-44C3-BEBA-338032B3437A}D:\program files (x86)\world of tanks\wotlauncher.exe] => (Allow) D:\program files (x86)\world of tanks\wotlauncher.exe
FirewallRules: [TCP Query User{266EF9D3-30FE-48F1-AA40-5A93B0F45D03}D:\program files (x86)\world of tanks\worldoftanks.exe] => (Allow) D:\program files (x86)\world of tanks\worldoftanks.exe
FirewallRules: [UDP Query User{F9B2AA14-CEBC-4632-8098-F8D72C99C64E}D:\program files (x86)\world of tanks\worldoftanks.exe] => (Allow) D:\program files (x86)\world of tanks\worldoftanks.exe
FirewallRules: [{8A1A20A6-D30D-4B13-BF3A-AE0E28414132}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7BD0F7F3-49AF-413C-A5FF-AE034AA607CC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A8FC48FC-BA07-43E4-B6D9-708C56BEA990}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC 2015\Photoshop.exe
FirewallRules: [{72849705-37C9-4060-BDC9-CEE33E0939EA}] => (Allow) D:\Games\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{2CA8930D-7020-429F-8F42-B43D15FF844D}] => (Allow) D:\Games\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{A6CD5491-F9FF-4298-9BE5-26FCB05D13B2}] => (Allow) D:\Games\steamapps\common\Divinity - Original Sin\Shipping\EoCApp.exe
FirewallRules: [{7CA4CB26-0B8C-4810-9F5B-AA241CD5D79D}] => (Allow) D:\Games\steamapps\common\Divinity - Original Sin\Shipping\EoCApp.exe
FirewallRules: [{BDF14615-009D-4596-8AC5-D8718DC8C429}] => (Allow) D:\Games\steamapps\common\Frozen Synapse\FrozenSynapse.exe
FirewallRules: [{4363C883-4DB8-4C3A-90AB-F10D722B4913}] => (Allow) D:\Games\steamapps\common\Frozen Synapse\FrozenSynapse.exe
FirewallRules: [{4B7E6B4F-0E0D-41A7-A4A9-4E21DD738937}] => (Allow) D:\Games\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{3968E51C-72D4-4BA0-99F3-5B992E890E6F}] => (Allow) D:\Games\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{076ED1FB-1271-4BCC-AF26-9B8154292883}] => (Allow) D:\Games\steamapps\common\Ori\ori.exe
FirewallRules: [{91271E76-35CC-4814-9E5B-A88FE15CD32E}] => (Allow) D:\Games\steamapps\common\Ori\ori.exe
FirewallRules: [{0BEC11EB-9A5C-4222-8BAF-B18AD7AFEBDB}] => (Allow) D:\Games\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{6CDE77F7-6DD8-4E7F-BA75-43D12A92354A}] => (Allow) D:\Games\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{EFBFE8C1-F7B0-449C-986F-0DD016DEAE27}] => (Allow) D:\Games\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{B828E6C0-070A-43E5-9939-A09D3E334CF0}] => (Allow) D:\Games\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{4BDA12D5-7BC9-40BB-A8DC-7B56F67E904E}] => (Allow) D:\Games\steamapps\common\Trine 3\trine3_launcher.exe
FirewallRules: [{4C27179C-E104-4C58-A315-3E9E5DAB6A53}] => (Allow) D:\Games\steamapps\common\Trine 3\trine3_launcher.exe
FirewallRules: [TCP Query User{4244FD84-9DE8-4C07-BB86-8EC1C5F24F45}D:\games\steamapps\common\trine 3\trine3_64bit.exe] => (Allow) D:\games\steamapps\common\trine 3\trine3_64bit.exe
FirewallRules: [UDP Query User{52497E54-E682-4AB3-883F-849F47B23A79}D:\games\steamapps\common\trine 3\trine3_64bit.exe] => (Allow) D:\games\steamapps\common\trine 3\trine3_64bit.exe
FirewallRules: [{61E3AB01-64CA-4EDB-8D42-8B0C46D1FAFB}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{3B7D9F2D-8B89-4774-8268-B52CB11C0CAB}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{02811CCC-14CA-46BA-BDD9-B19EB613CD01}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{CD7F6DA3-5642-4F69-90FD-1FCD177A8442}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{88A0DF53-007A-4168-816C-A042A5F586D1}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{95F1CA0C-6ABE-44BB-9451-813E34D976F9}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{97EF4662-8C20-4E72-8197-E9ABAF052C0A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{974261BA-2D19-402F-A90A-CCF0B9337250}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{37DB4CEE-58C9-42D4-B35C-1662D82C8D7A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{50782609-FE39-4BCD-8E3F-55EFD7AF549C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{68D279F5-6EE3-4A4D-A535-A2AE4E25B293}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{FBE9AF85-E0EC-42D9-88BB-1D5DA3F27F63}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{6145B0F5-5E48-4B99-971F-C01E517CB48B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{158BC71F-C0F4-462B-BBE5-A4D2391136B1}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2C35DD76-FABF-49B3-86C4-B0A7A4C2F37D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{AE010B00-8F61-46F5-A274-E8C3420493E0}] => (Allow) C:\BF4\Battlefield 4\bf4_x86.exe
FirewallRules: [{AFF40177-E21C-4A4D-B553-6F9BA118AEF3}] => (Allow) C:\BF4\Battlefield 4\bf4_x86.exe
FirewallRules: [{4CB0CE31-0DFD-459C-889D-CFFA11AE0249}] => (Allow) C:\BF4\Battlefield 4\bf4.exe
FirewallRules: [{EEB4A72A-456C-4E4A-A348-7C3AA2B01398}] => (Allow) C:\BF4\Battlefield 4\bf4.exe
FirewallRules: [{436743DC-1772-4708-A4EB-E0FE3A60F26A}] => (Allow) D:\Games\steamapps\common\Call of Duty Black Ops III Beta\BlackOps3.exe
FirewallRules: [{B45BAA1D-E649-4516-9537-F76D4C00702F}] => (Allow) D:\Games\steamapps\common\Call of Duty Black Ops III Beta\BlackOps3.exe
FirewallRules: [{D21675F9-5B8D-475E-B6A1-2480E104FCAF}] => (Allow) D:\Games\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{370A9F65-F427-4B89-85B5-D5F0214D7A38}] => (Allow) D:\Games\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{28EA1612-19AF-4EEE-B3BA-954692851E6A}] => (Allow) C:\BF4\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{DF08077B-32BC-4009-849C-80955750613D}] => (Allow) C:\BF4\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{BB601256-8945-4C90-874A-27CD3C44788B}] => (Allow) C:\BF4\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{A8057CA9-268D-43FB-B024-8A22AB8790BE}] => (Allow) C:\BF4\Battlefield 4\BF4WebHelper.exe
FirewallRules: [TCP Query User{3040D893-5F64-4BEE-9CE2-DF68577547C6}C:\bf4\fifa 16\fifa16.exe] => (Allow) C:\bf4\fifa 16\fifa16.exe
FirewallRules: [UDP Query User{4138D23D-0C9F-4CC6-880B-171C209D1102}C:\bf4\fifa 16\fifa16.exe] => (Allow) C:\bf4\fifa 16\fifa16.exe
FirewallRules: [{A3FD0448-4283-468A-99C2-68309D9AD031}] => (Allow) D:\Program Files (x86)\Ubisoft Game Launcher\games\Rainbow Six Siege - Closed Beta\RainbowSix.exe
FirewallRules: [{5DD752B2-2E87-48D0-BBDC-00093E989646}] => (Allow) D:\Program Files (x86)\Ubisoft Game Launcher\games\Rainbow Six Siege - Closed Beta\RainbowSix.exe
FirewallRules: [{2C2CCE4E-A1EA-4CF0-83B5-E196E55E9BC1}] => (Allow) D:\Games\steamapps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{1EF74477-6E6F-4D71-8D24-3EFDF165A04C}] => (Allow) D:\Games\steamapps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{D78CA598-FA88-49BB-A7CD-97E5BC89F748}] => (Allow) D:\Games\steamapps\common\Hawken\Binaries\Win32\HawkenGame-Win32-Shipping.exe
FirewallRules: [{C243C51F-F277-47A0-8A62-064B4647E3C9}] => (Allow) D:\Games\steamapps\common\Hawken\Binaries\Win32\HawkenGame-Win32-Shipping.exe
FirewallRules: [{C17B1139-63C2-4D41-85C2-DE2050AB6FA1}] => (Allow) C:\BF4\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{D8882855-F8DF-4F53-BD02-ADC4FCDDD921}] => (Allow) C:\BF4\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [TCP Query User{F8CE605B-91E5-464C-88F2-4A3DAF6A8B24}D:\games\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) D:\games\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [UDP Query User{4A3496E0-53BC-4D42-A622-66CCEBA7F70E}D:\games\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) D:\games\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [{96064DD7-CE03-4F0D-B338-2D8D1E52FBB9}] => (Allow) D:\Games\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{EF9EE171-C2EC-403D-A593-862522BB4E83}] => (Allow) D:\Games\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [TCP Query User{3161F613-58BA-490A-BF32-BB378B669BC6}C:\users\tower\downloads\lib\[www.mpc-g.com]rcktlg105\binaries\win32\rocketleague.exe] => (Allow) C:\users\tower\downloads\lib\[www.mpc-g.com]rcktlg105\binaries\win32\rocketleague.exe
FirewallRules: [UDP Query User{FAE1244A-5DB1-47E3-B4B4-E15817C68733}C:\users\tower\downloads\lib\[www.mpc-g.com]rcktlg105\binaries\win32\rocketleague.exe] => (Allow) C:\users\tower\downloads\lib\[www.mpc-g.com]rcktlg105\binaries\win32\rocketleague.exe
FirewallRules: [{6794FD39-FAD4-4CE1-BFF0-9110FE13801F}] => (Allow) C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4D402FFE-0A88-4204-9D26-F66313A82FBD}] => (Allow) C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{49414156-6D04-4ED4-843D-44E19C46866C}] => (Allow) C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8AD2136B-FD93-4F18-A945-D2E70D07B6E8}] => (Allow) C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7935BB68-7D2C-4E8A-B506-E95946F20444}] => (Allow) C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{19FD221F-0A03-43F3-8919-B3992E72175E}] => (Allow) C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{5F58A196-190C-486C-BFC3-DC39693AC853}D:\program files (x86)\total war - shogun 2\shogun2.exe] => (Allow) D:\program files (x86)\total war - shogun 2\shogun2.exe
FirewallRules: [UDP Query User{7D8AA4CC-F861-47F0-9842-317D204A9198}D:\program files (x86)\total war - shogun 2\shogun2.exe] => (Allow) D:\program files (x86)\total war - shogun 2\shogun2.exe
FirewallRules: [{640B579A-8F7C-40D3-86A5-25A0E53B9B96}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{51CD6A31-7EB4-49F4-BA82-2700A2428173}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{83277662-335B-4596-A8A1-185AC754DE67}] => (Allow) D:\Games\steamapps\common\Teeworlds\teeworlds.exe
FirewallRules: [{251D4361-3957-4E8A-8CCF-583405B6A0BA}] => (Allow) D:\Games\steamapps\common\Teeworlds\teeworlds.exe
FirewallRules: [{8EF908CA-3F7A-4C61-B3A3-E7BCD95F4AEF}] => (Allow) D:\Games\steamapps\common\L.A.Noire\LANLauncher.exe
FirewallRules: [{08C86DD2-F657-4DF3-BB92-2F40D37D1402}] => (Allow) D:\Games\steamapps\common\L.A.Noire\LANLauncher.exe
FirewallRules: [{B0777CE3-1F8E-4180-9C31-18C5F3B19A39}] => (Allow) D:\Games\Titanfall\Titanfall.exe
FirewallRules: [{0D19F0F3-324A-4D66-85B4-94F8CD4BA36F}] => (Allow) D:\Games\Titanfall\Titanfall.exe
FirewallRules: [TCP Query User{A90948F1-0257-4F3E-A2B0-24A88EF02EF9}D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{1C09ABD3-1321-4D90-8AA9-8E02EFBC285F}D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{346C6197-2990-41F2-A816-B2AC493AB97C}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{54CB7B40-80F0-4E83-AF83-696FA9E2E203}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{31981CE6-90D0-4002-8284-213407374F40}] => (Allow) D:\Games\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{360DD666-147F-465D-B92F-5EE5ABACFBD9}] => (Allow) D:\Games\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{615D134D-28D0-4ADE-AA26-9F09B503E8F8}D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe] => (Allow) D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe
FirewallRules: [UDP Query User{04594715-5C3D-4CA3-B4D4-9A6300CC718A}D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe] => (Allow) D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe
FirewallRules: [{998C1B58-163B-476D-AF20-0AC2110B2BDC}] => (Allow) D:\Games\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{FD6686CE-F6FE-4BD0-83F1-ECAB9B09A597}] => (Allow) D:\Games\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{8B9E0380-799D-4102-A481-C34A283A2584}] => (Allow) D:\Games\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{B7631C0D-93B7-44D9-ACA3-5D5F47FEA85E}] => (Allow) D:\Games\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{72F906CB-AD23-4E4A-BF4D-D37FEFD163FF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E74C905D-ED71-45D6-BBD4-1579A84E6195}] => (Allow) D:\Games\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{9824A515-66D8-4007-B4AF-F4A54DC532B9}] => (Allow) D:\Games\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E60C9963-847C-4B88-B53C-4CAF9D696165}] => (Allow) D:\Games\steamapps\common\StreetFighterVBeta\StreetFighterVBeta.exe
FirewallRules: [{75FEF355-9E2C-4DCE-B3F0-61D8CF3DE1C5}] => (Allow) D:\Games\steamapps\common\StreetFighterVBeta\StreetFighterVBeta.exe
FirewallRules: [{DBE33EBB-49E7-4198-960A-BC4B7EA46CAB}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{09E3F538-B087-48B5-BAB4-45CCF1CAC801}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{E81C4C61-4ECD-412D-BDB9-F223447A610A}] => (Allow) D:\Games\steamapps\common\Super Street Fighter IV - Arcade Edition\SSFIV.exe
FirewallRules: [{F24956A8-4923-4429-9A31-7AD4C7BFFB10}] => (Allow) D:\Games\steamapps\common\Super Street Fighter IV - Arcade Edition\SSFIV.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.)
Description: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/02/2015 04:45:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: avscan.exe, Version: 15.0.13.202, Zeitstempel: 0x55e5b9fd
Name des fehlerhaften Moduls: avscan.exe, Version: 15.0.13.202, Zeitstempel: 0x55e5b9fd
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00043612
ID des fehlerhaften Prozesses: 0x17e0
Startzeit der fehlerhaften Anwendung: 0xavscan.exe0
Pfad der fehlerhaften Anwendung: avscan.exe1
Pfad des fehlerhaften Moduls: avscan.exe2
Berichtskennung: avscan.exe3
Vollständiger Name des fehlerhaften Pakets: avscan.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: avscan.exe5

Error: (11/01/2015 11:43:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TOWER-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (11/01/2015 11:17:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TOWER-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (11/01/2015 06:09:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: witcher3.exe, Version: 3.0.6.7903, Zeitstempel: 0x561eca18
Name des fehlerhaften Moduls: debug-console-enabler.dll, Version: 0.0.0.0, Zeitstempel: 0x55ced693
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000410f
ID des fehlerhaften Prozesses: 0x23c8
Startzeit der fehlerhaften Anwendung: 0xwitcher3.exe0
Pfad der fehlerhaften Anwendung: witcher3.exe1
Pfad des fehlerhaften Moduls: witcher3.exe2
Berichtskennung: witcher3.exe3
Vollständiger Name des fehlerhaften Pakets: witcher3.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: witcher3.exe5

Error: (11/01/2015 06:09:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: witcher3.exe, Version: 3.0.6.7903, Zeitstempel: 0x561eca18
Name des fehlerhaften Moduls: debug-console-enabler.dll, Version: 0.0.0.0, Zeitstempel: 0x55ced693
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000000410f
ID des fehlerhaften Prozesses: 0x23e4
Startzeit der fehlerhaften Anwendung: 0xwitcher3.exe0
Pfad der fehlerhaften Anwendung: witcher3.exe1
Pfad des fehlerhaften Moduls: witcher3.exe2
Berichtskennung: witcher3.exe3
Vollständiger Name des fehlerhaften Pakets: witcher3.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: witcher3.exe5

Error: (11/01/2015 05:23:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiLi USB Creator.exe, Version 2.9.88.82 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 242c

Startzeit: 01d114c1892da7e9

Beendigungszeit: 2

Anwendungspfad: C:\Program Files (x86)\LinuxLive USB Creator\LiLi USB Creator.exe

Berichts-ID: e84b88f9-80b4-11e5-829a-1c872c435803

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (11/01/2015 05:22:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiLi USB Creator.exe, Version 2.9.88.82 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2768

Startzeit: 01d114c1651ea9c5

Beendigungszeit: 13

Anwendungspfad: C:\Program Files (x86)\LinuxLive USB Creator\LiLi USB Creator.exe

Berichts-ID: bdb677ee-80b4-11e5-829a-1c872c435803

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (11/01/2015 05:21:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiLi USB Creator.exe, Version 2.9.88.82 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 12ec

Startzeit: 01d114c153bb6134

Beendigungszeit: 2

Anwendungspfad: C:\Program Files (x86)\LinuxLive USB Creator\LiLi USB Creator.exe

Berichts-ID: 9fa6baf1-80b4-11e5-829a-1c872c435803

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (11/01/2015 05:21:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiLi USB Creator.exe, Version 2.9.88.82 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 23c4

Startzeit: 01d114c1411ee2f7

Beendigungszeit: 3

Anwendungspfad: C:\Program Files (x86)\LinuxLive USB Creator\LiLi USB Creator.exe

Berichts-ID: 8b5051f7-80b4-11e5-829a-1c872c435803

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (11/01/2015 04:26:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Tower-PC.local already in use; will try Tower-PC-2.local instead


Systemfehler:
=============
Error: (11/02/2015 06:09:45 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (11/02/2015 06:09:45 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (11/02/2015 06:09:44 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (11/02/2015 06:09:43 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (11/02/2015 06:09:42 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (11/02/2015 06:09:42 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (11/02/2015 06:09:41 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (11/02/2015 06:09:40 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (11/02/2015 06:09:39 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (11/02/2015 06:09:39 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


CodeIntegrity:
===================================
  Date: 2015-11-01 21:33:39.326
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-01 21:33:39.318
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-01 18:41:14.353
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-01 18:41:14.345
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-01 17:24:20.935
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-01 17:24:20.924
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-01 16:37:41.302
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-10-29 19:26:56.311
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-10-28 17:50:46.255
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-10-26 18:56:55.660
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Prozentuale Nutzung des RAM: 28%
Installierter physikalischer RAM: 16326.53 MB
Verfügbarer physikalischer RAM: 11701.77 MB
Summe virtueller Speicher: 18758.53 MB
Verfügbarer virtueller Speicher: 12654.57 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:232.1 GB) (Free:49.41 GB) NTFS
Drive d: (Games/Programme) (Fixed) (Total:1863.01 GB) (Free:1064.69 GB) NTFS
Drive e: (Daten) (Fixed) (Total:1863.01 GB) (Free:1860.36 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 1863 GB) (Disk ID: 12F312F3)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 82563300)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 1863 GB) (Disk ID: 117B117C)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Redgrieve · 02.11.2015, 19:35

Code:

ATTFilter

19:27:17.0296 0x214c  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
19:27:26.0486 0x214c  ============================================================
19:27:26.0486 0x214c  Current date / time: 2015/11/02 19:27:26.0486
19:27:26.0486 0x214c  SystemInfo:
19:27:26.0486 0x214c  
19:27:26.0486 0x214c  OS Version: 10.0.10240 ServicePack: 0.0
19:27:26.0486 0x214c  Product type: Workstation
19:27:26.0486 0x214c  ComputerName: TOWER-PC
19:27:26.0486 0x214c  UserName: Tower
19:27:26.0486 0x214c  Windows directory: C:\WINDOWS
19:27:26.0486 0x214c  System windows directory: C:\WINDOWS
19:27:26.0486 0x214c  Running under WOW64
19:27:26.0486 0x214c  Processor architecture: Intel x64
19:27:26.0486 0x214c  Number of processors: 8
19:27:26.0486 0x214c  Page size: 0x1000
19:27:26.0486 0x214c  Boot type: Normal boot
19:27:26.0486 0x214c  ============================================================
19:27:26.0603 0x214c  KLMD registered as C:\WINDOWS\system32\drivers\32704632.sys
19:27:26.0677 0x214c  System UUID: {FF421625-5855-4E20-BE13-03D8062D5163}
19:27:26.0893 0x214c  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:27:26.0893 0x214c  Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:27:26.0893 0x214c  Drive \Device\Harddisk2\DR2 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:27:26.0895 0x214c  ============================================================
19:27:26.0895 0x214c  \Device\Harddisk0\DR0:
19:27:26.0895 0x214c  MBR partitions:
19:27:26.0895 0x214c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
19:27:26.0895 0x214c  \Device\Harddisk1\DR1:
19:27:26.0895 0x214c  MBR partitions:
19:27:26.0895 0x214c  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAF000
19:27:26.0895 0x214c  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0x1D034800
19:27:26.0895 0x214c  \Device\Harddisk2\DR2:
19:27:26.0895 0x214c  MBR partitions:
19:27:26.0895 0x214c  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
19:27:26.0895 0x214c  ============================================================
19:27:26.0896 0x214c  C: <-> \Device\Harddisk1\DR1\Partition2
19:27:26.0902 0x214c  D: <-> \Device\Harddisk0\DR0\Partition1
19:27:27.0551 0x214c  E: <-> \Device\Harddisk2\DR2\Partition1
19:27:27.0551 0x214c  ============================================================
19:27:27.0551 0x214c  Initialize success
19:27:27.0551 0x214c  ============================================================
19:27:57.0391 0x2310  ============================================================
19:27:57.0391 0x2310  Scan started
19:27:57.0391 0x2310  Mode: Manual; SigCheck; TDLFS; 
19:27:57.0391 0x2310  ============================================================
19:27:57.0391 0x2310  KSN ping started
19:27:59.0747 0x2310  KSN ping finished: true
19:28:01.0388 0x2310  ================ Scan system memory ========================
19:28:01.0388 0x2310  System memory - ok
19:28:01.0389 0x2310  ================ Scan services =============================
19:28:01.0416 0x2310  [ 22CE801AD25C51E2553F41A076BB0CB2, 0520216417F1619FB642734EC937C59D5E79A24306C1E9B793C82FAE077851E6 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
19:28:01.0469 0x2310  1394ohci - ok
19:28:01.0476 0x2310  [ 2C49A2441EBB24C6ACFB524C1459115F, 0ABACB6F21C41C0297994E61F1BFABB3905AF6B569D0446FE8E174EB9225B8EF ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
19:28:01.0484 0x2310  3ware - ok
19:28:01.0494 0x2310  [ B87D3D07FE6F15328C6860D542F0E2BD, 46CF069EDD7DBFB4DB800BABA3081DAB363DD2CFD724AFF5916D3419F62A3574 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
19:28:01.0509 0x2310  ACPI - ok
19:28:01.0513 0x2310  [ 1E3C4EDBB7F3F668B7205E351010BB79, A3CA12F72836C4F77B671264828B370B9EBA9CD71110E2C0514994760B6B12FF ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
19:28:01.0521 0x2310  acpiex - ok
19:28:01.0524 0x2310  [ 13B1C26AEDCB40082CDD97506F968129, 883442206B4C60AA493E84CC3037B6C1568441E1F43D2B1FCBFD8D87D135D511 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
19:28:01.0530 0x2310  acpipagr - ok
19:28:01.0533 0x2310  [ B3D64FF927D611721DA73A61BF3A18B3, 96B51AFDC3078B5088AAF66F0CF3E07D2FCBBC84A19D309A25DF0A5C6CECB958 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
19:28:01.0539 0x2310  AcpiPmi - ok
19:28:01.0541 0x2310  [ 19F793B2203D94AC1F8AEDB08B494E2E, DC98CCF9935E1F1C32FA88575A9A678B74916EFF48E39A64CF1FF92232F64A52 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
19:28:01.0548 0x2310  acpitime - ok
19:28:01.0562 0x2310  [ 0F6A17DC2DA7CFF449C9293CB772DAD5, 74A88837F8BBD0B6A17E863FAC7B9DAA36968DAF0032EA349D0B39BC11531E91 ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
19:28:01.0574 0x2310  AdobeUpdateService - ok
19:28:01.0593 0x2310  [ 2A24E10C1A1DE0E0035E353EED494A1C, CBBFA86578BE74CAADDCA923D65E3BFFC57BC17B887936ADE5C6952530546A22 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
19:28:01.0615 0x2310  ADP80XX - ok
19:28:01.0626 0x2310  [ 6C12C7E01A4F64E0AA9C88AF66955CC9, 81A413702909341F8694823EC83FBA0089523D7EC927B80E55E0779BB83AD263 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
19:28:01.0640 0x2310  AFD - ok
19:28:01.0643 0x2310  [ EF09D07626820F7F89519514C17FE768, C3EC1DC163CD5946270ED876CD414889BBF2C586A8AF5DC7825FA5D77001E827 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
19:28:01.0649 0x2310  agp440 - ok
19:28:01.0654 0x2310  [ 8A289EF0721F95267BF2404BABEE146D, E263D258F03DF3BB405D49AE7230C37E7EB8F392FDEE48059C7C1E3709520D35 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
19:28:01.0664 0x2310  ahcache - ok
19:28:01.0666 0x2310  [ C301499987AF909258774AE9DC5778BB, 3ED539C999847116AE9DB9C8C5A34AB09703BAE3018E1EAF6DBC779BB6736F32 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
19:28:01.0673 0x2310  AJRouter - ok
19:28:01.0676 0x2310  [ DD69535D379F9E40AD0D6002887AAA99, 579DD18CE2B264B4058C6069B8AEE6FD9FE6A882B7DA19E300DFE40B37A4E5BE ] ALG             C:\WINDOWS\System32\alg.exe
19:28:01.0685 0x2310  ALG - ok
19:28:01.0688 0x2310  [ 6763084E8322A4876D1613854640F914, 89EEEB47517A9964FA799821E5E45BDD6009EBDC628D6DADE6A7F03DE7CDA6CD ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
19:28:01.0697 0x2310  AmdK8 - ok
19:28:01.0701 0x2310  [ DE29D8AB57AD67D4940CAB4A48B3E230, 4E92AFCD9107573DAB8E65AC6318E4B8851DCCBE17E135DFF8CF5733210B52E6 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
19:28:01.0709 0x2310  AmdPPM - ok
19:28:01.0712 0x2310  [ 4C1F9BBAF5CCD76D4642F3B92B97B454, 514CCAA8B586B1019658BE101046386EB727AD48D7913AEF9A168763E91F0DE5 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
19:28:01.0718 0x2310  amdsata - ok
19:28:01.0724 0x2310  [ F8195C1A15955180DD663E7FF4C2F6DD, F3C0C6B38FB9478217EE25EBDBDF7A18F01B97655BC38373E70E71171705D5E9 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
19:28:01.0732 0x2310  amdsbs - ok
19:28:01.0735 0x2310  [ DD2F5BBCFAC4D8E48DB1A95A7EEBFF08, 619E3106072C6F785144D785C4AFB4C607CAF7ED29AAA4A1411BE262E62B7ADE ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
19:28:01.0741 0x2310  amdxata - ok
19:28:01.0758 0x2310  [ 6B31C215750CD41567E962D22839EE44, FF0B92807296B88DE37F9F2EB27FF7B73AA998B98074AA54A949A2B79690AFE5 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
19:28:01.0777 0x2310  AntiVirMailService - ok
19:28:01.0785 0x2310  [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
19:28:01.0794 0x2310  AntiVirSchedulerService - ok
19:28:01.0802 0x2310  [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirService  C:\Program Files (x86)\Avira\Antivirus\avguard.exe
19:28:01.0811 0x2310  AntiVirService - ok
19:28:01.0828 0x2310  [ D84E576299C73B0B1DC477D2B99958C4, D6703C2B63B9FA87C2DA009CC7B6DF76C3603C6A9874B152D685A1B92EE2DF28 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
19:28:01.0846 0x2310  AntiVirWebService - ok
19:28:01.0851 0x2310  [ 46AAF119090573A80D603745582229ED, 8D7C4AED66DD32A104965DC23D17C0815CD1BE2E3D52375C1A63863664EE174F ] AppID           C:\WINDOWS\system32\drivers\appid.sys
19:28:01.0859 0x2310  AppID - ok
19:28:01.0861 0x2310  [ 24315B385F515D6D5476757EAFD62633, CE645397BF43CC54B864A0E4FCB86F76C10B9C2D2482E85DBBE15EF7BF045F17 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
19:28:01.0871 0x2310  AppIDSvc - ok
19:28:01.0874 0x2310  [ 2CE396457D5C18F034D243EC7E159010, DDF588A568DF5EAE058DF315535BD746760363E2242EF8C705F8DCBA2D5DA4A7 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
19:28:01.0884 0x2310  Appinfo - ok
19:28:01.0889 0x2310  [ 6EB87FDB59AABF6D19C927492DEA0D36, 36168F8CC75D16917A30FA1FACF57659BC2ADF870D20DEE93F851D5348E605BB ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:28:01.0893 0x2310  Apple Mobile Device Service - ok
19:28:01.0903 0x2310  [ A8AC0B8ED134888731D1A1BCEF930FA1, 917D2C99CB28C5F20BA386148B6A93541AEF900A9A99D310D732B501322945E5 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
19:28:01.0922 0x2310  AppReadiness - ok
19:28:01.0952 0x2310  [ 2E71E6B389976FD78609A1AB44F7EEB1, 24F7A6D7B4C3DFFE128AFE70F37FFA6258928DF7CCFF3AB2490A41F595529299 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
19:28:02.0005 0x2310  AppXSvc - ok
19:28:02.0012 0x2310  [ 0756EECAC010BE449D07502DF27E7701, 6A895CA80050D021DB5E130102F626027339A22673B7C15C51A375C0401F03D2 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
19:28:02.0019 0x2310  arcsas - ok
19:28:02.0034 0x2310  [ BBF8F831C7720DD5135D8C4C8325187A, 2630C68200D7BD49A5772830D6B369C0EC337C2558A9562DD564DF042249ECC0 ] asComSvc        C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
19:28:02.0050 0x2310  asComSvc - ok
19:28:02.0059 0x2310  [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO            C:\WINDOWS\syswow64\drivers\AsIO.sys
19:28:02.0064 0x2310  AsIO - ok
19:28:02.0066 0x2310  [ A5792F971EFE86B7F56EE7299ED1082B, 82DCD15E2C9D8A3EA663941C9CE73020FEEF2F91354D0BB51E8A142AA1E30217 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
19:28:02.0075 0x2310  AsyncMac - ok
19:28:02.0079 0x2310  [ 8921DF6060DB5C7700AA48CB12E9EA08, 8F18841B454CDE4926C50B23F818D00ECE0AE884DB198E396445CB44CB39B2C4 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
19:28:02.0084 0x2310  atapi - ok
19:28:02.0090 0x2310  [ 240FF83DD79546B26F187FAB20F83864, C4DC0159016B4A4630357131E614814C068D07BEA94AAF6393E882A78C9FCA1E ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
19:28:02.0103 0x2310  AudioEndpointBuilder - ok
19:28:02.0120 0x2310  [ 4C86961C71396D2BA39DAD9783437546, C36A428701D6C0E2FFDF0ECB8917FB6ED48E8014F7C3DD911387DE6E161D7EAD ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
19:28:02.0148 0x2310  Audiosrv - ok
19:28:02.0153 0x2310  [ AC82CC4F2A41E098EB34C0A9F8125DDC, CC416DD5FC8E14A1F99F8DF52D795CA6E16EDBF8FD7C9624B10BA83D9D954BF2 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
19:28:02.0159 0x2310  avgntflt - ok
19:28:02.0165 0x2310  [ 45061BD6F11B80BF1C07A9253A659BF1, 9A1AFE963672E23F3C19FACE2CEB64766C964B165ECB26F36B6FB5730CEAFD2D ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
19:28:02.0170 0x2310  avipbb - ok
19:28:02.0175 0x2310  [ 6C4B9A2FF6924405E9ABFB558049D4DD, 9AB314B9ECF41832589726556A93CEAAE2AE774B1738A46A027E833B73A72118 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
19:28:02.0182 0x2310  Avira.ServiceHost - ok
19:28:02.0185 0x2310  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
19:28:02.0188 0x2310  avkmgr - ok
19:28:02.0192 0x2310  [ 74179E7C103F3A44B33D7D982E21E35D, 7F2384B065EA9959734D65426781D901CDB0DA8DFCAD13BF05044DDF33CA5688 ] avnetflt        C:\WINDOWS\system32\DRIVERS\avnetflt.sys
19:28:02.0197 0x2310  avnetflt - ok
19:28:02.0201 0x2310  [ 2F7F80543129210CA75995D0DCA488E8, 353E598FF26FA363C02A2B44BA8D7D1ED97B8AC8C69F1B5C5D521BD0D5D5AB94 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
19:28:02.0213 0x2310  AxInstSV - ok
19:28:02.0224 0x2310  [ 00D64E82900E4EC9062805ED87C2D75A, 577110F9A7C6C2C4CF86FFF4F60E23F61623ED325FC950033900A5102754A677 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
19:28:02.0237 0x2310  b06bdrv - ok
19:28:02.0241 0x2310  [ 5164A66EC1565711A7B4CF2F143B4979, DA29F0FB63F3EB2BF92D51FEB4BB7D2B964553D2F634556325953927464CB3A5 ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
19:28:02.0248 0x2310  BasicDisplay - ok
19:28:02.0251 0x2310  [ F4C58BBF2972BD84C73F6A14CA35AC4E, B7A226EB861B63ACF4BF9B5A331ACA6FFC9B787DCCAA7697EEFC4F634508A6D5 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
19:28:02.0259 0x2310  BasicRender - ok
19:28:02.0263 0x2310  [ 25349D0B334E528667980948ED107D89, 70EF9D3B8DCAC6E9720C6F3EBC77392FADC182A6925F9024FE30A21321E0137F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
19:28:02.0267 0x2310  bcmfn2 - ok
19:28:02.0273 0x2310  [ DF78B56EEE6004DEE8CE57763128075E, 5758CAF4B0182F3F2E2508B3BB58B0271F2689808D09675B2753FE373D1D77D2 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
19:28:02.0287 0x2310  BDESVC - ok
19:28:02.0290 0x2310  [ 1E8A9267F8886803AAE02982FC1B5BC4, 655DF84E037BD6E582A6BA89737A4388956219171AF7253D126E54A23F16BE59 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
19:28:02.0298 0x2310  Beep - ok
19:28:02.0311 0x2310  [ 7FAFFFC4C59F5010D6E7CEA152076B92, 945FD6C04E109D4E5A4164BAA9A8120EC85AB809555AAD83E61B9F179F976FD7 ] BFE             C:\WINDOWS\System32\bfe.dll
19:28:02.0333 0x2310  BFE - ok
19:28:02.0351 0x2310  [ BD60F5633F6BD617D9ECCA3FFDC0D37E, 2F0DECAEB7096CD628387263381E123C883F483BD87F7F2BA6DEFBB5A184BAA3 ] BITS            C:\WINDOWS\System32\qmgr.dll
19:28:02.0381 0x2310  BITS - ok
19:28:02.0391 0x2310  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:28:02.0401 0x2310  Bonjour Service - ok
19:28:02.0404 0x2310  [ C9FD65687EF89715999C582D3E568812, 42BA59A78A47C510CB2AFDC6C6080B33F9F611F84FEE5262DFF16D7633C50EB1 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
19:28:02.0413 0x2310  bowser - ok
19:28:02.0424 0x2310  [ 3A4A543F135DE9A06ABA9DF982D79DD7, ABA165435C27BE15D7EBD3E7D023E295CB7AE2A099DF9E253C78EC45EADD75EA ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
19:28:02.0440 0x2310  BrokerInfrastructure - ok
19:28:02.0445 0x2310  [ 2AAD720B32904B97EDD8C3211344F79E, 41B1AEA5FAA48033B2581E18D68EFC986C3D65B383847E250C054CE3133A893C ] Browser         C:\WINDOWS\System32\browser.dll
19:28:02.0453 0x2310  Browser - ok
19:28:02.0459 0x2310  [ 065818B8A2CD7F08D6DC8C598191548C, 08982EB22484ECCA1A7FD0C6A10E6D0BB09F624CEBC397C9B241C2D75C984C70 ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe
19:28:02.0466 0x2310  BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
19:28:04.0806 0x2310  Detect skipped due to KSN trusted
19:28:04.0807 0x2310  BrYNSvc - ok
19:28:04.0820 0x2310  [ F8DD3B0EAC1EF1D087AE47E5819540AC, 866C951B52E3202AC89552AEA72A45123367199335578F03815E2ED55DA2FDAE ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
19:28:04.0855 0x2310  BthAvrcpTg - ok
19:28:04.0859 0x2310  [ 647E2A425AD43637EAA01096A58B7089, 8F76D024FEBCBA1AC54363133DE1E0DD5B9D696E5E688EFEBC3B79F7F1B9C568 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
19:28:04.0873 0x2310  BthHFEnum - ok
19:28:04.0878 0x2310  [ B95040CAD3434D9EE003065363A0FAFF, D441E0676EA1AE1ABC305732024311CA59715E6763B3D7ADB728DEEFC403E182 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
19:28:04.0888 0x2310  bthhfhid - ok
19:28:04.0894 0x2310  [ F334BF7B0737CEB3B6822631EAD55A87, 4E5AEB1F8E109BA01A5D1CDE2E3C677FF07F2AFE8B195CB5F82AA28816D2060E ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
19:28:04.0908 0x2310  BthHFSrv - ok
19:28:04.0911 0x2310  [ 29AEE352AED4FCD2191436D263D75347, 3D21262EA26BF423BFA4A9146E53F8B036B2A1157DBE91A11C5603AF7A670B6F ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
19:28:04.0919 0x2310  BTHMODEM - ok
19:28:04.0923 0x2310  [ 26DD0127A05B333E36316E6EA9A6AAE2, A2DC4483FF5639EE8DD315AB2989865CA6A6992C578FD7F7D31698A015355941 ] bthserv         C:\WINDOWS\system32\bthserv.dll
19:28:04.0931 0x2310  bthserv - ok
19:28:04.0933 0x2310  [ 854AF190F55E6D70EC65A85798F896E2, 6D39F9131BE93F934502BA1DB109E7AD35D3987B636F7B32F9C34823DF25746B ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
19:28:04.0941 0x2310  buttonconverter - ok
19:28:04.0945 0x2310  [ A10A1E05A943B10ECE5D57D131B7404D, 71BB816B6841001A4305DF1814926B639265E91895CA5D06284B0970E40CE386 ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
19:28:04.0954 0x2310  CapImg - ok
19:28:04.0957 0x2310  [ F2829DC6D292DCAC5029893BB2E9FEE3, AF2A25722D3BE37BABD1F6668786AAF39E9D6CA18CE8E845E63266E218C64526 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
19:28:04.0965 0x2310  cdfs - ok
19:28:04.0969 0x2310  [ F3A9E38AE23AD4015764AF89E4AE3519, 57ED6AC834177E128720FEC5B5793F35C7C36474E2D787F182B6730933222CC9 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
19:28:04.0979 0x2310  CDPSvc - ok
19:28:04.0984 0x2310  [ CA160E02F35A61C6F5C681FB4669C519, E6BC66156EE226F16804C4FDC8A60EB15CE6212EAFB9FB841FAC899979E140E2 ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
19:28:04.0993 0x2310  cdrom - ok
19:28:04.0998 0x2310  [ 320E7A02D81A468E8C1FEEFDB856AFAE, E65127D3D6B628F9D19EA509FEBD9E4DC1BF20D0C62C3C9E1D7087DF972B2AA7 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
19:28:05.0010 0x2310  CertPropSvc - ok
19:28:05.0013 0x2310  [ 60D7D304DF75DFF6A46CF633F583B592, 4141D8D1C6FE829C02053DA91AC6B0628BDEB3322CAAD4AD958190F9D173340E ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
19:28:05.0020 0x2310  circlass - ok
19:28:05.0027 0x2310  [ FF9D4BCE19E5D36CB3A845A3286DA6C3, A0E2C38D629359EEC6F8EEC6F92A3E571AEF018BAF259F395DC497ED4827460B ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
19:28:05.0037 0x2310  CLFS - ok
19:28:05.0048 0x2310  [ 5C4648673693724C8D4A1A92E1AA06E6, 5D548241715687BFA52E40B867EF73CB45D01B7F9A9B7F00B92BF2B4C97BE1D0 ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
19:28:05.0064 0x2310  ClipSVC - ok
19:28:05.0070 0x2310  [ 8EBA63416EC166EBA6EF6D34A505D8C8, 5EB0236ABEA2277B71D9F009DA71934C618606B20BBEC07B8595195E40C12A2B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
19:28:05.0077 0x2310  CmBatt - ok
19:28:05.0087 0x2310  [ 3B64DA873CEA5BEC42570BFF1054A014, 3649B25855CB9BE5BA3B3FEE4221575381FB2D488B8B050B5DD0088386AA0F7B ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
19:28:05.0101 0x2310  CNG - ok
19:28:05.0104 0x2310  [ 5EEA0856000F81B3D709BC81B3AA1EF2, C04E4E31D3FC38102BA410D312F58AF848920EE37004A5C306D79229C9B6079A ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
19:28:05.0110 0x2310  cnghwassist - ok
19:28:05.0118 0x2310  [ 74CD3BF688E2B408227FE012A2F2D8ED, CC01AC79CEB9DC94FA5675D66F048928C9968B8944E34F5482A73C14B70EE8A8 ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys
19:28:05.0125 0x2310  CompositeBus - ok
19:28:05.0128 0x2310  COMSysApp - ok
19:28:05.0130 0x2310  [ D38774D1D383A2CDB9A4F64B7206913B, 6CDDC46D1D431342F00CA537FC327B23B8AA4D513CEEEE61F3E19C77975DF9C8 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
19:28:05.0137 0x2310  condrv - ok
19:28:05.0149 0x2310  [ 8AFDD74F2DC5BAD9B2215FB19DB65240, A2BDDA4C77C63D3D8E9F1D397D7B41EC1BF093A6399C14D311D4D230B5F1E093 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
19:28:05.0168 0x2310  CoreMessagingRegistrar - ok
19:28:05.0172 0x2310  [ 35DB06AACD8AD5999161DA71FF0E16F0, 22AD27811AAD14666ACEF4115447B0CFAA70D1E73923059FB2A9B4C3CBE500A6 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
19:28:05.0181 0x2310  CryptSvc - ok
19:28:05.0184 0x2310  [ F038EAF73AAB72A4A89185A5A7B9FD75, 8213A60B3BEAFC1C554C5D049DFE3C6E44CEFE639EDD6A335AC18A9DAEDA2D4B ] dam             C:\WINDOWS\system32\drivers\dam.sys
19:28:05.0190 0x2310  dam - ok
19:28:05.0204 0x2310  [ 5E57B9FBB4E9C43EE5B69BEE01A1819F, A1F8D1E52AF446CEA2EB50064E3A24B713B19197D61C3EAECB81B3CCD80558E7 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
19:28:05.0230 0x2310  DcomLaunch - ok
19:28:05.0235 0x2310  [ 0605AB12BF1856DF21AB708F28EA91CF, 3A6A7F8F84044DC1EA490A007E6DBC52203BA237ECF1B845961D9BB95E9BF8C8 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
19:28:05.0248 0x2310  DcpSvc - ok
19:28:05.0256 0x2310  [ BABB7BB5AD3CECFF466E6080F43CFC58, 1B8FF66557EC4C749156ED6DACC4D61D5DC4E25DD58F6DB3713C356214B80FDA ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
19:28:05.0275 0x2310  defragsvc - ok
19:28:05.0283 0x2310  [ 63C9464B165D31ACC46B6B089AB36B41, DE38DE4E6331D07630B63224F8014C27368C29791EDB58CC5DAE7CBACD37160A ] DeviceAssociationService C:\WINDOWS\system32\das.dll
19:28:05.0300 0x2310  DeviceAssociationService - ok
19:28:05.0303 0x2310  [ 7B3DA16FAA498838BB457E0B7E380EDF, B73DCFFA60886F10765E4B76A58CFF18C08CAFEE620700361FC8FEC7E80B5958 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
19:28:05.0315 0x2310  DeviceInstall - ok
19:28:05.0318 0x2310  [ CF3895DD260ADE05BC91D8FBE0A82907, D7D8A29E873BE5C3832C9264F0165F6CD50D42ED0E04B0FCF07F054793092334 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
19:28:05.0324 0x2310  DevQueryBroker - ok
19:28:05.0329 0x2310  [ 25435407D97419627F4B10653433BF2B, 5429B0DB7C5302E9A6AF92C046637183D4147D4A206963ABEA3A611214D6AB04 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
19:28:05.0338 0x2310  Dfsc - ok
19:28:05.0341 0x2310  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
19:28:05.0346 0x2310  dg_ssudbus - ok
19:28:05.0352 0x2310  [ E59C209F1F633C1AEAF151B2CA46BBAA, 6A4DA927418B56A228CC8D9DFA3351B2B53A9328F5C56C10F0C7B19974B2ED89 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
19:28:05.0365 0x2310  Dhcp - ok
19:28:05.0368 0x2310  [ 95AA7877FD4161BFBC8493F9279B1901, F6B7DF75D763A89901BD12454BEF92D161B392F721B8568505073929D9F419BD ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
19:28:05.0375 0x2310  diagnosticshub.standardcollector.service - ok
19:28:05.0399 0x2310  [ 58395E37ED838B93A56F1D089C2F53CF, 57D167B58DF5B33F7E2A98E1B8B33C8F076D34CA032D22F050AE6F83A48DC8E6 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
19:28:05.0429 0x2310  DiagTrack - ok
19:28:05.0449 0x2310  [ 91DF13EC831BDCFA36A7A12CD13D66B9, 5054281FE91D4BE0DB446F6F30E3D59E669185555F6C20B988DEC250713FFCED ] Disc Soft Lite Bus Service C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
19:28:05.0470 0x2310  Disc Soft Lite Bus Service - ok
19:28:05.0474 0x2310  [ FDCD449AE9E75D7690593D16ADAF4DB4, 3366C4BDB031EB525F85850E903C46802A2AC762C0772C6F6E543DDA4AF1E9D5 ] disk            C:\WINDOWS\system32\drivers\disk.sys
19:28:05.0481 0x2310  disk - ok
19:28:05.0487 0x2310  [ 43A1B8B43CA4E213E0FD920F2FD6BCBA, 839C6047FD6EA951538209C30C9D8AE68F9B47A58DA151D071C03408250B0ECD ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
19:28:05.0499 0x2310  DmEnrollmentSvc - ok
19:28:05.0502 0x2310  [ F10A8F6D036CEDD14A5471782C52F041, E0DA3C4F76DBBEAED549375E57819F8825B33A118F7674D417D294054863F648 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
19:28:05.0509 0x2310  dmvsc - ok
19:28:05.0513 0x2310  [ 7228733177F673B4D51BD1AA082D47C1, DBE155CDCFAA7C32407A207F637F252FA0CE30F1DE7E7DBEC42DB37FADB5BFA7 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
19:28:05.0522 0x2310  dmwappushservice - ok
19:28:05.0528 0x2310  [ 592E41B3C11CA12203D3708AD8FC3D37, 6C69D5D603FBF038C069EDDCE29F7C6A60CAAE58B985AB218E1497F2BA934D42 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
19:28:05.0540 0x2310  Dnscache - ok
19:28:05.0546 0x2310  [ 6184C7A2F12625C108AEFD3A43429967, 689153F319BB1013FF60F71317E8380A6945EEE8141EDBDD6B185A966E23BB93 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
19:28:05.0559 0x2310  dot3svc - ok
19:28:05.0564 0x2310  [ A616D8297C1BEA690BBC796736A7A78D, 9365470F4609606410AD79D98E1E77D815DC7C5AA924FB639FCF713EE8EDEA76 ] DPS             C:\WINDOWS\system32\dps.dll
19:28:05.0573 0x2310  DPS - ok
19:28:05.0575 0x2310  [ 45771610FF181434073B5A0A00F20F8D, 6A17DB09AA6D021F000F7315317235E1FCF41FD58EA7DF81A7C9F5A6DE999984 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
19:28:05.0581 0x2310  drmkaud - ok
19:28:05.0586 0x2310  [ 00D9A948FB7344C62CEBED88E50EE39A, EF33FE7FB34DE571F3956C1F7AC8EFAA25BFD9F3AFA3ECD25DD34C5890873245 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
19:28:05.0597 0x2310  DsmSvc - ok
19:28:05.0601 0x2310  [ EA354224BAD970CF0F438E6567F26A49, 900F2454F085BC6D2C2149A96452F3375111C601C4464066B6DA1DD7B795021A ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
19:28:05.0610 0x2310  DsSvc - ok
19:28:05.0612 0x2310  [ 496C3C6BC3D930D0960C9E75AA30F4A7, 3FE0E86DA8C2C6A990BB2F1B92C22BD3483882B8D69FF8025BB68A199362C234 ] dtlitescsibus   C:\WINDOWS\System32\drivers\dtlitescsibus.sys
19:28:05.0616 0x2310  dtlitescsibus - ok
19:28:05.0622 0x2310  [ E2CA2BC3B16BDA6E6F80F54C88486877, CBD455286ACA247363BFEDC9745CBFB251FE632101AF6D1128CB2F99AD31238E ] dtsoftbus01     C:\WINDOWS\System32\drivers\dtsoftbus01.sys
19:28:05.0629 0x2310  dtsoftbus01 - ok
19:28:05.0656 0x2310  [ 89C9C3745F270EF93988DA57BC6AA62B, 947886F3121919427BDCB123C6FC28E29CA73D427E92025E1BEAA743D27306D3 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
19:28:05.0691 0x2310  DXGKrnl - ok
19:28:05.0702 0x2310  [ C413D1219AFF3005E1318CC8EA38DB4F, 2DBED36CA9B9BCC443C0D8FD41BAED5FFD38F5531FF9BE5B7A9DAD22087C5707 ] e1iexpress      C:\WINDOWS\System32\drivers\e1i63x64.sys
19:28:05.0728 0x2310  e1iexpress - ok
19:28:05.0731 0x2310  [ 6E36BDBB46DF7F865D0DD30663AE3891, 98967B01EA450AD4D5FE8085F710359C022D783B839A51BD4A266718156B01EB ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
19:28:05.0746 0x2310  Eaphost - ok
19:28:05.0790 0x2310  [ 3070013B01EDA42C7EB67D731340C396, C083CA05650750876E70CB6AB51D5C047C06098C2ED86B083A74C97830247BFC ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
19:28:05.0847 0x2310  ebdrv - ok
19:28:05.0852 0x2310  [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] EFS             C:\WINDOWS\System32\lsass.exe
19:28:05.0859 0x2310  EFS - ok
19:28:05.0862 0x2310  [ 59EE187E333EE9914DD9BEA5F4E0D85D, E34BB8075E38FC6AEC056323C6E3B5B4E7041EE6F4D51699B706DEEA18BDB911 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
19:28:05.0869 0x2310  EhStorClass - ok
19:28:05.0873 0x2310  [ 9297F1CC486F24BDFD2874156AC5430F, 1AF8689ADE4E658FC9418F7886B6C19F7D005EAB2AEF9B0E14FC81C61A74CECF ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
19:28:05.0880 0x2310  EhStorTcgDrv - ok
19:28:05.0883 0x2310  [ 9E8FF6B95FD420FA9E40BE548E5C8D92, 8825B81418335D03CFAADB792C1466023C459BE489ACACBD6686FFB544F22D30 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
19:28:05.0891 0x2310  embeddedmode - ok
19:28:05.0898 0x2310  [ DC2F91EAE9A28FA8C6610A9B7701B70D, 480DB509BF944AAC3617594F1245B4603069DE39186BC1FA7EDB8E0536B05E79 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
19:28:05.0909 0x2310  EntAppSvc - ok
19:28:05.0912 0x2310  [ F7FCCA6300485EF60CEA6D991D6C8C78, 24080D80CF1FD678DF4C9CAE70F65F8D9232F5F6A6F2B73A77B5E3C91E6505F3 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
19:28:05.0918 0x2310  ErrDev - ok
19:28:05.0928 0x2310  [ 2093F65AA84478E28C8E9D05BC413845, 086D4E0D4B993F4041AA8A9DCBEEDB53BD05B88E2BEFB218837FB10FACDF4233 ] EventSystem     C:\WINDOWS\system32\es.dll
19:28:05.0944 0x2310  EventSystem - ok
19:28:05.0950 0x2310  [ DCCDC3F35F0618692117DF90800A4284, B636B2A39AE89A9C2CDE17EC52DA669DA8AA9E2B04CA5CA19926DA8009655244 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
19:28:05.0963 0x2310  exfat - ok
19:28:05.0969 0x2310  [ 5A1C6AFFF6946C5C21A27AE05084C0D1, 558CB87E596E85182F6976F215EE0E35F57BF901409A2805E6A3C29D8984B048 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
19:28:05.0980 0x2310  fastfat - ok
19:28:05.0991 0x2310  [ 046FC9CF53A91E2FBA498CA7B0C3B028, BCFB06DF53065706DD6287E8C47BF5047F8A1E33981E1881E6ED7510337F5BC8 ] Fax             C:\WINDOWS\system32\fxssvc.exe
19:28:06.0010 0x2310  Fax - ok
19:28:06.0013 0x2310  [ 4E4B7D935DBF522B2F23D3573596181D, 9D0EC9F65920EE0FFFB2D49C58E4D5151C8CEEB7AA82543D226E4B84EEE4B3F0 ] fcvsc           C:\WINDOWS\System32\drivers\fcvsc.sys
19:28:06.0021 0x2310  fcvsc - ok
19:28:06.0023 0x2310  [ 583EB1C7690E361213BBD0472155128B, 5F5871490A6DAC4A824F4428941AC86FBFA9AA349B99B5D9544E5D62EB459FA8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
19:28:06.0030 0x2310  fdc - ok
19:28:06.0033 0x2310  [ 94B1A46EDD335F0C54C7BDAFC43348E6, 58073D58D0BE7389C2A4736AFE108835E5AE9C9950FF630644F585C99B964043 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
19:28:06.0042 0x2310  fdPHost - ok
19:28:06.0046 0x2310  [ BC855BB7DFE06F27F78E0EB2A8CCB70D, D16C3DAB99C16B077BA5DA5E9E0646B0B9237B00ABAE867D9F81A2D072D583B1 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
19:28:06.0055 0x2310  FDResPub - ok
19:28:06.0059 0x2310  [ F1125F20D56F28DDCD1A6F3E81EB4F5F, A6620ECCB15FAA70E4A43ADA4CE82CF97D708B6FA07F3FAED276359E7F92FD0F ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
19:28:06.0070 0x2310  fhsvc - ok
19:28:06.0073 0x2310  [ CDFD81CACE0E11596A3BB61EC4CF6467, 569FA86A215B054131AA9AFEECFEE7FD7143DCFFE275B84196004AEA538B2476 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
19:28:06.0081 0x2310  FileCrypt - ok
19:28:06.0084 0x2310  [ 3F02FEDAE894CBF4BAADDF8C8E1D53A8, DA32ABB1CDA867B8456C46F8581FA7F3A8D8B89D9F6E7422F51941D5FFA15B13 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
19:28:06.0090 0x2310  FileInfo - ok
19:28:06.0093 0x2310  [ 2824933386E30DE5BA089DF539CE19A3, 7B33E514576C68B444AE99CBA1360EBFAE8A46EEE5C01F4EE4CF471A712AB148 ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
19:28:06.0102 0x2310  Filetrace - ok
19:28:06.0104 0x2310  [ 6A598249640F8BEDD79EC73917E1664F, A675238EA19E6632CDEB4EEFF7CF509EAAEF76AD8DFD247664E5607555D9CEE1 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
19:28:06.0112 0x2310  flpydisk - ok
19:28:06.0118 0x2310  [ 44B6A6832134DF651E887E941478CA35, FCF4EB726D00F5A17DD66C81CFDA49427281C94CF9CA2008397D591AEA61AE05 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
19:28:06.0129 0x2310  FltMgr - ok
19:28:06.0153 0x2310  [ C197284A9D565A38497733AF2BDFA111, C6615AF0D366C2DD6D431B073901EED02D49AA3F252230735DBB52A90BCFA833 ] FontCache       C:\WINDOWS\system32\FntCache.dll
19:28:06.0193 0x2310  FontCache - ok
19:28:06.0197 0x2310  [ 109AACC7FB0170535F71491F673AFD38, 212B6761ABBAC29993DA0A47C3DDE8074EA9E5A8FFA8FF6EAB95AC69D8FDD5A0 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:28:06.0203 0x2310  FontCache3.0.0.0 - ok
19:28:06.0206 0x2310  [ 3F3B9E8CECD5604BC7746EF3A852EB67, 51AF62A9563379266C0C873E82F55427900032DFD7AC3EBDCDF77F8F8DE91A5D ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
19:28:06.0213 0x2310  FsDepends - ok
19:28:06.0215 0x2310  [ A60583221C7BB7CEC35C63285A297BE1, 3C842FBEAD1FA2BD8D37B2B0E8EDF77F4F50508C56FB25DFA81DE9679090D51D ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:28:06.0221 0x2310  Fs_Rec - ok
19:28:06.0232 0x2310  [ 58013A50225174EEF1410E37795D7908, F8E557CA4110ABB203192DEAF59D91A5FEF2A5EA394637276DAB7F4D2E7BFA39 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
19:28:06.0246 0x2310  fvevol - ok
19:28:06.0250 0x2310  [ 0DAAE3EFCE00133AB3E383A36C47CDAF, 9145665F4F0575F951803AAFAA1A7DC0FAA35430CAE7D90E902074D60D6F4C62 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
19:28:06.0256 0x2310  gagp30kx - ok
19:28:06.0258 0x2310  [ F59155B95D01C08F9ED774B626B504A1, EF0FCF35AD9CD5E5D695F0C064244D2B327E7FB10FD7CBB0586253EC75562918 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
19:28:06.0265 0x2310  gencounter - ok
19:28:06.0267 0x2310  [ AE24452F55C6F1784CBD7489D0CDDB02, 4E13C51CBF30A8662B1180AC74E968CFC428B6EA7931F09357E7D120063D4823 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
19:28:06.0274 0x2310  genericusbfn - ok
19:28:06.0291 0x2310  [ 21931B9C5FDE6087F47F710AC1BE16E9, A727A8922A9769AAC77F5D85ED3475853655E9483C8DA091653D0B1F3D479398 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
19:28:06.0310 0x2310  GfExperienceService - ok
19:28:06.0315 0x2310  [ 96F0D3A583A91B634EE2AC2507356EDC, 43D2575F33D28F61C13D2DCF358BFA9DCEAE276C83152DBE7AE2020A66929CD9 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
19:28:06.0323 0x2310  GPIOClx0101 - ok
19:28:06.0342 0x2310  [ E50CE978F571B900D9A7E2F1C5BCC070, EA14873A5F1B700D7CDBE55B9D214DC457262866A90D80B3E8325A8EB7932CE7 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
19:28:06.0376 0x2310  gpsvc - ok
19:28:06.0379 0x2310  [ BA2455D93BD57989A04FE4094AA6F941, B579FB367C063EA30C034381148410D49D38E183A5A4D51D2334A81DAEE95CEC ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
19:28:06.0388 0x2310  GpuEnergyDrv - ok
19:28:06.0392 0x2310  [ C6FF00DA1605982E616C03BE809FFE2D, 4D9C86B9FF2FA291DC320677D28DF00C26834409F7AD94D6C07D2233ED746B19 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:28:06.0397 0x2310  gupdate - ok
19:28:06.0400 0x2310  [ C6FF00DA1605982E616C03BE809FFE2D, 4D9C86B9FF2FA291DC320677D28DF00C26834409F7AD94D6C07D2233ED746B19 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:28:06.0405 0x2310  gupdatem - ok
19:28:06.0407 0x2310  [ 7F79205B4EFA98F0767309479C8C01C6, 4B576903A83F33A8CF31D3887144A3D51C56D1187115C83AC99C0E9F6B4BF128 ] Hamachi         C:\WINDOWS\system32\DRIVERS\Hamdrv.sys
19:28:06.0414 0x2310  Hamachi - ok
19:28:06.0447 0x2310  [ 467E489AB87260D6035F9F4C8F28D15A, 4079195CA7F91332F63B050E1D66378DC5C796977024B4EF6B2CFD3227F0E49C ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
19:28:06.0482 0x2310  Hamachi2Svc - ok
19:28:06.0487 0x2310  [ C277A49F8A8295840DEBC9240B75A282, 8B2BA0E6A8300323765D95ECD843105B0FC4B80B85EE2220E677C4E9A760C9D8 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
19:28:06.0495 0x2310  HDAudBus - ok
19:28:06.0498 0x2310  [ D5A57EF4822A0388352FFF9F5CD53495, 509F365386859157E9078821FAA56D2A3C0BA296CA129E0D42453428A14687A5 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
19:28:06.0504 0x2310  HidBatt - ok
19:28:06.0508 0x2310  [ 39575B53EB80C77FF2A3F1449D00B7F5, 37E66B38BACE00AFEF7093F990A234399D8451A9D2C2C8CBECAB69C664E63EA6 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
19:28:06.0516 0x2310  HidBth - ok
19:28:06.0519 0x2310  [ 35C3B602664116E737FF729F9A7156AD, 7A3C5CAD716E819CC53405971F3ACD135BCF023EC2228C1095E2116BCC384E62 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
19:28:06.0526 0x2310  hidi2c - ok
19:28:06.0529 0x2310  [ C4ABE526BBF2A18E8AF70177FBAD9C6E, 4DA06B563A08AC15D949F4599F73F172B3BFCB5D23B34240D1E2114438A11929 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
19:28:06.0535 0x2310  hidinterrupt - ok
19:28:06.0537 0x2310  [ 348416C7D7EB05BC3099FE2F2B27985C, F30E8682E9DD731A1AD7328FB8A48A2BB7D6E52780AE1FDE839D26E84B4FA7B5 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
19:28:06.0545 0x2310  HidIr - ok
19:28:06.0547 0x2310  [ 5576DF399CF2D3B63608F7F282151249, 04939E79B8B8035547CE6FFE9001252CA810BAD46D8DB75FF5C13EB10EEB5C57 ] hidserv         C:\WINDOWS\system32\hidserv.dll
19:28:06.0555 0x2310  hidserv - ok
19:28:06.0558 0x2310  [ 01F732724AF6EFE69886DA95A4E51820, E048A480F9396418BDE9659596E7EDA5FF97D3CE029D186048609B47575BEAE1 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
19:28:06.0565 0x2310  HidUsb - ok
19:28:06.0571 0x2310  [ 7433A8D28EE11A661C7A45AF28BA7987, 8A73DB423924E84CD3629BF6C7298CD093D2437B73B3F4520D39330923DDA2D6 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
19:28:06.0583 0x2310  HomeGroupListener - ok
19:28:06.0591 0x2310  [ 3FDBFBE5AE639996EB8D482C16BA7EA9, 7E48304818AABB4C5B0CB7FD32D96D6F90F4180AB0F668A2FE653A7097A40673 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
19:28:06.0608 0x2310  HomeGroupProvider - ok
19:28:06.0611 0x2310  [ 3844CE7DD23530CAD59D8CABA57CCB05, A44BB60686A0E98FF370D9DED5B32C3F34F0352ACFA3B3052BA4023922B53DB7 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
19:28:06.0617 0x2310  HpSAMD - ok
19:28:06.0632 0x2310  [ CA6EADBB8731CA27BDA4037BF290AC14, 31EC9397D55D4EEC416AD722134E2D6B5D14E46D2150CB94889C4BFDAACBF421 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
19:28:06.0653 0x2310  HTTP - ok
19:28:06.0657 0x2310  [ 8841D927EB1F7FFC8B1805BC0CF190ED, B063E686380EEF582CF736E33751812F0041C593C7F30EE97D13DEDC9B246AB5 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
19:28:06.0662 0x2310  hwpolicy - ok
19:28:06.0664 0x2310  [ 53436C3835E80F4421652A67F44D6313, 8731091945A839713348DF3060A4C96033874E2B3DC7E099BEEC8C65B07F98CF ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
19:28:06.0671 0x2310  hyperkbd - ok
19:28:06.0673 0x2310  [ B2DC6C2F313EBB967B556B4E73A75451, B1816A0AE15705F0325F167EA76166779607D6086EC36A4A960E3BA47B4EBC4B ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
19:28:06.0680 0x2310  HyperVideo - ok
19:28:06.0683 0x2310  [ D4CDEE4A62BDFFF6E8558A9552148EA7, 55306786CB45082AE374937EBA256FF9CD640BB2E8C19DC6C704489D4743F5CC ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
19:28:06.0692 0x2310  i8042prt - ok
19:28:06.0695 0x2310  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
19:28:06.0700 0x2310  iaLPSSi_GPIO - ok
19:28:06.0703 0x2310  [ F1DF87463AC308047B089E9F0456B4C8, DFFF3C63D3124C2B879B888104042406FE326D4E7C8C1881A269BD4287B9CD33 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
19:28:06.0708 0x2310  iaLPSSi_I2C - ok
19:28:06.0720 0x2310  [ 9FDD4763A115D04F565C38183DE4646F, A8B0653E7C5F5B3CB2A1B642F502269FB1BB1E35DBB1CBABDBDADF92C9815727 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
19:28:06.0735 0x2310  iaStorAV - ok
19:28:06.0743 0x2310  [ 4E69EE8F8E5DA036535D433C544AF9E2, 2ADE9B97CE1C19FF984D8BB99CF31415872C2D9628864BD78C0E44D21CC94EE3 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
19:28:06.0754 0x2310  iaStorV - ok
19:28:06.0762 0x2310  [ 15C59DF20F74A0C2C764B991FED7F4A5, 6E9804775E815F32A4D73C346E627D64A3096525E78FAE3B6E43CFECAE270428 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
19:28:06.0774 0x2310  ibbus - ok
19:28:06.0778 0x2310  [ 88E6A429944544346EC3AE1FD7D24BCC, B6B8D51E5491C91D2FCDC77C1D82A5168B0C860252208E1B4612D8D5C19401AD ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
19:28:06.0789 0x2310  icssvc - ok
19:28:06.0791 0x2310  IEEtwCollectorService - ok
19:28:06.0805 0x2310  [ 6F9C31435DD3E3D3BC247212EA144EBF, 05C4A0BD4BABD27783CEFEE6108C1A05911A212189233F09AF1A56BDC60F60F8 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
19:28:06.0830 0x2310  IKEEXT - ok
19:28:06.0888 0x2310  [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
19:28:06.0948 0x2310  IntcAzAudAddService - ok
19:28:06.0957 0x2310  [ E42505363945956ECB5D38A4EB21CB39, C6A46A7621721EB1EA46E5F7D2E560D8022A97241F0792814015F803D96A2C92 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
19:28:06.0965 0x2310  Intel(R) PROSet Monitoring Service - ok
19:28:06.0968 0x2310  [ 498759139F71142888CF7EFA1ABE18C8, 9CD0CD748B143F947B4DEDE39344A8C284717CC8AC97E25827EB73CF10831419 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
19:28:06.0974 0x2310  intelide - ok
19:28:06.0976 0x2310  [ DC270DDCDDC2EF65D484A65CC5166222, A88BEAD819ABEFE28B6F9A10586ADCB0EE2A5ED9273F176E9313750609C7892F ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
19:28:06.0983 0x2310  intelpep - ok
19:28:06.0988 0x2310  [ B4D9C777762B1F7356958B9C0AA93BEB, F11B07FE939A107AB4EED4857854DF269C2D86A80C8507C8B1E95F7805975EDB ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
19:28:06.0997 0x2310  intelppm - ok
19:28:07.0001 0x2310  [ 22BD83268B80A8C89AAC0BDF46E4EB5D, E7DC0C2E4104B51EA545BA8D0CFF11FD6A15BFD8EE16E546E8FC220853402CB3 ] IoQos           C:\WINDOWS\system32\drivers\ioqos.sys
19:28:07.0007 0x2310  IoQos - ok
19:28:07.0010 0x2310  [ A49E47A6E1429123F46A7CA9C05AEFC1, FFD68CA46DFAA4954FD76145808E2C74BDC34FFD6979BB3FB6A3EE4DC33CDC78 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:28:07.0020 0x2310  IpFilterDriver - ok
19:28:07.0036 0x2310  [ 8FBA61B7CB44F136226BE3B346FC6D19, 2190A523AC948B18C2C7B6DC96ABB654DAB471AD5E5E13F79899416E91777AED ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
19:28:07.0064 0x2310  iphlpsvc - ok
19:28:07.0069 0x2310  [ E0C276985AF968CE295B8E09C121321F, 07B54165E80D4254C29A6CF00CC634E70F190EF0EB8EEF73EC14F38B841087A5 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
19:28:07.0077 0x2310  IPMIDRV - ok
19:28:07.0082 0x2310  [ 5D3744E6FDEC1A6FB3FA9B1DD4AF0694, 209BE9FC25C8BF8CE058B7E993B6A902B881380DADC69F5208733077DA7F4382 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
19:28:07.0091 0x2310  IPNAT - ok
19:28:07.0102 0x2310  [ E8D96F840994291789F0CDE6800AC1A4, 35B39474B6385DA828D4212047F5C94775FC3C55E8C72EAA503D763D86F9BFB7 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:28:07.0113 0x2310  iPod Service - ok
19:28:07.0117 0x2310  [ B18202D72C0EF4B53CEC6F59E3E1B955, 6DA244E6485372C16CF0B38838DC90B48079A85F5D22B0F2F197C8DA37F0A293 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
19:28:07.0126 0x2310  IRENUM - ok
19:28:07.0129 0x2310  [ CD04CBCCCB4C0E4BB06B98E0F45C888A, 106B3E823C188BD14328F2BEA28559D2F637C270064B2FD214522FAC4E616F4C ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
19:28:07.0136 0x2310  isapnp - ok
19:28:07.0142 0x2310  [ 5D90E942C94B20E0F321015C0ABF3EEA, 4110551B172D4A5524DD857D7CB65FAF2594310BE7883D5641BC0DF5EF49C82C ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
19:28:07.0152 0x2310  iScsiPrt - ok
19:28:07.0155 0x2310  [ 4192DFE6CA143C0AD8AF42C51A82BECA, 31FB3A261D0D5241CC87EF7DFF8BFC1A1EACE8CEC42138918EC5958DAEE100CD ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
19:28:07.0161 0x2310  kbdclass - ok
19:28:07.0164 0x2310  [ B63C0DB341DCB46CF7AA259333A737DD, F1B43BA68707F3F99CD31AB2035F5E86CD967AE4E5393928C69861785E960872 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
19:28:07.0173 0x2310  kbdhid - ok
19:28:07.0175 0x2310  [ 53C79A7FABDAAFD11EAB31963FB2CED7, 357418645DDCEFA5546AE78EDCAE86D50928710CA7A3F65F01CF721AADA36623 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
19:28:07.0183 0x2310  kdnic - ok
19:28:07.0186 0x2310  [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] KeyIso          C:\WINDOWS\system32\lsass.exe
19:28:07.0193 0x2310  KeyIso - ok
19:28:07.0197 0x2310  [ 1E99B26BDB9B9C9BC775ED4543558560, 890870A6737B4910735D1B23F714AA73FCCD1C131D135FACBA6909F06D31B3FF ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
19:28:07.0205 0x2310  KSecDD - ok
19:28:07.0209 0x2310  [ 6198A79011C67497B324798B3D4272CE, C587F7D86837550D07918F6AACF26BF65EBAF7FF57475DC9196B4D011E83AE47 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
19:28:07.0219 0x2310  KSecPkg - ok
19:28:07.0222 0x2310  [ 503597D9B72DBD9998F722F12A51ACFC, 9B3585282191163AA70243BAD921ED8725A98454E0D3879E0F671E0E4F56AB4F ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
19:28:07.0229 0x2310  ksthunk - ok
19:28:07.0237 0x2310  [ ED5AE20C27F27F293C6C61AEC9881054, 4D5BE394D129BD559B0A9D237F3F59CB3D24C15ABDD97AE2E64931D6B9D14FF1 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
19:28:07.0253 0x2310  KtmRm - ok
19:28:07.0259 0x2310  [ C529DA0AD5A21878E318801B024AF8E7, A14E8ADCA33C37B1D256CB4926A19F56D2D19B94EDF314A4ED34A8B5AB62CA5A ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
19:28:07.0273 0x2310  LanmanServer - ok
19:28:07.0279 0x2310  [ D6D9F4CAFD3F1A7E30AD02E508552CD2, F0D225E5951CFE1D8349F634CC91BDD5B3F9DCF6233CCB965E99BFEAFE642265 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
19:28:07.0292 0x2310  LanmanWorkstation - ok
19:28:07.0296 0x2310  [ 24881F16D2829764681F5FAE7B86D7D3, 290348CFAF3165847E4B53965D22E9D417EE20FFD23293B5C1855C57E6328599 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
19:28:07.0305 0x2310  lfsvc - ok
19:28:07.0307 0x2310  [ 6ED675774BDC3735AB6DA12D29F825CF, 4317C7CF491F4E806975E7A973CFF11CFEE9E94730DDABCC67C3D693691DDDE5 ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
19:28:07.0314 0x2310  LicenseManager - ok
19:28:07.0317 0x2310  [ DB789F57CE94C827FBFF709CA5ABD29E, 4CA4DD079A63649C36F76A31C4081F11F5CF6574AC573B63EF930DB19B1D1C95 ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
19:28:07.0327 0x2310  lltdio - ok
19:28:07.0334 0x2310  [ FECBC6C4981772E5D0F517B34A5496EE, 15DB097BFB221B91E580E5CD1DD6B34A9A2C78A1A6FCE4162A855BB4AFE673E9 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
19:28:07.0348 0x2310  lltdsvc - ok
19:28:07.0352 0x2310  [ 24C87BDC66AB192FEB273BEE5FD5AA38, BFAAE1F2450DEBD1A14877C046C6EBA91014DB0B5D0FB95EC14CB714B773B3C0 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
19:28:07.0358 0x2310  lmhosts - ok
19:28:07.0365 0x2310  [ D6BF6FD055BD719F3D62E51B90857159, A7777D18E404164B4DA531AD94D2A712D9CC6A9288795B7388037752A558E96F ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
19:28:07.0374 0x2310  LMIGuardianSvc - ok
19:28:07.0379 0x2310  [ 3BB39166E446D456C277C17DFEA3DAC6, 1A08E1D017BBCE91E508D876835FA7AD2DA0859A8CFE8F8F31B4F12B48E2573D ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
19:28:07.0387 0x2310  LSI_SAS - ok
19:28:07.0390 0x2310  [ 25CF625E46307A5D6674C8DFA1A289AA, 1D00EB70B6B0157013A7C15EF194F51B8596612066EF31B337D8134D6BD0BBBE ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
19:28:07.0398 0x2310  LSI_SAS2i - ok
19:28:07.0402 0x2310  [ 722C52B12EA4C198D56994934C9DDAB6, 5F4AB818251C770821BAF41C19B1C483A31CCC28EB96F2084D4092E33EAF906B ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
19:28:07.0409 0x2310  LSI_SAS3i - ok
19:28:07.0413 0x2310  [ 3371FF1D5D745C3306C6A2C4E99C25A9, DD6F0099001501BAEDDF8411FBCD930BD6472662D209199249203CB2FDAA23FB ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
19:28:07.0420 0x2310  LSI_SSS - ok
19:28:07.0432 0x2310  [ E2EEF074F5260378F9AAFBCD592319A3, DC56674A08FA03FA7AF7DD8B3CC55D8324D1CB51546092A990A935FF9AB48A3C ] LSM             C:\WINDOWS\System32\lsm.dll
19:28:07.0454 0x2310  LSM - ok
19:28:07.0458 0x2310  [ C692B9C0352315417CF49FFA664957A3, C2D4F9A936B809889F7C51FE48214A1923175913A6C5D0B72D3BA469214B5174 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
19:28:07.0469 0x2310  luafv - ok
19:28:07.0473 0x2310  [ 6A4C75FD28F60062FEA3DF3B15D956C0, 4FC58F3320D33BDACCF759A50C623A3E58E4320749E6691B397DF0C8EAAA8A6F ] MapsBroker      C:\WINDOWS\System32\moshost.dll
19:28:07.0481 0x2310  MapsBroker - ok
19:28:07.0484 0x2310  [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
19:28:07.0487 0x2310  MBAMProtector - ok
19:28:07.0503 0x2310  [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
19:28:07.0520 0x2310  MBAMService - ok
19:28:07.0524 0x2310  [ 08DECFCB9BA97786165A69AB1015BC30, EDC8C8447B57BD412E2DEBCA9B5B1B58C19D40105DC7CE9520DE214081696B05 ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
19:28:07.0528 0x2310  MBAMWebAccessControl - ok
19:28:07.0531 0x2310  [ B2ED9A7A5587A128A0EFD0DBE7662E95, 63070AAFD44E3CD2A4B262DF27222B103455A4D8C2E45914502BFA03D84D32C9 ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
19:28:07.0537 0x2310  megasas - ok
19:28:07.0547 0x2310  [ 083F71488E6780A67290273180256EA5, 5F43CE66F5A48850BABB70F4D219FDD002F9BC2B2F0E58E66FE2C492AA335E50 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
19:28:07.0561 0x2310  megasr - ok
19:28:07.0565 0x2310  [ 1BC9159CF58BABD89419072EA180A8F6, 6C9AB779C2355A341800A8F93AAAF9B19FAFF444CD6A7BD27C63D53F379A75EF ] MEIx64          C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
19:28:07.0571 0x2310  MEIx64 - ok
19:28:07.0583 0x2310  [ 5907A10D46747A2B6DBFD6A198254DC2, 6C283E9DC75C7ABFD270D6FABBF4F54628A1786E7CE2F603BF664CBB9E4FE583 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
19:28:07.0598 0x2310  mlx4_bus - ok
19:28:07.0601 0x2310  [ 91ED6F0EDF4158D63C52194F17D4F42E, ACF543978E253650C167C6C370699AEA7340EBCECF7CAB904CBDD334D1BD6928 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
19:28:07.0608 0x2310  MMCSS - ok
19:28:07.0611 0x2310  [ 2C4CC9F6ADBED5A6D131FDB97A78FF68, 04DC76E3F0959C0A9B00DF2133B075194FB7DCBD76832B9D25B0E37223D300DC ] Modem           C:\WINDOWS\system32\drivers\modem.sys
19:28:07.0619 0x2310  Modem - ok
19:28:07.0622 0x2310  [ D8DB13529C8AD6FBAF8E2F382024374F, 13025035C479E2EF76EDCB90D83BE65B4ADD9F7000AD31FEAD628D5DDFE69158 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
19:28:07.0629 0x2310  monitor - ok
19:28:07.0632 0x2310  [ 2DAAF1EE1C30F2FCF59851A64ADA0422, 08CD801E63E2862DE058CD732C3DB3D87B1A2898732365440E3F8919932E96FC ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
19:28:07.0638 0x2310  mouclass - ok
19:28:07.0640 0x2310  [ D30FE074503283829ED194BCAE6239C3, A3A127381ECC798417D01F6B8A1894EED7D71989047BC4D1D74D0E7C8394AD65 ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
19:28:07.0647 0x2310  mouhid - ok
19:28:07.0651 0x2310  [ D5EC9413527B286CFEEB0294C53ABB95, B094C611F5A7E33D2F8667B2A4D6260E1D57BD135867F984EE5B674C7EE72B95 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
19:28:07.0657 0x2310  mountmgr - ok
19:28:07.0661 0x2310  [ C34AB4280614658903BE848CE79ACDB5, 9A943D9B3CF941DAE4EA4E2771B5EC5DA37AB16AD43095EF092B4259D62FF810 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:28:07.0667 0x2310  MozillaMaintenance - ok
19:28:07.0670 0x2310  [ 989A1BBD9C49B107B4A47D06E6827A69, 62D90B22AE13AC84324DFD5FEBA595813AD07469B7FEC41380CE223D93020CCA ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
19:28:07.0678 0x2310  mpsdrv - ok
19:28:07.0691 0x2310  [ A0DBB9386BEA8DA1A159C2A2E07081A3, 9D3F26005A76A72F9512F040D45C16124D17F8C8DA45C51FFAF74F066357D0A4 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
19:28:07.0714 0x2310  MpsSvc - ok
19:28:07.0719 0x2310  [ C1E74DD1D84861D8F12FF8BC0BA11975, 5912A0455C840F5C8AD6383823C9C7DE6FF8B5CAF1B72EA181864999891EAF30 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
19:28:07.0730 0x2310  MRxDAV - ok
19:28:07.0738 0x2310  [ 1DF2C5FD2710A13B07E663A12F0E0EEA, 8EBCA9269F52A5CF602F5DE2B0C2AB2BFD82F415465DBB74C73D43F321D9FD46 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:28:07.0752 0x2310  mrxsmb - ok
19:28:07.0758 0x2310  [ 185932B1149BD707F8A13174CDAB365B, BC26CB10DD6E81A94477564444E91F76D47E685E897BD77B9C1393F0D31AB718 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
19:28:07.0770 0x2310  mrxsmb10 - ok
19:28:07.0774 0x2310  [ 99E24D4DBACBC569833B9A67710D65E7, 93BC765E7B6E19E83AFF783DE8080A80A1D69A406B496F1E36C47AE6E86AFB76 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
19:28:07.0785 0x2310  mrxsmb20 - ok
19:28:07.0788 0x2310  [ 6F8BE4FB6262012E61BBADB5444628DC, E87489207AA48106C08E4BADDD8D66D14BC9DD6AD2A4CDD880BA655932CDDE60 ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
19:28:07.0798 0x2310  MsBridge - ok
19:28:07.0802 0x2310  [ 283BDF3602F442336DAF242BDD07FB98, 185F046B6AA24FFD1567F00AA70357C82002FF627E329CEF9B926645A6DDB172 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
19:28:07.0812 0x2310  MSDTC - ok
19:28:07.0815 0x2310  [ 7C55F1751CAC199680D4489D1EE46544, 967EC8137D321F6139C3382D19A338FD97A3023EB654747AC57C2008BE4AF677 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
19:28:07.0823 0x2310  Msfs - ok
19:28:07.0826 0x2310  [ 988588C16A53C2581488C15FF18934BF, F021FD31163CB5C7012CF96EF642C5E551708C835039075268F4CBED002D441D ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
19:28:07.0832 0x2310  msgpiowin32 - ok
19:28:07.0834 0x2310  [ 09622DBC24D0178F15DB8461BB6970DF, C0B3F9B2219AAF87E417EE9FF54C64B8AD9944E101EA79B5DC81D99E8C2ECF30 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
19:28:07.0841 0x2310  mshidkmdf - ok
19:28:07.0843 0x2310  [ 34BB07495C0159BE4189841E16F3BC2F, 264B5735D9A68C85BEDE363D4C0AE1FCC381B39EA884B4BAEE185EB8A873184A ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
19:28:07.0849 0x2310  mshidumdf - ok
19:28:07.0851 0x2310  [ 7BF3F0DA362C053918F5F2EC43CE39E2, AA773FA3F83C0C572160D3D0286A697DC628FF4F3655EF21D01C6D1B7BE5DF1C ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
19:28:07.0857 0x2310  msisadrv - ok
19:28:07.0861 0x2310  [ 669DA2006C0B9D882D2014617E1E88F5, 090F558818806CAEF6C81D369F8BFFE4A8240295EF37CAA7102A18F4CD20D868 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
19:28:07.0871 0x2310  MSiSCSI - ok
19:28:07.0872 0x2310  msiserver - ok
19:28:07.0874 0x2310  [ B2D0FD21FE67D6434769CC6F7A7883CA, B2368BD72952C6EE6DAF1AA006DF575A3019E4721BEFB108D3DF1B9E07B2BC5D ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:28:07.0881 0x2310  MSKSSRV - ok
19:28:07.0884 0x2310  [ FB3801F176376286A3F8F20FFB8CDC53, EEF89081665B9BBA93AE9F5912C40C1698E8BA8DBBCCC3BBE0BAB5A86B7E05D4 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
19:28:07.0893 0x2310  MsLldp - ok
19:28:07.0896 0x2310  [ 8CBDF0E7A6CD824352F37A682A33DF7E, 4567FF4C73648FF26EA68EAE2B524B767099789086C158875C97768C77B81359 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:28:07.0902 0x2310  MSPCLOCK - ok
19:28:07.0904 0x2310  [ 33E5B6261D69ACD4948A5C64B9D8F29F, 1D32340640312372E52E59AFB5DB872E6F9DFE3AC16B56F9D928AE230DA02B8A ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
19:28:07.0911 0x2310  MSPQM - ok
19:28:07.0918 0x2310  [ 557DF8C0DBBBF518AC395C6EB1B179AE, B294B5A7882C0C60D91FB853FC87505B6E7638D25E360FDAE002AEBB714ED471 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
19:28:07.0929 0x2310  MsRPC - ok
19:28:07.0932 0x2310  [ 0A29AFA668F5DD50482A98ECE70C77A7, 4C1F23B062361D97B1C8D864AB227E5F398F774A99B5E60A1149A4F78D5BEC20 ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
19:28:07.0939 0x2310  mssmbios - ok
19:28:07.0940 0x2310  [ 30CE30877FD5BFADE74FA27D7829BF89, B5EA1F8C91E75722DB1E3E2172C8607FEDBF35BDC4141258A3E6D29D8B0E193B ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
19:28:07.0947 0x2310  MSTEE - ok
19:28:07.0950 0x2310  [ 13D88C0B8A2FA001CD72D454955A6974, 19DD5C8BBD07B64F355737436BF702FFC209D84A8855D2224D3377E233D4BB34 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
19:28:07.0957 0x2310  MTConfig - ok
19:28:07.0960 0x2310  [ 00C7F0F06A0A48B9CDB6B3AC3BE288F0, BF469A2DDF495ACB9FEE9063C6680C95BCC8686682C9EDAE6D1893D4058E8AA6 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
19:28:07.0967 0x2310  Mup - ok
19:28:07.0969 0x2310  [ 8E237527CA260C71D39ED4081BDF3419, CA52DD174C756A404B1FAD3F2A70E50085C2820BF12369259F61DA649101A179 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
19:28:07.0975 0x2310  mvumis - ok
19:28:07.0986 0x2310  [ 48D0587A8302FD3302CFE6F59F7345B0, 26D48AF3F7FF4867E179347CD635055DEA9A751C6C61CE2C391A7F74FC0DC1DE ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
19:28:08.0003 0x2310  NativeWifiP - ok
19:28:08.0007 0x2310  [ 11BE8117653C542D264788A700AC5BFE, 87EAAC2DF62BB26619DA72950F5EE41DCA1DBDF93F098647F9D200D588F14003 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
19:28:08.0017 0x2310  NcaSvc - ok
19:28:08.0024 0x2310  [ 286C6276B2BA86F29A0F687D05466277, AC8551536F37717A0ACE4A260F5696D1276F7AC62F669E8F12AA158DD86F71A5 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
19:28:08.0037 0x2310  NcbService - ok
19:28:08.0040 0x2310  [ C55DA734ED2A831E0BACAAFA01CEB7FF, 9D989B03D07BBAD287B317D238691664B0694331D6A69B7A1AA3D8AB7D1323FC ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
19:28:08.0055 0x2310  NcdAutoSetup - ok
19:28:08.0058 0x2310  [ CF8296427834CF8BBB3EE1444C17362D, 6EFBE1F015DFFA0704C66DF5C88089DD5771E1542018E4AE98389CFF3D0B2309 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
19:28:08.0064 0x2310  ndfltr - ok
19:28:08.0082 0x2310  [ 616F40B897DA651221F86A1741E9609B, 22D66029726313D92FC8E074BCC51C1E1560CB5FE36DCB735E7E063EA53E299A ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
19:28:08.0104 0x2310  NDIS - ok
19:28:08.0107 0x2310  [ A0719D1EBA971DFC5DF5F7CC010385F8, A982487D3A74E66F3C29AAA5B46CE9A0969F07F267DDEFE58C58573573AB0024 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
19:28:08.0114 0x2310  NdisCap - ok
19:28:08.0118 0x2310  [ 0C557932CCCC65AEB37326DD36504527, C0AF3066DEE4BCC32DB30CCC16B7A91442A8383BB36C7C4E3CC0A5EFE0FAAA9B ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
19:28:08.0128 0x2310  NdisImPlatform - ok
19:28:08.0131 0x2310  [ 56F9345D1945826135FBAB7589592B1F, 6BC2A5900076B917823C7392C582A2648D0C8000F2F65D309D5B48E36D4FB4D6 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:28:08.0139 0x2310  NdisTapi - ok
19:28:08.0142 0x2310  [ AADFC340939D99E5D756E713E1D452EB, EFEFDBB2188DE82C2C5E67929861B269FD4C127D34D1DE6D0596ABC33E2C2B51 ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
19:28:08.0149 0x2310  Ndisuio - ok
19:28:08.0151 0x2310  [ 312DFD787D99D3BF1427B0388BC04F71, C082CA1F332AD57FF2100748518D3D7B3D0F1B042F69BD7401C44B77AFE97462 ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
19:28:08.0159 0x2310  NdisVirtualBus - ok
19:28:08.0164 0x2310  [ 2103F43E0A1ECFB14B7E1B889F5F24D7, 6A86E854C89E132DBC9183DE2B9464DC592E7492BE267BA02FE4DAFE6FA87528 ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
19:28:08.0175 0x2310  NdisWan - ok
19:28:08.0179 0x2310  [ 2103F43E0A1ECFB14B7E1B889F5F24D7, 6A86E854C89E132DBC9183DE2B9464DC592E7492BE267BA02FE4DAFE6FA87528 ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:28:08.0190 0x2310  ndiswanlegacy - ok
19:28:08.0193 0x2310  [ 6E98F16983C4AE8703FF9F90AB4B31DD, BB8BD5DB4B5FB31F3A257747C27CBEFA4B7837EC5C0CF3D4F408E626E4003F4C ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
19:28:08.0202 0x2310  ndproxy - ok
19:28:08.0205 0x2310  [ F1B7CC77F412C8D45B2DDCF76EDA4F9D, 25F2AA76E675D9BCC0B1FD47AFEC6DF2D0B47E7B1C8AF6FB27C1ED2FB902961A ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
19:28:08.0215 0x2310  Ndu - ok
19:28:08.0218 0x2310  [ 824FDC990A3F79069BE468A132EB6888, D09F7A9EC04E37DA504CE54EEC25C312B407B6A8B214CBB074BEB50DE420F52A ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
19:28:08.0224 0x2310  NetBIOS - ok
19:28:08.0230 0x2310  [ F0D791348AD254360CC3C3E501CCB745, E4CAB4D3C2CD3169731283B00DEBFE26438BB66A3F0D78BDB68E876A14FC7070 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
19:28:08.0241 0x2310  NetBT - ok
19:28:08.0244 0x2310  [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] Netlogon        C:\WINDOWS\system32\lsass.exe
19:28:08.0251 0x2310  Netlogon - ok
19:28:08.0256 0x2310  [ 7C8A7380CBE45DFD3DF118D8601499A7, C137280B7696F8CF4258BDC8B241C66BB3AA5708C5410D85255E46C7E8284826 ] Netman          C:\WINDOWS\System32\netman.dll
19:28:08.0270 0x2310  Netman - ok
19:28:08.0279 0x2310  [ BBE9D72EFC7BD66B28309C3607683DBA, FC372EFBC650CE0BDB117858D840A1FB361947B1C67D1DD16BABA95D0286856A ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
19:28:08.0298 0x2310  netprofm - ok
19:28:08.0303 0x2310  [ 5D046D71B18BEFB2E4D164C3DEEDD672, 536834D020889973854830919B23DF22CC1B27236AFAEDEBDF42D432CE48FCDE ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
19:28:08.0314 0x2310  NetSetupSvc - ok
19:28:08.0319 0x2310  [ FBF2ACE9B10DDE0B4108930D78370E86, 2A4910F071747B786EA49A638B3AAB698DCD0AD7FE702078BA83F85C533A227E ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:28:08.0325 0x2310  NetTcpPortSharing - ok
19:28:08.0329 0x2310  [ 46E862DA2CF8F351375EF537276B69B5, AC0FE0977E56380849DCE668AC0F5AF183AAB115ED84ADD964E390CC0BEDF6D3 ] netvsc          C:\WINDOWS\System32\drivers\netvsc.sys
19:28:08.0336 0x2310  netvsc - ok
19:28:08.0343 0x2310  [ 88CE4AC85F36B6347C1D820FA373B998, E10B5DF8883928A2062FC6180DE4CF0DE33C68622C2E3E4E1AFC56A0682F8E75 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
19:28:08.0354 0x2310  NgcCtnrSvc - ok
19:28:08.0357 0x2310  [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] NgcSvc          C:\WINDOWS\system32\lsass.exe
19:28:08.0364 0x2310  NgcSvc - ok
19:28:08.0371 0x2310  [ EA1C2DAB8A63712B94897A58557B086C, 98DD7E5C84F3CDF2DAA89484892D6B439F5D14297B5243436925BEEAA0C02EE1 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
19:28:08.0385 0x2310  NlaSvc - ok
19:28:08.0387 0x2310  [ 41557BE174E9EC6AC703A8A4ADBC6650, 8CF6DF3FDC3C7C44B32851538A67BF86A54AB6444A424D7A20B7A9A94B4158D8 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
19:28:08.0395 0x2310  Npfs - ok
19:28:08.0397 0x2310  [ AC3F70FCFBCE97AA2F12BA43EE13B86E, D0AC50FB022C0F3031531CEE210D47FC3244C6FB55FAAD4AAB04081F0A21DAE4 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
19:28:08.0404 0x2310  npsvctrig - ok
19:28:08.0406 0x2310  [ 0AF4872D3D6FD3A030E836DAC2B3EF2D, 03EE7B6FAFC0BB5C26793BC5FF8BD1019AC96B3104688009C1E062C3F4F34D6D ] nsi             C:\WINDOWS\system32\nsisvc.dll
19:28:08.0414 0x2310  nsi - ok
19:28:08.0416 0x2310  [ 66A98C407085B8920DF1E6D722F1ADB8, 3FE307E4A9E41B08E0453507E50D6D0C67FA6F4245A863D90181463C749C83B5 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
19:28:08.0423 0x2310  nsiproxy - ok
19:28:08.0452 0x2310  [ 466EC5659C02ED53DBD47DC1BC2B8086, 1F35DE75386F7D029C01D67B09D5E5157141C6892858885C11972CE73D6078AC ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
19:28:08.0493 0x2310  NTFS - ok
19:28:08.0497 0x2310  [ 383E546EF4982262A0EF6CC2B6E9D525, 3C6C90B62E8EB094E6928C388E5081A3F73DF87B0F34F716B72EA7B6EF71FBB7 ] Null            C:\WINDOWS\system32\drivers\Null.sys
19:28:08.0503 0x2310  Null - ok
19:28:08.0507 0x2310  [ B9E5A80F646DDFEF158773722A466EA3, 028979FE600D17DA70445F44D81FAE4EDA3478FCC81FA5506133CCAC37C4E2BF ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
19:28:08.0515 0x2310  NVHDA - ok
19:28:08.0653 0x2310  [ A5EE0530F8B4AEF6B319AC4E7190D766, 0BA1A8CF3537C547EC3DC8E323340CE018A36A24975CB8BDB5B5F68A3FEF42C6 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
19:28:08.0796 0x2310  nvlddmkm - ok
19:28:08.0831 0x2310  [ 72DD6225BA6055472522195F96473639, 27C8F847B247645061C0CD6DFCC986DA27638A9DFE686040160DFDCF7B3A6E72 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
19:28:08.0857 0x2310  NvNetworkService - ok
19:28:08.0863 0x2310  [ 466F875F1D4C6ABB46AF28007009237C, 26F5A5579737A7CF2267F79DDE5A551149C682D5FD24663B53FCEC5AA6B448CE ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
19:28:08.0870 0x2310  nvraid - ok
19:28:08.0875 0x2310  [ 76F19EAE7A52CBAF7B8EC428BE6E0DA0, CF1E55D92FA32744A20AB75D466A3E05E6FACF4694F9265C41F5C27C1E7243DC ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
19:28:08.0882 0x2310  nvstor - ok
19:28:08.0885 0x2310  [ 4680DDDDDBA1CB1D56D49B4A6134155C, BF6E538BC10B23F6D93143F5C48155245852798D4846F401E0DA70A5BCFC74E1 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
19:28:08.0888 0x2310  NvStreamKms - ok
19:28:08.0956 0x2310  [ E14F52B60581EE71849CD45186892046, 72B3E92CD34489306AB7D794C4C1F67513DE80C72A847DCF7A3EEFE2254762D0 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
19:28:09.0030 0x2310  NvStreamSvc - ok
19:28:09.0048 0x2310  [ A26CFCA56DD4557FC8D3274D67ACD2AE, 441B84E045AC7D08FD53427CDB4B6EE3BB9F3D9722AA2428726DC4F3E2DC8331 ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
19:28:09.0064 0x2310  nvsvc - ok
19:28:09.0067 0x2310  [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
19:28:09.0072 0x2310  nvvad_WaveExtensible - ok
19:28:09.0075 0x2310  [ 0D0CB77D74B38E0EC62341C19E469D8D, A05D3CC67FEEB2FD219BFAA34BF98CB3F3718042124AF28F0E9FDFB9F132DD76 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
19:28:09.0082 0x2310  nv_agp - ok
19:28:09.0088 0x2310  [ EA3FFE8617B9FCA1620AD9876E92F4F1, 68D5143CA71D10A2BB44E29B3C76580596669D0624076BCF6CCBA7AF3140538E ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
19:28:09.0103 0x2310  OneSyncSvc - ok
19:28:09.0133 0x2310  [ 10202AD89DEF5E0F7CDCF2CE8C5EF1EE, F2A9CAC054A440EBF71D7372DAA7A57BC9DB1893C45EA01F21537CE714B7451B ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
19:28:09.0164 0x2310  Origin Client Service - ok
19:28:09.0169 0x2310  [ 2B8E4C792BED0E5882702720BC528AE5, 6D7CB027BC6014CB268C49B46049CDFF3BA94D07102A65BD053335A28E83D125 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:28:09.0176 0x2310  ose - ok
19:28:09.0183 0x2310  [ CAFB5A95883158A0579DED2ED5CB0627, B23F7D19142DD3544F96ADB36F152F4EA7F6C524A1281EC26A2B95D7D044822C ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
19:28:09.0197 0x2310  p2pimsvc - ok
19:28:09.0204 0x2310  [ 3612CE3432E0A2BE0081E6B488ACF84C, F1A641735FD374CA293FB98FADA2C41E2033B17FECCA3B6D225D0E591AFFF413 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
19:28:09.0220 0x2310  p2psvc - ok
19:28:09.0224 0x2310  [ 38F1AE32339731F6E5A7281AE8042545, 308954518C45D29FC199525F0CC7FE4EA805322EC0B871DDDCBEEC15355514C8 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
19:28:09.0232 0x2310  Parport - ok
19:28:09.0235 0x2310  [ 707889D2F95AAE8C9DD254D8767AD908, BE7BD94728D7629F8B7567523FFB42B8979941CEA2EA03E11BFCD51CF119FC27 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
19:28:09.0242 0x2310  partmgr - ok
19:28:09.0251 0x2310  [ A09B0D8F9F0FC17EBCE6481AC9FD5CDF, 8E8D68992D98CF3DBC4B70C7902B3EC28A1E2DA8D4DB38F0AD9D52B1A5A1D40F ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
19:28:09.0265 0x2310  PcaSvc - ok
19:28:09.0271 0x2310  [ 2834089EA4E550FF3B96E61FB4AA34ED, D25DAB47F9778675E984E0738D2014024C2758D52D7E071167A12FF466B7898E ] pci             C:\WINDOWS\system32\drivers\pci.sys
19:28:09.0281 0x2310  pci - ok
19:28:09.0283 0x2310  [ 3D587E4295B11B8480F7ACB09A89D718, 8C3BD62B3451E1B2E7197EDAE381785406DF86C03BEEC486602C642FDD37DBC1 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
19:28:09.0289 0x2310  pciide - ok
19:28:09.0292 0x2310  [ B8F07002B5F1DA23CFF979C2806B09F3, AD5C589A02BB8185AA070420BF30E78BC8BE3C6F9B0F66319A8CA05B70A5ED32 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
19:28:09.0299 0x2310  pcmcia - ok
19:28:09.0301 0x2310  [ FF588077D0C6AC2EA3FCBF1903CE08D0, 64BE1646FB6D8CC902B6F386255F7C0420E3C334E14DECD527DD541B43A1DCD6 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
19:28:09.0307 0x2310  pcw - ok
19:28:09.0310 0x2310  [ 70469C8AC4AD367295E70CFDD81B754C, 3EC6FD742C7C60363939E5343477810D751D91D32A2F24285976C08A7C4477AB ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
19:28:09.0318 0x2310  pdc - ok
19:28:09.0330 0x2310  [ 688F47C342E1BBC87A48AB71D316233E, CE99AB67C7E7A11AC69C2F4513AEBDACA385BA7F8CC49BE6313CE04ED404A0E7 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
19:28:09.0352 0x2310  PEAUTH - ok
19:28:09.0355 0x2310  [ 189265498945593D5256CFF7FEBB9665, 9CB88CC3C726BFE6EDCE8D9E4544306AACD3FB9E969E3A438D9FD533F25C1281 ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
19:28:09.0361 0x2310  percsas2i - ok
19:28:09.0364 0x2310  [ 9B86965114F6831A5130EFE6657B17D9, 4C5B657DB9A9F96BFD3EAFA756ED60D911EB58857C439F5FA6E495A473ED1145 ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
19:28:09.0370 0x2310  percsas3i - ok
19:28:09.0380 0x2310  [ 8A5A52C855FB5BFEF019AE9938AEA8AE, 77CB8A09B209DB5895319BA9D073A67148926E22C47836343050DFC178AFAEEE ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
19:28:09.0387 0x2310  PerfHost - ok
19:28:09.0396 0x2310  [ 839BD56425530973FF3F6F7C0057CD22, 9BADF39BC4628409CFCD5F1300C6040C49B2ED72D0FA389C6BB042E5B17E1A40 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
19:28:09.0408 0x2310  PimIndexMaintenanceSvc - ok
19:28:09.0430 0x2310  [ 82FDEC2A262728F62F2111A84CC04B16, A1FCE38D4F55F10BB9B3BFB7D9E3EF7C27D499D9C8882218C8A9A73487798188 ] pla             C:\WINDOWS\system32\pla.dll
19:28:09.0468 0x2310  pla - ok
19:28:09.0473 0x2310  [ 7B3DA16FAA498838BB457E0B7E380EDF, B73DCFFA60886F10765E4B76A58CFF18C08CAFEE620700361FC8FEC7E80B5958 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
19:28:09.0485 0x2310  PlugPlay - ok
19:28:09.0488 0x2310  [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA        C:\WINDOWS\system32\PnkBstrA.exe
19:28:09.0493 0x2310  PnkBstrA - ok
19:28:09.0495 0x2310  [ F1E9C35A8DFD4D64382CFB9019A950F9, 24E0381C6909F9876D6DC4697DC6405FE18DF91531891B2CCA6DB0191B9C6DF4 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
19:28:09.0503 0x2310  PNRPAutoReg - ok
19:28:09.0509 0x2310  [ CAFB5A95883158A0579DED2ED5CB0627, B23F7D19142DD3544F96ADB36F152F4EA7F6C524A1281EC26A2B95D7D044822C ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
19:28:09.0523 0x2310  PNRPsvc - ok
19:28:09.0530 0x2310  [ 62C0BD179961132EF2C5B952210C11F5, 2473FBB3619D0DDA229D4BEC30CEFE7497C27ED3844A5B7655F6F2D328FEAF61 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
19:28:09.0546 0x2310  PolicyAgent - ok
19:28:09.0550 0x2310  [ 6390391EDFC43DD11CE9E6AADCAC20EA, C8BC222FFBB9E47489D16BB5248E0E2E594011C46CFF71F5DBCC4D5CC6788098 ] Power           C:\WINDOWS\system32\umpo.dll
19:28:09.0558 0x2310  Power - ok
19:28:09.0562 0x2310  [ 1433EB7908E5E1E20FFD50E4126C3484, 34D81680C8F2F2C5892FC0E0A6DFCBB241AFF493267A1FE182ED28AE9F712456 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
19:28:09.0571 0x2310  PptpMiniport - ok
19:28:09.0615 0x2310  [ 12E2582F69ACA40A6BAE91DA578CBF34, 648C6394763906AA4163976DA2C3308F8B706486D9D8F16258CB1D61C2929930 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
19:28:09.0684 0x2310  PrintNotify - ok
19:28:09.0690 0x2310  [ 22DE54C3974E4FD98F61D095C22C59B7, 64E78D6DEC4A28ABB0A23F2CF078459D81796EC79235AE45976ABB4F72B1D1E6 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
19:28:09.0699 0x2310  Processor - ok
19:28:09.0705 0x2310  [ 27D0B024BB356C6BEB1214B61E47DE02, 8CBDD62E243CC652F2197AE83DEDD21D91D2792558A6D7D1CC680B37607DEF4B ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
19:28:09.0718 0x2310  ProfSvc - ok
19:28:09.0722 0x2310  [ EDD52C352CBAAAD13FD7BD5DCEA309B3, EC7D294B23FD5C309E5C4C455896937B85DC615E1B36C9F8F3BDC90E75EBF9CF ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
19:28:09.0730 0x2310  Psched - ok
19:28:09.0736 0x2310  [ DD3FF2053356D11C785999BBC633F3E0, E9A5B7C657F4523E5DEF7AEE7ECFCC94E911FC65F1D491BEF01239F357B8D8E0 ] QWAVE           C:\WINDOWS\system32\qwave.dll
19:28:09.0748 0x2310  QWAVE - ok
19:28:09.0751 0x2310  [ 51590F442C6E5D43244BA30DDB0CE79D, 9C7FD0A19753C13FD4A27EBFD60703A2414D5A2F6F451F0B32769C8D7C953980 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
19:28:09.0758 0x2310  QWAVEdrv - ok
19:28:09.0760 0x2310  [ E951E70019865B06126AF850BCCA2026, C590DE38C7603149AFA0271D57EEBAF956F18F50584FCF04BC2C8D8CEC5C5932 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:28:09.0768 0x2310  RasAcd - ok
19:28:09.0771 0x2310  [ 0BF8607133AE264BC3C41A5BAA5FFB7B, 9A4F6AC6013AB5C2A99BCFC2CCF161DD225DE8D85D61579655ADBF04A4383A61 ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
19:28:09.0781 0x2310  RasAgileVpn - ok
19:28:09.0784 0x2310  [ FE0976379F9E7DB6F7945FCEB88C7E29, BA331CE55C02E86478714DA87FAC547B50D53BC7D02BCA5A64D484DED44BFAA5 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
19:28:09.0794 0x2310  RasAuto - ok
19:28:09.0797 0x2310  [ CA60F6C03611AF1710BC903ED9F566FB, B5C9E8BAC631738761E11168AB68EB1ECC5EC96BF9A8248B9127DCF744CA4691 ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
19:28:09.0806 0x2310  Rasl2tp - ok
19:28:09.0818 0x2310  [ 586A17C10D417D889F1FF7D8636E2F34, EEDA4EE8D2BC5C8C7756AB79F1F19AF8B1C4057996748FAE4E3F37844DB0EB33 ] RasMan          C:\WINDOWS\System32\rasmans.dll
19:28:09.0839 0x2310  RasMan - ok
19:28:09.0843 0x2310  [ E5FA41160F5A3D78D8F7765E5C5F6BB0, 31BA423FFFC3206717DC34B482149421EE28B27A4A3BA2DC78C3B3A9EE0C1365 ] RasPppoe        C:\WINDOWS\System32\drivers\raspppoe.sys
19:28:09.0852 0x2310  RasPppoe - ok
19:28:09.0855 0x2310  [ DF0834AE921E633E05D1FDC55C318957, 851A00961224DACBEF9DA427122F6B4B73BB99849D5ECB55DBBD311B2EA84C33 ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
19:28:09.0864 0x2310  RasSstp - ok
19:28:09.0872 0x2310  [ FC9B7AC6E2B837EF7CD6C64F7068D41D, 9B0DD842033E82BC7EE80416A62B084BF5200923EB7A6C80415BB28004E9B5E3 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:28:09.0886 0x2310  rdbss - ok
19:28:09.0890 0x2310  [ FB7375657F8A5932C35EAA45E9B4B416, 99594708BFD6DC9F8CECBF092058D4D0D4F1BC3204E86F9FDAD5207ED5ECF194 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
19:28:09.0897 0x2310  rdpbus - ok
19:28:09.0901 0x2310  [ A32AED8C644734B283A7C9D08D76064D, A12F67C57E43B6A2FE6449EA3822B1108FE70C66AF9911798777F85D760E384C ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
19:28:09.0910 0x2310  RDPDR - ok
19:28:09.0915 0x2310  [ 37CC7E41243EFBB4FBC0510E5CA32A02, 634E2F81D61F937F30E5ECE01FB581E090C6DA073EF7B1A3F6083ECAF363CB46 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
19:28:09.0921 0x2310  RdpVideoMiniport - ok
19:28:09.0926 0x2310  [ DAF957B25A35757E9D814611FAE8FE3B, 5244A427B2DEB5349B9F336A4A39A6834A6E8118A8EDA00738C6CE09F2452C24 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
19:28:09.0935 0x2310  rdyboost - ok
19:28:09.0949 0x2310  [ 2C72E029C153D25325CA182A669E4ADE, 5CE0E04A6B53A1F11E8159DFD1E59F2AE6631E3B5BD27BAAEC4A35BC02A55722 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
19:28:09.0971 0x2310  ReFSv1 - ok
19:28:09.0981 0x2310  [ BABEE4A896D005BD0D205F1C932DA25E, 269FDF65BE3A226FA2A5CA25085366E32ADAD30A020484FE844962E8C61CB1D2 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
19:28:09.0998 0x2310  RemoteAccess - ok
19:28:10.0003 0x2310  [ 066062967A77867BDCF665960EFDAD32, 68143DBDFA7C68786C22F5CC4E80200255C663A844069C080E7816F423ABB1F4 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
19:28:10.0015 0x2310  RemoteRegistry - ok
19:28:10.0030 0x2310  [ 891C83BE8BA62B7547B9A6576A360C71, B808FE4B5A93B8C971C2AF6CC7F0BAE7154A43A87D6CE0826277D1D7D7948E24 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
19:28:10.0057 0x2310  RetailDemo - ok
19:28:10.0061 0x2310  [ 6451FE42C35FDE3862D99579444F4A8F, BD56A1120AACF6143E6EB739E12BEE86DF142F1159865608BDF1BBE54B66AFCE ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
19:28:10.0070 0x2310  RpcEptMapper - ok
19:28:10.0072 0x2310  [ F24131EAD1D0B73463052BB042A37B6C, 43B5772310B200DF1914C8E4D10401A0BCE9082BDEAC34736AFB2920B39D7956 ] RpcLocator      C:\WINDOWS\system32\locator.exe
19:28:10.0080 0x2310  RpcLocator - ok
19:28:10.0093 0x2310  [ 5E57B9FBB4E9C43EE5B69BEE01A1819F, A1F8D1E52AF446CEA2EB50064E3A24B713B19197D61C3EAECB81B3CCD80558E7 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
19:28:10.0118 0x2310  RpcSs - ok
19:28:10.0121 0x2310  [ DC66C1D262D64E30A30B68E9F21AC74B, A5ED3D31BCD68DBC00A956787517ACA167C86F5FFDAF7C9A85505FA2B705C6CB ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
19:28:10.0130 0x2310  rspndr - ok
19:28:10.0133 0x2310  [ 88F7703F2A4677C828124AE2110D3EBC, 529F6A5815806F2EA2235802BD28AF8D7A40E7799356BD3EC337C9E71B6B53E6 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
19:28:10.0139 0x2310  s3cap - ok
19:28:10.0142 0x2310  [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] SamSs           C:\WINDOWS\system32\lsass.exe
19:28:10.0149 0x2310  SamSs - ok
19:28:10.0152 0x2310  [ B467E932FE4E16E201DC7E56870CB559, 6FCE9A2DFC5D222BBEA4AA271A17B830FCF8EAE44B07BEE5FF34AE50CABCBB6A ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
19:28:10.0159 0x2310  sbp2port - ok
19:28:10.0164 0x2310  [ 3E115C63649402D321D396F8D606C9B0, F4BA7FE0E89D563A57B6865E4CF1334998987D11A0D70FF7491726A507B40DF4 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
19:28:10.0178 0x2310  SCardSvr - ok
19:28:10.0182 0x2310  [ 67EFFD3D1BB6D2B67DF7F8FDCB1A51FC, DE41539FAC730F5CFF6C8754ECFF1253AFDC1C86743AE71B61D716B7A84E85FD ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
19:28:10.0194 0x2310  ScDeviceEnum - ok
19:28:10.0198 0x2310  [ 31DDA0716EC265CA57DAF9D2295FD76F, E6F39C1B3CF81918277DB8C6E3DF9A82812E1C9063DEB1FB85FE433DC9A16CBA ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
19:28:10.0207 0x2310  scfilter - ok
19:28:10.0223 0x2310  [ 1BFAC03B6422E878EFCDA934BF4C4823, 0BA537A4B9E8020E6B709A44F1382DB3B41CEF631B847201F812152FEB303CD3 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
19:28:10.0250 0x2310  Schedule - ok
19:28:10.0255 0x2310  [ 320E7A02D81A468E8C1FEEFDB856AFAE, E65127D3D6B628F9D19EA509FEBD9E4DC1BF20D0C62C3C9E1D7087DF972B2AA7 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
19:28:10.0267 0x2310  SCPolicySvc - ok
19:28:10.0273 0x2310  [ 004C66464D8FE76D5DA78BE6777D61AF, 58B5C436798EEBBE7081D54B55B70DEB15331856802CD45E3FF8BDE794F06A27 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
19:28:10.0282 0x2310  sdbus - ok
19:28:10.0287 0x2310  [ A906C527B838A4922611C63EBD250F91, 6BB0054A9C2408138BDF49D834FF99B5B9764E7747ABC15016F54FBA1D28394F ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
19:28:10.0297 0x2310  SDRSVC - ok
19:28:10.0300 0x2310  [ F4BF50A7D16A97A887BFA0F193693C42, EEBF5AAC149C72F490BAC954B25BB6882B10FC38F93CA4F4829A06702B1ECEF9 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
19:28:10.0307 0x2310  sdstor - ok
19:28:10.0309 0x2310  [ 648A299839E8F48A946C41DE270D28F5, EEC9A5FCBE3FF78FB5E0452FF1932A8B0C7399688041E22555703CB1977A4428 ] seclogon        C:\WINDOWS\system32\seclogon.dll
19:28:10.0316 0x2310  seclogon - ok
19:28:10.0319 0x2310  [ 29452A9DA3E3482F0C2963312F979053, E1782D36C336C4B4C261AD665C1E9051905AA86020E08FC94069972AF4C4DB4B ] SENS            C:\WINDOWS\System32\sens.dll
19:28:10.0330 0x2310  SENS - ok
19:28:10.0345 0x2310  [ 919BA7E3054E4F1D61A3524ADCE6A970, 3C382673DF5AF2F38A5AE4A268F5856B0CC9E65D52213DE6D2C06E252753B73C ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
19:28:10.0373 0x2310  SensorDataService - ok
19:28:10.0379 0x2310  [ 01C2EEA7870FE26A4A6CCBA5421CC7E5, 9E643AB6BCBECE4F2A5FD4C96547A4E3F2BDFEFC5FE24B802467718EC69929F8 ] SensorService   C:\WINDOWS\system32\SensorService.dll
19:28:10.0391 0x2310  SensorService - ok
19:28:10.0396 0x2310  [ D2FEE824B4AA0BE377F1353E5F915BF4, 00D754C62F3482BBD0EA72C896139C39D15192B2D9FCC7B755D1FB9DF9FCFD9B ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
19:28:10.0406 0x2310  SensrSvc - ok
19:28:10.0409 0x2310  [ 9DB0BBE3ABE1F49651AE51EC5BCABE58, 0B46C1F231F41766AB73EE7E9834D3CDACA602D12E702D9277E28B47417D9CA4 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
19:28:10.0416 0x2310  SerCx - ok
19:28:10.0420 0x2310  [ C4AF79C37334D995D95C22C14FDBF7FD, 4D4985921261909F2123467A22EDB102B490710F60AB935624435E5BB808A0E9 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
19:28:10.0427 0x2310  SerCx2 - ok
19:28:10.0429 0x2310  [ FC541A272F47BE03E67A9FCB87FA8C3E, 730A3616FD67E9F2832442144B2655A8EF78B9AFCB204113E73E257256491354 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
19:28:10.0437 0x2310  Serenum - ok
19:28:10.0440 0x2310  [ 2A5F5F95FCA123DCBF53B5F603B64789, DE5C9E1D88B2C180B137DA7839F3EF6C936A171ABA49F89C10EE9C73A2226F3F ] Serial          C:\WINDOWS\System32\drivers\serial.sys
19:28:10.0448 0x2310  Serial - ok
19:28:10.0451 0x2310  [ C8738887228B7BFA3B1A906816A8BB12, 328283569201791891D5E9FB3028DB5B9FD93A7BEFC00C7DEBC2CC5731DE64D5 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
19:28:10.0457 0x2310  sermouse - ok
19:28:10.0468 0x2310  [ B1CB58853153397DFFA2D13A81451D09, CC9B3B064711E9B5CB38DC1C84DC410033939848BD31BB0D12F990E8154F357E ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
19:28:10.0483 0x2310  SessionEnv - ok
19:28:10.0485 0x2310  [ 67832B68752CDF7FDE56949E4A2E70BF, A72320EA8575A751DF86A1EE7969AD9D548D6185F2520197262E11B79FF8222B ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
19:28:10.0492 0x2310  sfloppy - ok
19:28:10.0500 0x2310  [ F10E5536E1C753E01CF19FA4F466CE90, C9897F22B176D84CA233F864078895E3DAD4DAD090FACBB01BD6E59EE337B47C ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
19:28:10.0516 0x2310  SharedAccess - ok
19:28:10.0527 0x2310  [ 4AC12D495B3CB4275F74C68A7A017561, DC53EBD606ECCD8BCF6D618C0EB58B03F5C20F09E0F0AEDE9B8082D6B208B19A ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:28:10.0551 0x2310  ShellHWDetection - ok
19:28:10.0554 0x2310  [ ED058030296CF9B79C8D48BF43724323, 01DC7C2590DF48116CD1A126F207FE5DE439A53286BAE3736E22EE3D1CA80BE3 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
19:28:10.0560 0x2310  SiSRaid2 - ok
19:28:10.0562 0x2310  [ 633D3D1581E9DCCD5A2D8F039104C9A5, C44B5097016C2AEC8B41F77425FE44413562F9DCF0C0C11CA69D8178970B4706 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
19:28:10.0569 0x2310  SiSRaid4 - ok
19:28:10.0571 0x2310  [ 35B8FC714C2E7F07F7DC7C64452153F8, 6D45EB01B5F972ED0E5520E771F007FFEE892054FABDB3DD00D3E9915D3A0A31 ] smphost         C:\WINDOWS\System32\smphost.dll
19:28:10.0581 0x2310  smphost - ok
19:28:10.0590 0x2310  [ DE3A5C27EC842A113F68A2705FF63B00, B134EF63708A892B673B539F544F7980FF72838D822E8E4CCDDB359B22CB8805 ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
19:28:10.0610 0x2310  SmsRouter - ok
19:28:10.0615 0x2310  [ CD1056818A6FCEF4D32BD1D6E34070D5, F5BFB61ACB220A73B0DC4487B049F52E9F9FA2D4188C001E7A5838D47CEA6343 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
19:28:10.0624 0x2310  SNMPTRAP - ok
19:28:10.0633 0x2310  [ 187B4AD4446C59F8FCC4A10F473EE3D1, 0AAD961B3D7B3484DC89CB86F3EC96CEBFABB7224A5BFB48083DE8F1805EA7B4 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
19:28:10.0645 0x2310  spaceport - ok
19:28:10.0652 0x2310  [ 2799FCA215919FDC9A87C5FCAB530828, BDE968BF26693AA4D70AB669896BCA49C6F533EA226386B35B0EA589A55227B5 ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
19:28:10.0666 0x2310  SpbCx - ok
19:28:10.0684 0x2310  [ 58C17D92AD61EC7A98B05F4FAD0D205A, B881134A1BD9194145A9D18BDB34D57E2C167F06C2A9368459D0C33E6E0D6501 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
19:28:10.0711 0x2310  Spooler - ok
19:28:10.0795 0x2310  [ 5C31E109943E67CFC801810C00AB63EE, 9A80D7CDA1135EBCE10E753986A59CFA3D8D49F9B0BE38FDF99880B1DD88C41D ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
19:28:10.0897 0x2310  sppsvc - ok
19:28:10.0909 0x2310  [ AA1F23501511EFE9CF9771F6B20E8D45, E786852D9877CCFD35444F8FC694467132F868D87A8C344FD1016FFDE74695A5 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
19:28:10.0923 0x2310  srv - ok
19:28:10.0935 0x2310  [ F5B169EDF9D5E3C7200D89D30E065D13, 12BAF3A3CB76F0900FA53681C9AD16F40308F493BA22C0F60E1E268D0D6AF825 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
19:28:10.0954 0x2310  srv2 - ok
19:28:10.0960 0x2310  [ 2E142E027F0AA698BA4DCE49CBDB43CD, A21027BBBC75A55A8B302D028113A0683016E4C72790A8C561DDB1AE7FDB4289 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
19:28:10.0971 0x2310  srvnet - ok
19:28:10.0976 0x2310  [ BF71B3FB5B7557CB740CDB09C5FB50D9, D6F9E65FDC9C4ADAFE82D94F71A1F5960DB3BEEBF4FE5B2D087515C4FAA5F287 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
19:28:10.0990 0x2310  SSDPSRV - ok
19:28:10.0996 0x2310  [ EF1BC04215C201ADA3F7F5A2F034EA21, E1A7A0FA2032B9E7D3951100E74C04D93CD848C88D23D57FBA0BFA2816B29C61 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
19:28:11.0008 0x2310  SstpSvc - ok
19:28:11.0013 0x2310  [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
19:28:11.0019 0x2310  ssudmdm - ok
19:28:11.0021 0x2310  StarOpen - ok
19:28:11.0056 0x2310  [ 0FC4FA53C3F666CD7AFB138A978D3CB8, F65D88324D6007CE4AAB9486B6D00EE6352CA0F3B1A2D0616811AF1279799501 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
19:28:11.0116 0x2310  StateRepository - ok
19:28:11.0130 0x2310  [ D31201BD8782752BD69DBE1E5DDF9AC5, 98B72690B4E6CC1B694C655DD31CB1FB56B76B62A32CFB748AF78F4C072D9740 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
19:28:11.0145 0x2310  Steam Client Service - ok
19:28:11.0154 0x2310  [ 9F40F66B0315951BC176BE29CABF9408, 5E6FF8C13A048726B8AD727981FE151AEED04C47BC2F0A1A7FFF6248B6A14567 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:28:11.0162 0x2310  Stereo Service - ok
19:28:11.0166 0x2310  [ DDE064A4298FD1FBF804D3ED691E7EDB, B0D117B1FC0DA2CB76F5F63699E2F108930B6C6721AC443111D48215ED624278 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
19:28:11.0172 0x2310  stexstor - ok
19:28:11.0183 0x2310  [ 60F04DF1AB55D6D4BDA02052DD20537E, 52996EDF2C06968DADC9BDF24E4039929B81643493C7193B8CC4A6BD1A3AE761 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
19:28:11.0202 0x2310  stisvc - ok
19:28:11.0206 0x2310  [ 32C95F44108C3E7DB58F773346E3C9D0, F852D8ECA06080EA6DE1A90509071965A750D9CFC9627F0D4DB8ECC57133B0B5 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
19:28:11.0215 0x2310  storahci - ok
19:28:11.0218 0x2310  [ 8883C8CE4942A99B84E1CC6EFA19738E, 60C1CDA4382F8EE70D810DBB1BCAF5F389433563FF23EEB84859612F396D8CE6 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
19:28:11.0224 0x2310  storflt - ok
19:28:11.0227 0x2310  [ AE7B7E1E95BFB9340B1956C98CA52C81, 3E0214A0C486C1CD05D9BC57E58A998A3CEADDC1D24AE2A75098F56B37069160 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
19:28:11.0234 0x2310  stornvme - ok
19:28:11.0236 0x2310  [ 63513EF3121689B3A59BD217618A2E42, DE9B89732801DEC60BD116D58CFB427F7E37F093BE8A9F6E0CAC729B5346B314 ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
19:28:11.0244 0x2310  storqosflt - ok
19:28:11.0251 0x2310  [ CC96FF061C772340F2ED89ABBA567ADC, 028CD44405B7FAFC7BF331DD729E44E0594A63386F48CF39D7725A58B3DE22D6 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
19:28:11.0266 0x2310  StorSvc - ok
19:28:11.0268 0x2310  [ 000F5CFCEF0F06DC8FD1D2F568E48AE4, C1FE485E57A1B912CE79556E0EFF03CC11362E7966D250E3AA4962DCCB8F8EE6 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
19:28:11.0274 0x2310  storufs - ok
19:28:11.0277 0x2310  [ 7415087F9006D6818F85F3CBD79B1A50, C768EBB2263375D285D689FEEF546147D42D7376977424A4D6FD655CC78EA7CD ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
19:28:11.0282 0x2310  storvsc - ok
19:28:11.0284 0x2310  [ E49858EA5865A015EB78B7F7C1C07DE2, 1ADBBAC2D2E2E3C40AB0BDDE068001E76A8DAB79C54F06479F7A4567DAD7A7A8 ] svsvc           C:\WINDOWS\system32\svsvc.dll
19:28:11.0294 0x2310  svsvc - ok
19:28:11.0300 0x2310  [ 802278EE4ACCE9EA1F1481DF20EB1667, E78F0DA2CA0B2C2DF3B7E3B2A22C03380FE649813EE6EB31067C5FB6727DB7BD ] swenum          C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys
19:28:11.0306 0x2310  swenum - ok
19:28:11.0314 0x2310  [ 313D2C0DBA0B23A8302254FD317D2EC8, 20B98D6F33FEC7ACBCEED9757A3FEAD837FA7BA378BA25575A33EA45E076FC6B ] swprv           C:\WINDOWS\System32\swprv.dll
19:28:11.0333 0x2310  swprv - ok
19:28:11.0337 0x2310  [ 12D0CB1DCAE6725B6CA54CC2038C4C8C, 7D224298E440B8C5FDD99A52485A6245DE5109C9A02E65AD38F1EC6DBF4AEEF2 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
19:28:11.0344 0x2310  Synth3dVsc - ok
19:28:11.0360 0x2310  [ D5B31B2F14848015C211F1D674A82F3A, 58C18254C817693DB727090D1CC518032B3A67C5B3FC7F2F8CE4613A33790CFA ] SysMain         C:\WINDOWS\system32\sysmain.dll
19:28:11.0390 0x2310  SysMain - ok
19:28:11.0398 0x2310  [ D5AAA188C70146977CFEE8D128599F3F, 9ABC30982E552EAF41FE84397EEEE5A3187444062C662D7CF35A03E3B274AFB8 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
19:28:11.0413 0x2310  SystemEventsBroker - ok
19:28:11.0419 0x2310  [ 95875059929EF91B55EA612D7967DD3D, 5F734209C8C9725376F7C146ED84999CC6D019C4C10B1795F53E72BE8853E2DD ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
19:28:11.0428 0x2310  TabletInputService - ok
19:28:11.0435 0x2310  [ FE33F417DFD9847CB571D3C7EE5FA7E3, B3C7BE7998B9B093DD969A2588EE8CEBD9771331A63D4B1D86A188317B5EE71C ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
19:28:11.0448 0x2310  TapiSrv - ok
19:28:11.0481 0x2310  [ 7EBD20284AC9BF9F0A020B86769BB074, 26D8CC9C1EE069BB617973BA7CBCFC36BAF1EABF975F395077547F930197A56A ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
19:28:11.0522 0x2310  Tcpip - ok
19:28:11.0555 0x2310  [ 7EBD20284AC9BF9F0A020B86769BB074, 26D8CC9C1EE069BB617973BA7CBCFC36BAF1EABF975F395077547F930197A56A ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
19:28:11.0596 0x2310  Tcpip6 - ok
19:28:11.0602 0x2310  [ D378A1AF58AFA84BB6AC753F2C1BE9F4, 8BBA623193D51E6A8DD0627FA08C93B918EF1BA2EEBA46CDBB86FE6A1007FDEE ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
19:28:11.0611 0x2310  tcpipreg - ok
19:28:11.0615 0x2310  [ 28E1E63A1AC65E17B3194238FA2CF3BF, 9A52D6DD14BEBB7B407B2703A111D1B302F1B84AA40A14D21FCA554F395E935D ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
19:28:11.0622 0x2310  tdx - ok
19:28:11.0624 0x2310  [ CCDBD2817C10A4F631280CBB3AE44FFB, A022DEF4D3CF75F41FA26275347F4BA38A513AD32FF18385C2E756DECB61D404 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
19:28:11.0630 0x2310  terminpt - ok
19:28:11.0649 0x2310  [ A0608264209A836821D6AB8C67B108AB, 7912C75F72BCAB7426A2E00C597C8D94C185B5DD31BD6C4BE5D56FECD5B0D9EA ] TermService     C:\WINDOWS\System32\termsrv.dll
19:28:11.0676 0x2310  TermService - ok
19:28:11.0680 0x2310  [ 261830B1E3650E4471E1F98850B929B7, D281B8A93315E64C7AF5002E5BFBE6AFF8B35FD6AA747AE07D7AA96F4AFAA613 ] Themes          C:\WINDOWS\system32\themeservice.dll
19:28:11.0693 0x2310  Themes - ok
19:28:11.0701 0x2310  [ 8D23F0819A00C547814409B734DD3747, 0E1B25A53C84486F8A57F309F3C016114F90F5AF5E576889BD230931F38594A5 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
19:28:11.0719 0x2310  tiledatamodelsvc - ok
19:28:11.0724 0x2310  [ 354DAA630928CD4DA2BC84A0DA4ADA9D, AFAE4948EA4F899267DC52DF9A06450FC3E77083B563E541581DA90685C7E98C ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
19:28:11.0735 0x2310  TimeBroker - ok
19:28:11.0740 0x2310  [ F4AEDABC8F3A9D632F8206D0C7F8CA09, 6E76749CD4B857B4D930267E3CF448AF4D14FAC851873C5E71572E62CAD2FA36 ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
19:28:11.0748 0x2310  TPM - ok
19:28:11.0752 0x2310  [ 2D0338A3009075FCCB119CB7F3280F82, F42F3B8DA0F8B2C99892E66CDEF471A1CD30A30CF437ADFF464A2C786A6B87A6 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
19:28:11.0762 0x2310  TrkWks - ok
19:28:11.0765 0x2310  [ 62D6A900C5DFF2ECF131384E5A5C85AB, 1AF1FB868C59DFF452E3351EE5070B2C746DE606B9E2F1834CE2256F41ABE7A9 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
19:28:11.0776 0x2310  TrustedInstaller - ok
19:28:11.0779 0x2310  [ 676C801CAA61AADD0C918CC536A74B78, DB5DEC9445272E46D32DC2A9A99A9AE45729E424E61C679ECFD973AA88457BE6 ] TsUsbFlt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
19:28:11.0786 0x2310  TsUsbFlt - ok
19:28:11.0789 0x2310  [ 2BB6CC0DD1CEE86330743B56FA9FE91F, EE71E3DEECA7599947AB09E8967FE8066348D82B4C17D8CBE800FCDE9CF4989D ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
19:28:11.0795 0x2310  TsUsbGD - ok
19:28:11.0799 0x2310  [ 14B46248612DF1B1A695040FFFBCFAFC, 8C373A3C416FC9AB3872A187E64AC7A6E69FF605BD8784E8F2B1C28C293A0495 ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
19:28:11.0810 0x2310  tunnel - ok
19:28:11.0813 0x2310  [ D0BE5EA1652D55029C9A898FB8ACFCE0, 80C4BC30B967C79B3457F43EB9B530CA2571C6158958879AC55E5A81F71CFF15 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
19:28:11.0819 0x2310  uagp35 - ok
19:28:11.0822 0x2310  [ 13C15E4B238895FE4731DB1D612EEB5F, 211E4B05AA09F7FBE2487C3241A98D1F970FEE5B9B1BAED2788B57233BFC4104 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
19:28:11.0828 0x2310  UASPStor - ok
19:28:11.0831 0x2310  [ BEBB8B55C5F99B69EEE39A9D7BADB21E, 08A094EA38AB58CC70108A3BDFDD3251897DC4B13FDDAD54C1B063137836EF34 ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
19:28:11.0839 0x2310  UcmCx0101 - ok
19:28:11.0842 0x2310  [ DE3EDAF609D00EA2E54986E6459796A6, 61A9AB51869F38300CC5CC5D302B962FB966F54CBB2E393954F36372B3A479FE ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
19:28:11.0850 0x2310  UcmUcsi - ok
19:28:11.0855 0x2310  [ FB1C1D8B96A482F3581338D6752E1D6C, 0FFAEE3E088614B3483C459513BB9D78EB76B574696FD877A3CDF6A11378F46C ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
19:28:11.0863 0x2310  Ucx01000 - ok
19:28:11.0866 0x2310  [ 4E1543ACE2F6E2846713E5123D9D4159, 1A6AFC525A80D1F19B14CDAD38790DF7293911C4D0E8301161D92201B934C3D4 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
19:28:11.0873 0x2310  UdeCx - ok
19:28:11.0880 0x2310  [ CDCA9CC1D8293E75218D8FF85F2337A4, 173086C08DDC7625E026E425F1E2B5D6C795771BEAE9BFF6093E3592FBEBD323 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
19:28:11.0895 0x2310  udfs - ok
19:28:11.0898 0x2310  [ BC683E19307C533C7161DB7A58051347, 5553BE3421986FDD9992EBFD883CDA151F7166C01BBFA3E9183A3C93E41D79B6 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
19:28:11.0904 0x2310  UEFI - ok
19:28:11.0908 0x2310  [ D14B42C26DE402F316D49667D15446F0, 61CC9FF03EF78631C800EFD8D587975CB94D53DB80E6F60BD13BA52EC5690D3D ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
19:28:11.0917 0x2310  Ufx01000 - ok
19:28:11.0921 0x2310  [ 192470BE4321791FBB25F379D0141D6F, AD120F8F98BD99014471CE60630B5FEE7555AB261C98B7D9819FE23C386655F7 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
19:28:11.0927 0x2310  UfxChipidea - ok
19:28:11.0931 0x2310  [ F7BD838E84E6B286DBCE068EFB8C0800, A55188C8F8BDC739A7ED7D29CDCB2A17468BBB158E13D804963B31ED73449520 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
19:28:11.0938 0x2310  ufxsynopsys - ok
19:28:11.0942 0x2310  [ C844E39B900FFA46CA8DD2BBA670A077, 0CB6232BCE47C59821DF25D6ED33E85C3E32DDAB101AA8A2C22B5401E73F5D5B ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
19:28:11.0952 0x2310  UI0Detect - ok
19:28:11.0955 0x2310  [ A25842AC180F0E8B02380ECB8ADA1AF5, AF22E7559C5EF8DC22A2B9E27FFFFF075B1D1B68A8307266BD9473E0FAF36BEF ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
19:28:11.0962 0x2310  uliagpkx - ok
19:28:11.0967 0x2310  [ 21088F43172525C7E02D335A3327F46C, B04AD471A7DFE83AB557DB4540616B7DF4A1904F8BDDCB920D449FCEE6F36FD5 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
19:28:11.0975 0x2310  umbus - ok
19:28:11.0978 0x2310  [ 294A291B5D48FE8F38DD94B7272442C5, 66C9139636760C92C1E04FCF440C432FF6C5A94E1577CAFE1D61FCF2D30472ED ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
19:28:11.0985 0x2310  UmPass - ok
19:28:11.0991 0x2310  [ 3427889AECC3B6912A0A01D095E32B98, 322AE14B74295ACFC124719BBEF8809201150A184E262EC55E26D2B45787BF9D ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
19:28:12.0005 0x2310  UmRdpService - ok
19:28:12.0024 0x2310  [ 0D5C9E27E93AAEA3E30A1E59A7AC3DFF, 31A203DA03877E6B887930990C5BB53402F0DFFB22A6F8FC5A34EF0B99CD8A7E ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
19:28:12.0055 0x2310  UnistoreSvc - ok
19:28:12.0065 0x2310  [ BD693208673F40BA21AA70B69F1D439C, E324947C2DD34386A83B09E73668F1CCED127AC91194B8BF7EC4C8E36CF8203E ] upnphost        C:\WINDOWS\System32\upnphost.dll
19:28:12.0083 0x2310  upnphost - ok
19:28:12.0086 0x2310  [ A7A52EDDC3FAF183D6AC4774690ADF13, 630A0331F2EFA2DC7EFDACD08D8DF5C85BFDA30FF1525050FF54E069AFA45F6C ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys

Redgrieve · 02.11.2015, 19:35

Code:

ATTFilter

19:28:12.0093 0x2310  UrsChipidea - ok
19:28:12.0095 0x2310  [ 2EEA0897DD9E30E958B508D557F0B5E4, BE051A3AA5DFF56310FAB67AD19AC0443A3580542886EF3554EBE18F1323596F ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
19:28:12.0102 0x2310  UrsCx01000 - ok
19:28:12.0105 0x2310  [ DC54D775A3A61E4CDE871B4E38A1459A, CC996A9D293201BBD285E7B629B12EE88574702B8AC7BB4149439D6A25A07F7E ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
19:28:12.0112 0x2310  UrsSynopsys - ok
19:28:12.0114 0x2310  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
19:28:12.0123 0x2310  USBAAPL64 - ok
19:28:12.0127 0x2310  [ 18B63A0980F4AA1E6D7879B253980E37, 05F96DBE0A3DE2A685DEEBA8B6838A47AEB7CE2EBE8EB6BAD67B36DCF7E73589 ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
19:28:12.0135 0x2310  usbccgp - ok
19:28:12.0140 0x2310  [ 1C60A1A3C8E1E819E16F12BAEB1C83F8, E255BD173DBF091C5EA07381862E23C1FD761489EC396E312974FBC124E1F33A ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
19:28:12.0148 0x2310  usbcir - ok
19:28:12.0152 0x2310  [ 9A3E39F85DC6E3B9F792F1095ACFF788, 66B8E137A5232E9F717907CFD49FE624AE101F4DE14E2960849DABF7A877E87A ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
19:28:12.0160 0x2310  usbehci - ok
19:28:12.0168 0x2310  [ 0A368247A900656CC0678117DFC3A87C, 9BEAD14DA067439D913F609955E95CFA0B88ED4F1BC60B473E00F9D9CBC01B9C ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
19:28:12.0181 0x2310  usbhub - ok
19:28:12.0191 0x2310  [ C08449092043601887A1743350888635, 5CD916649D2CD8823B89C9E7459AD76AA8E54D70B6D9F40AD4A41144E22ACBE0 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
19:28:12.0205 0x2310  USBHUB3 - ok
19:28:12.0208 0x2310  [ 72EA850B59F40C25A4FEDDA5FE84EFEB, FB4801AA1FB72FC1C41024916368823E88D53E338640E3BEA865B0F0E7B8EE91 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
19:28:12.0216 0x2310  usbohci - ok
19:28:12.0219 0x2310  [ 47B2B2DE152E25546944049CA1170BB1, DDA0A806D3108B2475AB13F584EA8CE6F0932C5E394C2C3FA691DFAB8A2BCAC0 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
19:28:12.0227 0x2310  usbprint - ok
19:28:12.0231 0x2310  [ 1F72E1A7E1858B7B3FF81522FCEBDE95, 4FAD243DA73C45CD5CA5E50F824F30EF0DC777D83957FD21FF43D8C89EC15AAC ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
19:28:12.0240 0x2310  usbser - ok
19:28:12.0243 0x2310  [ CD35467670DF1E6FBF36DA308F0C872B, E1F4F9B1EBD476394CBD0C934842AEE2502B030D97351B0A1E751FF23B011B57 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
19:28:12.0251 0x2310  USBSTOR - ok
19:28:12.0254 0x2310  [ DFA92EA105DD1073B43FB210EEB03DD4, D940432458F0A04F5013B48197CEA0412C8A909C50605AA21DD08271C90E2FE3 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
19:28:12.0262 0x2310  usbuhci - ok
19:28:12.0269 0x2310  [ C67A03F54A1EA683F4880A481EE5FF6C, 346185B378577FF14EFAD01ECB7DFC9AFC0D50F16DF081C3BA99AEFF710A0EE9 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
19:28:12.0281 0x2310  USBXHCI - ok
19:28:12.0303 0x2310  [ 32212C0FE0556915E763C29DEB6D267E, C5BC9DA3AB0C41604E8F3D01AFC2C25351FF5D3967E766DD0CDB4C0239ED6312 ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
19:28:12.0342 0x2310  UserDataSvc - ok
19:28:12.0355 0x2310  [ D76A6C338A81C3B14AD37B22AA422B4B, 39489B44068CAA86232B513FF7A5DA56F5AAAB595D8DBC0CCDDD4ED4A1318E07 ] UserManager     C:\WINDOWS\System32\usermgr.dll
19:28:12.0377 0x2310  UserManager - ok
19:28:12.0384 0x2310  [ 0CFEA30C0217EE74FF853B2B0CC0BE6D, 1F0856D2D94F46D7B24B7EE18ED868C9EFAE972039D35D1FAA9058A12CF40493 ] UsoSvc          C:\WINDOWS\system32\usocore.dll
19:28:12.0399 0x2310  UsoSvc - ok
19:28:12.0403 0x2310  [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
19:28:12.0410 0x2310  VaultSvc - ok
19:28:12.0412 0x2310  [ 26223003DDFB347B5CF3EC0B56DB066B, 78848BE1334C05F28FA431B08225EAE8345B2C66E7D677F9936892FC941EA961 ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
19:28:12.0419 0x2310  vdrvroot - ok
19:28:12.0430 0x2310  [ 0C3F4E7684C1D72E85A98689E65A98A1, F7928D3EFC1A83125887ADA5F8E008022B58F0DBA8A711B4D60975D8CE82B595 ] vds             C:\WINDOWS\System32\vds.exe
19:28:12.0453 0x2310  vds - ok
19:28:12.0458 0x2310  [ A417284BC6B5C2EEF63F2C5154473530, 55146660CDDD829630C216038E6500CFAC906E67C82881047B665BFEEB286D10 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
19:28:12.0466 0x2310  VerifierExt - ok
19:28:12.0477 0x2310  [ 4C39C05A72EB14C0567501C7E087E564, D3DC122B7E4A5BD345517FE3A9E9E58CD3C78887F9F327AB782BADCAD0F8F2EB ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
19:28:12.0493 0x2310  vhdmp - ok
19:28:12.0496 0x2310  [ C42206A15078596FDE8E89BB629DE342, B95F9EC2413ADE658A7CE4A9BB57A0E125C29205C24BBB120153DACAF4CF9482 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
19:28:12.0503 0x2310  vhf - ok
19:28:12.0506 0x2310  [ 248D9F911A5C94CF8477125DD0C3A291, 418C7285184BCC9DE4E56175960585867A5DB21FEF761C49FF6F1AF1C07D8088 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
19:28:12.0513 0x2310  vmbus - ok
19:28:12.0516 0x2310  [ 3E98DD4E0CBD6B4F9CBD0E9E0EDF541E, 2B5CF364F4D1D3359FBEA8BB2E72A1FCE1277E8D893977B751D9AC10A27DF018 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
19:28:12.0523 0x2310  VMBusHID - ok
19:28:12.0532 0x2310  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
19:28:12.0565 0x2310  vmicguestinterface - ok
19:28:12.0580 0x2310  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
19:28:12.0596 0x2310  vmicheartbeat - ok
19:28:12.0604 0x2310  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
19:28:12.0620 0x2310  vmickvpexchange - ok
19:28:12.0628 0x2310  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
19:28:12.0645 0x2310  vmicrdv - ok
19:28:12.0653 0x2310  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
19:28:12.0670 0x2310  vmicshutdown - ok
19:28:12.0678 0x2310  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
19:28:12.0695 0x2310  vmictimesync - ok
19:28:12.0703 0x2310  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicvmsession   C:\WINDOWS\System32\ICSvc.dll
19:28:12.0719 0x2310  vmicvmsession - ok
19:28:12.0727 0x2310  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
19:28:12.0743 0x2310  vmicvss - ok
19:28:12.0746 0x2310  [ 91F165C5D71D9DCB18D4661CF10D1084, 1D55C1FF0F5D860E6DB60EEFE303C0797C98BB0B053ECC255F9B316872288818 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
19:28:12.0753 0x2310  volmgr - ok
19:28:12.0760 0x2310  [ 17042748AC05862A0283D32575220080, A85B480CB969CB7678545D2A9EE99CBD2ADFF210FA016A43E092D0711FBB633D ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
19:28:12.0771 0x2310  volmgrx - ok
19:28:12.0779 0x2310  [ 823A237D871CD652C6BFD47BECB6810A, 99310521451CB54C29A5DEA54C3A666F95E2A1FF0979D5F9792885A161E90C65 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
19:28:12.0790 0x2310  volsnap - ok
19:28:12.0794 0x2310  [ 78727FA284C2095EED660D71CD3C9AEF, 323F0BD5A624DF77973F28C7CF31EC6B3A525496EBF063666623A62B1DB0EA65 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
19:28:12.0801 0x2310  vpci - ok
19:28:12.0805 0x2310  [ 2415961D561E02F5E46B7C1C687A6788, 68A54B9595A0D15D410D5F1656B6EBE3B913A4BA5F71C658C9B99420E6ED327A ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
19:28:12.0813 0x2310  vsmraid - ok
19:28:12.0834 0x2310  [ 16419CBDB04DB9FF298169AA93413822, 743AD26F08AF5EFF5DD353E75C3D659B10C3FEC2FEDABB76387B87721B5B98F8 ] VSS             C:\WINDOWS\system32\vssvc.exe
19:28:12.0871 0x2310  VSS - ok
19:28:12.0878 0x2310  [ 6AE9A843AE979F2DCCA5A25C07C7A5F8, 3CEC26DE2EEC97929A0FBBD87FF75F8DC387C0988B2047074C8F069ACBEF2587 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
19:28:12.0889 0x2310  VSTXRAID - ok
19:28:12.0891 0x2310  [ BD232C761C59FA8D8EF626CA630E2D2E, E494EFDCE8F6343F49F33F1F03DCD5DEC9CB6F349B1AD302B4D3333B5F6BD8E5 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
19:28:12.0898 0x2310  vwifibus - ok
19:28:12.0902 0x2310  [ 3039687AB65CEE26CF478C1F42FFCD7D, 40E140C6F94B6203767A1493DF8CAE6BA1FB67FBD0C13789444F72410D0E6FF1 ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
19:28:12.0911 0x2310  vwififlt - ok
19:28:12.0920 0x2310  [ EC9B6544C569E8D7FAB91772BD7D23F2, 06CC5F21E9A9DD35099CB3E44C3E2BF2F944CE5B71284E6A85E1B681F12BD31B ] W32Time         C:\WINDOWS\system32\w32time.dll
19:28:12.0940 0x2310  W32Time - ok
19:28:12.0942 0x2310  [ FC40A7527D39F06D032A6553D22E4BF6, F572FCB5EB3DE16FD6222A5B6A43C81E3A1F838890667D9F0453F82FFCA772FF ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
19:28:12.0950 0x2310  WacomPen - ok
19:28:12.0958 0x2310  [ 2CFE8CBE358CC4D5715E010E3B13559F, 54E9BFCE202FA123EB261C226094054950429AAFA304AA714F461B003E070BD9 ] WalletService   C:\WINDOWS\system32\WalletService.dll
19:28:12.0975 0x2310  WalletService - ok
19:28:12.0978 0x2310  [ E9E22E116F810DAC98C5EC207F24C916, C518DC57CECA5174E7695F5632555FA08571D5F3A7D6B0C295BA4221AEA67C04 ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:28:12.0988 0x2310  wanarp - ok
19:28:12.0990 0x2310  [ E9E22E116F810DAC98C5EC207F24C916, C518DC57CECA5174E7695F5632555FA08571D5F3A7D6B0C295BA4221AEA67C04 ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:28:12.0999 0x2310  wanarpv6 - ok
19:28:13.0024 0x2310  [ CF9EF65FA66B0F4982FD1FACAB3009B6, 681C1CD5DCAF87EF436B907534E98B0AB4F66BD62E46B8977A7880B854766A27 ] wbengine        C:\WINDOWS\system32\wbengine.exe
19:28:13.0063 0x2310  wbengine - ok
19:28:13.0075 0x2310  [ 8F2B0ED6FCA72B34BEEA37E32D0EE106, A86C641A13FDF056B7BA13641551582199DDB08E9490003C74D999518B097C00 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
19:28:13.0096 0x2310  WbioSrvc - ok
19:28:13.0106 0x2310  [ A40484AC27EE08DBE7F8DA5E1F6651ED, E3259694450C4F1DEC5E0EA5E23BF3A51F1819374DF47FECF70282AFD46114A1 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
19:28:13.0127 0x2310  Wcmsvc - ok
19:28:13.0136 0x2310  [ 8E7FD07D2C82ACBCA52C4100C20F6542, FB2CD88557ABB5EBE6555CD4E41BF4BDC6FE6BCF26288338F2FB034B966FCBD3 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
19:28:13.0153 0x2310  wcncsvc - ok
19:28:13.0155 0x2310  [ 9C776ED423CD03F8ABD54C2557E34416, 282C1208977070EC0280D5ABA0E03A847AEAEE31F35CDAA3C7A02D8477614EB1 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
19:28:13.0163 0x2310  WcsPlugInService - ok
19:28:13.0166 0x2310  [ C8BA574B3BA6AE88741AC86B1FE3C1DC, B2422CDE3A6A27B52D270D24298FF69D91D389C68456EC1805BA30AA59BAB839 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
19:28:13.0172 0x2310  WdBoot - ok
19:28:13.0187 0x2310  [ 927AD29D7F91B9A0C5294932374DA15E, ABB2722EF4153771D15683B5CE603D2B7D8A585357F64A3DC26114F37BE2906E ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
19:28:13.0204 0x2310  Wdf01000 - ok
19:28:13.0212 0x2310  [ C5BB7C612B4C852836BEA39593BA5F46, 1E2B123F34500C2A8E983AAAF7F14E409B88DC396A655F19F3E7F15D0C51A762 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
19:28:13.0222 0x2310  WdFilter - ok
19:28:13.0225 0x2310  [ 9E0442D3880438D006D95C6F63C27274, DB1ED2BCF9986495EFA8A0B3B0156119F2E4F77AE9BDC6377ADF3A6B53C658F6 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
19:28:13.0237 0x2310  WdiServiceHost - ok
19:28:13.0240 0x2310  [ 9E0442D3880438D006D95C6F63C27274, DB1ED2BCF9986495EFA8A0B3B0156119F2E4F77AE9BDC6377ADF3A6B53C658F6 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
19:28:13.0253 0x2310  WdiSystemHost - ok
19:28:13.0264 0x2310  [ 9B2039C5673EEBF1D4E34ABC0AFB88C7, BBC85546BD86B9027426DAF148194CFE992B80FF89311B28BE0BD82C88630E8C ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
19:28:13.0285 0x2310  wdiwifi - ok
19:28:13.0289 0x2310  [ BD193A7BD34B2E829FAF56306FEE3B09, ADD746D198E21242CEFA01840952B792074EFC473113CD3E7F1ABBA6A4E26AF6 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
19:28:13.0295 0x2310  WdNisDrv - ok
19:28:13.0297 0x2310  WdNisSvc - ok
19:28:13.0302 0x2310  [ 6A3B5013D5C7840E8CABD63DD021C112, 371CCEEAC7816CFE79ACA8A218CDA16469D9567CB63CC9D18C55FF047011EF25 ] WebClient       C:\WINDOWS\System32\webclnt.dll
19:28:13.0316 0x2310  WebClient - ok
19:28:13.0322 0x2310  [ EED4043BC3C2D00067411730EE118354, 5E268DA4DB78C06D8F181E9408B4769F8A12C38DA52C1E986EE0CEE1101E9485 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
19:28:13.0334 0x2310  Wecsvc - ok
19:28:13.0337 0x2310  [ 6ECD7A49AFC6533821BEEA1876CEB21D, 2E972245F56F589EF1AB9DABB9214B9DE6E290878735476323A3357D8CDFC71F ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
19:28:13.0346 0x2310  WEPHOSTSVC - ok
19:28:13.0349 0x2310  [ 09B434867028AF4895A87959EA668686, 26A7DB82E42DCBF3A77092D58AC6392754FD7C538B9EAAEFA88E9AF81DFE8E96 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
19:28:13.0363 0x2310  wercplsupport - ok
19:28:13.0367 0x2310  [ DE4E417B867841EE55114E588098B8D5, 878708C93FC1D919E2B9E1C5F94A0EAFC5F28BDAA58D3F29DEEDC8EC3F72D9ED ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
19:28:13.0380 0x2310  WerSvc - ok
19:28:13.0382 0x2310  wfpcapture - ok
19:28:13.0386 0x2310  [ DBF5255B759212E5217A2748567A0B5C, 5E81A9289EC39702179038B686A35FADF9974651E74222F3354B4CBE919887B0 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
19:28:13.0394 0x2310  WFPLWFS - ok
19:28:13.0397 0x2310  [ 4CD8826BB8320741842A9E53E48AF2BC, 97B22D9DCD0FD31D3A801946173369B0E70B1850576682C8A8180874A61CAD1A ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
19:28:13.0406 0x2310  WiaRpc - ok
19:28:13.0408 0x2310  [ 4375BCBA419D19695CF566082CEF27D3, 6F86FA14B41A03F2BA51B8702F3D59B85FD488405601FA177495E4B7C576850D ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
19:28:13.0413 0x2310  WIMMount - ok
19:28:13.0414 0x2310  WinDefend - ok
19:28:13.0420 0x2310  [ 037BC6DE5F58D4A74A5BB0C12DCECDCA, 92921A2615A41C434BADEB33594DABC166FC9418FBD311A3B2022410B14BFDAC ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
19:28:13.0428 0x2310  WindowsTrustedRT - ok
19:28:13.0429 0x2310  [ 70BCD70BD53F2FE660ED94B025A043EB, B23B96DCAB30C62CB1651B3A2292155AEE8217CE3120574F5158D5E7DA09DE56 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
19:28:13.0435 0x2310  WindowsTrustedRTProxy - ok
19:28:13.0449 0x2310  [ 8921ECEC2C7D1B1333D77325C60D3AEA, 67C6B6A92B34D99165B5591D0730322C31E967E599BA44924249BF5AD505C132 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
19:28:13.0472 0x2310  WinHttpAutoProxySvc - ok
19:28:13.0475 0x2310  [ 7792AE5403BF8975B6460DFC3428D129, D88F77E973D58C2CA629CC9249877A34ABF31CA1DC2A570666921A8A0DC8DEC7 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
19:28:13.0482 0x2310  WinMad - ok
19:28:13.0488 0x2310  [ 73B5230F03DC7002A70F11EA1B0BAA37, DFE8BBE52B58589686E402ACED51021E298A491F907EBA5689DF9DAFC3002BA5 ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
19:28:13.0499 0x2310  Winmgmt - ok
19:28:13.0534 0x2310  [ 2FE85D6AFF90F56A78743CC93B9CA684, B515765C4EE64E7EC16BD6AF037C084CCA6E81180AEF59E18F260406ABE6DF58 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
19:28:13.0592 0x2310  WinRM - ok
19:28:13.0599 0x2310  [ 811F30EB6EE8318C4171CB95AE30B9BD, 765F6BEA3D35D523B5D7ED7356EC0C97A48066A5C4D77C1E6EDAC6F220153385 ] WINUSB          C:\WINDOWS\System32\drivers\WinUsb.sys
19:28:13.0607 0x2310  WINUSB - ok
19:28:13.0609 0x2310  [ DF00381AB8665D48DE3FF794BC6760AB, 749AC7048601061A34BFF507B574AF028FC662C0A98692E7331E667D105EC09D ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
19:28:13.0616 0x2310  WinVerbs - ok
19:28:13.0645 0x2310  [ 3C096082A9232B7CEE4653B9C9031769, CFD4C7D0874097ED70735FD99206F21C12749B7956C4B5D4287F160EC6A21DCC ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
19:28:13.0696 0x2310  WlanSvc - ok
19:28:13.0726 0x2310  [ 0968D575D9108497A6DC37749D4A6C4F, 8BFEDBE642DA0FD8AC1E60180C192527F3D36E43089090A7BB6D8B27AB6E4F7F ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
19:28:13.0774 0x2310  wlidsvc - ok
19:28:13.0778 0x2310  [ 623ED8E10DFEEAB7AE2CD11A0451DB79, 7DDE15F22FD24556D4765F6CFD0F8E2F27370A89A962919646DE2613B33D43D6 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
19:28:13.0785 0x2310  WmiAcpi - ok
19:28:13.0791 0x2310  [ B2BB87531C4127ED4120E9BF5566827F, 1DDC0F00F215D77D3698F81B56D4488F384E9D017267840EDFA4846742B99B6A ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
19:28:13.0801 0x2310  wmiApSrv - ok
19:28:13.0803 0x2310  WMPNetworkSvc - ok
19:28:13.0808 0x2310  [ 78CA1FF6FE37EEFAFF99DD1C956AF60A, 883C7890C83BAB3B846A0C969D7B67031BD2EF65FA58A0620DD0CD1655C5B2C5 ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
19:28:13.0817 0x2310  Wof - ok
19:28:13.0844 0x2310  [ C7503A49364DB2AF7A7DE177B233081F, 85DC6D8B5631E51FCF395A884F58571A96C8C55C38CA9ABEBD9C75BABAD21E38 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
19:28:13.0887 0x2310  workfolderssvc - ok
19:28:13.0891 0x2310  [ 388F2A3C771B8BEE76FD1AAF9614D08E, C064EC6136CC20C4EE19C86E91CA071974933BB52C9EF8521DF4AFD060FED4A2 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
19:28:13.0897 0x2310  wpcfltr - ok
19:28:13.0900 0x2310  [ A6FCFE1F691B4A4D266F5D487FADB9FE, 2135D0C13C1295A2F76885E380CD72CB71CEB8E0D9F1C183A35935B27737D423 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
19:28:13.0909 0x2310  WPDBusEnum - ok
19:28:13.0912 0x2310  [ 37DCE976B3935380F2F6E39ABB6BF40D, B14E875F6D6503DF0DB6D9D2363316073AEEF394D830EA2270A0DCDA56E1CEC4 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
19:28:13.0918 0x2310  WpdUpFltr - ok
19:28:13.0921 0x2310  [ 80F0154FD4293E562D54E97811E03499, EDE920F7F95EFBE542FE3CE066B6F7CDE3B9A37DDF3411DC86EACE9EEF294C1D ] WpnService      C:\WINDOWS\system32\WpnService.dll
19:28:13.0928 0x2310  WpnService - ok
19:28:13.0931 0x2310  [ 3CD22DD5A790CF7C24D65455E565EA83, 49DB06DF6F38940E7F8691C16586A78BB20E702FD48A34E50987C06B08BDF4DB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
19:28:13.0939 0x2310  ws2ifsl - ok
19:28:13.0944 0x2310  [ EBA916109A176714E6A7BD152387F13C, 7B38B1708B83271ADA8D1CEC7F5F0A75C7F2572185C0961EFC749D5DF16A03F0 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
19:28:13.0956 0x2310  wscsvc - ok
19:28:13.0958 0x2310  [ E392DFAF6D0DEFC812ECC727A61F91C5, C28B6CC8AD034157CE92C7F098A9C12ADED2769E6AF954A9AAD10CC0E811DD2A ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
19:28:13.0965 0x2310  WSDPrintDevice - ok
19:28:13.0968 0x2310  [ 0902C63D8C836EA4D0876FCD8D627701, 0173F83CF8DA9C6D40C64CE88BF1A40EB634008D3D48F74E4E3BBBB11F1CA8D1 ] WSDScan         C:\WINDOWS\system32\DRIVERS\WSDScan.sys
19:28:13.0975 0x2310  WSDScan - ok
19:28:13.0976 0x2310  WSearch - ok
19:28:14.0022 0x2310  [ 9EB85802AB625970E05879D15DE56335, B7DCE5E1924A5CEE76CC07FF3B8CEDBBD0DDBB4C4ED0A3BFB8D1ABCAD7C0AA23 ] WSService       C:\WINDOWS\System32\WSService.dll
19:28:14.0079 0x2310  WSService - ok
19:28:14.0111 0x2310  [ B70FF53144AC4B3C7D98BFB7D7C239BD, 996F6253F24C6D734B777988CDE03CD3A32FFBAD6D7A198F1C590B762CD8DC0E ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
19:28:14.0162 0x2310  wuauserv - ok
19:28:14.0167 0x2310  [ 835F60262E7E310080EA05F6752BF248, 3010B731DF3D52B56EA16FD29B66F5D3AB9412E49CA4C547BAAECA3225C5DC40 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
19:28:14.0176 0x2310  WudfPf - ok
19:28:14.0181 0x2310  [ 4E848DE29E4279C7F25EF5B34ED94FDD, FD7B0673F4CFA6EB66D7212288223419BFFA02EBF1F1D85F155B5397C6FB21E9 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
19:28:14.0193 0x2310  WUDFRd - ok
19:28:14.0197 0x2310  [ 44CF3130AEC8914705487C4AEF756A19, 30B09E32DEC02141F9B99ED012E441056C1663A72E4130EF4221ECC0ED87BF4B ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
19:28:14.0207 0x2310  wudfsvc - ok
19:28:14.0212 0x2310  [ 4E848DE29E4279C7F25EF5B34ED94FDD, FD7B0673F4CFA6EB66D7212288223419BFFA02EBF1F1D85F155B5397C6FB21E9 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
19:28:14.0223 0x2310  WUDFWpdFs - ok
19:28:14.0227 0x2310  [ 4E848DE29E4279C7F25EF5B34ED94FDD, FD7B0673F4CFA6EB66D7212288223419BFFA02EBF1F1D85F155B5397C6FB21E9 ] WUDFWpdMtp      C:\WINDOWS\System32\drivers\WUDFRd.sys
19:28:14.0239 0x2310  WUDFWpdMtp - ok
19:28:14.0256 0x2310  [ D23F211E1AA0787EFEC373D172D4A1C2, 6CCAB272D121C9946B2CF6B19F50E09946F0187713D54BFBD371B5C017367204 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
19:28:14.0286 0x2310  WwanSvc - ok
19:28:14.0301 0x2310  [ 9BDC2AFCEF4CF1C630D728DE1DBD495A, 5CE19974380CCEC46C181315B349E9A7CE757E19118EC5978A2293D63268BA66 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
19:28:14.0327 0x2310  XblAuthManager - ok
19:28:14.0344 0x2310  [ 3EDB6162310EA223890C2DF44C68358B, 12053291809CA9C38A30EA4B2DE7115F535531F0925220C63B0312979F9CC707 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
19:28:14.0374 0x2310  XblGameSave - ok
19:28:14.0379 0x2310  [ 30021D1E0407B71E8D5D4F8DAE4E656A, EE2E366A1CC033C068176C7E9F876FFA0EF86A15A482B6964E170DE863CFF542 ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
19:28:14.0391 0x2310  xboxgip - ok
19:28:14.0407 0x2310  [ 729B70C81F207541BC6A4ABAE3A8D594, 31F9BC41169D28B397C0D988C367C32FA9A95289E68AB8F38061DA478752A765 ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
19:28:14.0435 0x2310  XboxNetApiSvc - ok
19:28:14.0438 0x2310  [ 6851673B90D8CB332439E0339F81A6B6, 4E95F1A63E6DD58BB5BD6FC1D9784837D5E6F5BCF870C7ECC92DCA1AF20B6A4C ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
19:28:14.0444 0x2310  xinputhid - ok
19:28:14.0448 0x2310  [ 1E80EDF59994925D6AF76D87564588E1, 40D02073F3A17B6C10F496341598D39F55CE70AD626BADE1BBD2021AB1A018F9 ] xusb22          C:\WINDOWS\System32\drivers\xusb22.sys
19:28:14.0458 0x2310  xusb22 - ok
19:28:14.0458 0x2310  ================ Scan global ===============================
19:28:14.0463 0x2310  [ C6BC6E49A7F76AA2BBA58CD08196755F, D02B6B285899E966D19323566A4780D51303D00E66674D7FF4B61991430A69A6 ] C:\WINDOWS\system32\basesrv.dll
19:28:14.0472 0x2310  [ 70EC9717DC3A1CDF79C703A145E0E5B7, D5ABF42063DFF799FD4099D8A347256CC79B89582B987B3DEE240AFA5BA421BE ] C:\WINDOWS\system32\winsrv.dll
19:28:14.0481 0x2310  [ F435AFA375ACBAEE44324DD464EDCC11, 815DE470439AE5D96348BEBF971A14FBDCA1D36F31CA0D25F69E5F41817D43D5 ] C:\WINDOWS\system32\sxssrv.dll
19:28:14.0492 0x2310  [ BB3D8E1C108F7244613FF3993291A922, 1642AF23F200D46F54239C3BA743F1D5ADDC6A32D5F6481264D0C1D7F3E9D533 ] C:\WINDOWS\system32\services.exe
19:28:14.0498 0x2310  [ Global ] - ok
19:28:14.0499 0x2310  ================ Scan MBR
=================================
19:28:14.0536 0x2310  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
19:28:14.0609 0x2310  \Device\Harddisk0\DR0 - ok
19:28:14.0610 0x2310  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
19:28:14.0667 0x2310  \Device\Harddisk1\DR1 - ok
19:28:15.0214 0x2310  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk2\DR2
19:28:15.0287 0x2310  \Device\Harddisk2\DR2 - ok
19:28:15.0287 0x2310  ================ Scan VBR ==================================
19:28:15.0288 0x2310  [ B31538E4AB09CF2966DBCA78C7BA39F5 ] \Device\Harddisk0\DR0\Partition1
19:28:15.0369 0x2310  \Device\Harddisk0\DR0\Partition1 - ok
19:28:15.0371 0x2310  [ 0CD744ED9B81971041EC30A9F4FD7191 ] \Device\Harddisk1\DR1\Partition1
19:28:15.0372 0x2310  \Device\Harddisk1\DR1\Partition1 - ok
19:28:15.0373 0x2310  [ 0389FFBB8CED55EEFF5C2633A538B520 ] \Device\Harddisk1\DR1\Partition2
19:28:15.0374 0x2310  \Device\Harddisk1\DR1\Partition2 - ok
19:28:15.0375 0x2310  [ 7E58A817E129058B9660CF231CB12AB2 ] \Device\Harddisk2\DR2\Partition1
19:28:15.0460 0x2310  \Device\Harddisk2\DR2\Partition1 - ok
19:28:15.0461 0x2310  ================ Scan generic autorun ======================
19:28:15.0595 0x2310  [ 22EBD5AE3B3220D713E544D1D3AB3FEE, 9EF058B096DAA5C6242FBEB3DF509108180B1EB1EA252E63C437CF6C1B743BE0 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
19:28:15.0720 0x2310  RTHDVCPL - ok
19:28:15.0760 0x2310  [ 463C40BFC0FB8FF59049E2CA78695A40, 8D693A061A19E47CCADEEC844D4ACF59B5CD3CE97452018807884D2ACBEDA7FF ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
19:28:15.0801 0x2310  NvBackend - ok
19:28:15.0806 0x2310  [ 5DED2A3F11AE916C8F2724947E736261, 35402466FE6D02CC85A27171F55D9F7FD0AAF018D3CC410E46F0B43DCE7EA080 ] C:\WINDOWS\system32\rundll32.exe
19:28:15.0819 0x2310  ShadowPlay - ok
19:28:15.0827 0x2310  [ 7486DEF5CC9334F58871D6D18B73C562, 68079CAEE80FB4A375EF04B6D3335FDE3A223C295D66821D13FFEF0FFD6B80C3 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
19:28:15.0838 0x2310  AdobeAAMUpdater-1.0 - ok
19:28:15.0842 0x2310  [ 838258B7655F2309F7BE63F844AF51BB, 50E5831663E8BD4627C9D532AB4B0D451D668CFC519163E5D75952BA9BD6EE12 ] C:\Program Files\iTunes\iTunesHelper.exe
19:28:15.0847 0x2310  iTunesHelper - ok
19:28:15.0878 0x2310  [ 051B5C9492CBAF8AF8BF800A27BE0529, 27674C88CBDE020FD385C4BE81E51D67A5A1824AC6E2F85E0BB13BD6D31815AC ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
19:28:15.0914 0x2310  Adobe Creative Cloud - ok
19:28:15.0920 0x2310  [ 49B12C13247C277EAD4C5C18D03A3636, B28A3EE22232D6E22B76EA64D75005700D5C07EA47E4C39C7913995136214D73 ] C:\Program Files (x86)\PDF24\pdf24.exe
19:28:15.0928 0x2310  PDFPrint - ok
19:28:15.0996 0x2310  [ A04D2F4D72154CBA6AE0CAF11EDE79E7, 17EF1DC93E45CB564B25155BD6A84E91ED99CF6078FB900BA7070660D107592C ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
19:28:16.0079 0x2310  LogMeIn Hamachi Ui - ok
19:28:16.0084 0x2310  [ A8E69DA21AEEB9DAA55D90E87AC1A549, 175AF750A1DF53555D0CB6C61312CEE37E2CB182873041A8AE38C57EA01DC2F5 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
19:28:16.0090 0x2310  Avira SystrayStartTrigger - ok
19:28:16.0105 0x2310  [ C1A86A6D6847DEFF009EAE85BA0C1F20, 7DC2A823FA281117B335B74876469C788A5C81534251179BE86F3FB35F1B6D67 ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
19:28:16.0119 0x2310  avgnt - ok
19:28:16.0244 0x2310  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:28:16.0360 0x2310  OneDriveSetup - ok
19:28:16.0481 0x2310  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:28:16.0583 0x2310  OneDriveSetup - ok
19:28:16.0598 0x2310  [ 9F2ECA252720B25E8FEC1CAB2984B98D, 476EE2929901CD43F15869B763376393AA0942A3B934532055E037C6DCE3CD2D ] C:\Users\Tower\AppData\Local\Microsoft\OneDrive\OneDrive.exe
19:28:16.0611 0x2310  OneDrive - ok
19:28:16.0618 0x2310  [ 6659BE85DD83E17C664C042B3D03C60C, 556DC8369D4D5FD99C2C3FB50116A0A515C8BFEDA5C2F53793848A377930C68D ] C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe
19:28:16.0626 0x2310  cloudmusic - ok
19:28:16.0673 0x2310  [ A6C14453331A9574422A60A74705473A, CDA6BA72A6272471A8FFC8BCC704A14C967E59A6EF94EE09C7916EE40CE1E6BA ] C:\Program Files (x86)\Origin\Origin.exe
19:28:16.0728 0x2310  EADM - ok
19:28:16.0771 0x2310  [ 006A09387926B45CD228BCAE56F7653B, 4D1B1143DD5056DC11D07462318C1CE4378C7077412ABF85717BDA6D872BBEF5 ] C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
19:28:16.0820 0x2310  DAEMON Tools Pro Agent - ok
19:28:16.0877 0x2310  [ 3D5D4137594D2EBA8868EAD504B89366, D5FEB5B8303B083A79A4617E59B2FB34FAD71BE72F3F8DD6E4B69B3D03FE658A ] C:\Program Files\DAEMON Tools Lite\DTAgent.exe
19:28:16.0944 0x2310  DAEMON Tools Lite Automount - ok
19:28:16.0947 0x2310  Waiting for KSN requests completion. In queue: 210
19:28:17.0948 0x2310  Waiting for KSN requests completion. In queue: 210
19:28:18.0948 0x2310  Waiting for KSN requests completion. In queue: 210
19:28:19.0280 0x1460  Object required for P2P: [ 7EBD20284AC9BF9F0A020B86769BB074 ] Tcpip
19:28:19.0949 0x2310  Waiting for KSN requests completion. In queue: 153
19:28:20.0949 0x2310  Waiting for KSN requests completion. In queue: 153
19:28:21.0729 0x1460  Object send P2P result: true
19:28:21.0730 0x1460  Object required for P2P: [ 7EBD20284AC9BF9F0A020B86769BB074 ] Tcpip6
19:28:21.0949 0x2310  Waiting for KSN requests completion. In queue: 152
19:28:22.0949 0x2310  Waiting for KSN requests completion. In queue: 152
19:28:23.0950 0x2310  Waiting for KSN requests completion. In queue: 152
19:28:24.0153 0x1460  Object send P2P result: true
19:28:24.0177 0x1460  Object required for P2P: [ 0968D575D9108497A6DC37749D4A6C4F ] wlidsvc
19:28:24.0950 0x2310  Waiting for KSN requests completion. In queue: 44
19:28:25.0951 0x2310  Waiting for KSN requests completion. In queue: 44
19:28:26.0589 0x1460  Object send P2P result: true
19:28:26.0978 0x2310  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.13.202 ), 0x41000 ( enabled : updated )
19:28:26.0981 0x2310  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.10240.16384 ), 0x60100 ( disabled : updated )
19:28:26.0994 0x2310  Win FW state via NFP2: enabled ( trusted )
19:28:29.0361 0x2310  ============================================================
19:28:29.0361 0x2310  Scan finished
19:28:29.0361 0x2310  ============================================================
19:28:29.0387 0x2308  Detected object count: 0
19:28:29.0387 0x2308  Actual detected object count: 0

M-K-D-B · 03.11.2015, 09:24

Servus,

Zukünftig bitte beachten:

Zitat:

Gestartet von C:\Users\Tower\Downloads

Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.

Schritt 1
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 4
Bitte deaktiviere dein Anti-Viren-Programm, da es das Ergebnis beeinflussen oder ggf. die Bereinigung stören kann.
Bitte lade dir zoek.exe von hier: http://hijackthis.nl/smeenk/ und speichere die Datei auf deinem Desktop.

Starte Zoek.exe mit einem Doppelklick. Es wird etwas dauern, bis sich das Programm öffnet.
Achtung: Das folgende Skript wurde nur für diesen speziellen Fall geschrieben und könnte andere Computer beschädigen.

Kopiere den Text der folgenden Box in das Skriptfenster von zoek:

Code:

ATTFilter

iedefaults;
resetIEproxy;
shortcutfix;
resethosts;
FFdefaults;
CHRdefaults;
emptyclsid;

Nun klicke auf "Run script" und sei geduldig bis das Skript durchgelaufen ist.
Wenn das Tool fertig ist, wird sich Notepad mit der Logdatei öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter c:\ .
Bitte poste mir das ZOEK-Log (möglichst in CODE-Tags - #-Symbol im Antwortfenster klicken).

Schritt 5

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die Logdatei von JRT,
die Logdatei von Zoek,
die beiden neuen Logdateien von FRST.

Redgrieve · 04.11.2015, 14:48

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v5.017 - Bericht erstellt am 04/11/2015 um 14:09:51
# Aktualisiert am 03/11/2015 von Xplode
# Datenbank : 2015-11-03.2 [Server]
# Betriebssystem : Windows 10 Home  (x64)
# Benutzername : Tower - TOWER-PC
# Gestartet von : C:\Users\Tower\Desktop\AdwCleaner_5.017.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\Program Files (x86)\myfree codec

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default\user.js

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Geplante Tasks ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Schlüssel Gelöscht : HKCU\Software\distromatic
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

***** [ Internetbrowser ] *****

[-] [C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : searchinterneat-a.akamaihd.net

*************************

:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3018 Bytes] ##########

--- --- ---

[/CODE]

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 04.11.2015
Suchlaufzeit: 14:16
Protokolldatei: Malware bytes2.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.11.04.03
Rootkit-Datenbank: v2015.10.28.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Tower

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 381796
Abgelaufene Zeit: 4 Min., 34 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 10 Home x64
Ran by Tower on 04.11.2015 at 14:25:03,24
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\results hub
Successfully deleted: [Folder] C:\ProgramData\results hub



~~~ Chrome


[C:\Users\Tower\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Tower\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
icpgjfneehieebagbmdbhnlpiopdcmna

[C:\Users\Tower\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Tower\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
  icpgjfneehieebagbmdbhnlpiopdcmna
]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.11.2015 at 14:26:26,32
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Code:

ATTFilter

Zoek.exe v5.0.0.1 Updated 03-November-2015
Tool run by Tower on 04.11.2015 at 14:29:07,02.
Microsoft Windows 10 Home 10.0.10240  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Tower\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

04.11.2015 14:29:32 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp. 
# 
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows. 
# 
# This file contains the mappings of IP addresses to host names. Each 
# entry should be kept on an individual line. The IP address should 
# be placed in the first column followed by the corresponding host name. 
# The IP address and the host name should be separated by at least one 
# space. 
# 
# Additionally, comments (such as these) may be inserted on individual 
# lines or following the machine name denoted by a '#' symbol. 
# 
# For example: 
# 
#      102.54.94.97     rhino.acme.com          # source server 
#       38.25.63.10     x.acme.com              # x client host 
 
127.0.0.1       localhost 

==== FireFox Fix ======================

Deleted from C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser//h?eq=U0EeCFZVBB8SRggSJAkKV11EEhgbJAwOTA1BFwQOIlsPAxRDFgcWIwEMU19AEFQFIk0FA18DB0VXfV9eFElXTwhxJUpNDU0CaUBB");
user_pref("browser.search.defaultenginename", "Default");
user_pref("browser.search.selectedEngine", "Default");

Added to C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default
- Segurana do navegador Avira - %ProfilePath%\extensions\abs@avira.com
- Avira SafeSearch Plus - %ProfilePath%\extensions\safesearchplus@avira.com

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default
CA6755C23F8E96E1A237FFB6E1D08B76	- C:\Users\Tower\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll -	Unity Player


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
"Search Page"="hxxp://www.google.com"
"Default_Search_URL"="hxxp://www.google.com"
"Default_Page_URL"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="hxxp://www.google.com"
"Default_Search_URL"="hxxp://www.google.com"
"Search Page"="hxxp://www.google.com"
"Start Page"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="hxxp://www.google.com"
"Default_Search_URL"="hxxp://www.google.com"
"Search Page"="hxxp://www.google.com"
"Start Page"="hxxp://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully
C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences was reset successfully
C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data will be reset at reboot
C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data-journal will be reset at reboot

==== shortcuts on Users Desktops ======================

C:\Users\Tower\Desktop\DUC (2).lnk - C:\Program Files (x86)\No-IP\DUC40.exe 
C:\Users\Tower\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\Tower\Desktop\HearthstoneTracker.lnk - C:\Program Files (x86)\HearthstoneTracker\HearthCap.exe 
C:\Users\Tower\Desktop\Open Broadcaster Software.lnk - C:\Program Files (x86)\OBS\OBS.exe 
C:\Users\Tower\Desktop\RocketLeague - Shortcut.lnk - C:\Users\Tower\Downloads\lib\[www.mpc-g.com]RcktLg105\Binaries\Win32\RocketLeague.exe 
C:\Users\Tower\Desktop\Uplay.lnk - D:\Program Files (x86)\Ubisoft Game Launcher\Uplay.exe 
C:\Users\Tower\Desktop\µTorrent.lnk -  

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Avira Launcher.lnk - C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe /showMiniGui
C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Multiplayer.lnk - C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe 
C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Singleplayer.lnk - C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3sp.exe 
C:\Users\Public\Desktop\DAEMON Tools Lite.lnk - C:\Program Files\DAEMON Tools Lite\DTLauncher.exe 
C:\Users\Public\Desktop\FIFA 16.lnk - C:\BF4\FIFA 16\fifa16.exe 
C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe 
C:\Users\Public\Desktop\LogMeIn Hamachi.lnk - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe 
C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk - C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe 
C:\Users\Public\Desktop\Minecraft.lnk - D:\Games\Minecraft\MinecraftLauncher.exe 
C:\Users\Public\Desktop\PDF Bearbeiten.lnk - C:\Program Files (x86)\PDFBearbeiten\splash.exe 
C:\Users\Public\Desktop\Titanfall.lnk - D:\Games\Titanfall\Titanfall.exe 
C:\Users\Public\Desktop\Total War - SHOGUN 2.lnk - D:\Program Files (x86)\Total War - SHOGUN 2\Shogun2.exe 
C:\Users\Public\Desktop\Winamp.lnk - C:\Program Files (x86)\Winamp\winamp.exe 

==== shortcuts in Users Start Menu ======================

C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\MinGW Installation Manager.lnk - C:\MinGW\libexec\mingw-get\guimain.exe 
C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -  
C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Battle.lnk - D:\Programme\Battle.net\Battle.net.exe 
C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView 64.lnk - C:\Program Files (x86)\IrfanView\i_view64.exe 
C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk - C:\Users\Tower\AppData\Local\Microsoft\OneDrive\OneDrive.exe 
C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Origin.lnk - D:\Origin\Origin.exe 
C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam.lnk - D:\Programme\Steam\Steam.exe 
C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uplay.lnk - D:\Ubisoft Game Launcher\Uplay.exe 
C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks\CB Share Config.lnk - C:\Program Files (x86)\CodeBlocks\cb_share_config.exe 
C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks\Code Snippets.lnk - C:\Program Files (x86)\CodeBlocks\codesnippets.exe 
C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks\CodeBlocks.lnk - C:\Program Files (x86)\CodeBlocks\codeblocks.exe 
C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks\Uninstall CodeBlocks.lnk - C:\Program Files (x86)\CodeBlocks\uninstall.exe 
C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthstoneTracker\HearthstoneTracker.lnk - C:\Program Files (x86)\HearthstoneTracker\HearthCap.exe 
C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthstoneTracker\Uninstall.lnk - C:\Program Files (x86)\HearthstoneTracker\uninstall.exe 
C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MusicBee\MusicBee.lnk - D:\MusicBee\MusicBee.exe 
C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MusicBee\Uninstall MusicBee.lnk - D:\MusicBee\Uninstall.exe 
C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC\DUC.lnk - C:\Program Files (x86)\No-IP\DUC40.exe 
C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC\License.lnk - C:\Program Files (x86)\No-IP\License.txt 
C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC\Uninstall.lnk - C:\Program Files (x86)\No-IP\Uninstall.exe 
C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software\Open Broadcaster Software (32bit).lnk - C:\Program Files (x86)\OBS\OBS.exe 
C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software\Open Broadcaster Software (64bit).lnk - C:\Program Files\OBS\OBS.exe 
C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software\Uninstall.lnk - C:\Program Files (x86)\OBS\uninstall.exe 
C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk - D:\Programme\Steam\Steam.exe 
C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uninstall.lnk - D:\Program Files (x86)\Ubisoft Game Launcher\Uninstall.exe 
C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uplay.lnk - D:\Program Files (x86)\Ubisoft Game Launcher\Uplay.exe 
C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -  
C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm 
C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk - C:\Program Files (x86)\WinRAR\WhatsNew.txt 
C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe 

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.lnk - C:\Program Files\Adobe\Adobe Photoshop CC 2015\Photoshop.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk - C:\WINDOWS\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk - C:\Program Files\GIMP 2\bin\gimp-2.8.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\?????.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision\Call of Duty(R) 4 - Modern Warfare(TM)\Call of Duty(R) 4 - Modern Warfare(TM) Multiplayer.lnk - C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision\Call of Duty(R) 4 - Modern Warfare(TM)\Call of Duty(R) 4 - Modern Warfare(TM) Singleplayer.lnk - C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3sp.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision\Call of Duty(R) 4 - Modern Warfare(TM)\Uninstall Call of Duty(R) 4 - Modern Warfare(TM).lnk - C:\Program Files (x86)\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\uninstall.exe -runfromtemp -l0x0409
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision\Call of Duty(R) 4 - Modern Warfare(TM)\Documentation\Call of Duty(R) 4 - Modern Warfare(TM) Manual.lnk - C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\Docs\manual.pdf 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision\Call of Duty(R) 4 - Modern Warfare(TM)\Documentation\Customer Support.lnk - C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\Docs\Help\customer_support.htm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision\Call of Duty(R) 4 - Modern Warfare(TM)\Documentation\Readme.lnk - C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\Docs\Help\readme.htm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision\Call of Duty(R) 4 - Modern Warfare(TM)\Documentation\Technical Help.lnk - C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\Docs\help.htm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Launcher.lnk - C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe /showMiniGui
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Antivirus\Avira Antivirus Hilfe.lnk - C:\Program Files (x86)\Avira\Antivirus\208\avwin.chm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Antivirus\Avira Antivirus starten.lnk - C:\Program Files (x86)\Avira\Antivirus\avcenter.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Antivirus\Avira im Internet.lnk - C:\Program Files (x86)\Avira\Antivirus\weblink.url 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4\Battlefield 4 Endbenutzer-Lizenzvertrag.lnk - C:\BF4\Battlefield 4\Support\eula\de_DE_eula.rtf 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4\Battlefield 4(64 bit).lnk - C:\BF4\Battlefield 4\BF4WebHelper.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4\Battlefield 4.lnk - C:\BF4\Battlefield 4\BF4X86WebHelper.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4\Kundendienst.lnk - C:\BF4\Battlefield 4\Support\EA Help\Kundendienst.rtf 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine 6.4 (32-bit).lnk - C:\Program Files (x86)\Cheat Engine 6.4\cheatengine-i386.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine 6.4 (64-bit).lnk - C:\Program Files (x86)\Cheat Engine 6.4\cheatengine-x86_64.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine 6.4.lnk - C:\Program Files (x86)\Cheat Engine 6.4\Cheat Engine.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine help.lnk - C:\Program Files (x86)\Cheat Engine 6.4\CheatEngine.chm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine tutorial.lnk - C:\Program Files (x86)\Cheat Engine 6.4\Tutorial-i386.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\main.lua.lnk - C:\WINDOWS\system32\notepad.exe C:\Program Files (x86)\Cheat Engine 6.4\main.lua
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Reset settings.lnk - C:\Program Files (x86)\Cheat Engine 6.4\ceregreset.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Uninstall Cheat Engine.lnk - C:\Program Files (x86)\Cheat Engine 6.4\unins000.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Kernel stuff\Unload kernel module.lnk - C:\Program Files (x86)\Cheat Engine 6.4\Kernelmoduleunloader.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks\CodeBlocks.lnk - C:\Program Files (x86)\CodeBlocks\codeblocks.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\DAEMON Tools Lite.lnk - C:\Program Files\DAEMON Tools Lite\DTLauncher.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro\DAEMON Tools Pro.lnk - C:\Program Files (x86)\DAEMON Tools Pro\DTPro.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro\Image Editor.lnk - C:\Program Files (x86)\DAEMON Tools Pro\DTImgEditor.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 16\FIFA 16 Endbenutzer-Lizenzvertrag.lnk - C:\BF4\FIFA 16\Support\eula\de_DE_eula.rtf 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 16\FIFA 16.lnk - C:\BF4\FIFA 16\fifa16.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 16\Kundendienst.lnk - C:\BF4\FIFA 16\Support\EA Help\Kundendienst.rtf 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 16\Readme.lnk - C:\BF4\FIFA 16\Support\readme\readme.de.txt 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\Über iTunes.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab about
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe -tab update
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk - C:\Program Files (x86)\Java\jre7\bin\javacpl.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\LogMeIn Hamachi.lnk - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\Uninstall.lnk - C:\WINDOWS\SysWOW64\msiexec.exe /i {38DAAEA7-903D-4FBF-A5D3-F7EB8F83782A} REMOVE=ALL
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \Malwarebytes Anti-Malware entfernen.lnk - C:\Program Files (x86)\ Malwarebytes Anti-Malware \unins000.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \Malwarebytes Anti-Malware Notifications.lnk - C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware .lnk - C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\ Malwarebytes Anti-Malware \Chameleon\Windows\chameleon.chm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\accicons.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\xlicons.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Designer 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\inficon.exe  /design 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Filler 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\inficon.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Lync 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\lyncicon.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\joticon.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\outicon.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\pptico.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\pubs.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Send to OneNote 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\joticon.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\SkyDrive Pro 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\grv_icons.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\wordicon.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Database Compare 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\dbcicons.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Lync Recording Manager.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\lyncicon.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Office 2013 Language Preferences.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\misc.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Office 2013 Upload Center.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\msouc.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Spreadsheet Compare 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\sscicons.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Telemetry Dashboard for Office 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\osmadminicon.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Telemetry Log for Office 2013.lnk - C:\WINDOWS\Installer\{90150000-0011-0000-0000-0000000FF1CE}\osmclienticon.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft.lnk - D:\Games\Minecraft\MinecraftLauncher.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++\Notepad++.lnk - C:\Program Files (x86)\Notepad++\notepad++.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\LaunchGFExperience.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe /show
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin Fehlermelder.lnk - C:\Program Files (x86)\Origin\OriginER.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin.lnk - C:\Program Files (x86)\Origin\Origin.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24\PDF24 Creator.lnk - C:\Program Files (x86)\PDF24\pdf24-Creator.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24\PDF24 Fax.lnk - C:\Program Files (x86)\PDF24\pdf24-Fax.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFBearbeiten\PDF Bearbeiten entfernen.lnk - C:\Program Files (x86)\PDFBearbeiten\unins000.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFBearbeiten\PDF Bearbeiten.lnk - C:\Program Files (x86)\PDFBearbeiten\splash.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Smart Switch PC\Smart Switch.lnk - C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPC.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Smart Switch PC\Uninstall Smart Switch.lnk - C:\Program Files (x86)\InstallShield Installation Information\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}\setup.exe /removeonly
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung PC Studio 3\Multimedia Manager.lnk - C:\Program Files (x86)\Samsung\Samsung PC Studio 3\Launcher.exe -MManager
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung PC Studio 3\Multimedia Player.lnk - C:\Program Files (x86)\Samsung\Samsung PC Studio 3\Multimedia player.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung PC Studio 3\Samsung PC Studio 3.lnk - C:\Program Files (x86)\Samsung\Samsung PC Studio 3\Launcher.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung PC Studio 3\Uninstall Samsung PC Studio 3.lnk - C:\Program Files (x86)\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe /L000407 /removeonly Uninstall
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA\Total War - SHOGUN 2\Total War - SHOGUN 2 entfernen.lnk - D:\Program Files (x86)\Total War - SHOGUN 2\unins000.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA\Total War - SHOGUN 2\Total War - SHOGUN 2.lnk - D:\Program Files (x86)\Total War - SHOGUN 2\Shogun2.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Vegas Pro 13.0\Vegas Pro 13.0 (64-bit).lnk - C:\Program Files (x86)\Sony\Vegas Pro 13.0\vegas130.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Vegas Pro 13.0\Vegas Pro 13.0 Liesmich.lnk - C:\Program Files (x86)\Sony\Vegas Pro 13.0\Readme\Vegas_readme_deu.htm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\TeamSpeak 3 Client.lnk - C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\Uninstall.lnk - C:\Program Files (x86)\TeamSpeak 3 Client\Uninstall.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Titanfall\Kundendienst.lnk - D:\Games\Titanfall\Support\EA Help\Kundendienst.rtf 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Titanfall\Titanfall Endbenutzer-Lizenzvertrag.lnk - D:\Games\Titanfall\Support\eula\de_DE_eula.rtf 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Titanfall\Titanfall.lnk - D:\Games\Titanfall\Titanfall.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Was ist neu.lnk - C:\Program Files (x86)\Winamp\whatsnew.txt 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Winamp (Abgesicherter Modus).lnk - C:\Program Files (x86)\Winamp\winamp.exe /SAFE=1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Winamp deinstallieren.lnk - C:\Program Files (x86)\Winamp\uninstwa.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Winamp.lnk - C:\Program Files (x86)\Winamp\winamp.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.chm 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk - C:\Program Files (x86)\WinRAR\WhatsNew.txt 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\?????\???????.lnk -  
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\?????\?????.lnk -  

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\CodeBlocks.lnk - C:\Program Files (x86)\CodeBlocks\codeblocks.exe 
C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PDF Bearbeiten.lnk - C:\Program Files (x86)\PDFBearbeiten\splash.exe 
C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung PC Studio 3.lnk - C:\Program Files (x86)\Samsung\Samsung PC Studio 3\Launcher.exe 
C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Smart Switch.lnk - C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPC.exe 
C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk - C:\Program Files (x86)\Winamp\winamp.exe 
C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -  
C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Smart Switch.lnk - C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPC.exe 
C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\GeForce Experience.lnk - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\LaunchGFExperience.exe 
C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 
C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Open Broadcaster Software.lnk - C:\Program Files (x86)\OBS\OBS.exe 

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== After Reboot ======================

==== Deleting Files / Folders ======================

"C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data" not found
"C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data-journal" not found

==== EOF on 04.11.2015 at 14:31:12,20 ======================

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-10-2015
durchgeführt von Tower (Administrator) auf TOWER-PC (04-11-2015 14:32:25)
Gestartet von C:\Users\Tower\Desktop
Geladene Profile: Tower (Verfügbare Profile: Tower)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Windows\System32\PnkBstrA.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\NCS2\WMIProv\ncs2prov.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Users\Tower\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(NetEase) C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe
(NetEase) C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe
(NetEase) C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-07-22] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2303152 2015-07-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [218656 2015-09-01] (Geek Software GmbH)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-10-26] (LogMeIn Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782520 2015-10-05] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\Run: [cloudmusic] => C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe [356720 2015-08-20] (NetEase)
HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3638256 2015-10-27] (Electronic Arts)
HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3129560 2014-02-24] (Disc Soft Ltd)
HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\MountPoints2: {b3db381f-6cef-11e5-8288-1c872c435803} - "H:\setup.exe" 
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{248c2f9a-a959-44e0-89c4-fb5feece3233}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.asus.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-10-10] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-10-10] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-10-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-10-10] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-07-23] (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-07-23] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2297507985-1758812650-2133870427-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tower\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Extension: Avira Browser Safety - C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default\Extensions\abs@avira.com [2015-11-02] [ist nicht signiert]
FF Extension: Avira SafeSearch Plus - C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default\Extensions\safesearchplus@avira.com [2015-11-02] [ist nicht signiert]

Chrome: 
=======
CHR DefaultSearchURL: Profile 1 -> hxxps://safesearch.avira.com/#web/result?source=omnibar&q={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> Avira
CHR DefaultSuggestURL: Profile 1 -> hxxps://safesearch.avira.com/suggestions?q={searchTerms}&li=ff&hl=en
CHR Profile: C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Default
CHR Profile: C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Avira Browser Safety) - C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-11-04]
CHR Extension: (Avira SafeSearch) - C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khjilmcjipkeokomeekfnhkpbnhmgaje [2015-11-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-04]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [680112 2015-07-22] (Adobe Systems Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [932912 2015-10-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-10-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-10-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1147720 2015-10-05] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [243968 2015-10-14] (Avira Operations GmbH & Co. KG)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-10-26] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2099208 2015-10-27] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2015-08-29] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2015-08-29] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-10-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-10-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-10-05] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-10-05] (Avira Operations GmbH & Co. KG)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-10-07] (Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2015-08-25] (Disc Soft Ltd)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] ()
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-04 14:31 - 2015-11-04 14:31 - 00032719 _____ C:\Users\Tower\Desktop\zoek-results.txt
2015-11-04 14:31 - 2015-11-04 14:31 - 00016148 _____ C:\WINDOWS\system32\TOWER-PC_Tower_HistoryPrediction.bin
2015-11-04 14:30 - 2015-11-04 14:29 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-11-04 14:29 - 2015-11-04 14:31 - 00032719 _____ C:\zoek-results.log
2015-11-04 14:29 - 2015-11-04 14:29 - 00000000 ____D C:\zoek_backup
2015-11-04 14:28 - 2015-11-04 14:29 - 01309184 _____ C:\Users\Tower\Desktop\zoek.exe
2015-11-04 14:27 - 2015-11-04 14:27 - 00001286 _____ C:\Users\Tower\Desktop\JRT2.txt
2015-11-04 14:26 - 2015-11-04 14:26 - 00001286 _____ C:\Users\Tower\Desktop\JRT.txt
2015-11-04 14:23 - 2015-11-04 14:23 - 01798976 _____ (Malwarebytes) C:\Users\Tower\Desktop\JRT.exe
2015-11-04 14:21 - 2015-11-04 14:21 - 00001205 _____ C:\Users\Tower\Desktop\Malware bytes2.txt
2015-11-04 14:15 - 2015-11-04 14:15 - 22908888 _____ (Malwarebytes ) C:\Users\Tower\Downloads\mbam-setup-2.2.0.1024.exe
2015-11-04 14:15 - 2015-11-04 14:15 - 00003121 _____ C:\Users\Tower\Desktop\AdwCleaner[C1].txt
2015-11-04 14:09 - 2015-11-04 14:09 - 00000000 ____D C:\AdwCleaner
2015-11-04 14:07 - 2015-11-04 14:07 - 01708032 _____ C:\Users\Tower\Desktop\AdwCleaner_5.017.exe
2015-11-02 19:26 - 2015-11-02 19:27 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Tower\Desktop\tdsskiller.exe
2015-11-02 19:20 - 2015-11-04 14:32 - 00019461 _____ C:\Users\Tower\Desktop\FRST.txt
2015-11-02 19:20 - 2015-11-02 19:20 - 00058113 _____ C:\Users\Tower\Desktop\Addition.txt
2015-11-02 19:19 - 2015-11-04 14:32 - 00000000 ____D C:\FRST
2015-11-02 19:19 - 2015-11-02 19:19 - 00061499 _____ C:\Users\Tower\Downloads\FRST.txt
2015-11-02 19:19 - 2015-11-02 19:19 - 00058113 _____ C:\Users\Tower\Downloads\Addition.txt
2015-11-02 19:18 - 2015-11-02 19:19 - 02198016 _____ (Farbar) C:\Users\Tower\Desktop\FRST64.exe
2015-11-02 18:23 - 2015-11-02 18:23 - 00001356 _____ C:\Users\Tower\Desktop\malware bytes.txt
2015-11-02 15:24 - 2015-11-02 15:24 - 00000000 ____D C:\Users\Tower\AppData\Roaming\Avira
2015-11-02 15:22 - 2015-10-05 15:51 - 00148632 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-11-02 15:22 - 2015-10-05 15:51 - 00137800 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-11-02 15:22 - 2015-10-05 15:51 - 00074440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-11-02 15:22 - 2015-10-05 15:51 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2015-11-02 15:21 - 2015-11-02 15:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-11-02 15:21 - 2015-11-02 15:22 - 00000000 ____D C:\ProgramData\Avira
2015-11-02 15:21 - 2015-11-02 15:22 - 00000000 ____D C:\Program Files (x86)\Avira
2015-11-02 15:21 - 2015-11-02 15:21 - 00001287 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-11-02 15:20 - 2015-11-02 15:21 - 04577440 _____ (Avira Operations GmbH & Co. KG) C:\Users\Tower\Downloads\avira_de_av_563771342a8bc__ws.exe
2015-11-02 15:17 - 2015-11-02 15:17 - 00002336 _____ C:\Users\Tower\Desktop\Google Chrome.lnk
2015-11-02 14:05 - 2015-11-04 14:16 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-02 14:05 - 2015-11-02 14:05 - 00001175 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-11-02 14:05 - 2015-11-02 14:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-11-02 14:05 - 2015-11-02 14:05 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-02 14:05 - 2015-11-02 14:05 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-11-02 14:05 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-11-02 14:05 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-11-02 14:05 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-11-02 14:04 - 2015-11-02 14:04 - 22908888 _____ (Malwarebytes ) C:\Users\Tower\Downloads\mbam-setup-org-2.2.0.1024.exe
2015-11-01 18:36 - 2015-11-01 18:36 - 00000000 _____ C:\Users\Tower\Desktop\Neues Textdokument (2).txt
2015-11-01 17:27 - 2015-11-01 17:27 - 01088437 _____ (pendrivelinux.com) C:\Users\Tower\Downloads\Universal-USB-Installer-1.9.6.2.exe
2015-11-01 17:19 - 2015-11-01 17:20 - 06160320 _____ (LinuxLive USB Creator) C:\Users\Tower\Downloads\LinuxLive_USB_Creator_2.9.4.exe
2015-11-01 17:02 - 2015-11-01 17:04 - 1178386432 _____ C:\Users\Tower\Downloads\ubuntu-15.10-desktop-amd64.iso
2015-10-30 13:57 - 2015-10-28 00:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-30 13:57 - 2015-10-28 00:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-30 13:57 - 2015-10-21 13:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-10-30 13:57 - 2015-10-21 13:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-10-30 13:57 - 2015-10-21 13:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-30 13:57 - 2015-10-21 13:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-30 13:57 - 2015-10-21 13:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-30 13:57 - 2015-10-21 13:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-30 13:57 - 2015-10-21 12:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-10-30 13:57 - 2015-10-21 12:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-30 13:57 - 2015-10-21 12:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-30 13:57 - 2015-10-21 12:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-10-30 13:57 - 2015-10-21 12:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-30 13:57 - 2015-10-21 12:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-10-30 13:57 - 2015-10-21 12:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-30 13:57 - 2015-10-21 12:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-30 13:57 - 2015-10-21 12:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-10-30 13:57 - 2015-10-21 12:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-30 13:57 - 2015-10-21 12:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-10-30 13:57 - 2015-10-21 12:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-30 13:57 - 2015-10-21 12:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-30 13:57 - 2015-10-21 12:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-10-30 13:57 - 2015-10-21 12:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-10-30 13:57 - 2015-10-21 06:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-30 13:57 - 2015-10-21 06:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-30 13:57 - 2015-10-21 06:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-30 13:57 - 2015-10-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-30 13:57 - 2015-10-21 06:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-30 13:57 - 2015-10-21 06:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-30 13:57 - 2015-10-21 06:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-30 13:57 - 2015-10-21 06:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-10-30 13:57 - 2015-10-21 05:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-10-30 13:57 - 2015-10-21 05:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-30 13:57 - 2015-10-21 05:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-10-27 14:54 - 2015-10-27 14:54 - 00000000 ____D C:\Users\Public\Documents\BrFaxRx
2015-10-27 14:53 - 2015-10-27 14:58 - 00000009 _____ C:\WINDOWS\Brfaxrx.ini
2015-10-27 14:53 - 2015-10-27 14:58 - 00000000 ____D C:\Program Files (x86)\Brother
2015-10-27 14:53 - 2015-10-27 14:53 - 00000000 ____D C:\ProgramData\PCFaxTx
2015-10-27 14:53 - 2015-10-27 14:53 - 00000000 ____D C:\ProgramData\ControlCenter4
2015-10-27 14:53 - 2015-10-27 14:53 - 00000000 ____D C:\Program Files (x86)\ControlCenter4
2015-10-27 14:53 - 2015-10-27 14:53 - 00000000 ____D C:\Program Files (x86)\Browny02
2015-10-27 14:53 - 2013-01-10 13:56 - 00253952 ____N (brother) C:\WINDOWS\SysWOW64\NSSearch.dll
2015-10-27 14:53 - 2012-12-12 11:37 - 00318464 ____N (Brother Industries, Ltd.) C:\WINDOWS\system32\BrFaxTxAppRun64.dll
2015-10-27 14:53 - 2012-10-22 14:41 - 00002560 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2S.dll
2015-10-27 14:53 - 2010-09-29 17:07 - 00180224 ____N (Brother Industries, Ltd.) C:\WINDOWS\SysWOW64\BroSNMP.dll
2015-10-27 14:53 - 2010-03-15 19:45 - 00073728 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2.dll
2015-10-27 14:53 - 2007-12-13 22:16 - 00005632 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2L.dll
2015-10-27 14:52 - 2015-10-27 14:52 - 00000000 ____D C:\Users\Tower\Downloads\install
2015-10-27 14:52 - 2015-10-27 14:52 - 00000000 ____D C:\Users\Tower\AppData\Roaming\InstallShield
2015-10-27 14:52 - 2015-10-27 14:52 - 00000000 ____D C:\ProgramData\InstallShield
2015-10-27 14:52 - 2015-10-27 14:52 - 00000000 ____D C:\ProgramData\Brother
2015-10-27 14:45 - 2015-10-27 14:52 - 151108968 _____ (A.I.SOFT,INC.) C:\Users\Tower\Downloads\MFC-J470DW-inst-A1-OCE.EXE
2015-10-27 14:33 - 2015-10-27 14:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-10-27 14:33 - 2015-10-27 14:33 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-10-25 20:35 - 2015-10-25 20:35 - 00001052 _____ C:\Users\Public\Desktop\Winamp.lnk
2015-10-25 20:35 - 2015-10-25 20:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2015-10-25 20:34 - 2015-10-25 22:38 - 00000000 ____D C:\Users\Tower\AppData\Roaming\Winamp
2015-10-25 20:34 - 2015-10-25 20:35 - 00000000 ____D C:\Program Files (x86)\Winamp
2015-10-25 20:34 - 2015-10-25 20:34 - 12855384 _____ (Nullsoft, Inc.) C:\Users\Tower\Downloads\winamp5666_full_de-de_b3516.exe
2015-10-25 20:34 - 2015-10-25 20:34 - 12855384 _____ (Nullsoft, Inc.) C:\Users\Tower\Downloads\winamp5666_full_de-de_b3516 (1).exe
2015-10-25 20:11 - 2015-10-25 20:37 - 00000000 ____D C:\Users\Tower\Desktop\Neuer Ordner
2015-10-24 13:43 - 2015-10-24 13:43 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2015-10-24 13:43 - 2015-10-24 13:43 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
2015-10-19 16:20 - 2015-10-25 16:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-16 10:01 - 2015-10-16 10:05 - 1671288950 _____ C:\Users\Tower\Downloads\jc3_trailer_kit.zip
2015-10-14 15:31 - 2015-10-10 08:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-14 15:31 - 2015-10-06 04:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-14 15:31 - 2015-10-06 03:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-14 15:31 - 2015-10-01 05:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-14 15:31 - 2015-10-01 05:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-14 15:31 - 2015-10-01 05:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-14 15:31 - 2015-10-01 05:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-14 15:31 - 2015-10-01 05:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-14 15:31 - 2015-10-01 04:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-14 15:31 - 2015-09-25 05:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-14 15:31 - 2015-09-25 05:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-14 15:31 - 2015-09-25 04:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-14 15:31 - 2015-09-25 04:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-14 15:31 - 2015-09-25 04:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-14 15:31 - 2015-09-25 04:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-14 15:31 - 2015-09-25 04:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-14 15:31 - 2015-09-25 04:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-14 15:31 - 2015-09-25 04:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-14 15:31 - 2015-09-25 04:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-14 15:31 - 2015-09-25 04:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-14 15:31 - 2015-09-25 04:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-14 15:31 - 2015-09-25 04:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-14 15:31 - 2015-09-25 04:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-14 15:31 - 2015-09-25 04:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-14 15:31 - 2015-09-25 04:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-14 15:31 - 2015-09-25 04:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-14 15:31 - 2015-09-25 04:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-14 15:31 - 2015-09-25 04:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-14 15:31 - 2015-09-25 04:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-14 15:31 - 2015-09-25 04:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-14 15:31 - 2015-09-25 04:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-14 15:31 - 2015-09-25 04:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-14 15:31 - 2015-09-25 03:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-14 15:31 - 2015-09-25 03:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-14 15:31 - 2015-09-25 03:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-14 15:31 - 2015-09-25 03:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-14 15:31 - 2015-09-25 03:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-14 15:31 - 2015-09-25 03:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-14 15:31 - 2015-09-25 03:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-14 15:31 - 2015-09-25 03:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-14 15:31 - 2015-09-25 03:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-14 15:31 - 2015-09-25 03:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-14 15:31 - 2015-09-25 03:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-14 15:31 - 2015-09-25 03:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-14 15:31 - 2015-09-25 03:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-14 15:31 - 2015-09-25 03:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-14 15:31 - 2015-09-25 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-14 15:31 - 2015-09-25 03:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-14 15:31 - 2015-09-25 03:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-14 15:31 - 2015-09-25 03:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-14 15:31 - 2015-09-25 03:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-14 15:31 - 2015-09-25 03:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-14 15:31 - 2015-09-25 03:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-14 15:31 - 2015-09-25 03:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-14 15:31 - 2015-09-25 03:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-14 15:31 - 2015-09-25 03:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-14 15:31 - 2015-09-25 03:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-14 15:31 - 2015-09-25 03:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-13 15:30 - 2015-10-13 15:35 - 00000000 ____D C:\Users\Tower\Downloads\Dead.Island-RELOADED
2015-10-13 15:29 - 2015-10-13 15:29 - 00019890 _____ C:\Users\Tower\Downloads\Dead.Island.Game.of.The.Year.Edition.PC.+.DLCs.^^nosTEAM^^.torrent
2015-10-12 20:11 - 2015-10-12 20:11 - 00537000 _____ () C:\Users\Tower\Downloads\MW2 RepZ Setup.exe
2015-10-12 20:11 - 2015-10-12 20:11 - 00000000 ____D C:\Users\Tower\AppData\Local\Deployment
2015-10-12 20:11 - 2015-10-12 20:11 - 00000000 ____D C:\Users\Tower\AppData\Local\Apps\2.0
2015-10-11 13:24 - 2015-10-11 13:24 - 00001072 _____ C:\Users\Tower\Desktop\DUC (2).lnk
2015-10-11 12:38 - 2015-11-04 14:31 - 00000000 ____D C:\Users\Tower\AppData\Local\LogMeIn Hamachi
2015-10-11 12:37 - 2015-10-27 14:33 - 00000995 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-10-11 12:37 - 2015-10-11 12:37 - 08716288 _____ C:\Users\Tower\Downloads\hamachi220383(1).msi
2015-10-11 12:19 - 2015-10-11 13:24 - 00000000 ____D C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC
2015-10-11 12:19 - 2015-10-11 12:19 - 00241720 _____ C:\Users\Tower\Downloads\DUCSetup_v4_1_1.exe
2015-10-11 12:19 - 2015-10-11 12:19 - 00000000 ____D C:\Users\Tower\AppData\Local\Vitalwerks
2015-10-11 12:19 - 2015-10-11 12:19 - 00000000 ____D C:\Program Files (x86)\No-IP
2015-10-11 12:03 - 2015-10-11 12:04 - 00000000 ____D C:\Users\Tower\Downloads\sd
2015-10-10 23:29 - 2015-10-16 11:44 - 00000000 ____D C:\Users\Tower\Desktop\Timur Vernes - Er ist wieder da
2015-10-10 23:29 - 2015-10-10 23:30 - 00000000 ____D C:\Users\Tower\Downloads\Neuer Ordner
2015-10-10 16:06 - 2015-10-10 16:06 - 00000000 ____D C:\Users\Tower\AppData\Local\LogMeIn
2015-10-10 16:06 - 2015-10-10 16:06 - 00000000 ____D C:\ProgramData\LogMeIn
2015-10-10 16:05 - 2015-10-10 16:06 - 08716288 _____ C:\Users\Tower\Downloads\hamachi220383.msi
2015-10-10 16:05 - 2015-10-10 16:06 - 08716288 _____ C:\Users\Tower\Downloads\hamachi220383 (1).msi
2015-10-10 15:38 - 2015-10-10 15:39 - 00000185 _____ C:\Users\Tower\Downloads\eula.txt
2015-10-10 15:38 - 2015-10-10 15:38 - 00000062 _____ C:\Users\Tower\Downloads\server.properties
2015-10-10 15:28 - 2015-10-10 15:38 - 08718628 _____ C:\Users\Tower\Downloads\minecraft_server.1.8.8.exe
2015-10-10 14:45 - 2015-10-10 14:45 - 30984104 _____ (Oracle Corporation) C:\Users\Tower\Downloads\jre-7u60-windows-x64.exe
2015-10-10 14:45 - 2015-10-10 14:45 - 00313256 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2015-10-10 14:45 - 2015-10-10 14:45 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2015-10-10 14:45 - 2015-10-10 14:45 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2015-10-10 14:45 - 2015-10-10 14:45 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-10-10 14:45 - 2015-10-10 14:45 - 00000702 _____ C:\Users\Public\Desktop\Titanfall.lnk
2015-10-10 14:45 - 2015-10-10 14:45 - 00000000 ____D C:\Users\Tower\AppData\LocalLow\Sun
2015-10-10 14:45 - 2015-10-10 14:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Titanfall
2015-10-10 14:45 - 2015-10-10 14:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-10 14:45 - 2015-10-10 14:45 - 00000000 ____D C:\Program Files\Java
2015-10-10 13:38 - 2015-10-11 12:23 - 00000000 ____D C:\Users\Tower\AppData\Roaming\.minecraft
2015-10-10 13:38 - 2015-10-10 13:38 - 00000000 ____D C:\Users\Tower\AppData\Roaming\java
2015-10-10 13:37 - 2015-10-10 13:37 - 02314240 _____ C:\Users\Tower\Downloads\MinecraftInstaller.msi
2015-10-10 13:37 - 2015-10-10 13:37 - 00000728 _____ C:\Users\Public\Desktop\Minecraft.lnk
2015-10-10 13:37 - 2015-10-10 13:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2015-10-09 20:14 - 2015-10-09 20:14 - 00000000 ____D C:\Users\Tower\Documents\Rockstar Games
2015-10-09 20:13 - 2015-10-09 20:13 - 00000000 ____D C:\Program Files\Rockstar Games
2015-10-09 20:12 - 2015-10-09 20:13 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2015-10-09 20:11 - 2015-10-09 20:11 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-10-09 20:11 - 2015-10-09 20:11 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-10-09 20:11 - 2015-10-09 20:11 - 00000000 ____D C:\Program Files\MSBuild
2015-10-09 20:11 - 2015-10-09 20:11 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-10-09 20:11 - 2015-10-09 20:11 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-10-09 20:11 - 2015-06-17 17:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-10-09 20:11 - 2015-06-17 17:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-10-09 20:11 - 2015-06-17 17:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-10-09 20:11 - 2015-05-29 20:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-10-09 20:11 - 2015-05-29 20:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-10-09 20:11 - 2015-05-29 20:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-10-08 14:29 - 2015-10-08 14:30 - 00000000 ____D C:\Users\Tower\Documents\STAR WARS Battlefront Beta
2015-10-08 02:51 - 2015-10-08 03:06 - 00000000 ____D C:\Users\Tower\AppData\Roaming\Teeworlds
2015-10-08 02:40 - 2015-10-08 02:41 - 39968152 _____ (Activision ) C:\Users\Tower\Downloads\CoD4MW-1.6-1.7-PatchSetup.exe
2015-10-08 02:40 - 2015-10-08 02:40 - 296330688 _____ (Activision ) C:\Users\Tower\Downloads\cod4mw-1.6-patchsetup.exe
2015-10-08 02:39 - 2015-10-08 02:41 - 72328877 _____ (Activision ) C:\Users\Tower\Downloads\cod4mw-1.4-patchsetup.exe
2015-10-08 02:39 - 2015-10-08 02:41 - 14544960 _____ (Activision ) C:\Users\Tower\Downloads\cod4mw-1.3-patchsetup.exe
2015-10-08 02:39 - 2015-10-08 02:40 - 14532064 _____ (Activision ) C:\Users\Tower\Downloads\cod4mw-1.2-patchsetup.exe
2015-10-08 02:39 - 2015-10-08 02:40 - 11167560 _____ (Activision ) C:\Users\Tower\Downloads\cod4mw-1.4-1.5mp-patchsetup.exe
2015-10-08 02:39 - 2015-10-08 02:40 - 11149280 _____ (Activision ) C:\Users\Tower\Downloads\cod4mw-1.1-patchsetup.exe
2015-10-08 00:16 - 2015-11-02 18:02 - 00000000 ____D C:\Users\Tower\Desktop\PROPHET
2015-10-08 00:07 - 2015-10-08 00:07 - 00000823 _____ C:\Users\Public\Desktop\Total War - SHOGUN 2.lnk
2015-10-08 00:07 - 2015-10-08 00:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA
2015-10-07 23:50 - 2015-10-07 23:50 - 00000000 ____D C:\Users\Tower\AppData\Local\Disc_Soft_Ltd
2015-10-07 23:44 - 2015-03-13 17:52 - 00015159 _____ C:\Users\Tower\Desktop\prophet.nfo
2015-10-07 23:43 - 2015-10-07 23:43 - 00000000 ____D C:\ProgramData\Steam
2015-10-07 21:43 - 2015-10-07 21:44 - 00000000 ____D C:\Users\Tower\AppData\Roaming\DAEMON Tools Lite
2015-10-07 21:43 - 2015-10-07 21:43 - 00030264 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2015-10-07 21:43 - 2015-10-07 21:43 - 00001814 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2015-10-07 21:43 - 2015-10-07 21:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-10-07 21:43 - 2015-10-07 21:43 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2015-10-07 21:43 - 2015-10-07 21:43 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2015-10-07 21:42 - 2015-10-07 21:42 - 01709792 _____ (Disc Soft Ltd.) C:\Users\Tower\Downloads\DT101LiteInstaller.exe
2015-10-07 21:42 - 2015-10-07 21:42 - 01709792 _____ (Disc Soft Ltd.) C:\Users\Tower\Downloads\DT101LiteInstaller (1).exe
2015-10-07 20:09 - 2015-10-07 20:24 - 00000000 ____D C:\Users\Tower\Downloads\Total.War.SHOGUN.2.Complete-PROPHET
2015-10-07 20:08 - 2015-10-07 20:08 - 00044495 _____ C:\Users\Tower\Downloads\Total.War.SHOGUN.2.Complete-PROPHET-[rarbg.com].torrent
2015-10-07 19:54 - 2015-10-07 19:55 - 00008431 _____ C:\Users\Tower\Downloads\mpdata
2015-10-07 19:47 - 2015-10-07 19:47 - 00002030 _____ C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Singleplayer.lnk
2015-10-07 19:47 - 2015-10-07 19:47 - 00002030 _____ C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Multiplayer.lnk
2015-10-07 19:47 - 2015-10-07 19:47 - 00000331 _____ C:\WINDOWS\game.ini
2015-10-07 19:47 - 2015-10-07 19:47 - 00000175 _____ C:\WINDOWS\DXError.log
2015-10-07 19:47 - 2015-10-07 19:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision
2015-10-07 19:46 - 2015-10-07 19:46 - 00000000 ____D C:\Program Files (x86)\Activision
2015-10-07 19:23 - 2015-10-13 15:29 - 00000000 ____D C:\Users\Tower\AppData\LocalLow\uTorrent
2015-10-07 19:23 - 2015-10-07 19:37 - 00000000 ____D C:\Users\Tower\Downloads\cod torrentti
2015-10-07 19:23 - 2015-10-07 19:23 - 00052707 _____ C:\Users\Tower\Downloads\[kat.cr]call.of.duty.4.full.crack.and.keygen (1).torrent
2015-10-07 19:22 - 2015-10-07 19:22 - 00002722 _____ C:\Users\Tower\Desktop\µTorrent.lnk
2015-10-07 19:22 - 2015-10-07 19:22 - 00002722 _____ C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2015-10-07 19:21 - 2015-10-13 22:23 - 00000000 ____D C:\Users\Tower\AppData\Roaming\uTorrent
2015-10-07 19:21 - 2015-10-07 19:21 - 01822048 _____ (BitTorrent Inc.) C:\Users\Tower\Downloads\uTorrent.exe
2015-10-07 19:20 - 2015-10-07 19:20 - 00052707 _____ C:\Users\Tower\Downloads\[kat.cr]call.of.duty.4.full.crack.and.keygen.torrent
2015-10-06 17:55 - 2015-10-08 22:33 - 00002270 _____ C:\Users\Tower\Desktop\RocketLeague - Shortcut.lnk

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-04 14:31 - 2015-08-15 23:47 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-11-04 14:31 - 2015-08-15 17:34 - 00000000 ____D C:\ProgramData\Origin
2015-11-04 14:31 - 2015-08-12 10:56 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-04 14:31 - 2015-07-10 13:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-04 14:30 - 2015-08-12 11:20 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-04 14:30 - 2015-08-12 11:19 - 00193510 _____ C:\WINDOWS\PFRO.log
2015-11-04 14:30 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-04 14:30 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-04 14:30 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-11-04 14:18 - 2015-08-12 11:27 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-04 14:18 - 2015-07-10 17:34 - 00771100 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-04 14:18 - 2015-07-10 17:34 - 00153964 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-04 14:11 - 2015-08-12 10:56 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-04 11:59 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-04 11:58 - 2015-08-12 08:07 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B0ABBCD9-80EF-444C-B833-51C5C9291BB0}
2015-11-04 11:56 - 2015-08-15 23:44 - 00000000 ____D C:\Users\Tower\AppData\Local\Adobe
2015-11-02 21:31 - 2015-08-23 12:50 - 00000000 ____D C:\Users\Tower\AppData\Roaming\TS3Client
2015-11-02 15:21 - 2015-08-12 13:07 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-01 19:26 - 2015-08-12 11:37 - 00000000 ____D C:\Users\Tower\Documents\The Witcher 3
2015-11-01 17:17 - 2015-08-24 19:09 - 00011217 _____ C:\WINDOWS\setupact.log
2015-11-01 16:55 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-11-01 16:39 - 2015-08-12 11:27 - 00002396 _____ C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-11-01 16:39 - 2015-08-12 08:35 - 00000000 ___RD C:\Users\Tower\OneDrive
2015-11-01 16:27 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-30 14:03 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-29 18:45 - 2015-08-12 10:03 - 00000000 ____D C:\Users\Tower\AppData\Local\Battle.net
2015-10-27 14:53 - 2015-08-24 15:27 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-10-27 14:36 - 2015-08-23 12:50 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-10-27 14:35 - 2015-08-16 19:31 - 00000000 ____D C:\Program Files (x86)\Origin
2015-10-25 22:39 - 2015-08-12 11:21 - 00000000 ____D C:\Users\Tower
2015-10-25 16:49 - 2015-08-15 19:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-24 02:41 - 2015-08-12 11:37 - 00284825 _____ C:\WINDOWS\DirectX.log
2015-10-24 02:20 - 2015-09-01 10:36 - 00000000 ____D C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-10-18 21:57 - 2015-08-12 11:37 - 00000000 ____D C:\Users\Tower\Documents\My Games
2015-10-16 11:55 - 2015-08-12 21:04 - 00477184 ___SH C:\Users\Tower\Desktop\Thumbs.db
2015-10-16 04:10 - 2015-07-10 12:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-16 04:10 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-14 15:45 - 2015-08-12 08:21 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-14 15:43 - 2015-08-12 08:21 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-10 19:04 - 2015-08-16 14:18 - 00226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2015-10-10 19:04 - 2015-08-16 14:18 - 00214392 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2015-10-10 14:09 - 2015-08-29 15:08 - 00000000 ____D C:\BF4
2015-10-09 20:11 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-10-09 20:11 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-10-08 11:50 - 2015-08-12 11:36 - 00000000 ____D C:\Users\Tower\AppData\Local\Steam
2015-10-08 01:32 - 2015-08-12 07:57 - 00000000 ____D C:\Users\Tower\AppData\Local\VirtualStore
2015-10-07 19:57 - 2013-11-15 03:30 - 00000000 ____D C:\Users\Tower\Downloads\sounds
2015-10-06 20:16 - 2015-09-04 10:36 - 00000000 ____D C:\Users\Tower\AppData\Roaming\OBS
2015-10-06 17:31 - 2013-11-15 03:30 - 00000000 ____D C:\Users\Tower\Downloads\lib

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-09-02 11:06 - 2015-05-12 17:11 - 0000034 _____ () C:\Users\Tower\AppData\Roaming\pdfdrawcodec.dll
2015-08-12 11:20 - 2015-08-12 11:20 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-08-24 20:19 - 2015-08-24 20:19 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt
2015-08-25 18:15 - 2015-08-25 18:15 - 0000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Einige Dateien in TEMP:
====================
C:\Users\Tower\AppData\Local\Temp\avgnt.exe
C:\Users\Tower\AppData\Local\Temp\bitool.dll
C:\Users\Tower\AppData\Local\Temp\jansi-64-git-Bukkit-12698ea-1231831953736236263.dll
C:\Users\Tower\AppData\Local\Temp\jansi-64-git-Bukkit-12698ea-2147131273227054406.dll
C:\Users\Tower\AppData\Local\Temp\jansi-64-git-Bukkit-12698ea-3088701552036717022.dll
C:\Users\Tower\AppData\Local\Temp\jansi-64-git-Bukkit-12698ea-3886152149526835255.dll
C:\Users\Tower\AppData\Local\Temp\jansi-64-git-Bukkit-12698ea-5515511938404337857.dll
C:\Users\Tower\AppData\Local\Temp\jansi-64-git-Bukkit-12698ea-7782766279733068079.dll
C:\Users\Tower\AppData\Local\Temp\msvcp90.dll
C:\Users\Tower\AppData\Local\Temp\msvcr90.dll
C:\Users\Tower\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Tower\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Tower\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-10-28 17:50

==================== Ende von FRST.txt ============================

--- --- ---

Redgrieve · 04.11.2015, 14:49

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-10-2015
durchgeführt von Tower (2015-11-04 14:33:04)
Gestartet von C:\Users\Tower\Desktop
Windows 10 Home (X64) (2015-08-12 10:25:38)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2297507985-1758812650-2133870427-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2297507985-1758812650-2133870427-503 - Limited - Disabled)
Gast (S-1-5-21-2297507985-1758812650-2133870427-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2297507985-1758812650-2133870427-1007 - Limited - Enabled)
Tower (S-1-5-21-2297507985-1758812650-2133870427-1001 - Administrator - Enabled) => C:\Users\Tower

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.2.0.129 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0.1 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Hidden
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.5.2.34169 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
Call of Duty: Black Ops III Beta (HKLM-x32\...\Steam App 388520) (Version:  - Treyarch)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
CodeBlocks (HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version:  - Relic Entertainment)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.5.0.0388 - Disc Soft Ltd)
Divinity: Original Sin (HKLM-x32\...\Steam App 230230) (Version:  - Larian Studios)
FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.4.15952.12 - Electronic Arts)
Frozen Synapse (HKLM-x32\...\Steam App 98200) (Version:  - Mode 7)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HAWKEN (HKLM-x32\...\Steam App 271290) (Version:  - Reloaded Games)
HearthstoneTracker (HKLM-x32\...\HearthstoneTracker) (Version: 1.9.23.39449 - HearthstoneTracker.com)
Intel(R) Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel)
IrfanView 64 (remove only) (HKLM\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
Java 7 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417060FF}) (Version: 7.0.600 - Oracle)
L.A. Noire (HKLM-x32\...\Steam App 110800) (Version:  - Team Bondi)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.406 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.406 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM-x32\...\Steam App 287700) (Version:  - Konami Digital Entertainment)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
MusicBee 2.4 (HKLM-x32\...\MusicBee) (Version: 2.4 - Steven Mayall)
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.1 - Vitalwerks Internet Solutions LLC)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.1 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.82 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.82 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Ori and the Blind Forest (HKLM-x32\...\Steam App 261570) (Version:  - Moon Studios GmbH)
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PDF24 Creator 7.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFBearbeiten V2.3 (HKLM-x32\...\PDFBearbeiten_is1) (Version:  - hxxp://www.PDFBearbeiten.net)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Daybreak Games)
PlanetSide 2 (HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Rainbow Six Siege - Closed Beta (HKLM-x32\...\Uplay Install 1001) (Version:  - Ubisoft)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.1 - Rockstar Games)
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version:  - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version:  - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version:  - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version:  - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version:  - )
Samsung PC Studio 3 (x32 Version: 3.0.0.80601 - Samsung Electronics Co., Ltd.) Hidden
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Street Fighter V Beta (HKLM-x32\...\Steam App 386800) (Version:  - )
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH)
Teeworlds (HKLM-x32\...\Steam App 380840) (Version:  - Teeworlds Team)
This War of Mine (HKLM-x32\...\Steam App 282070) (Version:  - 11 bit studios)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts)
Total War - SHOGUN 2 (HKLM-x32\...\Total War - SHOGUN 2_is1) (Version:  - )
Trine 3: The Artifacts of Power (HKLM-x32\...\Steam App 319910) (Version:  - Frozenbyte)
Unity Web Player (HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 10.0 - Ubisoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{386F5740-091D-11E4-B13E-F04DA23A5C58}) (Version: 13.0.373 - Sony)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
网易云音乐 (HKLM-x32\...\网易云音乐) (Version: 1.9.1.103164 - 网易公司)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-002F69BBD7D7}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Tower\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Wiederherstellungspunkte =========================

20-10-2015 15:45:51 Windows Update
24-10-2015 02:41:09 DirectX wurde installiert
27-10-2015 14:53:02 Installiert Brother Software Suite
04-11-2015 14:25:03 JRT Pre-Junkware Removal

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2015-11-04 14:29 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts

 
127.0.0.1       localhost 

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0EF7F484-A2A1-4CCB-BC4F-1BEBAA7C1EFB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {3103A7F7-47E1-45AA-BB56-31DEE52C63F0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {37EADF21-3C7F-48E8-8C9C-4445B3436696} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {3CD9976C-156F-4F90-81D0-1E6EE8B7089D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {405A312C-32D4-4C21-A517-8611DDF46B42} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {482CCEFB-1C55-48DE-8049-C553467578E1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {4F887DC4-853A-414A-AFAF-CC003426D02C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {5CED3E29-586D-48D8-ACC7-2CE3021DD750} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5FD55ECE-FA49-4715-AD46-B307532B1748} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {67044DCA-FB30-4576-96AB-C6094527DB3F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {67E21DB9-3BDA-46A6-BF2A-21663854C9BD} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {6E80604B-F248-4ABE-BF50-35385DC0C639} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {75599DED-4069-4648-8CE1-607683C6A986} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-12] (Google Inc.)
Task: {9D3219E3-DCAD-435B-8E70-8C706263AD67} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {AC4A6034-9A87-49DA-9CD9-E5E4EC53DFB6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-14] (Microsoft Corporation)
Task: {C7D86003-6247-4CAE-B201-7FE1E63430B3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {CEBABB8A-00EE-4F46-8DC1-9EFB8B2FC8FC} - \AutoKMS -> Keine Datei <==== ACHTUNG
Task: {D277D2C2-149D-4398-94F0-E54DAE68B6D2} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {EB12AB54-FC61-4830-9A96-A9971EFFEF12} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-12] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-08-12 12:18 - 2015-08-12 12:18 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-12 11:20 - 2015-08-25 16:57 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-19 11:24 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-08-12 11:20 - 2013-07-04 02:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-29 16:47 - 2015-08-29 16:47 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2015-10-02 09:24 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-02 09:24 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-07-22 00:02 - 2015-07-22 00:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2012-10-01 19:34 - 2012-10-01 19:34 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-10-02 09:24 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-02 09:25 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-02 09:24 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-02 09:24 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-02 09:24 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 12:00 - 2015-07-10 17:45 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-08-12 11:33 - 2015-08-27 01:37 - 00708216 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2015-08-12 11:33 - 2015-08-27 01:37 - 00854136 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2015-10-23 10:12 - 2015-10-20 15:55 - 01908040 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libglesv2.dll
2015-10-23 10:12 - 2015-10-20 15:55 - 00093512 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libegl.dll
2015-07-22 00:02 - 2015-07-22 00:02 - 31535264 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2015-08-12 11:20 - 2015-11-04 14:30 - 00038544 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2015-08-12 11:20 - 2013-07-04 02:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-08-12 11:33 - 2015-08-27 01:37 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-08-20 14:56 - 2015-08-20 14:56 - 00182128 _____ () C:\Program Files (x86)\Netease\CloudMusic\ExceptionHandler.dll
2015-08-20 14:56 - 2015-08-20 14:56 - 08699760 _____ () C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.dll
2015-08-20 14:56 - 2015-08-20 14:56 - 38797680 _____ () C:\Program Files (x86)\Netease\CloudMusic\libcef.dll
2015-08-20 14:56 - 2015-08-20 14:56 - 02561904 _____ () C:\Program Files (x86)\Netease\CloudMusic\ffmpegsumo.dll
2015-08-20 14:56 - 2015-08-20 14:56 - 00111984 _____ () C:\Program Files (x86)\Netease\CloudMusic\libFLAC++_dynamic.dll
2015-08-20 14:56 - 2015-08-20 14:56 - 00262000 _____ () C:\Program Files (x86)\Netease\CloudMusic\libFLAC_dynamic.dll
2015-08-20 14:56 - 2015-08-20 14:56 - 00877936 _____ () C:\Program Files (x86)\Netease\CloudMusic\libglesv2.dll
2015-08-20 14:56 - 2015-08-20 14:56 - 00135024 _____ () C:\Program Files (x86)\Netease\CloudMusic\libegl.dll
2015-08-16 19:31 - 2015-10-27 14:35 - 01016832 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2015-08-16 19:31 - 2015-10-27 14:35 - 00028160 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2015-08-16 19:31 - 2015-10-27 14:35 - 00029696 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2015-08-16 19:31 - 2015-10-27 14:35 - 00256000 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2015-08-16 19:31 - 2015-10-27 14:35 - 00266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2015-08-16 19:31 - 2015-10-27 14:35 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2015-08-16 19:31 - 2015-10-27 14:35 - 00346112 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2015-08-16 19:31 - 2015-10-27 14:35 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2015-07-22 14:32 - 2015-07-22 14:32 - 36732592 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2015-09-02 11:03 - 2015-09-01 13:28 - 00074272 _____ () C:\Program Files (x86)\PDF24\zlib.dll
2015-09-02 11:03 - 2015-09-01 13:28 - 00051744 _____ () C:\Program Files (x86)\PDF24\OperationUI.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\battelog.com -> hxxps://www.battelog.com
IE trusted site: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\battlefield.com -> hxxps://www.battlefield.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tower\Desktop\The-Witcher-3-Wild-Hunt-Sword-of-Destiny-Ultra-HD-Wallpaper-4k.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{215677AC-B348-41EA-8E64-054E930B0D2E}D:\games\hearthstone\hearthstone.exe] => (Allow) D:\games\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{1F6834EA-E9EA-4661-81F6-1DBA87896036}D:\games\hearthstone\hearthstone.exe] => (Allow) D:\games\hearthstone\hearthstone.exe
FirewallRules: [{62560D05-0E68-4C92-8652-79E97FA5A63E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{152FB88E-325F-4319-8919-F423068C7B85}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3AF06DFB-CD6B-47AE-BC97-F335B05AD05C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{50226629-B020-46F4-B85B-48DA999A836D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{6DB57B98-E4FF-4D63-8E1A-DFCF8778B300}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{1BAAB5C5-A4F0-46EA-9A01-B592694C097B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{81B8C514-5E12-4762-A840-45A704554C69}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{07E84485-22C8-4A03-8DAF-AEB4A883022D}] => (Allow) D:\Programme\Steam\Steam.exe
FirewallRules: [{2BCFA7B4-2341-4A3E-BBDE-5F92021931C4}] => (Allow) D:\Programme\Steam\Steam.exe
FirewallRules: [{E54E2D6D-D675-4FD8-8BCE-9048E6EB69F9}] => (Allow) D:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{D086F43C-5864-443D-A8C3-82AFED5D6D23}] => (Allow) D:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{69CE53C6-AFAD-4DD5-8D8F-4AAABDE7F94B}] => (Allow) D:\Games\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{67C8F4E3-E03D-4996-B96B-33679096207D}] => (Allow) D:\Games\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{109084FB-B8E6-4541-BEA6-2AD5E43D7A23}] => (Allow) D:\Games\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{F0CF891D-4E94-48CC-8A13-96209E98B07C}] => (Allow) D:\Games\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [TCP Query User{57195384-9343-43DF-86A7-C0D472413BEE}D:\program files (x86)\world of tanks\wotlauncher.exe] => (Allow) D:\program files (x86)\world of tanks\wotlauncher.exe
FirewallRules: [UDP Query User{D07FCF13-8259-44C3-BEBA-338032B3437A}D:\program files (x86)\world of tanks\wotlauncher.exe] => (Allow) D:\program files (x86)\world of tanks\wotlauncher.exe
FirewallRules: [TCP Query User{266EF9D3-30FE-48F1-AA40-5A93B0F45D03}D:\program files (x86)\world of tanks\worldoftanks.exe] => (Allow) D:\program files (x86)\world of tanks\worldoftanks.exe
FirewallRules: [UDP Query User{F9B2AA14-CEBC-4632-8098-F8D72C99C64E}D:\program files (x86)\world of tanks\worldoftanks.exe] => (Allow) D:\program files (x86)\world of tanks\worldoftanks.exe
FirewallRules: [{8A1A20A6-D30D-4B13-BF3A-AE0E28414132}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7BD0F7F3-49AF-413C-A5FF-AE034AA607CC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A8FC48FC-BA07-43E4-B6D9-708C56BEA990}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC 2015\Photoshop.exe
FirewallRules: [{72849705-37C9-4060-BDC9-CEE33E0939EA}] => (Allow) D:\Games\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{2CA8930D-7020-429F-8F42-B43D15FF844D}] => (Allow) D:\Games\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{A6CD5491-F9FF-4298-9BE5-26FCB05D13B2}] => (Allow) D:\Games\steamapps\common\Divinity - Original Sin\Shipping\EoCApp.exe
FirewallRules: [{7CA4CB26-0B8C-4810-9F5B-AA241CD5D79D}] => (Allow) D:\Games\steamapps\common\Divinity - Original Sin\Shipping\EoCApp.exe
FirewallRules: [{BDF14615-009D-4596-8AC5-D8718DC8C429}] => (Allow) D:\Games\steamapps\common\Frozen Synapse\FrozenSynapse.exe
FirewallRules: [{4363C883-4DB8-4C3A-90AB-F10D722B4913}] => (Allow) D:\Games\steamapps\common\Frozen Synapse\FrozenSynapse.exe
FirewallRules: [{4B7E6B4F-0E0D-41A7-A4A9-4E21DD738937}] => (Allow) D:\Games\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{3968E51C-72D4-4BA0-99F3-5B992E890E6F}] => (Allow) D:\Games\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{076ED1FB-1271-4BCC-AF26-9B8154292883}] => (Allow) D:\Games\steamapps\common\Ori\ori.exe
FirewallRules: [{91271E76-35CC-4814-9E5B-A88FE15CD32E}] => (Allow) D:\Games\steamapps\common\Ori\ori.exe
FirewallRules: [{0BEC11EB-9A5C-4222-8BAF-B18AD7AFEBDB}] => (Allow) D:\Games\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{6CDE77F7-6DD8-4E7F-BA75-43D12A92354A}] => (Allow) D:\Games\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{EFBFE8C1-F7B0-449C-986F-0DD016DEAE27}] => (Allow) D:\Games\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{B828E6C0-070A-43E5-9939-A09D3E334CF0}] => (Allow) D:\Games\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{4BDA12D5-7BC9-40BB-A8DC-7B56F67E904E}] => (Allow) D:\Games\steamapps\common\Trine 3\trine3_launcher.exe
FirewallRules: [{4C27179C-E104-4C58-A315-3E9E5DAB6A53}] => (Allow) D:\Games\steamapps\common\Trine 3\trine3_launcher.exe
FirewallRules: [TCP Query User{4244FD84-9DE8-4C07-BB86-8EC1C5F24F45}D:\games\steamapps\common\trine 3\trine3_64bit.exe] => (Allow) D:\games\steamapps\common\trine 3\trine3_64bit.exe
FirewallRules: [UDP Query User{52497E54-E682-4AB3-883F-849F47B23A79}D:\games\steamapps\common\trine 3\trine3_64bit.exe] => (Allow) D:\games\steamapps\common\trine 3\trine3_64bit.exe
FirewallRules: [{61E3AB01-64CA-4EDB-8D42-8B0C46D1FAFB}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{3B7D9F2D-8B89-4774-8268-B52CB11C0CAB}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{02811CCC-14CA-46BA-BDD9-B19EB613CD01}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{CD7F6DA3-5642-4F69-90FD-1FCD177A8442}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{88A0DF53-007A-4168-816C-A042A5F586D1}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{95F1CA0C-6ABE-44BB-9451-813E34D976F9}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{97EF4662-8C20-4E72-8197-E9ABAF052C0A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{974261BA-2D19-402F-A90A-CCF0B9337250}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{37DB4CEE-58C9-42D4-B35C-1662D82C8D7A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{50782609-FE39-4BCD-8E3F-55EFD7AF549C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{68D279F5-6EE3-4A4D-A535-A2AE4E25B293}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{FBE9AF85-E0EC-42D9-88BB-1D5DA3F27F63}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{6145B0F5-5E48-4B99-971F-C01E517CB48B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{158BC71F-C0F4-462B-BBE5-A4D2391136B1}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2C35DD76-FABF-49B3-86C4-B0A7A4C2F37D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{AE010B00-8F61-46F5-A274-E8C3420493E0}] => (Allow) C:\BF4\Battlefield 4\bf4_x86.exe
FirewallRules: [{AFF40177-E21C-4A4D-B553-6F9BA118AEF3}] => (Allow) C:\BF4\Battlefield 4\bf4_x86.exe
FirewallRules: [{4CB0CE31-0DFD-459C-889D-CFFA11AE0249}] => (Allow) C:\BF4\Battlefield 4\bf4.exe
FirewallRules: [{EEB4A72A-456C-4E4A-A348-7C3AA2B01398}] => (Allow) C:\BF4\Battlefield 4\bf4.exe
FirewallRules: [{436743DC-1772-4708-A4EB-E0FE3A60F26A}] => (Allow) D:\Games\steamapps\common\Call of Duty Black Ops III Beta\BlackOps3.exe
FirewallRules: [{B45BAA1D-E649-4516-9537-F76D4C00702F}] => (Allow) D:\Games\steamapps\common\Call of Duty Black Ops III Beta\BlackOps3.exe
FirewallRules: [{D21675F9-5B8D-475E-B6A1-2480E104FCAF}] => (Allow) D:\Games\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{370A9F65-F427-4B89-85B5-D5F0214D7A38}] => (Allow) D:\Games\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{28EA1612-19AF-4EEE-B3BA-954692851E6A}] => (Allow) C:\BF4\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{DF08077B-32BC-4009-849C-80955750613D}] => (Allow) C:\BF4\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{BB601256-8945-4C90-874A-27CD3C44788B}] => (Allow) C:\BF4\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{A8057CA9-268D-43FB-B024-8A22AB8790BE}] => (Allow) C:\BF4\Battlefield 4\BF4WebHelper.exe
FirewallRules: [TCP Query User{3040D893-5F64-4BEE-9CE2-DF68577547C6}C:\bf4\fifa 16\fifa16.exe] => (Allow) C:\bf4\fifa 16\fifa16.exe
FirewallRules: [UDP Query User{4138D23D-0C9F-4CC6-880B-171C209D1102}C:\bf4\fifa 16\fifa16.exe] => (Allow) C:\bf4\fifa 16\fifa16.exe
FirewallRules: [{A3FD0448-4283-468A-99C2-68309D9AD031}] => (Allow) D:\Program Files (x86)\Ubisoft Game Launcher\games\Rainbow Six Siege - Closed Beta\RainbowSix.exe
FirewallRules: [{5DD752B2-2E87-48D0-BBDC-00093E989646}] => (Allow) D:\Program Files (x86)\Ubisoft Game Launcher\games\Rainbow Six Siege - Closed Beta\RainbowSix.exe
FirewallRules: [{2C2CCE4E-A1EA-4CF0-83B5-E196E55E9BC1}] => (Allow) D:\Games\steamapps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{1EF74477-6E6F-4D71-8D24-3EFDF165A04C}] => (Allow) D:\Games\steamapps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{D78CA598-FA88-49BB-A7CD-97E5BC89F748}] => (Allow) D:\Games\steamapps\common\Hawken\Binaries\Win32\HawkenGame-Win32-Shipping.exe
FirewallRules: [{C243C51F-F277-47A0-8A62-064B4647E3C9}] => (Allow) D:\Games\steamapps\common\Hawken\Binaries\Win32\HawkenGame-Win32-Shipping.exe
FirewallRules: [{C17B1139-63C2-4D41-85C2-DE2050AB6FA1}] => (Allow) C:\BF4\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{D8882855-F8DF-4F53-BD02-ADC4FCDDD921}] => (Allow) C:\BF4\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [TCP Query User{F8CE605B-91E5-464C-88F2-4A3DAF6A8B24}D:\games\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) D:\games\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [UDP Query User{4A3496E0-53BC-4D42-A622-66CCEBA7F70E}D:\games\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) D:\games\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [{96064DD7-CE03-4F0D-B338-2D8D1E52FBB9}] => (Allow) D:\Games\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{EF9EE171-C2EC-403D-A593-862522BB4E83}] => (Allow) D:\Games\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [TCP Query User{3161F613-58BA-490A-BF32-BB378B669BC6}C:\users\tower\downloads\lib\[www.mpc-g.com]rcktlg105\binaries\win32\rocketleague.exe] => (Allow) C:\users\tower\downloads\lib\[www.mpc-g.com]rcktlg105\binaries\win32\rocketleague.exe
FirewallRules: [UDP Query User{FAE1244A-5DB1-47E3-B4B4-E15817C68733}C:\users\tower\downloads\lib\[www.mpc-g.com]rcktlg105\binaries\win32\rocketleague.exe] => (Allow) C:\users\tower\downloads\lib\[www.mpc-g.com]rcktlg105\binaries\win32\rocketleague.exe
FirewallRules: [{6794FD39-FAD4-4CE1-BFF0-9110FE13801F}] => (Allow) C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4D402FFE-0A88-4204-9D26-F66313A82FBD}] => (Allow) C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{49414156-6D04-4ED4-843D-44E19C46866C}] => (Allow) C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8AD2136B-FD93-4F18-A945-D2E70D07B6E8}] => (Allow) C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7935BB68-7D2C-4E8A-B506-E95946F20444}] => (Allow) C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{19FD221F-0A03-43F3-8919-B3992E72175E}] => (Allow) C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{5F58A196-190C-486C-BFC3-DC39693AC853}D:\program files (x86)\total war - shogun 2\shogun2.exe] => (Allow) D:\program files (x86)\total war - shogun 2\shogun2.exe
FirewallRules: [UDP Query User{7D8AA4CC-F861-47F0-9842-317D204A9198}D:\program files (x86)\total war - shogun 2\shogun2.exe] => (Allow) D:\program files (x86)\total war - shogun 2\shogun2.exe
FirewallRules: [{640B579A-8F7C-40D3-86A5-25A0E53B9B96}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{51CD6A31-7EB4-49F4-BA82-2700A2428173}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{83277662-335B-4596-A8A1-185AC754DE67}] => (Allow) D:\Games\steamapps\common\Teeworlds\teeworlds.exe
FirewallRules: [{251D4361-3957-4E8A-8CCF-583405B6A0BA}] => (Allow) D:\Games\steamapps\common\Teeworlds\teeworlds.exe
FirewallRules: [{8EF908CA-3F7A-4C61-B3A3-E7BCD95F4AEF}] => (Allow) D:\Games\steamapps\common\L.A.Noire\LANLauncher.exe
FirewallRules: [{08C86DD2-F657-4DF3-BB92-2F40D37D1402}] => (Allow) D:\Games\steamapps\common\L.A.Noire\LANLauncher.exe
FirewallRules: [{B0777CE3-1F8E-4180-9C31-18C5F3B19A39}] => (Allow) D:\Games\Titanfall\Titanfall.exe
FirewallRules: [{0D19F0F3-324A-4D66-85B4-94F8CD4BA36F}] => (Allow) D:\Games\Titanfall\Titanfall.exe
FirewallRules: [TCP Query User{A90948F1-0257-4F3E-A2B0-24A88EF02EF9}D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{1C09ABD3-1321-4D90-8AA9-8E02EFBC285F}D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{346C6197-2990-41F2-A816-B2AC493AB97C}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{54CB7B40-80F0-4E83-AF83-696FA9E2E203}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{31981CE6-90D0-4002-8284-213407374F40}] => (Allow) D:\Games\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{360DD666-147F-465D-B92F-5EE5ABACFBD9}] => (Allow) D:\Games\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{615D134D-28D0-4ADE-AA26-9F09B503E8F8}D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe] => (Allow) D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe
FirewallRules: [UDP Query User{04594715-5C3D-4CA3-B4D4-9A6300CC718A}D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe] => (Allow) D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe
FirewallRules: [{998C1B58-163B-476D-AF20-0AC2110B2BDC}] => (Allow) D:\Games\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{FD6686CE-F6FE-4BD0-83F1-ECAB9B09A597}] => (Allow) D:\Games\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{8B9E0380-799D-4102-A481-C34A283A2584}] => (Allow) D:\Games\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{B7631C0D-93B7-44D9-ACA3-5D5F47FEA85E}] => (Allow) D:\Games\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{72F906CB-AD23-4E4A-BF4D-D37FEFD163FF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E74C905D-ED71-45D6-BBD4-1579A84E6195}] => (Allow) D:\Games\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{9824A515-66D8-4007-B4AF-F4A54DC532B9}] => (Allow) D:\Games\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E60C9963-847C-4B88-B53C-4CAF9D696165}] => (Allow) D:\Games\steamapps\common\StreetFighterVBeta\StreetFighterVBeta.exe
FirewallRules: [{75FEF355-9E2C-4DCE-B3F0-61D8CF3DE1C5}] => (Allow) D:\Games\steamapps\common\StreetFighterVBeta\StreetFighterVBeta.exe
FirewallRules: [{DBE33EBB-49E7-4198-960A-BC4B7EA46CAB}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{09E3F538-B087-48B5-BAB4-45CCF1CAC801}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{E81C4C61-4ECD-412D-BDB9-F223447A610A}] => (Allow) D:\Games\steamapps\common\Super Street Fighter IV - Arcade Edition\SSFIV.exe
FirewallRules: [{F24956A8-4923-4429-9A31-7AD4C7BFFB10}] => (Allow) D:\Games\steamapps\common\Super Street Fighter IV - Arcade Edition\SSFIV.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/04/2015 02:30:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Tower-PC.local already in use; will try Tower-PC-2.local instead

Error: (11/04/2015 02:30:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister    4 Tower-PC.local. Addr 192.168.0.10

Error: (11/04/2015 02:30:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.10:5353   16 Tower-PC.local. AAAA 2A02:810D:29BF:ED58:F01C:688F:9F5C:8E46

Error: (11/04/2015 02:25:04 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (11/04/2015 11:55:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Tower-PC.local already in use; will try Tower-PC-2.local instead

Error: (11/04/2015 11:55:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 0; will deregister    4 Tower-PC.local. Addr 192.168.0.10

Error: (11/04/2015 11:55:47 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.10:5353   16 Tower-PC.local. AAAA 2A02:810D:29BF:ED58:F01C:688F:9F5C:8E46

Error: (11/02/2015 04:45:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: avscan.exe, Version: 15.0.13.202, Zeitstempel: 0x55e5b9fd
Name des fehlerhaften Moduls: avscan.exe, Version: 15.0.13.202, Zeitstempel: 0x55e5b9fd
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00043612
ID des fehlerhaften Prozesses: 0x17e0
Startzeit der fehlerhaften Anwendung: 0xavscan.exe0
Pfad der fehlerhaften Anwendung: avscan.exe1
Pfad des fehlerhaften Moduls: avscan.exe2
Berichtskennung: avscan.exe3
Vollständiger Name des fehlerhaften Pakets: avscan.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: avscan.exe5

Error: (11/01/2015 11:43:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TOWER-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (11/01/2015 11:17:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TOWER-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (11/04/2015 02:30:51 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\StarOpen.SYS

Error: (11/04/2015 02:30:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/04/2015 02:30:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/04/2015 02:30:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/04/2015 02:30:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/04/2015 02:25:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/04/2015 02:25:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Disc Soft Lite Bus Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/04/2015 02:25:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/04/2015 02:25:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/04/2015 02:25:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2015-11-01 21:33:39.326
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-01 21:33:39.318
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-01 18:41:14.353
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-01 18:41:14.345
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-01 17:24:20.935
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-01 17:24:20.924
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-01 16:37:41.302
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-10-29 19:26:56.311
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-10-28 17:50:46.255
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-10-26 18:56:55.660
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Prozentuale Nutzung des RAM: 18%
Installierter physikalischer RAM: 16326.53 MB
Verfügbarer physikalischer RAM: 13277 MB
Summe virtueller Speicher: 18758.53 MB
Verfügbarer virtueller Speicher: 15075.54 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:232.1 GB) (Free:54.65 GB) NTFS
Drive d: (Games/Programme) (Fixed) (Total:1863.01 GB) (Free:1059.53 GB) NTFS
Drive e: (Daten) (Fixed) (Total:1863.01 GB) (Free:1860.36 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 1863 GB) (Disk ID: 12F312F3)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 82563300)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 1863 GB) (Disk ID: 117B117C)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Ich hoffe jetzt habe ich alles richtig gemacht >.>
Das Problem besteht weiterhin.
Dankesehr

M-K-D-B · 05.11.2015, 13:15

Servus,

in welchem Browser tritt das Problem aktuell auf?

Starte FRST erneut. Kopiere den Inhalt der folgenden Code-Box oben in die Zeile:
Code:
ATTFilter
```
akamaihd;results hub;resultshub;
         
```
Drücke auf Registry-Suche.
FRST beginnt mit dem Suchlauf. Dies kann einige Zeit dauern.
Am Ende erstellt FRST eine Textdatei Search.txt.
Poste mir deren Inhalt mit deiner nächsten Antwort.

Redgrieve · 10.11.2015, 15:51

Code:

ATTFilter

Farbar Recovery Scan Tool (x64) Version:05-11-2015
durchgeführt von Tower (2015-11-07 02:02:48)
Gestartet von C:\Users\Tower\Desktop
Start-Modus: Normal

================== Registry-Suche: "akamaihd;results hub;resultshub" ===========


===================== Suchergebnis für "akamaihd" ==========

[HKEY_USERS\S-1-5-21-2297507985-1758812650-2133870427-1001\SOFTWARE\Microsoft\Internet Explorer\TypedURLs]
"url1"="hxxp://192.168.0.1/index.html?zteRurl=searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggSJAkKV11EEhgbJAwOTA1BFwQOIlsPAxRDFgcWIwEMU19AEFQFIk0FA1oDB0VXfVtUBlpXTwhxJUpNDU0CaUBB?zteRurl=#home"

===================== Suchergebnis für "resultshub" ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{112732dc-ea3d-4d9d-bb68-652be21810c2}]
"LocalService"="Service Mgr ResultsHub"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\AppID\{112732dc-ea3d-4d9d-bb68-652be21810c2}]
"LocalService"="Service Mgr ResultsHub"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\AppID\{112732dc-ea3d-4d9d-bb68-652be21810c2}]
"LocalService"="Service Mgr ResultsHub"

====== Ende von Suche ======

Das Problem tritt in Chrome, Mozilla und im Internet Explorer auf. Andere Browser nutze ich nicht.

M-K-D-B · 10.11.2015, 16:57

Servus,

Hinweis: Der Suchlauf mit ESET kann länger dauern.

Schritt 0
Starte AdwCleaner, das Programm wird dir einen Hinweis geben, dass eine neue Version verfügbar ist. Klicke auf Ok und lade dir die neuste Version herunter.
Führe AdwCleaner nochmals aus (Suchen > Löschen) und poste mir die neue Logdatei.

Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
CloseProcesses:
Task: {0EF7F484-A2A1-4CCB-BC4F-1BEBAA7C1EFB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {3103A7F7-47E1-45AA-BB56-31DEE52C63F0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {37EADF21-3C7F-48E8-8C9C-4445B3436696} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {3CD9976C-156F-4F90-81D0-1E6EE8B7089D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {405A312C-32D4-4C21-A517-8611DDF46B42} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {482CCEFB-1C55-48DE-8049-C553467578E1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {5FD55ECE-FA49-4715-AD46-B307532B1748} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {67044DCA-FB30-4576-96AB-C6094527DB3F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {9D3219E3-DCAD-435B-8E70-8C706263AD67} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {C7D86003-6247-4CAE-B201-7FE1E63430B3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {CEBABB8A-00EE-4F46-8DC1-9EFB8B2FC8FC} - \AutoKMS -> Keine Datei <==== ACHTUNG
Task: {D277D2C2-149D-4398-94F0-E54DAE68B6D2} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{112732dc-ea3d-4d9d-bb68-652be21810c2}
CMD: reg delete "HKEY_USERS\S-1-5-21-2297507985-1758812650-2133870427-1001\SOFTWARE\Microsoft\Internet Explorer\TypedURLs" /v url1 /f 
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2
Downloade dir ZHPCleaner auf deinen Desktop.

Schließe alle Internetbrowser.
Starte die ZHPCleaner.exe
Klicke auf Scanner und warte bis der Suchlauf abgeschlossen ist.
Klicke auf Bericht, eine Logdatei namens ZHPCleaner.txt wird sich öffnen.
Poste mir den Inhalt der Logdatei mit deiner nächsten Antwort.
Klicke auf Beenden, um ZHPCleaner zu schließen.

Schritt 3
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.

Starte die HitmanPro.exe
Klicke auf
Entferne den Haken bei
Klicke auf
und
Akzeptiere die Lizenzbedingungen und klicke auf
Klicke auf

und auf
Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
und speichere die Logdatei auf Deinem Desktop.
Schließe HitmanPro und poste mir das Log.

Schritt 4

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von ZHPCleaner,
die Logdatei von HitmanPro,
die Logdatei von ESET.

Redgrieve · 11.11.2015, 15:28

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v5.019 - Bericht erstellt am 11/11/2015 um 13:53:30
# Aktualisiert am 08/11/2015 von Xplode
# Datenbank : 2015-11-09.1 [Server]
# Betriebssystem : Windows 10 Home  (x64)
# Benutzername : Tower - TOWER-PC
# Gestartet von : C:\Users\Tower\Desktop\adwcleaner_5.019.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLL ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****


########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [616 Bytes] ##########

--- --- ---

[/CODE]

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-11-2015
durchgeführt von Tower (2015-11-11 13:56:12) Run:1
Gestartet von C:\Users\Tower\Desktop
Geladene Profile: Tower (Verfügbare Profile: Tower)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
Task: {0EF7F484-A2A1-4CCB-BC4F-1BEBAA7C1EFB} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {3103A7F7-47E1-45AA-BB56-31DEE52C63F0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {37EADF21-3C7F-48E8-8C9C-4445B3436696} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {3CD9976C-156F-4F90-81D0-1E6EE8B7089D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {405A312C-32D4-4C21-A517-8611DDF46B42} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {482CCEFB-1C55-48DE-8049-C553467578E1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {5FD55ECE-FA49-4715-AD46-B307532B1748} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {67044DCA-FB30-4576-96AB-C6094527DB3F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {9D3219E3-DCAD-435B-8E70-8C706263AD67} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {C7D86003-6247-4CAE-B201-7FE1E63430B3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {CEBABB8A-00EE-4F46-8DC1-9EFB8B2FC8FC} - \AutoKMS -> Keine Datei <==== ACHTUNG
Task: {D277D2C2-149D-4398-94F0-E54DAE68B6D2} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{112732dc-ea3d-4d9d-bb68-652be21810c2}
CMD: reg delete "HKEY_USERS\S-1-5-21-2297507985-1758812650-2133870427-1001\SOFTWARE\Microsoft\Internet Explorer\TypedURLs" /v url1 /f 
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
         
*****************

Prozess erfolgreich geschlossen.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0EF7F484-A2A1-4CCB-BC4F-1BEBAA7C1EFB}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0EF7F484-A2A1-4CCB-BC4F-1BEBAA7C1EFB}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3103A7F7-47E1-45AA-BB56-31DEE52C63F0}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3103A7F7-47E1-45AA-BB56-31DEE52C63F0}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{37EADF21-3C7F-48E8-8C9C-4445B3436696}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37EADF21-3C7F-48E8-8C9C-4445B3436696}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3CD9976C-156F-4F90-81D0-1E6EE8B7089D}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3CD9976C-156F-4F90-81D0-1E6EE8B7089D}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{405A312C-32D4-4C21-A517-8611DDF46B42}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{405A312C-32D4-4C21-A517-8611DDF46B42}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{482CCEFB-1C55-48DE-8049-C553467578E1}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{482CCEFB-1C55-48DE-8049-C553467578E1}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5FD55ECE-FA49-4715-AD46-B307532B1748}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FD55ECE-FA49-4715-AD46-B307532B1748}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{67044DCA-FB30-4576-96AB-C6094527DB3F}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{67044DCA-FB30-4576-96AB-C6094527DB3F}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9D3219E3-DCAD-435B-8E70-8C706263AD67}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D3219E3-DCAD-435B-8E70-8C706263AD67}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C7D86003-6247-4CAE-B201-7FE1E63430B3}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C7D86003-6247-4CAE-B201-7FE1E63430B3}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{CEBABB8A-00EE-4F46-8DC1-9EFB8B2FC8FC}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEBABB8A-00EE-4F46-8DC1-9EFB8B2FC8FC}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D277D2C2-149D-4398-94F0-E54DAE68B6D2}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D277D2C2-149D-4398-94F0-E54DAE68B6D2}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{112732dc-ea3d-4d9d-bb68-652be21810c2} => Schlüssel erfolgreich entfernt

=========  reg delete "HKEY_USERS\S-1-5-21-2297507985-1758812650-2133870427-1001\SOFTWARE\Microsoft\Internet Explorer\TypedURLs" /v url1 /f =========

Der Vorgang wurde erfolgreich beendet.


========= Ende von CMD: =========


========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


=========  ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl�sungscache wurde geleert.

========= Ende von CMD: =========


=========  netsh winsock reset =========


Der Winsock-Katalog wurde zur�ckgesetzt.
Sie m�ssen den Computer neu starten, um den Vorgang abzuschlie�en.


========= Ende von CMD: =========

EmptyTemp: => 1.4 GB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 13:57:16 ====

Habe hier jetzt nicht auf Reparatur geklickt:

Code:

ATTFilter

~ ZHPCleaner v2015.11.11.376 by Nicolas Coolman (2015/11/11)
~ Run by Tower (Administrator)  (11/11/2015 14:05:22)
~ Site : hxxp://www.nicolascoolman.fr
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Scanner
~ Report : C:\Users\Tower\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Tower\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 10 Home, 64-bit  (Build 10240)


---\\ Dienst. (0)
~ Alle bösartigen oder unnötige Element gefunden.


---\\ Browser. (0)
~ Alle bösartigen oder unnötige Element gefunden.


---\\ Datei Host. (2)
GEFUNDEN:  
~ Anzahl der Weiterleitungen gefunden1/20


---\\ Geplante Tasks (0)
~ Alle bösartigen oder unnötige Element gefunden.


---\\ Explorer (Ordner, Dateien). (18)
GEFUNDEN Datei: C:\Windows\AutoKMS\AutoKMS.log    =>HackTool.AutoKMS
GEFUNDEN Datei: C:\ProgramData\Microsoft Toolkit\Settings.xml    =>HackTool.AutoKMS
GEFUNDEN Ordner: C:\ProgramData\Microsoft Toolkit  =>HackTool.AutoKMS
GEFUNDEN Ordner: C:\WINDOWS\AutoKMS  =>HackTool.AutoKMS
GEFUNDEN Ordner: C:\WINDOWS\Installer\MSIE1AE.tmp-  =>Empty
GEFUNDEN Ordner: C:\WINDOWS\Installer\MSIE328.tmp-  =>Empty
GEFUNDEN Ordner: C:\WINDOWS\Installer\MSIE3C9.tmp-  =>Empty
GEFUNDEN Ordner: C:\WINDOWS\Installer\MSIE457.tmp-  =>Empty
GEFUNDEN Ordner: C:\WINDOWS\Installer\MSIE4D5.tmp-  =>Empty
GEFUNDEN Ordner: C:\WINDOWS\Installer\MSIE582.tmp-  =>Empty
GEFUNDEN Ordner: C:\WINDOWS\Installer\MSIE6AC.tmp-  =>Empty
GEFUNDEN Ordner: C:\WINDOWS\Installer\MSIE739.tmp-  =>Empty
GEFUNDEN Ordner: C:\WINDOWS\Installer\MSIE7B7.tmp-  =>Empty
GEFUNDEN Ordner: C:\WINDOWS\Installer\MSIECA1.tmp-  =>Empty
GEFUNDEN Ordner: C:\WINDOWS\Installer\MSIED2F.tmp-  =>Empty
GEFUNDEN Ordner: C:\WINDOWS\Installer\MSIEDAD.tmp-  =>Empty
GEFUNDEN Ordner: C:\WINDOWS\Installer\MSIEE2B.tmp-  =>Empty
GEFUNDEN Ordner: C:\WINDOWS\Installer\MSIEE9A.tmp-  =>Empty


---\\ Registrierung (Schlüssel, Werte, Daten). (0)
~ Alle bösartigen oder unnötige Element gefunden.


---\\Reparieren Check
~ keine Reparaturen.
~ dieser Browser fehlt (Google Chrome)
~ dieser Browser fehlt (Opera Software)


---\\Statistiken
~ Elemente gescannt : 95099
~ Einträge gefunden : 21
~ Elemente abgesagt : 0
~ Elemente repariert : 0


~ End of search in 2 minutes
===================
ZHPCleaner-[S]-11112015-14_08_13.txt

Code:

ATTFilter


	Code: 

 ATTFilter

  
	HitmanPro 3.7.10.251
www.hitmanpro.com

   Computer name . . . . : TOWER-PC
   Windows . . . . . . . : 10.0.0.10240.X64/8
   User name . . . . . . : TOWER-PC\Tower
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2015-11-11 14:12:43
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 1m 9s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 4

   Objects scanned . . . : 1.643.028
   Files scanned . . . . : 33.687
   Remnants scanned  . . : 385.709 files / 1.223.632 keys

Suspicious files ____________________________________________________________

   C:\Users\Tower\AppData\Local\PunkBuster\BF4\pb\PnkBstrK.sys
      Size . . . . . . . : 138.648 bytes
      Age  . . . . . . . : 73.9 days (2015-08-29 16:27:23)
      Entropy  . . . . . : 7.7
      SHA-256  . . . . . : DE86A451D282866613EE18CF668C2E962ABCB09FA51F7FF0C98405418A19EA81
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Tower\Desktop\FRST-OlderVersion\FRST64.exe
      Size . . . . . . . : 2.198.016 bytes
      Age  . . . . . . . : 8.8 days (2015-11-02 19:18:45)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : B8D2E195C330C6F28CD427557166AD564BE59D17BF15CA204BB4333F76D41713
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 23.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.

   C:\Users\Tower\Desktop\FRST64.exe
      Size . . . . . . . : 2.198.528 bytes
      Age  . . . . . . . : 4.5 days (2015-11-07 02:01:37)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : D33E591C587FD3A772D55ED7718564DA16237D74FE6C5D108EA6611BDAA35A6F
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
         -3.0s C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default\revocations.txt
         -2.8s C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default\webapps\webapps.json
         -2.8s C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default\sessionCheckpoints.json
         -0.6s C:\Users\Tower\AppData\Local\Microsoft\Windows\INetCookies\B1NZ7BA8.txt
         -0.6s C:\Users\Tower\AppData\Local\Microsoft\Windows\INetCookies\U90RTJKN.txt
         -0.6s C:\Users\Tower\AppData\Local\Microsoft\Windows\INetCache\IE\9UETXOOA\82[1].htm
         -0.0s C:\Users\Tower\AppData\Local\Microsoft\Windows\INetCache\IE\9UETXOOA\FRST64[1].exe
          0.0s C:\Users\Tower\Desktop\FRST64.exe
          6.8s C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default\prefs.js
          6.9s C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default\xulstore.json
          7.5s C:\Users\Tower\Desktop\FRST-OlderVersion\

   C:\Users\Tower\Desktop\PROPHET\Shogun2.exe
      Size . . . . . . . : 293.488 bytes
      Age  . . . . . . . : 34.6 days (2015-10-08 00:16:32)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : C97D924F65DBC7AE5214001F561E36034493C77809367EF1187F0D7960B42F4E
      Product  . . . . . : Total War: SHOGUN 2
      Publisher  . . . . : The Creative Assembly Ltd
      Description  . . . : Total War: SHOGUN 2
      Version  . . . . . : 1.1.0.0
      RSA Key Size . . . : 2048
      LanguageID . . . . : 2057
      Authenticode . . . : Invalid
      Fuzzy  . . . . . . : 28.0
         Program is altered or corrupted since it was code signed by its author. This is typical for malware and pirated software.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=1e31a1de79a9f34380d75ebec5d196f2
# end=init
# utc_time=2015-11-11 01:16:25
# local_time=2015-11-11 02:16:25 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 26674
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=1e31a1de79a9f34380d75ebec5d196f2
# end=updated
# utc_time=2015-11-11 01:18:25
# local_time=2015-11-11 02:18:25 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=1e31a1de79a9f34380d75ebec5d196f2
# engine=26674
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-11-11 02:26:43
# local_time=2015-11-11 03:26:43 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 11596 10726015 0 0
# scanned=342301
# found=1
# cleaned=0
# scan_time=4098
sh=6D8DEB6A0C5052D5C2DE108B4DD18103F8561432 ft=1 fh=d429baf8742ea515 vn="Win32/Somoto.B evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Tower\AppData\Local\Microsoft\Windows\INetCache\IE\V7KE23AR\BiTool[1].dll"

M-K-D-B · 11.11.2015, 16:06

Servus,

Downloade dir bitte Shortcut Cleaner (by Grinler) auf deinen Desktop.

Starte die sc-cleaner.exe mit einem Doppelclick.
Bestätige die Meldung Shortcut Cleaner Finished am Ende des Suchlaufs mit Ok.
Eine Logdatei wird sich öffnen (sc-cleaner.txt).
Poste den Inhalt mit deiner nächsten Antwort.

Gib mir Bescheid, ob sich danach immer noch Tabs mit "akamaihd" öffnen.

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und vor Shortcut.txt drücke auf Untersuchen.
FRST erstellt drei Logdateien (FRST.txt, Addition.txt und Shortcut.txt).
Poste mir alle drei Logdateien mit deiner nächsten Antwort.

Redgrieve · 11.11.2015, 17:57

Code:

ATTFilter

Shortcut Cleaner 1.3.8 by Lawrence Abrams (Grinler)
hxxp://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
 hxxp://www.bleepingcomputer.com/download/shortcut-cleaner/

Windows Version: Windows 10 Home 
Program started at: 11/11/2015 05:53:29 PM.

Scanning for registry hijacks:

 * No issues found in the Registry.

Searching for Hijacked Shortcuts:

Searching C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\

Searching C:\ProgramData\Microsoft\Windows\Start Menu\

Searching C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\

Searching C:\Users\Public\Desktop\

Searching C:\Users\Tower\Desktop\

Searching C:\Users\Public\Desktop\


0 bad shortcuts found.

Program finished at: 11/11/2015 05:53:30 PM
Execution time: 0 hours(s), 0 minute(s), and 0 seconds(s)

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-11-2015
durchgeführt von Tower (Administrator) auf TOWER-PC (11-11-2015 17:54:41)
Gestartet von C:\Users\Tower\Desktop
Geladene Profile: Tower (Verfügbare Profile: Tower)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\System32\PnkBstrA.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(NetEase) C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe
(NetEase) C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe
(NetEase) C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avcenter.exe
() C:\Users\Tower\Desktop\ZHPCleaner.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) D:\Programme\Steam\Steam.exe
(Valve Corporation) D:\Programme\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) D:\Programme\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\ipmgui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) D:\Programme\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-07-22] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2303152 2015-07-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [218656 2015-09-01] (Geek Software GmbH)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-10-26] (LogMeIn Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782520 2015-10-05] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\Run: [cloudmusic] => C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe [356720 2015-08-20] (NetEase)
HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3638256 2015-10-27] (Electronic Arts)
HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3129560 2014-02-24] (Disc Soft Ltd)
HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\MountPoints2: {b3db381f-6cef-11e5-8288-1c872c435803} - "H:\setup.exe" 
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{19d1f25f-d8ef-4596-925b-0d54695feb79}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{248c2f9a-a959-44e0-89c4-fb5feece3233}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.asus.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-10-10] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-10-10] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-10-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-10-10] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-07-23] (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-07-23] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2297507985-1758812650-2133870427-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tower\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Extension: Avira Browser Safety - C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default\Extensions\abs@avira.com [2015-11-02] [ist nicht signiert]
FF Extension: Avira SafeSearch Plus - C:\Users\Tower\AppData\Roaming\Mozilla\Firefox\Profiles\8u3oaoxn.default\Extensions\safesearchplus@avira.com [2015-11-02] [ist nicht signiert]

Chrome: 
=======
CHR DefaultSearchURL: Profile 1 -> hxxps://safesearch.avira.com/#web/result?source=omnibar&q={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> Avira
CHR DefaultSuggestURL: Profile 1 -> hxxps://safesearch.avira.com/suggestions?q={searchTerms}&li=ff&hl=en
CHR Profile: C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Default
CHR Profile: C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Drive) - C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-11]
CHR Extension: (Adblock Plus) - C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Tower\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-04]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [680112 2015-07-22] (Adobe Systems Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [932912 2015-10-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-10-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-10-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1147720 2015-10-05] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [243968 2015-10-14] (Avira Operations GmbH & Co. KG)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-10-26] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2099208 2015-10-27] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2015-08-29] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2015-08-29] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
S3 athur; C:\Windows\System32\drivers\athuwbx.sys [2702336 2013-11-20] (Qualcomm Atheros Communications, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-10-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-10-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-10-05] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-10-05] (Avira Operations GmbH & Co. KG)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-10-07] (Disc Soft Ltd)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2015-08-25] (Disc Soft Ltd)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] ()
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-11 17:53 - 2015-11-11 17:53 - 00463688 _____ (Bleeping Computer, LLC) C:\Users\Tower\Downloads\sc-cleaner.exe
2015-11-11 17:53 - 2015-11-11 17:53 - 00001832 _____ C:\Users\Tower\Desktop\sc-cleaner.txt
2015-11-11 17:48 - 2015-11-11 17:48 - 00016148 _____ C:\WINDOWS\system32\TOWER-PC_Tower_HistoryPrediction.bin
2015-11-11 14:16 - 2015-11-11 14:16 - 00000000 ____D C:\Program Files (x86)\ESET
2015-11-11 14:15 - 2015-11-11 14:16 - 02870984 _____ (ESET) C:\Users\Tower\Downloads\esetsmartinstaller_deu.exe
2015-11-11 14:14 - 2015-11-11 14:14 - 00011014 _____ C:\Users\Tower\Desktop\HitmanPro_20151111_1414.log
2015-11-11 14:12 - 2015-11-11 14:14 - 00000000 ____D C:\ProgramData\HitmanPro
2015-11-11 14:10 - 2015-11-11 14:12 - 11337112 _____ (SurfRight B.V.) C:\Users\Tower\Desktop\HitmanPro_x64.exe
2015-11-11 14:04 - 2015-11-11 14:08 - 00000000 ____D C:\Users\Tower\AppData\Roaming\ZHP
2015-11-11 14:04 - 2015-11-11 14:05 - 00000913 _____ C:\Users\Tower\Desktop\ZHPCleaner.lnk
2015-11-11 14:03 - 2015-11-11 14:04 - 01875968 _____ C:\Users\Tower\Desktop\ZHPCleaner.exe
2015-11-11 13:51 - 2015-11-11 13:53 - 01712128 _____ C:\Users\Tower\Desktop\adwcleaner_5.019.exe
2015-11-11 13:15 - 2015-11-05 06:13 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-11 13:15 - 2015-11-05 06:06 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-11 13:15 - 2015-11-05 05:24 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-11 13:15 - 2015-11-05 05:20 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-11-11 13:15 - 2015-11-05 05:18 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-11 13:15 - 2015-11-05 05:18 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-11-11 13:15 - 2015-11-05 05:10 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-11-11 13:15 - 2015-11-05 05:03 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-11-11 13:15 - 2015-11-05 04:59 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-11-11 13:15 - 2015-11-05 04:58 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-11-11 13:15 - 2015-11-05 04:56 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-11-11 13:15 - 2015-11-05 04:42 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-11-11 13:15 - 2015-11-05 04:35 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-11-11 13:15 - 2015-11-05 04:35 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-11-11 13:15 - 2015-11-05 04:27 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-11-11 13:14 - 2015-11-05 06:15 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-11 13:14 - 2015-11-05 06:15 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-11-11 13:14 - 2015-11-05 06:14 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-11-11 13:14 - 2015-11-05 06:11 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-11-11 13:14 - 2015-11-05 06:06 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-11-11 13:14 - 2015-11-05 06:01 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-11-11 13:14 - 2015-11-05 05:56 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-11-11 13:14 - 2015-11-05 05:56 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-11 13:14 - 2015-11-05 05:56 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-11-11 13:14 - 2015-11-05 05:30 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-11-11 13:14 - 2015-11-05 05:23 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-11-11 13:14 - 2015-11-05 05:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-11-11 13:14 - 2015-11-05 05:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-11-11 13:14 - 2015-11-05 05:17 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-11-11 13:14 - 2015-11-05 05:12 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2015-11-11 13:14 - 2015-11-05 05:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-11-11 13:14 - 2015-11-05 05:10 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-11 13:14 - 2015-11-05 05:07 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-11-11 13:14 - 2015-11-05 05:06 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-11-11 13:14 - 2015-11-05 05:05 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-11 13:14 - 2015-11-05 05:05 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-11 13:14 - 2015-11-05 05:03 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-11-11 13:14 - 2015-11-05 05:01 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-11 13:14 - 2015-11-05 05:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-11-11 13:14 - 2015-11-05 05:01 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-11-11 13:14 - 2015-11-05 04:59 - 03587072 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-11-11 13:14 - 2015-11-05 04:58 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-11-11 13:14 - 2015-11-05 04:55 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-11-11 13:14 - 2015-11-05 04:54 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-11-11 13:14 - 2015-11-05 04:47 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-11 13:14 - 2015-11-05 04:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-11-11 13:14 - 2015-11-05 04:34 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-11-11 13:14 - 2015-11-05 04:33 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-11 13:14 - 2015-11-05 04:33 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-11 13:14 - 2015-11-05 04:30 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-11 13:14 - 2015-11-05 04:28 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-11 13:14 - 2015-11-05 04:27 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-11-11 13:14 - 2015-11-05 04:23 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-11-10 15:48 - 2015-11-10 15:48 - 10919784 _____ C:\WINDOWS\SysWOW64\LogiDPP.dll
2015-11-10 15:48 - 2015-11-10 15:48 - 10919784 _____ C:\WINDOWS\system32\LogiDPP.dll
2015-11-10 15:48 - 2015-11-10 15:48 - 04758176 _____ (Logitech Inc.) C:\WINDOWS\system32\Drivers\lvuvc64.sys
2015-11-10 15:48 - 2015-11-10 15:48 - 00768288 _____ (Logitech Inc.) C:\WINDOWS\system32\LVUI64.dll
2015-11-10 15:48 - 2015-11-10 15:48 - 00560416 _____ (Logitech Inc.) C:\WINDOWS\system32\LVUIRC64.dll
2015-11-10 15:48 - 2015-11-10 15:48 - 00542568 _____ (Logitech Inc.) C:\WINDOWS\SysWOW64\LVUI2.dll
2015-11-10 15:48 - 2015-11-10 15:48 - 00538472 _____ (Logitech Inc.) C:\WINDOWS\SysWOW64\LVUI2RC.dll
2015-11-10 15:48 - 2015-11-10 15:48 - 00351520 _____ (Logitech Inc.) C:\WINDOWS\system32\Drivers\lvrs64.sys
2015-11-10 15:48 - 2015-11-10 15:48 - 00336232 _____ C:\WINDOWS\SysWOW64\DevManagerCore.dll
2015-11-10 15:48 - 2015-11-10 15:48 - 00336232 _____ C:\WINDOWS\system32\DevManagerCore.dll
2015-11-10 15:48 - 2015-11-10 15:48 - 00305000 _____ (Logitech Inc.) C:\WINDOWS\SysWOW64\lvcodec2.dll
2015-11-10 15:48 - 2015-11-10 15:48 - 00266828 _____ C:\WINDOWS\system32\Drivers\LVAFT.cfg
2015-11-10 15:48 - 2015-11-10 15:48 - 00262432 _____ (Logitech Inc.) C:\WINDOWS\system32\lvco1380853.dll
2015-11-10 15:48 - 2015-11-10 15:48 - 00175392 _____ (Logitech Inc.) C:\WINDOWS\system32\lvcod64.dll
2015-11-10 15:48 - 2015-11-10 15:48 - 00103272 _____ C:\WINDOWS\SysWOW64\LogiDPPApp.exe
2015-11-10 15:48 - 2015-11-10 15:48 - 00103272 _____ C:\WINDOWS\system32\LogiDPPApp.exe
2015-11-10 15:48 - 2015-11-10 15:48 - 00040398 _____ C:\WINDOWS\system32\Repository.reg
2015-11-10 15:48 - 2015-11-10 15:48 - 00029494 _____ C:\WINDOWS\system32\lvcoin64.ini
2015-11-10 15:48 - 2015-11-10 15:48 - 00006943 _____ C:\WINDOWS\system32\lvcoinst.log
2015-11-10 15:48 - 2015-11-10 15:48 - 00000000 ____D C:\Program Files\Common Files\logishrd
2015-11-08 22:47 - 2015-11-08 22:47 - 00000000 ____D C:\Users\Tower\AppData\Roaming\aacs
2015-11-08 22:13 - 2015-11-08 22:13 - 00000000 ____D C:\Users\Tower\AppData\Roaming\dvdcss
2015-11-08 22:12 - 2015-11-08 22:13 - 00000000 ____D C:\Users\Tower\AppData\Local\Cyberlink
2015-11-08 22:04 - 2015-11-08 22:12 - 00000000 ____D C:\Users\Tower\Documents\CyberLink
2015-11-08 22:04 - 2015-11-08 22:04 - 00000000 ____D C:\Users\Tower\AppData\Roaming\CyberLink
2015-11-08 22:03 - 2015-11-08 22:48 - 00000000 ____D C:\ProgramData\CyberLink
2015-11-07 02:45 - 2015-11-07 02:45 - 00001123 _____ C:\Users\Tower\Desktop\Dasposten.txt
2015-11-07 02:02 - 2015-11-07 02:02 - 00001123 _____ C:\Users\Tower\Desktop\Search.txt
2015-11-07 02:01 - 2015-11-07 02:01 - 00000000 ____D C:\Users\Tower\Desktop\FRST-OlderVersion
2015-11-07 00:18 - 2015-11-07 00:18 - 00000000 ____D C:\Users\Tower\AppData\Local\NetworkTiles
2015-11-07 00:12 - 2013-11-20 12:43 - 02702336 _____ (Qualcomm Atheros Communications, Inc.) C:\WINDOWS\system32\Drivers\athuwbx.sys
2015-11-07 00:11 - 2015-11-07 00:08 - 07368965 _____ C:\Users\Tower\Desktop\TL-WN721N_V1_140915.zip
2015-11-04 14:31 - 2015-11-04 14:31 - 00032719 _____ C:\Users\Tower\Desktop\zoek-results.txt
2015-11-04 14:30 - 2015-11-04 14:29 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-11-04 14:29 - 2015-11-04 14:31 - 00032719 _____ C:\zoek-results.log
2015-11-04 14:29 - 2015-11-04 14:29 - 00000000 ____D C:\zoek_backup
2015-11-04 14:28 - 2015-11-04 14:29 - 01309184 _____ C:\Users\Tower\Desktop\zoek.exe
2015-11-04 14:27 - 2015-11-04 14:27 - 00001286 _____ C:\Users\Tower\Desktop\JRT2.txt
2015-11-04 14:26 - 2015-11-04 14:26 - 00001286 _____ C:\Users\Tower\Desktop\JRT.txt
2015-11-04 14:23 - 2015-11-04 14:23 - 01798976 _____ (Malwarebytes) C:\Users\Tower\Desktop\JRT.exe
2015-11-04 14:21 - 2015-11-04 14:21 - 00001205 _____ C:\Users\Tower\Desktop\Malware bytes2.txt
2015-11-04 14:15 - 2015-11-04 14:15 - 22908888 _____ (Malwarebytes ) C:\Users\Tower\Downloads\mbam-setup-2.2.0.1024.exe
2015-11-04 14:15 - 2015-11-04 14:15 - 00003121 _____ C:\Users\Tower\Desktop\AdwCleaner[C1].txt
2015-11-04 14:09 - 2015-11-11 13:53 - 00000000 ____D C:\AdwCleaner
2015-11-02 19:26 - 2015-11-02 19:27 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Tower\Desktop\tdsskiller.exe
2015-11-02 19:20 - 2015-11-11 17:54 - 00020691 _____ C:\Users\Tower\Desktop\FRST.txt
2015-11-02 19:20 - 2015-11-04 14:33 - 00051512 _____ C:\Users\Tower\Desktop\Addition.txt
2015-11-02 19:19 - 2015-11-11 17:54 - 00000000 ____D C:\FRST
2015-11-02 19:19 - 2015-11-02 19:19 - 00061499 _____ C:\Users\Tower\Downloads\FRST.txt
2015-11-02 19:19 - 2015-11-02 19:19 - 00058113 _____ C:\Users\Tower\Downloads\Addition.txt
2015-11-02 19:18 - 2015-11-07 02:01 - 02198528 _____ (Farbar) C:\Users\Tower\Desktop\FRST64.exe
2015-11-02 18:23 - 2015-11-02 18:23 - 00001356 _____ C:\Users\Tower\Desktop\malware bytes.txt
2015-11-02 15:24 - 2015-11-02 15:24 - 00000000 ____D C:\Users\Tower\AppData\Roaming\Avira
2015-11-02 15:22 - 2015-10-05 15:51 - 00148632 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-11-02 15:22 - 2015-10-05 15:51 - 00137800 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-11-02 15:22 - 2015-10-05 15:51 - 00074440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-11-02 15:22 - 2015-10-05 15:51 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2015-11-02 15:21 - 2015-11-02 15:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-11-02 15:21 - 2015-11-02 15:22 - 00000000 ____D C:\ProgramData\Avira
2015-11-02 15:21 - 2015-11-02 15:22 - 00000000 ____D C:\Program Files (x86)\Avira
2015-11-02 15:21 - 2015-11-02 15:21 - 00001287 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-11-02 15:20 - 2015-11-02 15:21 - 04577440 _____ (Avira Operations GmbH & Co. KG) C:\Users\Tower\Downloads\avira_de_av_563771342a8bc__ws.exe
2015-11-02 15:17 - 2015-11-02 15:17 - 00002336 _____ C:\Users\Tower\Desktop\Google Chrome.lnk
2015-11-02 14:05 - 2015-11-04 14:16 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-02 14:05 - 2015-11-02 14:05 - 00001175 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-11-02 14:05 - 2015-11-02 14:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-11-02 14:05 - 2015-11-02 14:05 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-02 14:05 - 2015-11-02 14:05 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-11-02 14:05 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-11-02 14:05 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-11-02 14:05 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-11-02 14:04 - 2015-11-02 14:04 - 22908888 _____ (Malwarebytes ) C:\Users\Tower\Downloads\mbam-setup-org-2.2.0.1024.exe
2015-11-01 18:36 - 2015-11-01 18:36 - 00000000 _____ C:\Users\Tower\Desktop\Neues Textdokument (2).txt
2015-11-01 17:27 - 2015-11-01 17:27 - 01088437 _____ (pendrivelinux.com) C:\Users\Tower\Downloads\Universal-USB-Installer-1.9.6.2.exe
2015-11-01 17:19 - 2015-11-01 17:20 - 06160320 _____ (LinuxLive USB Creator) C:\Users\Tower\Downloads\LinuxLive_USB_Creator_2.9.4.exe
2015-11-01 17:02 - 2015-11-01 17:04 - 1178386432 _____ C:\Users\Tower\Downloads\ubuntu-15.10-desktop-amd64.iso
2015-10-27 14:54 - 2015-10-27 14:54 - 00000000 ____D C:\Users\Public\Documents\BrFaxRx
2015-10-27 14:53 - 2015-10-27 14:58 - 00000009 _____ C:\WINDOWS\Brfaxrx.ini
2015-10-27 14:53 - 2015-10-27 14:58 - 00000000 ____D C:\Program Files (x86)\Brother
2015-10-27 14:53 - 2015-10-27 14:53 - 00000000 ____D C:\ProgramData\PCFaxTx
2015-10-27 14:53 - 2015-10-27 14:53 - 00000000 ____D C:\ProgramData\ControlCenter4
2015-10-27 14:53 - 2015-10-27 14:53 - 00000000 ____D C:\Program Files (x86)\ControlCenter4
2015-10-27 14:53 - 2015-10-27 14:53 - 00000000 ____D C:\Program Files (x86)\Browny02
2015-10-27 14:53 - 2013-01-10 13:56 - 00253952 ____N (brother) C:\WINDOWS\SysWOW64\NSSearch.dll
2015-10-27 14:53 - 2012-12-12 11:37 - 00318464 ____N (Brother Industries, Ltd.) C:\WINDOWS\system32\BrFaxTxAppRun64.dll
2015-10-27 14:53 - 2012-10-22 14:41 - 00002560 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2S.dll
2015-10-27 14:53 - 2010-09-29 17:07 - 00180224 ____N (Brother Industries, Ltd.) C:\WINDOWS\SysWOW64\BroSNMP.dll
2015-10-27 14:53 - 2010-03-15 19:45 - 00073728 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2.dll
2015-10-27 14:53 - 2007-12-13 22:16 - 00005632 ____N (Brother Industries Ltd.) C:\WINDOWS\SysWOW64\BrDctF2L.dll
2015-10-27 14:52 - 2015-10-27 14:52 - 00000000 ____D C:\Users\Tower\Downloads\install
2015-10-27 14:52 - 2015-10-27 14:52 - 00000000 ____D C:\Users\Tower\AppData\Roaming\InstallShield
2015-10-27 14:52 - 2015-10-27 14:52 - 00000000 ____D C:\ProgramData\InstallShield
2015-10-27 14:52 - 2015-10-27 14:52 - 00000000 ____D C:\ProgramData\Brother
2015-10-27 14:45 - 2015-10-27 14:52 - 151108968 _____ (A.I.SOFT,INC.) C:\Users\Tower\Downloads\MFC-J470DW-inst-A1-OCE.EXE
2015-10-27 14:33 - 2015-10-27 14:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-10-27 14:33 - 2015-10-27 14:33 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-10-25 20:35 - 2015-10-25 20:35 - 00001052 _____ C:\Users\Public\Desktop\Winamp.lnk
2015-10-25 20:35 - 2015-10-25 20:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2015-10-25 20:34 - 2015-10-25 22:38 - 00000000 ____D C:\Users\Tower\AppData\Roaming\Winamp
2015-10-25 20:34 - 2015-10-25 20:35 - 00000000 ____D C:\Program Files (x86)\Winamp
2015-10-25 20:34 - 2015-10-25 20:34 - 12855384 _____ (Nullsoft, Inc.) C:\Users\Tower\Downloads\winamp5666_full_de-de_b3516.exe
2015-10-25 20:34 - 2015-10-25 20:34 - 12855384 _____ (Nullsoft, Inc.) C:\Users\Tower\Downloads\winamp5666_full_de-de_b3516 (1).exe
2015-10-25 20:11 - 2015-10-25 20:37 - 00000000 ____D C:\Users\Tower\Desktop\Neuer Ordner
2015-10-24 13:43 - 2015-10-24 13:43 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2015-10-24 13:43 - 2015-10-24 13:43 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
2015-10-19 16:20 - 2015-10-25 16:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-16 10:01 - 2015-10-16 10:05 - 1671288950 _____ C:\Users\Tower\Downloads\jc3_trailer_kit.zip
2015-10-14 15:31 - 2015-10-10 08:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-14 15:31 - 2015-10-06 04:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-14 15:31 - 2015-10-06 03:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-14 15:31 - 2015-10-01 05:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-14 15:31 - 2015-10-01 05:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-14 15:31 - 2015-10-01 05:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-14 15:31 - 2015-10-01 05:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-14 15:31 - 2015-10-01 04:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-14 15:31 - 2015-09-25 05:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-14 15:31 - 2015-09-25 05:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-14 15:31 - 2015-09-25 04:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-14 15:31 - 2015-09-25 04:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-14 15:31 - 2015-09-25 04:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-14 15:31 - 2015-09-25 04:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-14 15:31 - 2015-09-25 04:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-14 15:31 - 2015-09-25 04:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-14 15:31 - 2015-09-25 04:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-14 15:31 - 2015-09-25 04:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-14 15:31 - 2015-09-25 04:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-14 15:31 - 2015-09-25 04:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-14 15:31 - 2015-09-25 04:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-14 15:31 - 2015-09-25 04:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-14 15:31 - 2015-09-25 04:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-14 15:31 - 2015-09-25 04:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-14 15:31 - 2015-09-25 04:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-14 15:31 - 2015-09-25 04:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-14 15:31 - 2015-09-25 03:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-14 15:31 - 2015-09-25 03:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-14 15:31 - 2015-09-25 03:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-14 15:31 - 2015-09-25 03:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-14 15:31 - 2015-09-25 03:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-14 15:31 - 2015-09-25 03:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-14 15:31 - 2015-09-25 03:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-14 15:31 - 2015-09-25 03:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-14 15:31 - 2015-09-25 03:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-14 15:31 - 2015-09-25 03:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-14 15:31 - 2015-09-25 03:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-14 15:31 - 2015-09-25 03:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-14 15:31 - 2015-09-25 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-14 15:31 - 2015-09-25 03:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-14 15:31 - 2015-09-25 03:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-14 15:31 - 2015-09-25 03:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-14 15:31 - 2015-09-25 03:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-14 15:31 - 2015-09-25 03:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-14 15:31 - 2015-09-25 03:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-14 15:31 - 2015-09-25 03:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-14 15:31 - 2015-09-25 03:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-14 15:31 - 2015-09-25 03:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-14 15:31 - 2015-09-25 03:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-13 15:30 - 2015-10-13 15:35 - 00000000 ____D C:\Users\Tower\Downloads\Dead.Island-RELOADED
2015-10-13 15:29 - 2015-10-13 15:29 - 00019890 _____ C:\Users\Tower\Downloads\Dead.Island.Game.of.The.Year.Edition.PC.+.DLCs.^^nosTEAM^^.torrent
2015-10-12 20:11 - 2015-10-12 20:11 - 00537000 _____ () C:\Users\Tower\Downloads\MW2 RepZ Setup.exe
2015-10-12 20:11 - 2015-10-12 20:11 - 00000000 ____D C:\Users\Tower\AppData\Local\Deployment
2015-10-12 20:11 - 2015-10-12 20:11 - 00000000 ____D C:\Users\Tower\AppData\Local\Apps\2.0

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-11 17:43 - 2015-07-10 13:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-11 17:38 - 2015-08-12 11:37 - 00000000 ____D C:\Users\Tower\Documents\The Witcher 3
2015-11-11 17:11 - 2015-08-12 10:56 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-11 17:01 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-11 14:22 - 2015-08-12 08:21 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-11 14:21 - 2015-08-12 08:21 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-11 14:06 - 2015-08-12 08:07 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B0ABBCD9-80EF-444C-B833-51C5C9291BB0}
2015-11-11 14:04 - 2015-08-12 11:27 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-11 14:04 - 2015-07-10 17:34 - 00771100 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-11 14:04 - 2015-07-10 17:34 - 00153964 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-11 14:01 - 2015-10-11 12:38 - 00000000 ____D C:\Users\Tower\AppData\Local\LogMeIn Hamachi
2015-11-11 14:01 - 2015-08-15 23:47 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-11-11 14:01 - 2015-08-15 17:34 - 00000000 ____D C:\ProgramData\Origin
2015-11-11 14:01 - 2015-08-12 21:04 - 00477184 ___SH C:\Users\Tower\Desktop\Thumbs.db
2015-11-11 14:01 - 2015-08-12 10:56 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-11 13:58 - 2015-08-12 11:20 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-11 13:58 - 2015-08-12 11:19 - 00194264 _____ C:\WINDOWS\PFRO.log
2015-11-11 13:58 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-11 13:58 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-11-11 13:57 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-11 13:56 - 2015-09-02 11:13 - 00000000 ____D C:\Users\Tower\AppData\LocalLow\Temp
2015-11-11 13:28 - 2015-08-15 23:44 - 00000000 ____D C:\Users\Tower\AppData\Local\Adobe
2015-11-11 13:19 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-10 22:01 - 2015-08-23 12:50 - 00000000 ____D C:\Users\Tower\AppData\Roaming\TS3Client
2015-11-10 19:33 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-10 15:48 - 2015-08-24 19:09 - 00013119 _____ C:\WINDOWS\setupact.log
2015-11-08 22:48 - 2015-08-12 11:33 - 00000000 ____D C:\Users\Tower\AppData\Roaming\vlc
2015-11-08 22:01 - 2015-08-12 11:21 - 00000000 ____D C:\Users\Tower
2015-11-07 00:39 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-11-03 19:20 - 2015-07-10 12:06 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-03 19:20 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-02 18:02 - 2015-10-08 00:16 - 00000000 ____D C:\Users\Tower\Desktop\PROPHET
2015-11-02 15:21 - 2015-08-12 13:07 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-01 16:55 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-11-01 16:39 - 2015-08-12 11:27 - 00002396 _____ C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-11-01 16:39 - 2015-08-12 08:35 - 00000000 ___RD C:\Users\Tower\OneDrive
2015-10-29 18:45 - 2015-08-12 10:03 - 00000000 ____D C:\Users\Tower\AppData\Local\Battle.net
2015-10-27 14:53 - 2015-08-24 15:27 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-10-27 14:36 - 2015-08-23 12:50 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-10-27 14:35 - 2015-08-16 19:31 - 00000000 ____D C:\Program Files (x86)\Origin
2015-10-27 14:33 - 2015-10-11 12:37 - 00000995 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-10-25 16:49 - 2015-08-15 19:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-24 02:41 - 2015-08-12 11:37 - 00284825 _____ C:\WINDOWS\DirectX.log
2015-10-24 02:20 - 2015-09-01 10:36 - 00000000 ____D C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-10-18 21:57 - 2015-08-12 11:37 - 00000000 ____D C:\Users\Tower\Documents\My Games
2015-10-16 11:44 - 2015-10-10 23:29 - 00000000 ____D C:\Users\Tower\Desktop\Timur Vernes - Er ist wieder da
2015-10-13 22:23 - 2015-10-07 19:21 - 00000000 ____D C:\Users\Tower\AppData\Roaming\uTorrent
2015-10-13 15:29 - 2015-10-07 19:23 - 00000000 ____D C:\Users\Tower\AppData\LocalLow\uTorrent

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-09-02 11:06 - 2015-05-12 17:11 - 0000034 _____ () C:\Users\Tower\AppData\Roaming\pdfdrawcodec.dll
2015-08-12 11:20 - 2015-08-12 11:20 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-08-24 20:19 - 2015-08-24 20:19 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt
2015-08-25 18:15 - 2015-08-25 18:15 - 0000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Einige Dateien in TEMP:
====================
C:\Users\Tower\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-08 22:34

==================== Ende von FRST.txt ============================

--- --- ---

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-11-2015
durchgeführt von Tower (2015-11-11 17:55:09)
Gestartet von C:\Users\Tower\Desktop
Windows 10 Home (X64) (2015-08-12 10:25:38)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2297507985-1758812650-2133870427-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2297507985-1758812650-2133870427-503 - Limited - Disabled)
Gast (S-1-5-21-2297507985-1758812650-2133870427-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2297507985-1758812650-2133870427-1007 - Limited - Enabled)
Tower (S-1-5-21-2297507985-1758812650-2133870427-1001 - Administrator - Enabled) => C:\Users\Tower

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.2.0.129 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0.1 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Hidden
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.5.2.34169 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
Call of Duty: Black Ops III Beta (HKLM-x32\...\Steam App 388520) (Version:  - Treyarch)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
CodeBlocks (HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version:  - Relic Entertainment)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.5.0.0388 - Disc Soft Ltd)
Divinity: Original Sin (HKLM-x32\...\Steam App 230230) (Version:  - Larian Studios)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.4.15952.12 - Electronic Arts)
Frozen Synapse (HKLM-x32\...\Steam App 98200) (Version:  - Mode 7)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HAWKEN (HKLM-x32\...\Steam App 271290) (Version:  - Reloaded Games)
HearthstoneTracker (HKLM-x32\...\HearthstoneTracker) (Version: 1.9.23.39449 - HearthstoneTracker.com)
Intel(R) Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel)
IrfanView 64 (remove only) (HKLM\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
Java 7 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417060FF}) (Version: 7.0.600 - Oracle)
L.A. Noire (HKLM-x32\...\Steam App 110800) (Version:  - Team Bondi)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.406 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.406 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM-x32\...\Steam App 287700) (Version:  - Konami Digital Entertainment)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
MusicBee 2.4 (HKLM-x32\...\MusicBee) (Version: 2.4 - Steven Mayall)
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.1 - Vitalwerks Internet Solutions LLC)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.1 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.82 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.82 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Ori and the Blind Forest (HKLM-x32\...\Steam App 261570) (Version:  - Moon Studios GmbH)
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PDF24 Creator 7.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFBearbeiten V2.3 (HKLM-x32\...\PDFBearbeiten_is1) (Version:  - hxxp://www.PDFBearbeiten.net)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Daybreak Games)
PlanetSide 2 (HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\DG0-PlanetSide 2) (Version:  - Sony Online Entertainment)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Rainbow Six Siege - Closed Beta (HKLM-x32\...\Uplay Install 1001) (Version:  - Ubisoft)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.1 - Rockstar Games)
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version:  - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version:  - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version:  - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version:  - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version:  - )
Samsung PC Studio 3 (x32 Version: 3.0.0.80601 - Samsung Electronics Co., Ltd.) Hidden
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Street Fighter V Beta (HKLM-x32\...\Steam App 386800) (Version:  - )
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH)
Teeworlds (HKLM-x32\...\Steam App 380840) (Version:  - Teeworlds Team)
This War of Mine (HKLM-x32\...\Steam App 282070) (Version:  - 11 bit studios)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts)
Total War - SHOGUN 2 (HKLM-x32\...\Total War - SHOGUN 2_is1) (Version:  - )
Trine 3: The Artifacts of Power (HKLM-x32\...\Steam App 319910) (Version:  - Frozenbyte)
Unity Web Player (HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 10.0 - Ubisoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{386F5740-091D-11E4-B13E-F04DA23A5C58}) (Version: 13.0.373 - Sony)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
网易云音乐 (HKLM-x32\...\网易云音乐) (Version: 1.9.1.103164 - 网易公司)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-002F69BBD7D7}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Tower\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Wiederherstellungspunkte =========================

27-10-2015 14:53:02 Installiert Brother Software Suite
04-11-2015 14:25:03 JRT Pre-Junkware Removal
11-11-2015 13:18:54 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2015-11-04 14:29 - 00000753 ____A C:\WINDOWS\system32\Drivers\etc\hosts

 
127.0.0.1       localhost 

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2D8ECE30-32ED-4F8E-9638-C64275D53012} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-11] (Microsoft Corporation)
Task: {4F887DC4-853A-414A-AFAF-CC003426D02C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {5CED3E29-586D-48D8-ACC7-2CE3021DD750} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {67E21DB9-3BDA-46A6-BF2A-21663854C9BD} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {6E80604B-F248-4ABE-BF50-35385DC0C639} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {75599DED-4069-4648-8CE1-607683C6A986} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-12] (Google Inc.)
Task: {EB12AB54-FC61-4830-9A96-A9971EFFEF12} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-12] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-08-12 12:18 - 2015-08-12 12:18 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-12 11:20 - 2015-08-25 16:57 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-19 11:24 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-08-12 11:20 - 2013-07-04 02:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-29 16:47 - 2015-08-29 16:47 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2015-10-02 09:24 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-07-22 00:02 - 2015-07-22 00:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2012-10-01 19:34 - 2012-10-01 19:34 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-04-15 21:13 - 2015-04-15 21:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-10-02 09:24 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-02 09:24 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-02 09:25 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-02 09:24 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-02 09:24 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-02 09:24 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 12:00 - 2015-07-10 17:45 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-08-12 11:33 - 2015-08-27 01:37 - 00708216 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2015-08-12 11:33 - 2015-08-27 01:37 - 00854136 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2015-07-22 00:02 - 2015-07-22 00:02 - 31535264 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2015-11-11 14:03 - 2015-11-11 14:04 - 01875968 _____ () C:\Users\Tower\Desktop\ZHPCleaner.exe
2015-10-23 10:12 - 2015-10-20 15:55 - 01908040 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libglesv2.dll
2015-10-23 10:12 - 2015-10-20 15:55 - 00093512 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libegl.dll
2015-08-12 11:20 - 2015-11-11 13:58 - 00038544 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2015-08-12 11:20 - 2013-07-04 02:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-08-12 11:33 - 2015-08-27 01:37 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-08-20 14:56 - 2015-08-20 14:56 - 00182128 _____ () C:\Program Files (x86)\Netease\CloudMusic\ExceptionHandler.dll
2015-08-20 14:56 - 2015-08-20 14:56 - 08699760 _____ () C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.dll
2015-08-20 14:56 - 2015-08-20 14:56 - 38797680 _____ () C:\Program Files (x86)\Netease\CloudMusic\libcef.dll
2015-08-20 14:56 - 2015-08-20 14:56 - 02561904 _____ () C:\Program Files (x86)\Netease\CloudMusic\ffmpegsumo.dll
2015-08-20 14:56 - 2015-08-20 14:56 - 00111984 _____ () C:\Program Files (x86)\Netease\CloudMusic\libFLAC++_dynamic.dll
2015-08-20 14:56 - 2015-08-20 14:56 - 00262000 _____ () C:\Program Files (x86)\Netease\CloudMusic\libFLAC_dynamic.dll
2015-08-20 14:56 - 2015-08-20 14:56 - 00877936 _____ () C:\Program Files (x86)\Netease\CloudMusic\libglesv2.dll
2015-08-20 14:56 - 2015-08-20 14:56 - 00135024 _____ () C:\Program Files (x86)\Netease\CloudMusic\libegl.dll
2015-08-16 19:31 - 2015-10-27 14:35 - 01016832 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2015-08-16 19:31 - 2015-10-27 14:35 - 00028160 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2015-08-16 19:31 - 2015-10-27 14:35 - 00029696 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2015-08-16 19:31 - 2015-10-27 14:35 - 00256000 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2015-08-16 19:31 - 2015-10-27 14:35 - 00266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2015-08-16 19:31 - 2015-10-27 14:35 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2015-08-16 19:31 - 2015-10-27 14:35 - 00346112 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2015-08-16 19:31 - 2015-10-27 14:35 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2015-07-22 14:32 - 2015-07-22 14:32 - 36732592 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2015-09-02 11:03 - 2015-09-01 13:28 - 00074272 _____ () C:\Program Files (x86)\PDF24\zlib.dll
2015-09-02 11:03 - 2015-09-01 13:28 - 00051744 _____ () C:\Program Files (x86)\PDF24\OperationUI.dll
2015-07-28 16:11 - 2015-10-05 17:18 - 00778752 _____ () D:\Programme\Steam\SDL2.dll
2015-07-28 16:11 - 2015-07-03 17:12 - 04962816 _____ () D:\Programme\Steam\v8.dll
2015-07-28 16:11 - 2015-11-10 03:44 - 02541648 _____ () D:\Programme\Steam\video.dll
2015-07-28 16:11 - 2015-09-24 01:33 - 02549248 _____ () D:\Programme\Steam\libavcodec-56.dll
2015-07-28 16:11 - 2015-09-24 01:33 - 00491008 _____ () D:\Programme\Steam\libavformat-56.dll
2015-07-28 16:11 - 2015-09-24 01:33 - 00332800 _____ () D:\Programme\Steam\libavresample-2.dll
2015-07-28 16:11 - 2015-09-24 01:33 - 00442880 _____ () D:\Programme\Steam\libavutil-54.dll
2015-07-28 16:11 - 2015-09-24 01:33 - 00485888 _____ () D:\Programme\Steam\libswscale-3.dll
2015-07-28 16:11 - 2015-07-03 17:12 - 01556992 _____ () D:\Programme\Steam\icui18n.dll
2015-07-28 16:11 - 2015-07-03 17:12 - 01187840 _____ () D:\Programme\Steam\icuuc.dll
2015-07-28 16:11 - 2015-11-10 03:44 - 00806992 _____ () D:\Programme\Steam\bin\chromehtml.DLL
2015-07-28 16:11 - 2015-11-03 23:00 - 00201728 _____ () D:\Programme\Steam\bin\openvr_api.dll
2015-07-28 16:11 - 2015-10-08 23:20 - 45010208 _____ () D:\Programme\Steam\bin\libcef.dll
2015-07-28 16:11 - 2015-09-25 00:56 - 00119208 _____ () D:\Programme\Steam\winh264.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\battelog.com -> hxxps://www.battelog.com
IE trusted site: HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\...\battlefield.com -> hxxps://www.battlefield.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2297507985-1758812650-2133870427-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tower\Desktop\The-Witcher-3-Wild-Hunt-Sword-of-Destiny-Ultra-HD-Wallpaper-4k.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{215677AC-B348-41EA-8E64-054E930B0D2E}D:\games\hearthstone\hearthstone.exe] => (Allow) D:\games\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{1F6834EA-E9EA-4661-81F6-1DBA87896036}D:\games\hearthstone\hearthstone.exe] => (Allow) D:\games\hearthstone\hearthstone.exe
FirewallRules: [{62560D05-0E68-4C92-8652-79E97FA5A63E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{152FB88E-325F-4319-8919-F423068C7B85}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3AF06DFB-CD6B-47AE-BC97-F335B05AD05C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{50226629-B020-46F4-B85B-48DA999A836D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{6DB57B98-E4FF-4D63-8E1A-DFCF8778B300}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{1BAAB5C5-A4F0-46EA-9A01-B592694C097B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{81B8C514-5E12-4762-A840-45A704554C69}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{07E84485-22C8-4A03-8DAF-AEB4A883022D}] => (Allow) D:\Programme\Steam\Steam.exe
FirewallRules: [{2BCFA7B4-2341-4A3E-BBDE-5F92021931C4}] => (Allow) D:\Programme\Steam\Steam.exe
FirewallRules: [{E54E2D6D-D675-4FD8-8BCE-9048E6EB69F9}] => (Allow) D:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{D086F43C-5864-443D-A8C3-82AFED5D6D23}] => (Allow) D:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{69CE53C6-AFAD-4DD5-8D8F-4AAABDE7F94B}] => (Allow) D:\Games\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{67C8F4E3-E03D-4996-B96B-33679096207D}] => (Allow) D:\Games\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{109084FB-B8E6-4541-BEA6-2AD5E43D7A23}] => (Allow) D:\Games\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{F0CF891D-4E94-48CC-8A13-96209E98B07C}] => (Allow) D:\Games\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [TCP Query User{57195384-9343-43DF-86A7-C0D472413BEE}D:\program files (x86)\world of tanks\wotlauncher.exe] => (Allow) D:\program files (x86)\world of tanks\wotlauncher.exe
FirewallRules: [UDP Query User{D07FCF13-8259-44C3-BEBA-338032B3437A}D:\program files (x86)\world of tanks\wotlauncher.exe] => (Allow) D:\program files (x86)\world of tanks\wotlauncher.exe
FirewallRules: [TCP Query User{266EF9D3-30FE-48F1-AA40-5A93B0F45D03}D:\program files (x86)\world of tanks\worldoftanks.exe] => (Allow) D:\program files (x86)\world of tanks\worldoftanks.exe
FirewallRules: [UDP Query User{F9B2AA14-CEBC-4632-8098-F8D72C99C64E}D:\program files (x86)\world of tanks\worldoftanks.exe] => (Allow) D:\program files (x86)\world of tanks\worldoftanks.exe
FirewallRules: [{8A1A20A6-D30D-4B13-BF3A-AE0E28414132}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7BD0F7F3-49AF-413C-A5FF-AE034AA607CC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A8FC48FC-BA07-43E4-B6D9-708C56BEA990}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC 2015\Photoshop.exe
FirewallRules: [{72849705-37C9-4060-BDC9-CEE33E0939EA}] => (Allow) D:\Games\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{2CA8930D-7020-429F-8F42-B43D15FF844D}] => (Allow) D:\Games\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{A6CD5491-F9FF-4298-9BE5-26FCB05D13B2}] => (Allow) D:\Games\steamapps\common\Divinity - Original Sin\Shipping\EoCApp.exe
FirewallRules: [{7CA4CB26-0B8C-4810-9F5B-AA241CD5D79D}] => (Allow) D:\Games\steamapps\common\Divinity - Original Sin\Shipping\EoCApp.exe
FirewallRules: [{BDF14615-009D-4596-8AC5-D8718DC8C429}] => (Allow) D:\Games\steamapps\common\Frozen Synapse\FrozenSynapse.exe
FirewallRules: [{4363C883-4DB8-4C3A-90AB-F10D722B4913}] => (Allow) D:\Games\steamapps\common\Frozen Synapse\FrozenSynapse.exe
FirewallRules: [{4B7E6B4F-0E0D-41A7-A4A9-4E21DD738937}] => (Allow) D:\Games\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{3968E51C-72D4-4BA0-99F3-5B992E890E6F}] => (Allow) D:\Games\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{076ED1FB-1271-4BCC-AF26-9B8154292883}] => (Allow) D:\Games\steamapps\common\Ori\ori.exe
FirewallRules: [{91271E76-35CC-4814-9E5B-A88FE15CD32E}] => (Allow) D:\Games\steamapps\common\Ori\ori.exe
FirewallRules: [{0BEC11EB-9A5C-4222-8BAF-B18AD7AFEBDB}] => (Allow) D:\Games\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{6CDE77F7-6DD8-4E7F-BA75-43D12A92354A}] => (Allow) D:\Games\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{EFBFE8C1-F7B0-449C-986F-0DD016DEAE27}] => (Allow) D:\Games\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{B828E6C0-070A-43E5-9939-A09D3E334CF0}] => (Allow) D:\Games\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{4BDA12D5-7BC9-40BB-A8DC-7B56F67E904E}] => (Allow) D:\Games\steamapps\common\Trine 3\trine3_launcher.exe
FirewallRules: [{4C27179C-E104-4C58-A315-3E9E5DAB6A53}] => (Allow) D:\Games\steamapps\common\Trine 3\trine3_launcher.exe
FirewallRules: [TCP Query User{4244FD84-9DE8-4C07-BB86-8EC1C5F24F45}D:\games\steamapps\common\trine 3\trine3_64bit.exe] => (Allow) D:\games\steamapps\common\trine 3\trine3_64bit.exe
FirewallRules: [UDP Query User{52497E54-E682-4AB3-883F-849F47B23A79}D:\games\steamapps\common\trine 3\trine3_64bit.exe] => (Allow) D:\games\steamapps\common\trine 3\trine3_64bit.exe
FirewallRules: [{61E3AB01-64CA-4EDB-8D42-8B0C46D1FAFB}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{3B7D9F2D-8B89-4774-8268-B52CB11C0CAB}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{02811CCC-14CA-46BA-BDD9-B19EB613CD01}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{CD7F6DA3-5642-4F69-90FD-1FCD177A8442}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{88A0DF53-007A-4168-816C-A042A5F586D1}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{95F1CA0C-6ABE-44BB-9451-813E34D976F9}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{97EF4662-8C20-4E72-8197-E9ABAF052C0A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{974261BA-2D19-402F-A90A-CCF0B9337250}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{37DB4CEE-58C9-42D4-B35C-1662D82C8D7A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{50782609-FE39-4BCD-8E3F-55EFD7AF549C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{68D279F5-6EE3-4A4D-A535-A2AE4E25B293}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{FBE9AF85-E0EC-42D9-88BB-1D5DA3F27F63}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{6145B0F5-5E48-4B99-971F-C01E517CB48B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{158BC71F-C0F4-462B-BBE5-A4D2391136B1}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2C35DD76-FABF-49B3-86C4-B0A7A4C2F37D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{AE010B00-8F61-46F5-A274-E8C3420493E0}] => (Allow) C:\BF4\Battlefield 4\bf4_x86.exe
FirewallRules: [{AFF40177-E21C-4A4D-B553-6F9BA118AEF3}] => (Allow) C:\BF4\Battlefield 4\bf4_x86.exe
FirewallRules: [{4CB0CE31-0DFD-459C-889D-CFFA11AE0249}] => (Allow) C:\BF4\Battlefield 4\bf4.exe
FirewallRules: [{EEB4A72A-456C-4E4A-A348-7C3AA2B01398}] => (Allow) C:\BF4\Battlefield 4\bf4.exe
FirewallRules: [{436743DC-1772-4708-A4EB-E0FE3A60F26A}] => (Allow) D:\Games\steamapps\common\Call of Duty Black Ops III Beta\BlackOps3.exe
FirewallRules: [{B45BAA1D-E649-4516-9537-F76D4C00702F}] => (Allow) D:\Games\steamapps\common\Call of Duty Black Ops III Beta\BlackOps3.exe
FirewallRules: [{D21675F9-5B8D-475E-B6A1-2480E104FCAF}] => (Allow) D:\Games\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{370A9F65-F427-4B89-85B5-D5F0214D7A38}] => (Allow) D:\Games\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{28EA1612-19AF-4EEE-B3BA-954692851E6A}] => (Allow) C:\BF4\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{DF08077B-32BC-4009-849C-80955750613D}] => (Allow) C:\BF4\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{BB601256-8945-4C90-874A-27CD3C44788B}] => (Allow) C:\BF4\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{A8057CA9-268D-43FB-B024-8A22AB8790BE}] => (Allow) C:\BF4\Battlefield 4\BF4WebHelper.exe
FirewallRules: [TCP Query User{3040D893-5F64-4BEE-9CE2-DF68577547C6}C:\bf4\fifa 16\fifa16.exe] => (Allow) C:\bf4\fifa 16\fifa16.exe
FirewallRules: [UDP Query User{4138D23D-0C9F-4CC6-880B-171C209D1102}C:\bf4\fifa 16\fifa16.exe] => (Allow) C:\bf4\fifa 16\fifa16.exe
FirewallRules: [{A3FD0448-4283-468A-99C2-68309D9AD031}] => (Allow) D:\Program Files (x86)\Ubisoft Game Launcher\games\Rainbow Six Siege - Closed Beta\RainbowSix.exe
FirewallRules: [{5DD752B2-2E87-48D0-BBDC-00093E989646}] => (Allow) D:\Program Files (x86)\Ubisoft Game Launcher\games\Rainbow Six Siege - Closed Beta\RainbowSix.exe
FirewallRules: [{2C2CCE4E-A1EA-4CF0-83B5-E196E55E9BC1}] => (Allow) D:\Games\steamapps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{1EF74477-6E6F-4D71-8D24-3EFDF165A04C}] => (Allow) D:\Games\steamapps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{D78CA598-FA88-49BB-A7CD-97E5BC89F748}] => (Allow) D:\Games\steamapps\common\Hawken\Binaries\Win32\HawkenGame-Win32-Shipping.exe
FirewallRules: [{C243C51F-F277-47A0-8A62-064B4647E3C9}] => (Allow) D:\Games\steamapps\common\Hawken\Binaries\Win32\HawkenGame-Win32-Shipping.exe
FirewallRules: [{C17B1139-63C2-4D41-85C2-DE2050AB6FA1}] => (Allow) C:\BF4\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{D8882855-F8DF-4F53-BD02-ADC4FCDDD921}] => (Allow) C:\BF4\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [TCP Query User{F8CE605B-91E5-464C-88F2-4A3DAF6A8B24}D:\games\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) D:\games\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [UDP Query User{4A3496E0-53BC-4D42-A622-66CCEBA7F70E}D:\games\steamapps\common\planetside 2\planetside2_x64.exe] => (Allow) D:\games\steamapps\common\planetside 2\planetside2_x64.exe
FirewallRules: [{96064DD7-CE03-4F0D-B338-2D8D1E52FBB9}] => (Allow) D:\Games\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{EF9EE171-C2EC-403D-A593-862522BB4E83}] => (Allow) D:\Games\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [TCP Query User{3161F613-58BA-490A-BF32-BB378B669BC6}C:\users\tower\downloads\lib\[www.mpc-g.com]rcktlg105\binaries\win32\rocketleague.exe] => (Allow) C:\users\tower\downloads\lib\[www.mpc-g.com]rcktlg105\binaries\win32\rocketleague.exe
FirewallRules: [UDP Query User{FAE1244A-5DB1-47E3-B4B4-E15817C68733}C:\users\tower\downloads\lib\[www.mpc-g.com]rcktlg105\binaries\win32\rocketleague.exe] => (Allow) C:\users\tower\downloads\lib\[www.mpc-g.com]rcktlg105\binaries\win32\rocketleague.exe
FirewallRules: [{6794FD39-FAD4-4CE1-BFF0-9110FE13801F}] => (Allow) C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4D402FFE-0A88-4204-9D26-F66313A82FBD}] => (Allow) C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{49414156-6D04-4ED4-843D-44E19C46866C}] => (Allow) C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8AD2136B-FD93-4F18-A945-D2E70D07B6E8}] => (Allow) C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7935BB68-7D2C-4E8A-B506-E95946F20444}] => (Allow) C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{19FD221F-0A03-43F3-8919-B3992E72175E}] => (Allow) C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{5F58A196-190C-486C-BFC3-DC39693AC853}D:\program files (x86)\total war - shogun 2\shogun2.exe] => (Allow) D:\program files (x86)\total war - shogun 2\shogun2.exe
FirewallRules: [UDP Query User{7D8AA4CC-F861-47F0-9842-317D204A9198}D:\program files (x86)\total war - shogun 2\shogun2.exe] => (Allow) D:\program files (x86)\total war - shogun 2\shogun2.exe
FirewallRules: [{640B579A-8F7C-40D3-86A5-25A0E53B9B96}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{51CD6A31-7EB4-49F4-BA82-2700A2428173}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe
FirewallRules: [{83277662-335B-4596-A8A1-185AC754DE67}] => (Allow) D:\Games\steamapps\common\Teeworlds\teeworlds.exe
FirewallRules: [{251D4361-3957-4E8A-8CCF-583405B6A0BA}] => (Allow) D:\Games\steamapps\common\Teeworlds\teeworlds.exe
FirewallRules: [{8EF908CA-3F7A-4C61-B3A3-E7BCD95F4AEF}] => (Allow) D:\Games\steamapps\common\L.A.Noire\LANLauncher.exe
FirewallRules: [{08C86DD2-F657-4DF3-BB92-2F40D37D1402}] => (Allow) D:\Games\steamapps\common\L.A.Noire\LANLauncher.exe
FirewallRules: [{B0777CE3-1F8E-4180-9C31-18C5F3B19A39}] => (Allow) D:\Games\Titanfall\Titanfall.exe
FirewallRules: [{0D19F0F3-324A-4D66-85B4-94F8CD4BA36F}] => (Allow) D:\Games\Titanfall\Titanfall.exe
FirewallRules: [TCP Query User{A90948F1-0257-4F3E-A2B0-24A88EF02EF9}D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{1C09ABD3-1321-4D90-8AA9-8E02EFBC285F}D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{346C6197-2990-41F2-A816-B2AC493AB97C}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{54CB7B40-80F0-4E83-AF83-696FA9E2E203}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{31981CE6-90D0-4002-8284-213407374F40}] => (Allow) D:\Games\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{360DD666-147F-465D-B92F-5EE5ABACFBD9}] => (Allow) D:\Games\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{615D134D-28D0-4ADE-AA26-9F09B503E8F8}D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe] => (Allow) D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe
FirewallRules: [UDP Query User{04594715-5C3D-4CA3-B4D4-9A6300CC718A}D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe] => (Allow) D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe
FirewallRules: [{998C1B58-163B-476D-AF20-0AC2110B2BDC}] => (Allow) D:\Games\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{FD6686CE-F6FE-4BD0-83F1-ECAB9B09A597}] => (Allow) D:\Games\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{72F906CB-AD23-4E4A-BF4D-D37FEFD163FF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E74C905D-ED71-45D6-BBD4-1579A84E6195}] => (Allow) D:\Games\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{9824A515-66D8-4007-B4AF-F4A54DC532B9}] => (Allow) D:\Games\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E60C9963-847C-4B88-B53C-4CAF9D696165}] => (Allow) D:\Games\steamapps\common\StreetFighterVBeta\StreetFighterVBeta.exe
FirewallRules: [{75FEF355-9E2C-4DCE-B3F0-61D8CF3DE1C5}] => (Allow) D:\Games\steamapps\common\StreetFighterVBeta\StreetFighterVBeta.exe
FirewallRules: [{DBE33EBB-49E7-4198-960A-BC4B7EA46CAB}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{09E3F538-B087-48B5-BAB4-45CCF1CAC801}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{E81C4C61-4ECD-412D-BDB9-F223447A610A}] => (Allow) D:\Games\steamapps\common\Super Street Fighter IV - Arcade Edition\SSFIV.exe
FirewallRules: [{F24956A8-4923-4429-9A31-7AD4C7BFFB10}] => (Allow) D:\Games\steamapps\common\Super Street Fighter IV - Arcade Edition\SSFIV.exe
FirewallRules: [{AEBD6FD7-156D-4F0E-9C9F-E01A8E5FE337}] => (Allow) D:\Games\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{85EFCEED-92F1-468D-A63B-4B9283AC50D7}] => (Allow) D:\Games\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.)
Description: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/11/2015 03:27:51 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

Error: (11/11/2015 02:16:23 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

Error: (11/11/2015 02:16:21 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

Error: (11/11/2015 02:16:18 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.

Error: (11/11/2015 02:05:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ZHPCleaner.exe, Version 2015.11.11.376 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1dc0

Startzeit: 01d11c8170b6aefe

Beendigungszeit: 4294967295

Anwendungspfad: C:\Users\Tower\Desktop\ZHPCleaner.exe

Berichts-ID: d33e7483-8874-11e5-82a9-1c872c435803

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (11/11/2015 01:58:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Tower-PC.local already in use; will try Tower-PC-2.local instead

Error: (11/11/2015 01:58:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 0; will deregister    4 Tower-PC.local. Addr 192.168.0.10

Error: (11/11/2015 01:58:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.10:5353   16 Tower-PC.local. AAAA 2A02:810D:29BF:ED58:0000:0000:0000:0002

Error: (11/11/2015 01:18:55 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (11/11/2015 01:08:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Tower-PC.local already in use; will try Tower-PC-2.local instead


Systemfehler:
=============
Error: (11/11/2015 03:07:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (11/11/2015 03:07:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (11/11/2015 02:59:22 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "BEKKI-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{248C2F9A-A959-44E0-89C4-FB5FEECE3233}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (11/11/2015 02:18:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (11/11/2015 02:18:23 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Tower\AppData\Local\Temp\ehdrv.sys

Error: (11/11/2015 02:18:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (11/11/2015 02:18:22 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Tower\AppData\Local\Temp\ehdrv.sys

Error: (11/11/2015 02:18:22 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Tower\AppData\Local\Temp\ehdrv.sys

Error: (11/11/2015 02:18:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (11/11/2015 02:17:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275


CodeIntegrity:
===================================
  Date: 2015-11-11 15:13:56.617
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-11 15:13:56.608
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-11 15:13:41.416
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-11 15:13:41.407
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-11 14:54:58.473
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-11 14:29:14.065
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-11 14:29:14.054
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-11 14:28:59.290
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-11 14:28:59.278
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-11 14:05:04.609
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Prozentuale Nutzung des RAM: 28%
Installierter physikalischer RAM: 16326.53 MB
Verfügbarer physikalischer RAM: 11607.41 MB
Summe virtueller Speicher: 18758.53 MB
Verfügbarer virtueller Speicher: 12073.67 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:232.1 GB) (Free:54.1 GB) NTFS
Drive d: (Games/Programme) (Fixed) (Total:1863.01 GB) (Free:1041.73 GB) NTFS
Drive e: (Daten) (Fixed) (Total:1863.01 GB) (Free:1860.36 GB) NTFS
Drive f: (GUARDIANS_OF_THE_GALAXY) (CDROM) (Total:43.6 GB) (Free:0 GB) UDF

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 1863 GB) (Disk ID: 12F312F3)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 82563300)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 1863 GB) (Disk ID: 117B117C)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Redgrieve · 11.11.2015, 17:58

Code:

ATTFilter

Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version:05-11-2015
durchgeführt von Tower (2015-11-11 17:55:41)
Gestartet von C:\Users\Tower\Desktop
Start-Modus: Normal

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)



Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\01 - File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\03 - Documents.lnk -> C:\Users\Tower\Documents ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\04 - Downloads.lnk -> C:\Users\Tower\Downloads ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\05 - Music.lnk -> C:\Users\Tower\Music ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\06 - Pictures.lnk -> C:\Users\Tower\Pictures ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\07 - Videos.lnk -> C:\Users\Tower\Videos ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\10 - UserProfile.lnk -> C:\Users\Tower ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.lnk -> C:\Program Files\Adobe\Adobe Photoshop CC 2015\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk -> C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Devices Flow.lnk -> C:\Windows\DevicesFlow\DevicesFlow.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk -> C:\Program Files\GIMP 2\bin\gimp-2.8.exe (Spencer Kimball, Peter Mattis and the GIMP Development Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk -> C:\Windows\MiracastView\MiracastView.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk -> C:\Windows\PrintDialog\PrintDialog.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\网易云音乐.lnk -> C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe (NetEase)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\网易云音乐\卸载网易云音乐.lnk -> C:\Program Files (x86)\Netease\CloudMusic\UnInstall.exe (网易公司)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\网易云音乐\网易云音乐.lnk -> C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe (NetEase)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Was ist neu.lnk -> C:\Program Files (x86)\Winamp\whatsnew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Winamp deinstallieren.lnk -> C:\Program Files (x86)\Winamp\UninstWA.exe (Nullsoft, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Winamp.lnk -> C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Titanfall\Kundendienst.lnk -> D:\Games\Titanfall\Support\EA Help\Kundendienst.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Titanfall\Titanfall Endbenutzer-Lizenzvertrag.lnk -> D:\Games\Titanfall\Support\eula\de_DE_eula.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Titanfall\Titanfall.lnk -> D:\Games\Titanfall\Titanfall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\TeamSpeak 3 Client.lnk -> C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe (TeamSpeak Systems GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client\Uninstall.lnk -> C:\Program Files\TeamSpeak 3 Client\Uninstall.exe (TeamSpeak Systems GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Vegas Pro 13.0\Vegas Pro 13.0 (64-bit).lnk -> C:\Program Files\Sony\Vegas Pro 13.0\vegas130.exe (Sony Creative Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Vegas Pro 13.0\Vegas Pro 13.0 Liesmich.lnk -> C:\Program Files\Sony\Vegas Pro 13.0\Readme\Vegas_readme_deu.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA\Total War - SHOGUN 2\Total War - SHOGUN 2 entfernen.lnk -> D:\Program Files (x86)\Total War - SHOGUN 2\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA\Total War - SHOGUN 2\Total War - SHOGUN 2.lnk -> D:\Program Files (x86)\Total War - SHOGUN 2\Shogun2.exe (The Creative Assembly Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung PC Studio 3\Multimedia Manager.lnk -> C:\Program Files (x86)\Samsung\Samsung PC Studio 3\Launcher.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung PC Studio 3\Multimedia Player.lnk -> C:\Program Files (x86)\Samsung\Samsung PC Studio 3\Multimedia player.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung PC Studio 3\Samsung PC Studio 3.lnk -> C:\Program Files (x86)\Samsung\Samsung PC Studio 3\Launcher.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Smart Switch PC\Smart Switch.lnk -> C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPC.exe (Samsung)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFBearbeiten\PDF Bearbeiten entfernen.lnk -> C:\Program Files (x86)\PDFBearbeiten\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFBearbeiten\PDF Bearbeiten.lnk -> C:\Program Files (x86)\PDFBearbeiten\splash.exe (hxxp://www.PDFBearbeiten.net)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24\PDF24 Creator.lnk -> C:\Program Files (x86)\PDF24\pdf24-Creator.exe (Geek Software GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24\PDF24 Fax.lnk -> C:\Program Files (x86)\PDF24\pdf24-Fax.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin Fehlermelder.lnk -> C:\Program Files (x86)\Origin\OriginER.exe (Electronic Arts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin\Origin.lnk -> C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\LaunchGFExperience.exe (NVIDIA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe (NVIDIA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++\Notepad++.lnk -> C:\Program Files (x86)\Notepad++\notepad++.exe (Don HO don.h@free.fr)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft.lnk -> D:\Games\Minecraft\MinecraftLauncher.exe (Mojang)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Access 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\accicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\xlicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Filler 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\inficon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Lync 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\lyncicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\joticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Outlook 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\outicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\pptico.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Publisher 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\pubs.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Send to OneNote 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\joticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\SkyDrive Pro 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\grv_icons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\wordicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Database Compare 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\dbcicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Lync Recording Manager.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\lyncicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Office 2013 Language Preferences.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\misc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Office 2013 Upload Center.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\msouc.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Spreadsheet Compare 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\sscicons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Telemetry Dashboard for Office 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\osmadminicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013 Tools\Telemetry Log for Office 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\osmclienticon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \Malwarebytes Anti-Malware entfernen.lnk -> C:\Program Files (x86)\ Malwarebytes Anti-Malware \unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \Malwarebytes Anti-Malware Notifications.lnk -> C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Malwarebytes)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware .lnk -> C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Malwarebytes)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware \Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\ Malwarebytes Anti-Malware \Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\LogMeIn Hamachi.lnk -> C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files\Java\jre7\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\Über iTunes.lnk -> C:\Program Files\iTunes\iTunes.Resources\de.lproj\About iTunes.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 16\FIFA 16 Endbenutzer-Lizenzvertrag.lnk -> C:\BF4\FIFA 16\Support\eula\de_DE_eula.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 16\FIFA 16.lnk -> C:\BF4\FIFA 16\fifa16.exe (Electronic Arts)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 16\Kundendienst.lnk -> C:\BF4\FIFA 16\Support\EA Help\Kundendienst.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 16\Readme.lnk -> C:\BF4\FIFA 16\Support\readme\readme.de.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro\DAEMON Tools Pro.lnk -> C:\Program Files (x86)\DAEMON Tools Pro\DTPro.exe (Disc Soft Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro\Image Editor.lnk -> C:\Program Files (x86)\DAEMON Tools Pro\DTImgEditor.exe (Disc Soft Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite\DAEMON Tools Lite.lnk -> C:\Program Files\DAEMON Tools Lite\DTLauncher.exe (Disc Soft Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks\CodeBlocks.lnk -> C:\Program Files (x86)\CodeBlocks\codeblocks.exe (Code::Blocks Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine 6.4 (32-bit).lnk -> C:\Program Files (x86)\Cheat Engine 6.4\cheatengine-i386.exe (Cheat Engine)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine 6.4 (64-bit).lnk -> C:\Program Files (x86)\Cheat Engine 6.4\cheatengine-x86_64.exe (Cheat Engine)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine 6.4.lnk -> C:\Program Files (x86)\Cheat Engine 6.4\Cheat Engine.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine help.lnk -> C:\Program Files (x86)\Cheat Engine 6.4\CheatEngine.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Cheat Engine tutorial.lnk -> C:\Program Files (x86)\Cheat Engine 6.4\Tutorial-i386.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Reset settings.lnk -> C:\Program Files (x86)\Cheat Engine 6.4\ceregreset.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Uninstall Cheat Engine.lnk -> C:\Program Files (x86)\Cheat Engine 6.4\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\Kernel stuff\Unload kernel module.lnk -> C:\Program Files (x86)\Cheat Engine 6.4\Kernelmoduleunloader.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4\Battlefield 4 Endbenutzer-Lizenzvertrag.lnk -> C:\BF4\Battlefield 4\Support\eula\de_DE_eula.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4\Battlefield 4(64 bit).lnk -> C:\BF4\Battlefield 4\BF4WebHelper.exe (EA Digital Illusions CE AB)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4\Battlefield 4.lnk -> C:\BF4\Battlefield 4\BF4X86WebHelper.exe (EA Digital Illusions CE AB)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4\Kundendienst.lnk -> C:\BF4\Battlefield 4\Support\EA Help\Kundendienst.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Antivirus\Avira Antivirus Hilfe.lnk -> C:\Program Files (x86)\Avira\Antivirus\208\avwin.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Antivirus\Avira Antivirus starten.lnk -> C:\Program Files (x86)\Avira\Antivirus\avcenter.exe (Avira Operations GmbH & Co. KG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Antivirus\Avira im Internet.lnk -> C:\Program Files (x86)\Avira\Antivirus\weblink.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision\Call of Duty(R) 4 - Modern Warfare(TM)\Call of Duty(R) 4 - Modern Warfare(TM) Multiplayer.lnk -> C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision\Call of Duty(R) 4 - Modern Warfare(TM)\Call of Duty(R) 4 - Modern Warfare(TM) Singleplayer.lnk -> C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3sp.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision\Call of Duty(R) 4 - Modern Warfare(TM)\Documentation\Call of Duty(R) 4 - Modern Warfare(TM) Manual.lnk -> C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\Docs\manual.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision\Call of Duty(R) 4 - Modern Warfare(TM)\Documentation\Customer Support.lnk -> C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\Docs\Help\customer_support.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision\Call of Duty(R) 4 - Modern Warfare(TM)\Documentation\Readme.lnk -> C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\Docs\Help\readme.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision\Call of Duty(R) 4 - Modern Warfare(TM)\Documentation\Technical Help.lnk -> C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\Docs\help.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk -> C:\Users\Tower\Documents ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk -> C:\Users\Tower\Pictures ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Multiplayer.lnk -> C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe ()
Shortcut: C:\Users\Public\Desktop\Call of Duty(R) 4 - Modern Warfare(TM) Singleplayer.lnk -> C:\Program Files (x86)\Activision\Call of Duty 4 - Modern Warfare\iw3sp.exe ()
Shortcut: C:\Users\Public\Desktop\DAEMON Tools Lite.lnk -> C:\Program Files\DAEMON Tools Lite\DTLauncher.exe (Disc Soft Ltd)
Shortcut: C:\Users\Public\Desktop\FIFA 16.lnk -> C:\BF4\FIFA 16\fifa16.exe (Electronic Arts)
Shortcut: C:\Users\Public\Desktop\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\Users\Public\Desktop\LogMeIn Hamachi.lnk -> C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
Shortcut: C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk -> C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Malwarebytes)
Shortcut: C:\Users\Public\Desktop\Minecraft.lnk -> D:\Games\Minecraft\MinecraftLauncher.exe (Mojang)
Shortcut: C:\Users\Public\Desktop\PDF Bearbeiten.lnk -> C:\Program Files (x86)\PDFBearbeiten\splash.exe (hxxp://www.PDFBearbeiten.net)
Shortcut: C:\Users\Public\Desktop\Titanfall.lnk -> D:\Games\Titanfall\Titanfall.exe ()
Shortcut: C:\Users\Public\Desktop\Total War - SHOGUN 2.lnk -> D:\Program Files (x86)\Total War - SHOGUN 2\Shogun2.exe (The Creative Assembly Ltd)
Shortcut: C:\Users\Public\Desktop\Winamp.lnk -> C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft, Inc.)
Shortcut: C:\Users\Tower\Links\Desktop.lnk -> C:\Users\Tower\Desktop ()
Shortcut: C:\Users\Tower\Links\Downloads.lnk -> C:\Users\Tower\Downloads ()
Shortcut: C:\Users\Tower\Desktop\DUC (2).lnk -> C:\Program Files (x86)\No-IP\DUC40.exe ()
Shortcut: C:\Users\Tower\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Tower\Desktop\HearthstoneTracker.lnk -> C:\Program Files (x86)\HearthstoneTracker\HearthCap.exe (HearthstoneTracker.com)
Shortcut: C:\Users\Tower\Desktop\Open Broadcaster Software.lnk -> C:\Program Files (x86)\OBS\OBS.exe ()
Shortcut: C:\Users\Tower\Desktop\RocketLeague - Shortcut.lnk -> C:\Users\Tower\Downloads\lib\[www.mpc-g.com]RcktLg105\Binaries\Win32\RocketLeague.exe (Psyonix, Inc)
Shortcut: C:\Users\Tower\Desktop\Uplay.lnk -> D:\Program Files (x86)\Ubisoft Game Launcher\Uplay.exe (Ubisoft)
Shortcut: C:\Users\Tower\Desktop\ZHPCleaner.lnk -> C:\Users\Tower\AppData\Roaming\ZHP\ZHPCleaner.exe ()
Shortcut: C:\Users\Tower\Desktop\µTorrent.lnk -> C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\MinGW Installation Manager.lnk -> C:\MinGW\libexec\mingw-get\guimain.exe (MinGW.org Project)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -> C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Battle.lnk -> D:\Programme\Battle.net\Battle.net.exe (Blizzard Entertainment)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView 64.lnk -> C:\Program Files\IrfanView\i_view64.exe (Irfan Skiljan)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Tower\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Origin.lnk -> D:\Origin\Origin.exe (Electronic Arts)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam.lnk -> D:\Programme\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uplay.lnk -> D:\Ubisoft Game Launcher\Uplay.exe (Ubisoft)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uninstall.lnk -> D:\Program Files (x86)\Ubisoft Game Launcher\Uninstall.exe (Ubisoft)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft\Uplay\Uplay.lnk -> D:\Program Files (x86)\Ubisoft Game Launcher\Uplay.exe (Ubisoft)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk -> D:\Programme\Steam\Steam.exe (Valve Corporation)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software\Open Broadcaster Software (32bit).lnk -> C:\Program Files (x86)\OBS\OBS.exe ()
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software\Open Broadcaster Software (64bit).lnk -> C:\Program Files\OBS\OBS.exe ()
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software\Uninstall.lnk -> C:\Program Files (x86)\OBS\uninstall.exe ()
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC\DUC.lnk -> C:\Program Files (x86)\No-IP\DUC40.exe ()
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC\License.lnk -> C:\Program Files (x86)\No-IP\License.txt ()
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC\Uninstall.lnk -> C:\Program Files (x86)\No-IP\Uninstall.exe ()
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MusicBee\MusicBee.lnk -> D:\MusicBee\MusicBee.exe (Steven Mayall)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MusicBee\Uninstall MusicBee.lnk -> D:\MusicBee\Uninstall.exe ()
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthstoneTracker\HearthstoneTracker.lnk -> C:\Program Files (x86)\HearthstoneTracker\HearthCap.exe (HearthstoneTracker.com)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthstoneTracker\Uninstall.lnk -> C:\Program Files (x86)\HearthstoneTracker\uninstall.exe (HearthstoneTracker.com)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks\CB Share Config.lnk -> C:\Program Files (x86)\CodeBlocks\cb_share_config.exe ()
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks\Code Snippets.lnk -> C:\Program Files (x86)\CodeBlocks\codesnippets.exe ()
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks\CodeBlocks.lnk -> C:\Program Files (x86)\CodeBlocks\codeblocks.exe (Code::Blocks Team)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks\Uninstall CodeBlocks.lnk -> C:\Program Files (x86)\CodeBlocks\uninstall.exe (The Code::Blocks Team)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\SendTo\PDF24 Creator.lnk -> C:\Program Files (x86)\PDF24\pdf24-DocTool.exe (Geek Software GmbH)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\CodeBlocks.lnk -> C:\Program Files (x86)\CodeBlocks\codeblocks.exe (Code::Blocks Team)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PDF Bearbeiten.lnk -> C:\Program Files (x86)\PDFBearbeiten\splash.exe (hxxp://www.PDFBearbeiten.net)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung PC Studio 3.lnk -> C:\Program Files (x86)\Samsung\Samsung PC Studio 3\Launcher.exe (Keine Datei)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Smart Switch.lnk -> C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPC.exe (Samsung)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk -> C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft, Inc.)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -> C:\Users\Tower\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\LaunchGFExperience.exe (NVIDIA Corporation)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Open Broadcaster Software.lnk -> C:\Program Files (x86)\OBS\OBS.exe ()
Shortcut: C:\Users\Tower\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Smart Switch.lnk -> C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPC.exe (Samsung)
Shortcut: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)




ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> -sta {C90FB8CA-3295-4462-A721-2935E83694BA}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp\Winamp (Abgesicherter Modus).lnk -> C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft, Inc.) -> /SAFE=1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung PC Studio 3\Uninstall Samsung PC Studio 3.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe (Macrovision Corporation) -> /L000407 /removeonly Uninstall
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung\Smart Switch PC\Uninstall Smart Switch.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}\setup.exe (Samsung Electronics Co., Ltd.) -> /removeonly
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /show
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\InfoPath Designer 2013.lnk -> C:\Windows\Installer\{90150000-0011-0000-0000-0000000FF1CE}\inficon.exe () ->  /design 
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi\Uninstall.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i {38DAAEA7-903D-4FBF-A5D3-F7EB8F83782A} REMOVE=ALL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4\main.lua.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation) -> C:\Program Files (x86)\Cheat Engine 6.4\main.lua
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Launcher.lnk -> C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Avira Operations GmbH & Co. KG) -> /showMiniGui
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision\Call of Duty(R) 4 - Modern Warfare(TM)\Uninstall Call of Duty(R) 4 - Modern Warfare(TM).lnk -> C:\Program Files (x86)\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\uninstall.exe (Activision                                                ) -> -runfromtemp -l0x0409
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Public\Desktop\Avira Launcher.lnk -> C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Avira Operations GmbH & Co. KG) -> /showMiniGui
ShortcutWithArgument: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Tower\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFBearbeiten\PDF Bearbeiten im Internet.url -> hxxp://www.PDFBearbeiten.net
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Pro\Online Help.URL -> hxxp://www.daemonpro.com/help/
InternetURL: C:\Users\Tower\Favorites\Bing.url -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\Tower\Favorites\ASUS E-Service\ASUS Homepage.url -> hxxp://www.asus.com/
InternetURL: C:\Users\Tower\Favorites\ASUS E-Service\ASUS Member.url -> hxxp://member.asus.com/
InternetURL: C:\Users\Tower\Favorites\ASUS E-Service\ASUS Software Download.url -> hxxp://support.asus.com/download
InternetURL: C:\Users\Tower\Favorites\ASUS E-Service\ASUS Technical Support.url -> hxxp://support.asus.com/
InternetURL: C:\Users\Tower\Downloads\lib\The REVOLT Forum.url -> hxxp://revolt.loginto.me/
InternetURL: C:\Users\Tower\Downloads\lib\[www.mpc-g.com]RcktLg105\Binaries\Win32\The REVOLT Forum.url -> hxxp://revolt.loginto.me/
InternetURL: C:\Users\Tower\Desktop\Rainbow Six Siege - Closed Beta.url -> uplay://launch/1001/0
InternetURL: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Company of Heroes 2.url -> steam://rungameid/231430
InternetURL: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Counter-Strike Global Offensive.url -> steam://rungameid/730
InternetURL: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Garry's Mod.url -> steam://rungameid/4000
InternetURL: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\HAWKEN.url -> steam://rungameid/271290
InternetURL: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\L.A. Noire.url -> steam://rungameid/110800
InternetURL: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\METAL GEAR SOLID V THE PHANTOM PAIN.url -> steam://rungameid/287700
InternetURL: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\PlanetSide 2.url -> steam://rungameid/218230
InternetURL: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Rocket League.url -> steam://rungameid/252950
InternetURL: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Street Fighter V Beta.url -> steam://rungameid/386800
InternetURL: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Team Fortress 2.url -> steam://rungameid/440
InternetURL: C:\Users\Tower\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam\Teeworlds.url -> steam://rungameid/380840

==================== Ende von Shortcut.txt =============================

Nun steht in der URL ganz kurz die Akahamid-URL, ich werde dann aber doch auf die richtige Seite umgeleitet? Passiert allerdings nur ab und zu; kann auch eine Einbildung sein und mir ist es vorher einfach nicht aufgefallen.