Internetseite sagt mir ich hätte einen Virus

Heradi · 14.04.2016, 17:46

Guten Tag,

"ich habe möglicherweise einen Virus und soll doch bitte eine Telefonnummer anrufen."
Sowas ungefähr sagt mir in letzter Zeit eine Internetseite die ab und zu als neuer schwer zu schließender Tab sich im Browser öffnet. Ich vertraue nicht unbedingt irgendwelchen Seiten die plötzlich aufploppen und mir Vorschriften machen wollen doch zur Sicherheit würde ich gerne von jemand der Ahnung hat meinen PC überprüfen lassen. Ich habe auch ab und zu diverse Probleme das mein PC zu laggen anfängt und es sich nur mit einem Neustart beheben lässt. Ich hoffe das dies nicht auch an einem Virus oder ähnlichem liegt. Im Moment besitze ich keine Antivirussoftware dadurch könnte die Gefahr hoch sein das ich einen habe allerdings kenne ich mich auch nicht so gut aus mit guten kostenlosen Programmen.

Ich habe Windows 7 falls das wichtig ist. Falls ihr noch mehr PC Daten braucht sagt mir bitte wie ich die rausfinde und ich nenne sie euch.

burningice · 14.04.2016, 20:05

Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen.

Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:

Bitte lies meine Posts komplett durch bevor du sie abarbeitest
Wenn ein Problem auftauchen sollte oder dir etwas unklar ist, unterbreche deine Arbeit und beschreibe es so genau wie möglich.
Bitte kein Crossposting
Installiere oder Deinstalliere keine Software ohne Aufforderung
Bitte verwende nur die Tools, welche hier im Thread erwähnt werden und führe sie nur gemäß Anweisung aus
Bitte antworte innerhalb von 24h um eine sinnvolle Bereinigung zu ermöglichen
Poste die Logs immer in CODE-Tags (#-Button), zur Not die Logs einfach aufteilen
Wichtig: Nur weil dein Problem mit einem Schritt plötzlich behoben ist, bedeutet das nicht, dass dein PC auch sauber ist. Mache solange weiter, bis ich dir sage, dass dein PC "clean" ist
Wenn ich dir nicht binnen 36h antworte, sende mir bitte eine persönliche Nachricht!

Los geht's

Schritt: 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt: 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Heradi · 14.04.2016, 21:58

Vielen dank erstmal für die schnelle Hilfe.

Hier ist das Log für FRST

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:13-04-2016
durchgeführt von Ozoma (Administrator) auf OZOMA-PC (14-04-2016 22:38:17)
Gestartet von C:\Users\Ozoma\Desktop
Geladene Profile: Ozoma (Verfügbare Profile: Ozoma)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LINE Corporation) C:\Program Files (x86)\LINE\LINE.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Valve Corporation) D:\Steam\Steam.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Dropbox, Inc.) C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-02-14] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2016-04-05] (LogMeIn Inc.)
HKU\S-1-5-21-3620531602-815428446-3748077359-1001\...\Run: [DAEMON Tools Lite] => D:\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-3620531602-815428446-3748077359-1001\...\Run: [Dropbox Update] => C:\Users\Ozoma\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-16] (Dropbox, Inc.)
HKU\S-1-5-21-3620531602-815428446-3748077359-1001\...\Run: [LINE] => C:\Program Files (x86)\LINE\line.exe [17227240 2016-03-10] (LINE Corporation)
HKU\S-1-5-21-3620531602-815428446-3748077359-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3620531602-815428446-3748077359-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23260000 2016-02-24] (Google)
HKU\S-1-5-21-3620531602-815428446-3748077359-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50670720 2016-03-01] (Skype Technologies S.A.)
HKU\S-1-5-21-3620531602-815428446-3748077359-1001\...\Run: [Steam] => D:\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
HKU\S-1-5-21-3620531602-815428446-3748077359-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Users\Ozoma\Desktop\IMG005~1.SCR
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
Startup: C:\Users\Ozoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-04-05]
ShortcutTarget: Dropbox.lnk -> C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [231424 2013-09-08] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 C:\Windows\System32\mswsock.dll [327168 2013-09-08] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\NLAapi.dll"
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\..\Interfaces\{027C0094-CB13-4C44-920B-6595D581C01B}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-3620531602-815428446-3748077359-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3620531602-815428446-3748077359-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393257268&from=vtt&uid=ST31000524AS_9VPFBC69XXXX9VPFBC69&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3620531602-815428446-3748077359-1001 -> {371DBE33-47B9-4EA9-ADBA-E5886E44D4E9} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-3620531602-815428446-3748077359-1001 -> {96CEEE20-AFBC-439F-8348-317552AEDFF2} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-3620531602-815428446-3748077359-1001 -> {9A278DCD-E49C-4FA0-8988-6C51AF86CEAA} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-3620531602-815428446-3748077359-1001 -> {FA5B4673-0177-431A-BF39-E3B5DA5A21AA} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll => Keine Datei
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-25] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-25] (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-03-02] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Ozoma\AppData\Roaming\Mozilla\Firefox\Profiles\xf4j3rjr.default-1389032603445
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: www.google.com
FF Session Restore: -> ist aktiviert.
FF Keyword.URL: hxxps://www.google.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-08] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1214154.dll [2014-11-26] (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-02-18] (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-25] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3620531602-815428446-3748077359-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ozoma\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-03-24] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll [2012-01-12] (BitComet)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Extension: SaveFrom.net - helper - C:\Users\Ozoma\AppData\Roaming\Mozilla\Firefox\Profiles\xf4j3rjr.default-1389032603445\Extensions\helper-sig@savefrom.net.xpi [2016-02-10]
FF Extension: ExHentai Easy 2 - C:\Users\Ozoma\AppData\Roaming\Mozilla\Firefox\Profiles\xf4j3rjr.default-1389032603445\Extensions\jid1-7NbXi2AqS1oUFw@jetpack.xpi [2015-02-02] [ist nicht signiert]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-02-20] [ist nicht signiert]

Chrome: 
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxp://websearch.searchdwebs.info/?pid=34&r=2013/06/20&hid=952745596&lg=EN&cc=DE&unqvl=22","hxxp://www.youtube.com/watch?v=b3WNiI7OtT0","hxxp://www.youtube.com/watch?v=MOY1QbcH3a4","hxxp://www.detektiv-conan.ch/index.php?page=jpnepisoden.php&episoden=681697","hxxp://detektivconan-wiki.com/wiki/Liste_der_Anime-Episoden","hxxp://megaman.wikia.com/wiki/List_of_Mega_Man_6_enemies","hxxp://www.youtube.com/watch?v=DeHHPLMMCfs","hxxp://www.youtube.com/watch?v=n8ofa-afC6c&list=WL012A62390FD9B1E6","hxxp://www.youtube.com/watch?v=TLVGmvmNitg&list=SP2B009153AC977F90","hxxp://www.burning-seri.es/serie/Akte-X/1/17-Taeuschungsmanoever","hxxp://www.burning-seri.es/serie/Startrek-Enterprise/1/20-Schiff-der-Geister/PutLocker-1","hxxp://annayseult.blogspot.de/?zx=e8d1c655866936ed","hxxp://www.youtube.com/results?search_query=megaman+folge+3&oq=megaman+folge+3&gs_l=youtube.3..0l3.1499583.1500130.0.1500560.2.2.0.0.0.0.197.262.1j1.2.0...0.0...1ac.1.11.youtube.oNVa4RtNhJ8","hxxps://mail.google.com/mail/u/0/?ui=2&shva=1#inbox","hxxp://searchiy.gboxapp.com/?pid=500&src=ch1&r=2013/06/28&hid=952745596&lg=EN&cc=DE","hxxp://searchiy.gboxapp.com/?pid=500&src=ch1&r=2013/07/17&hid=952745596&lg=EN&cc=DE"
CHR Session Restore: Default -> ist aktiviert.
CHR Profile: C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-08]
CHR Extension: (Google Docs) - C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-08]
CHR Extension: (Google Drive) - C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-08]
CHR Extension: (YouTube) - C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-08]
CHR Extension: (Adblock Plus) - C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-10]
CHR Extension: (Google-Suche) - C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-08]
CHR Extension: (Tampermonkey) - C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-04-11]
CHR Extension: (Google Tabellen) - C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-08]
CHR Extension: (Google Docs Offline) - C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-18]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Google Mail) - C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-08]
CHR HKU\S-1-5-21-3620531602-815428446-3748077359-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Ozoma\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2015-09-09]
CHR HKU\S-1-5-21-3620531602-815428446-3748077359-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3620531602-815428446-3748077359-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-06-15] () [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2016-04-05] (LogMeIn, Inc.)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2104840 2016-02-13] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-23] ()
S4 RemoteAccess; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [835664 2016-03-31] (Valve Corporation) [Datei ist nicht signiert]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2015-12-27] (Microsoft Corporation) [Datei ist nicht signiert]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [746392 2013-03-20] (Tunngle.net GmbH) [Datei ist nicht signiert]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-07-12] (VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-31] (DT Soft Ltd)
S3 E100B; C:\Windows\System32\DRIVERS\efe5b32e.sys [192256 2009-06-10] (Intel Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [46792 2013-07-24] (AnchorFree Inc.)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-14 22:38 - 2016-04-14 22:39 - 00029044 _____ C:\Users\Ozoma\Desktop\FRST.txt
2016-04-14 22:37 - 2016-04-14 22:38 - 02375168 _____ (Farbar) C:\Users\Ozoma\Desktop\FRST64.exe
2016-04-14 18:29 - 2016-04-14 18:29 - 22851472 _____ (Malwarebytes ) C:\Users\Ozoma\Desktop\mbam-setup-2.2.1.1043.exe
2016-04-13 17:14 - 2016-03-31 20:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-04-13 17:14 - 2016-03-31 02:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-04-13 17:14 - 2016-03-31 02:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-04-13 17:14 - 2016-03-31 02:21 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-04-13 17:14 - 2016-03-31 02:17 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-04-13 17:14 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-04-13 17:14 - 2016-03-31 02:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-04-13 17:14 - 2016-03-31 01:59 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-04-13 17:14 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-04-13 17:14 - 2016-03-31 01:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-04-13 17:14 - 2016-03-31 01:52 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-04-13 17:14 - 2016-03-31 01:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-04-13 17:14 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-04-13 17:14 - 2016-03-31 01:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-04-13 17:14 - 2016-03-31 01:33 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-04-13 17:14 - 2016-03-31 01:31 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-04-13 17:14 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-04-13 17:14 - 2016-03-31 01:29 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-04-13 17:14 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-04-13 17:14 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-04-13 17:13 - 2016-03-31 21:25 - 00394952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-04-13 17:13 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-04-13 17:13 - 2016-03-31 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-04-13 17:13 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-04-13 17:13 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-04-13 17:13 - 2016-03-31 02:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-04-13 17:13 - 2016-03-31 02:27 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-04-13 17:13 - 2016-03-31 02:27 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-04-13 17:13 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-04-13 17:13 - 2016-03-31 02:22 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-04-13 17:13 - 2016-03-31 02:19 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-04-13 17:13 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-04-13 17:13 - 2016-03-31 02:17 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-04-13 17:13 - 2016-03-31 02:17 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-04-13 17:13 - 2016-03-31 02:11 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-04-13 17:13 - 2016-03-31 02:08 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-04-13 17:13 - 2016-03-31 02:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-04-13 17:13 - 2016-03-31 01:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-04-13 17:13 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-04-13 17:13 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-04-13 17:13 - 2016-03-31 01:53 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-04-13 17:13 - 2016-03-31 01:52 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-04-13 17:13 - 2016-03-31 01:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-04-13 17:13 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-04-13 17:13 - 2016-03-31 01:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-04-13 17:13 - 2016-03-31 01:46 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-04-13 17:13 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-04-13 17:13 - 2016-03-31 01:45 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-04-13 17:13 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-04-13 17:13 - 2016-03-31 01:45 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-04-13 17:13 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-04-13 17:13 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-04-13 17:13 - 2016-03-31 01:42 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-04-13 17:13 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-04-13 17:13 - 2016-03-31 01:38 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-04-13 17:13 - 2016-03-31 01:31 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-04-13 17:13 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-04-13 17:13 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-04-13 17:13 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-04-13 17:13 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-04-13 17:13 - 2016-03-31 01:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-04-13 17:13 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-04-13 17:13 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-04-13 17:13 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-04-13 17:13 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-04-13 17:13 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-04-13 17:13 - 2016-03-18 01:04 - 05551336 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-04-13 17:13 - 2016-03-18 01:04 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-04-13 17:13 - 2016-03-18 01:04 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-04-13 17:13 - 2016-03-18 01:04 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-04-13 17:13 - 2016-03-18 01:01 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-13 17:13 - 2016-03-18 01:01 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-04-13 17:13 - 2016-03-18 00:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-04-13 17:13 - 2016-03-18 00:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-04-13 17:13 - 2016-03-18 00:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-04-13 17:13 - 2016-03-18 00:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-04-13 17:13 - 2016-03-18 00:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-04-13 17:13 - 2016-03-18 00:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-04-13 17:13 - 2016-03-18 00:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-04-13 17:13 - 2016-03-18 00:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-04-13 17:13 - 2016-03-18 00:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-04-13 17:13 - 2016-03-18 00:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-04-13 17:13 - 2016-03-18 00:57 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-04-13 17:13 - 2016-03-18 00:57 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-04-13 17:13 - 2016-03-18 00:57 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-04-13 17:13 - 2016-03-18 00:57 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-04-13 17:13 - 2016-03-18 00:57 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-04-13 17:13 - 2016-03-18 00:56 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-13 17:13 - 2016-03-18 00:56 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-04-13 17:13 - 2016-03-18 00:54 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-04-13 17:13 - 2016-03-18 00:54 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-04-13 17:13 - 2016-03-18 00:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-04-13 17:13 - 2016-03-18 00:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-04-13 17:13 - 2016-03-18 00:53 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-13 17:13 - 2016-03-18 00:53 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-04-13 17:13 - 2016-03-18 00:53 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-04-13 17:13 - 2016-03-18 00:53 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:36 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-04-13 17:13 - 2016-03-18 00:36 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-04-13 17:13 - 2016-03-18 00:33 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-04-13 17:13 - 2016-03-18 00:31 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-04-13 17:13 - 2016-03-18 00:31 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-04-13 17:13 - 2016-03-18 00:31 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-04-13 17:13 - 2016-03-18 00:31 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-04-13 17:13 - 2016-03-18 00:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-04-13 17:13 - 2016-03-18 00:30 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-04-13 17:13 - 2016-03-18 00:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-04-13 17:13 - 2016-03-18 00:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-04-13 17:13 - 2016-03-18 00:29 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-04-13 17:13 - 2016-03-18 00:29 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-04-13 17:13 - 2016-03-18 00:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-04-13 17:13 - 2016-03-18 00:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-04-13 17:13 - 2016-03-18 00:27 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-04-13 17:13 - 2016-03-18 00:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-04-13 17:13 - 2016-03-18 00:27 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-04-13 17:13 - 2016-03-18 00:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-04-13 17:13 - 2016-03-18 00:26 - 00553984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-04-13 17:13 - 2016-03-18 00:25 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-13 17:13 - 2016-03-17 23:53 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-04-13 17:13 - 2016-03-17 23:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-04-13 17:13 - 2016-03-17 23:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-04-13 17:13 - 2016-03-17 23:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-04-13 17:13 - 2016-03-17 23:44 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-04-13 17:13 - 2016-03-17 23:43 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-04-13 17:13 - 2016-03-17 23:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-04-13 17:13 - 2016-03-17 23:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-04-13 17:13 - 2016-03-17 23:37 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-04-13 17:13 - 2016-03-17 23:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-04-13 17:13 - 2016-03-17 23:35 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-04-13 17:13 - 2016-03-17 23:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-04-13 17:13 - 2016-03-17 23:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-04-13 17:13 - 2016-03-17 23:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-04-13 17:13 - 2016-03-17 23:30 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-04-13 17:13 - 2016-03-17 23:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-04-13 17:13 - 2016-03-17 23:29 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-04-13 17:13 - 2016-03-17 23:29 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-13 17:13 - 2016-03-17 23:29 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 17:13 - 2016-03-17 23:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 17:13 - 2016-03-17 23:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-13 17:13 - 2016-03-06 20:53 - 01885696 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-13 17:13 - 2016-03-06 20:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-04-13 17:13 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-13 17:13 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-04-13 17:12 - 2016-03-29 19:53 - 03216896 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-04-13 17:12 - 2016-03-16 02:16 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-13 17:12 - 2016-03-16 02:16 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-13 17:12 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-13 17:12 - 2016-03-11 20:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-04-13 17:12 - 2016-03-11 20:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-04-08 00:28 - 2016-04-08 00:28 - 05934784 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-04-06 16:07 - 2016-04-06 16:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-04-06 16:07 - 2016-04-06 16:07 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-04-05 19:40 - 2016-04-05 19:40 - 00000844 _____ C:\Users\Ozoma\AppData\Local\recently-used.xbel
2016-04-05 19:39 - 2016-04-05 19:39 - 00000000 ____D C:\Users\Ozoma\.fontconfig
2016-04-03 20:40 - 2016-04-03 20:39 - 00524304 _____ C:\Users\Ozoma\Desktop\Overload 3 Beta Test 5.nes
2016-03-31 21:59 - 2016-03-31 21:59 - 00006235 _____ C:\Users\Ozoma\Desktop\^414E80C65348E4630387FDD2AB4066B16597FC635919258E64^pimgpsh_thumbnail_win_distr.jpg
2016-03-31 21:46 - 2016-03-31 21:53 - 00393232 _____ C:\Users\Ozoma\Desktop\Overload 4.nes
2016-03-31 20:39 - 1997-05-19 21:36 - 00393232 ____R C:\Users\Ozoma\Desktop\Mega Man 3 (U) [!].nes
2016-03-30 22:16 - 2016-03-30 22:16 - 00000000 ____D C:\Users\Ozoma\Desktop\Cache
2016-03-28 14:08 - 2016-03-28 14:06 - 00524304 _____ C:\Users\Ozoma\Desktop\Overload 3 Beta Test 4.nes
2016-03-28 13:44 - 2016-03-28 13:44 - 00000022 _____ C:\Users\Ozoma\Desktop\Story.txt
2016-03-26 14:48 - 2016-03-26 14:44 - 00524304 _____ C:\Users\Ozoma\Desktop\Overload 3 Beta Test 3.nes
2016-03-20 02:34 - 2016-03-17 02:49 - 00524304 _____ C:\Users\Ozoma\Desktop\Overload 3 Beta Test 2.nes
2016-03-19 22:44 - 2016-03-19 22:44 - 00000000 ____D C:\Users\Ozoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-03-19 20:17 - 2016-03-19 20:20 - 00000000 ____D C:\Users\Ozoma\AppData\Roaming\MMFApplications
2016-03-19 15:47 - 2016-03-19 15:47 - 00000202 _____ C:\Users\Ozoma\Desktop\Deponia The Complete Journey.url
2016-03-17 20:56 - 2016-03-17 20:56 - 00000000 ____D C:\Users\Ozoma\AppData\Roaming\MegaMan
2016-03-17 00:02 - 2016-03-17 00:02 - 00000202 _____ C:\Users\Ozoma\Desktop\Mega Man Legacy Collection.url
2016-03-16 00:44 - 2016-03-16 00:44 - 00000516 _____ C:\Users\Public\Desktop\Steam.lnk
2016-03-16 00:44 - 2016-03-16 00:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-03-16 00:42 - 2016-03-16 00:43 - 01380712 _____ C:\Users\Ozoma\Desktop\SteamSetup.exe
2016-03-15 23:40 - 2016-03-15 23:40 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2016-03-15 23:40 - 2016-03-15 23:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-03-15 23:36 - 2016-03-15 23:36 - 01503872 _____ (Skype Technologies S.A.) C:\Users\Ozoma\Desktop\SkypeSetup.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-14 22:45 - 2012-04-24 08:18 - 00000000 ____D C:\Users\Ozoma\AppData\Roaming\Skype
2016-04-14 22:38 - 2013-11-25 15:51 - 00000000 ____D C:\FRST
2016-04-14 22:28 - 2013-01-04 00:39 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-14 22:20 - 2015-07-16 05:09 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3620531602-815428446-3748077359-1001UA.job
2016-04-14 22:17 - 2013-05-11 14:54 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-14 22:17 - 2013-05-11 14:54 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-14 21:02 - 2012-08-17 00:56 - 00030720 _____ C:\Users\Ozoma\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-04-14 20:25 - 2009-07-14 06:45 - 00027920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-14 20:25 - 2009-07-14 06:45 - 00027920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-14 16:05 - 2014-07-13 17:08 - 00000000 ___RD C:\Users\Ozoma\Dropbox
2016-04-14 16:05 - 2014-07-13 17:05 - 00000000 ____D C:\Users\Ozoma\AppData\Roaming\Dropbox
2016-04-14 16:03 - 2014-01-11 17:38 - 00000000 ____D C:\ProgramData\VMware
2016-04-14 16:03 - 2013-04-29 20:53 - 00000000 ____D C:\Users\Ozoma\AppData\Local\LogMeIn Hamachi
2016-04-14 16:02 - 2012-04-18 07:46 - 00000000 ____D C:\ProgramData\NVIDIA
2016-04-14 16:02 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-14 04:08 - 2015-03-11 05:06 - 00000000 ____D C:\Windows\rescache
2016-04-14 03:31 - 2009-07-14 06:45 - 04927232 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-14 03:11 - 2013-09-06 01:05 - 00000000 ____D C:\Windows\system32\MRT
2016-04-14 03:04 - 2012-07-23 17:49 - 135176864 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-04-14 02:20 - 2015-07-16 05:09 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3620531602-815428446-3748077359-1001Core.job
2016-04-13 20:38 - 2015-03-21 21:19 - 00000000 ____D C:\Users\Ozoma\Desktop\Challenge
2016-04-13 20:33 - 2015-09-01 00:37 - 00005246 _____ C:\Users\Ozoma\Desktop\Mögliche Mangaprojekte.txt
2016-04-13 20:11 - 2014-03-30 17:29 - 00000000 ____D C:\Users\Ozoma\AppData\Local\Battle.net
2016-04-12 02:21 - 2016-01-08 19:41 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-08 00:28 - 2013-12-11 16:28 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-08 00:28 - 2013-01-04 00:39 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-04-08 00:28 - 2012-04-21 19:09 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-06 22:13 - 2012-04-20 23:59 - 00000000 ____D C:\Users\Ozoma\AppData\Roaming\TS3Client
2016-04-06 16:07 - 2015-12-04 04:51 - 00000932 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2016-04-05 19:41 - 2012-10-01 17:39 - 00000000 ____D C:\Users\Ozoma\AppData\Local\Paint.NET
2016-04-05 19:41 - 2012-07-08 22:19 - 00000000 ____D C:\Users\Ozoma\.gimp-2.6
2016-04-05 19:39 - 2012-04-20 23:45 - 00000000 ____D C:\Users\Ozoma
2016-04-05 16:18 - 2013-01-20 14:24 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2016-04-03 20:40 - 2016-03-13 13:39 - 00000000 ____D C:\Users\Ozoma\Desktop\Overload Test
2016-04-02 12:39 - 2016-01-28 23:02 - 00000000 ____D C:\ProgramData\F-Secure
2016-03-20 17:03 - 2015-06-18 19:03 - 00000000 ____D C:\Users\Ozoma\AppData\Local\Daedalic Entertainment GmbH
2016-03-19 20:23 - 2013-06-27 20:58 - 00000000 ____D C:\Users\Ozoma\Desktop\JoyToKey_en
2016-03-15 23:40 - 2014-03-26 11:35 - 00000000 ____D C:\Users\Ozoma\AppData\Local\Skype
2016-03-15 23:40 - 2012-04-24 08:18 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-03-15 23:40 - 2012-04-24 08:18 - 00000000 ____D C:\ProgramData\Skype

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-29 11:02 - 2016-01-25 19:37 - 0000132 _____ () C:\Users\Ozoma\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2012-07-10 22:24 - 2012-07-13 19:06 - 0000096 _____ () C:\Users\Ozoma\AppData\Roaming\Camdata.ini
2012-07-10 22:24 - 2012-07-13 19:06 - 0000408 _____ () C:\Users\Ozoma\AppData\Roaming\CamLayout.ini
2012-07-10 22:24 - 2012-07-13 19:06 - 0000408 _____ () C:\Users\Ozoma\AppData\Roaming\CamShapes.ini
2012-07-10 22:24 - 2012-07-13 19:06 - 0004416 _____ () C:\Users\Ozoma\AppData\Roaming\CamStudio.cfg
2012-07-13 18:19 - 2012-07-13 18:19 - 0000000 _____ () C:\Users\Ozoma\AppData\Roaming\CamStudio.Producer.Data.ini
2012-07-13 18:19 - 2012-07-13 18:19 - 0001206 _____ () C:\Users\Ozoma\AppData\Roaming\CamStudio.Producer.ini
2015-02-27 17:14 - 2015-02-27 17:14 - 0000194 _____ () C:\Users\Ozoma\AppData\Roaming\dmsettings.xml
2004-01-26 17:15 - 2004-01-26 17:15 - 0233472 ____R () C:\Users\Ozoma\AppData\Roaming\MafiaSetup.exe
2012-08-19 23:15 - 2012-08-21 11:03 - 0000000 ____H () C:\Users\Ozoma\AppData\Roaming\winbras.sys
2012-08-19 23:15 - 2012-08-21 11:03 - 0000000 ____H () C:\Users\Ozoma\AppData\Roaming\windrvconfig.txt
2012-08-17 00:56 - 2016-04-14 21:02 - 0030720 _____ () C:\Users\Ozoma\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-04-05 19:40 - 2016-04-05 19:40 - 0000844 _____ () C:\Users\Ozoma\AppData\Local\recently-used.xbel
2012-07-08 23:49 - 2014-08-18 23:22 - 0007602 _____ () C:\Users\Ozoma\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
C:\Users\Ozoma\AppData\Local\temp\drm_dialogs.dll
C:\Users\Ozoma\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpl70lnf.dll
C:\Users\Ozoma\AppData\Local\temp\ICSharpCode.SharpZipLib.dll
C:\Users\Ozoma\AppData\Local\temp\MBSetup311.exe
C:\Users\Ozoma\AppData\Local\temp\MBSetup360.exe
C:\Users\Ozoma\AppData\Local\temp\MBSetup908.exe
C:\Users\Ozoma\AppData\Local\temp\Quarantine.exe
C:\Users\Ozoma\AppData\Local\temp\SkypeSetup.exe
C:\Users\Ozoma\AppData\Local\temp\sqlite3.dll
C:\Users\Ozoma\AppData\Local\temp\YgoUpdater.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-08 02:57

==================== Ende von FRST.txt ============================

Heradi · 14.04.2016, 21:58

Addition

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:13-04-2016
durchgeführt von Ozoma (2016-04-14 22:45:11)
Gestartet von C:\Users\Ozoma\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-04-20 21:45:42)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3620531602-815428446-3748077359-500 - Administrator - Disabled)
fbwuser (S-1-5-21-3620531602-815428446-3748077359-1004 - Limited - Enabled)
Gast (S-1-5-21-3620531602-815428446-3748077359-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3620531602-815428446-3748077359-1003 - Limited - Enabled)
Ozoma (S-1-5-21-3620531602-815428446-3748077359-1001 - Administrator - Enabled) => C:\Users\Ozoma

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7 Days to Die (HKLM-x32\...\Steam App 251570) (Version:  - The Fun Pimps)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2 - Adobe Systems Incorporated)
Adobe Flash Media Live Encoder 3.2 (HKLM-x32\...\{0659E943-DDF4-44FC-9FEE-A13B09F8BB08}) (Version: 3.2.0 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.4.154 - Adobe Systems, Inc.)
Aegisub 3.2.2 (HKLM\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Alice Madness Returns (HKLM-x32\...\{93A3AB24-36E8-41BA-80C6-CCEC237836DC}) (Version: 1.0.0.0 - Electronic Arts)
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version:  - )
Angry Video Game Nerd Adventures (HKLM-x32\...\Steam App 237740) (Version:  - FreakZone Games)
AnkhBotR2 version 1.0.0.16 (HKLM-x32\...\{08D3C5BB-C492-4916-B111-725081845380}_is1) (Version: 1.0.0.16 - Marcin Swierzowski aka AnkhHeart)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Ascend: Hand of Kul (HKLM-x32\...\Steam App 233630) (Version:  - Signal Studios)
Audacity Recovery Utility (HKLM-x32\...\AURC_is1) (Version:  - Markus Meyer)
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
Bardbarian (HKLM-x32\...\Steam App 269490) (Version:  - TreeFortress Games)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
Beyond Divinity (HKLM-x32\...\{4C9BE645-3EF8-335D-9A7C-77F2A8689C5E}_is1) (Version: 1.0.7 - )
Camtasia Studio 7 (HKLM-x32\...\{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}) (Version: 7.1.1 - TechSmith Corporation)
CH2_1Demo (HKLM-x32\...\UDK-15b41068-9227-4540-bf45-79ec3a1d0195) (Version:  - Epic Games, Inc.)
CH2E1.1 (HKLM-x32\...\UDK-c126d00d-307a-404d-94b3-39a023e4f252) (Version:  - Epic Games, Inc.)
CH2Ep1 (HKLM-x32\...\UDK-a9cfc93b-489d-4dcf-bda6-ef42d613f81b) (Version:  - Epic Games, Inc.)
Craften Terminal 4.1.2 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 4.1.2 - Craften.de)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Dark Souls Prepare to Die Edition (HKLM-x32\...\GFWL_{4E4D0FA1-F880-4CCB-999A-501000008200}) (Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.)
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0002.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
'Das Achte Weltwunder' (HKLM-x32\...\'Das Achte Weltwunder') (Version:  - )
DayZ Commander (HKLM-x32\...\{B3653588-3AC0-4A1D-950F-D96531E84374}) (Version: 0.92.91 - Dotjosh Studios)
Dead Space (HKLM-x32\...\Steam App 17470) (Version:  - EA Redwood Shores)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Deponia: The Complete Journey (HKLM\...\Steam App 292910) (Version:  - Daedalic Entertainment)
DEVIL MAY CRY 4 BENCHMARK (HKLM-x32\...\{B824BEEF-262B-4B48-9984-D0C6B43C40DD}) (Version: 1.00.000 - CAPCOM CO., LTD.)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Diablo III Beta (HKLM-x32\...\Diablo III Beta) (Version: 0.2.0.7162 - Blizzard Entertainment)
Divine Divinity (HKLM-x32\...\{9278c4eb-1dfd-44ec-a0bb-3696f36a2767}_is1) (Version: 1.0.7 - )
Divine Divinity (HKLM-x32\...\Divine Divinity) (Version:  - )
Divine Divinity (HKLM-x32\...\Divine Divinity_is1) (Version:  - GOG.com)
Divinity II - Developer's Cut (HKLM-x32\...\CDCE6956-DCDC-4F82-ACA0-E4C7BAD6B26A_is1) (Version: 1.4 - Larian)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)
Dropbox (HKU\S-1-5-21-3620531602-815428446-3748077359-1001\...\Dropbox) (Version: 3.16.1 - Dropbox, Inc.)
ep2v1.0 (HKLM\...\UDK-c429a1cb-a825-4d9b-9244-6524f32619d2) (Version:  - Epic Games, Inc.)
Ep2v1.3.1 (HKLM\...\UDK-2a05942d-2635-4510-9d16-90851ac5f19d) (Version:  - Epic Games, Inc.)
EP2v1.4 (HKLM\...\UDK-4c647596-6948-492d-bfab-d89ca48f0bd3) (Version:  - Epic Games, Inc.)
Ep3v1.21 (HKLM-x32\...\UDK-8cd56b9e-f402-46df-81d4-78eee2dfccef) (Version:  - Epic Games, Inc.)
EP3v1.4 (HKLM-x32\...\UDK-9be77e23-cec9-4fbf-9d6f-45eb0e6107d0) (Version:  - Epic Games, Inc.)
EP4v1.0 (HKLM-x32\...\UDK-a4faf819-0f87-491e-adfd-7130f6f290df) (Version:  - Epic Games, Inc.)
Ep4v1.1ee (HKLM-x32\...\UDK-26c9a51b-9515-4f59-8e88-c1aca495ebfe) (Version:  - Epic Games, Inc.)
Ep5v1.01 (HKLM-x32\...\UDK-e37a630b-5d78-4674-848a-ddf58d95ca9d) (Version:  - Epic Games, Inc.)
Episode 1 1.0b (HKLM-x32\...\Episode 1 1.0b) (Version: 1.0b - Whorecraft 2)
Episode 1 1.1 (HKLM-x32\...\Episode 1 1.1) (Version: 1.1 - Whorecraft 2)
episode 4 1.1ee (HKLM-x32\...\episode 4 1.1ee) (Version: 1.1ee - Whorecraft)
Episode 5 1.01 (HKLM-x32\...\Episode 5 1.01) (Version: 1.01 - Whorecraft)
Episode1 Demo (HKLM-x32\...\Episode1 Demo) (Version: Demo - Whorecraft 2)
Eryi's Action (HKLM-x32\...\Steam App 261700) (Version:  - Xtal Sword)
Evoland (HKLM-x32\...\Steam App 233470) (Version:  - Shiro Games)
FormatFactory 2.96 (HKLM-x32\...\FormatFactory) (Version: 2.96 - Free Time)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Gajim (HKLM-x32\...\Gajim) (Version: 0.16.3 - )
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version:  - Greenheart Games)
Giana Sisters: Twisted Dreams - Rise of the Owlverlord (HKLM-x32\...\Steam App 246960) (Version:  - Black Forest Games)
GIMP 2.6.12 (HKLM\...\GIMP-2_is1) (Version: 2.6.12 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Drive (HKLM-x32\...\{895D0391-459F-4D45-B8DD-13F0DE70C66E}) (Version: 1.28.1549.1322 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HashTab 5.2.0.14 (HKLM\...\HashTab) (Version: 5.2.0.14 - Implbits Software)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of Might & Magic V: Hammers of Fate (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200091}) (Version:  - )
Heroes of Might and Magic V - Tribes of the East (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200092}) (Version:  - )
Heroes of Might and Magic V (HKLM-x32\...\{20071984-5EB1-4881-8EDB-082532ACEC6D}) (Version:  - )
Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
Historion Version 1.0 (HKLM-x32\...\Historion) (Version:  - )
How to Survive (HKLM-x32\...\Steam App 250400) (Version:  - )
HyperCam 2 (HKLM\...\HyperCam 2) (Version: 2.27.00 - Hyperionics Technology LLC)
HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.27.00 - Hyperionics Technology LLC)
ILLUSION BattleRaper2 (HKLM-x32\...\{32470264-B8B8-408E-A404-73A9DF16B8FE}) (Version: 1.00.0000 - ILLUSION)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Infestation: Survivor Stories (HKLM-x32\...\Steam App 226700) (Version:  - Hammerpoint Interactive)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JumpJet Rex (HKLM-x32\...\Steam App 329460) (Version:  - TreeFortress Games)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LIMBO (HKU\S-1-5-21-3620531602-815428446-3748077359-1001\...\Limbo) (Version:  - )
LINE (HKLM-x32\...\LINE) (Version: 4.5.0.873 - LINE Corporation)
LittleDemo (HKLM\...\UDK-839faa2d-bf16-4951-99bc-21a472f6cb93) (Version:  - Epic Games, Inc.)
LittleDemo (HKLM\...\UDK-9c0cafad-4317-466e-9f0a-7c1b37ff88cd) (Version:  - Epic Games, Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.422 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.422 - LogMeIn, Inc.) Hidden
Mafia (HKLM-x32\...\Mafia) (Version:  - )
Mafia II (HKLM-x32\...\Steam App 50130) (Version:  - 2K Czech)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Mass Effect (HKLM-x32\...\{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}) (Version: 1.00 - Electronic Arts, Inc.)
Mega Man Legacy Collection (HKLM\...\Steam App 363440) (Version:  - Capcom)
Megaman - Revenge of the Fallen (HKLM-x32\...\Megaman - Revenge of the Fallen) (Version:  - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - THQ)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft 1.8 1.00 (HKLM-x32\...\Minecraft 1.8 1.00) (Version:  - )
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mumble 1.2.4 (HKLM-x32\...\{AF348C2E-7596-481B-92E0-B211836AB949}) (Version: 1.2.4 - Thorvald Natvig)
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.51.0 - Black Tree Gaming)
NVIDIA 3D Vision Treiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation)
NVIDIA Grafiktreiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
Oracle VM VirtualBox 4.3.16 (HKLM\...\{D7FAEA32-7CE3-4D9F-9139-F7B87BCC50AF}) (Version: 4.3.16 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r4600) (Version:  - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
PerformanceTest v7.0 (64-bit) (HKLM\...\PerformanceTest 7_is1) (Version: 7.0 - Passmark Software)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
Pokemon Game Editor (HKLM-x32\...\{D5B7B2BB-6B7E-4AD4-9F2F-7CCF2B48AA58}) (Version: 1.0.0.0 - 0xRH)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version:  - PokerStars.eu)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
R.U.S.E (HKLM-x32\...\Steam App 21970) (Version:  - Ubisoft)
Randal's Monday (HKLM-x32\...\Steam App 314810) (Version:  - Nexus Game Studios)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
RPG Maker VX (HKLM-x32\...\RPG Maker VX_is1) (Version: 1.02 - Enterbrain)
RPG Maker VX RTP (HKLM-x32\...\RPG Maker VX RTP_is1) (Version: 1.02 - Enterbrain)
RPGXP (HKLM-x32\...\{9B34CAC6-738F-4A20-B428-A115C3E3474C}) (Version: 1.0.0 - Enterbrain)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
Shadowgrounds (HKLM-x32\...\Steam App 2500) (Version:  - Frozenbyte)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.10.9560 - Skype Technologies S.A.)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spore (HKLM-x32\...\Steam App 17390) (Version:  - Maxis™)
Spore: Creepy & Cute Parts Pack (HKLM-x32\...\Steam App 17440) (Version:  - Maxis™)
Spore: Galactic Adventures (HKLM-x32\...\Steam App 24720) (Version:  - EA - Maxis)
Star Wars Battlefront II (HKLM-x32\...\{3D374523-CFDE-461A-827E-2A102E2AB365}) (Version: 1.0 - LucasArts)
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Super Mario Bros. X version 1.3 (HKLM-x32\...\{C9EAEE6B-741F-421D-B9CE-9FA300DA92AD}_is1) (Version: 1.3 - SuperMarioBrothers.org)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18.1 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
TechnoMage (HKLM-x32\...\TechnoMage) (Version:  - )
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - )
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Elder Scrolls Arena (HKLM-x32\...\{62E2BBFA-BE97-42CD-AE89-A4EEF7F36992}) (Version: 1.00.0000 - Bethesda Softworks)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Mighty Quest For Epic Loot (HKLM-x32\...\Steam App 239220) (Version:  - Ubisoft Montreal)
Titan Quest (HKLM-x32\...\Steam App 4540) (Version:  - Iron Lore Entertainment)
Titan Quest: Immortal Throne (HKLM-x32\...\Steam App 4550) (Version:  - Iron Lore Entertainment)
Tobias and the Dark Sceptres (HKU\S-1-5-21-3620531602-815428446-3748077359-1001\...\Tobias and the Dark Sceptres) (Version:  - )
TrackMania Nations Forever (HKLM-x32\...\Steam App 11020) (Version:  - Nadeo)
TreeSize Free V3.1 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.1 - JAM Software)
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
UE4 Prerequisites (x64) (HKLM-x32\...\{b46d36bc-2438-471e-abe8-1fbbd51754ee}) (Version: 1.0.10.0 - Epic Games, Inc.)
UE4 Prerequisites (x64) (Version: 1.0.10.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x86) (HKLM-x32\...\{162863d7-4b83-429c-baa7-fcedd09f331f}) (Version: 1.0.8.0 - Epic Games, Inc.)
UE4 Prerequisites (x86) (x32 Version: 1.0.8.0 - Epic Games, Inc.) Hidden
UltraISO Premium V9.53 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Unity Web Player (HKU\S-1-5-21-3620531602-815428446-3748077359-1001\...\UnityWebPlayer) (Version: 4.6.4f1 - Unity Technologies ApS)
Unreal Development Kit: 2012-10 (HKLM\...\UDK-500ce7d3-b1a2-4d48-9fc2-606f9a0881b8) (Version:  - Epic Games, Inc.)
Unreal Development Kit: 2012-10 (HKLM\...\UDK-f57ea555-07bd-4398-93bb-8dc4222dc97d) (Version:  - Epic Games, Inc.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 6.0.1 - VMware, Inc)
VMware Player (Version: 6.0.1 - VMware, Inc.) Hidden
VVVVVV (HKLM-x32\...\Steam App 70300) (Version:  - Terry Cavanagh)
Warlords Battlecry II (HKLM-x32\...\Warlords Battlecry II) (Version:  - )
WCEp1FreeDemo (HKLM\...\UDK-a087dcb5-0a4e-4ffb-8159-4eb092e7f2b4) (Version:  - Epic Games, Inc.)
WhoreCraft (HKLM-x32\...\WhoreCraft1.6.1r) (Version: 1.6.1r - DaemiaCo)
Whorecraft (HKLM-x32\...\WhorecraftEpisode1) (Version: Episode1 - AY)
Whorecraft 1.4 (HKLM-x32\...\Whorecraft 1.4) (Version: 1.4 - DC)
WhoreCraft Episode 3 (HKLM-x32\...\WhoreCraft Episode 3v1.3.1) (Version: v1.3.1 - DaemiaCo)
Whorecraft Episode 3 1.21 (HKLM-x32\...\Whorecraft Episode 3 1.21) (Version: 1.21 - DaemiaCo)
Whorecraft v.1.0r (HKLM-x32\...\Whorecraft v.1.0r) (Version: v.1.0r - DC)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
X-Change (HKLM-x32\...\X-Change) (Version:  - )
Xfire (remove only) (HKLM-x32\...\Xfire) (Version:  - )
XSplit Broadcaster (HKLM-x32\...\{6459F338-FE52-4034-BCA7-74772DA0F24D}) (Version: 1.3.1403.1202 - SplitMediaLabs)
XXXmas (HKLM-x32\...\UDK-3e00fd63-559c-41f4-bae2-51cac0817293) (Version:  - Epic Games, Inc.)
XXXmas 1.0 (HKLM-x32\...\XXXmas 1.0) (Version: 1.0 - DC)
YGOPro DevPro (HKLM-x32\...\{A115F80F-2B26-464E-97A3-8B13EC533C3D}) (Version: 2.1.2 - DevPro, LLC)
YGOPro DevPro Version 1.9.2r2 (HKLM-x32\...\{3CF2634F-3F38-4DD3-9201-CB2FE6B5FF23}_is1) (Version: 1.9.2r2 - YGOPro DevPro Online)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3620531602-815428446-3748077359-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3620531602-815428446-3748077359-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3620531602-815428446-3748077359-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3620531602-815428446-3748077359-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3620531602-815428446-3748077359-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3620531602-815428446-3748077359-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3620531602-815428446-3748077359-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3620531602-815428446-3748077359-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3620531602-815428446-3748077359-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0259C9A4-42A1-4223-8237-4EB291D5B2DE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {02BEB1D2-34AA-4F6B-9D89-0CF5D036D26B} - System32\Tasks\{50F1FEFD-11AE-42FC-AB55-11893344A904} => pcalua.exe -a C:\Users\Ozoma\AppData\Roaming\awesomehp\UninstallManager.exe
Task: {06871124-6745-4C44-A4CD-B4AF2148288A} - System32\Tasks\{566421A7-5D4C-49FE-8D1C-4FBD28658795} => pcalua.exe -a "C:\Users\Ozoma\Downloads\World of Warcraft Beta Setup.exe" -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {06DB7695-FC2F-4574-9CF9-91B0681EF6E5} - System32\Tasks\{F823224C-61C4-43CC-8B2A-8B74EA5C6255} => pcalua.exe -a "F:\Whorecraft the game\Version 1.6\Episode 2\Version 1.3\Version 1.4\Episode 3\Whorecraft Episode 3\Episode 4\Episode 4 Extendet\episode 4\Episode 5\Episode 5\Ep 2 Ch 1\Episode 1\Binaries\UnSetup.exe" -d "F:\Whorecraft the game\Version 1.6\Episode 2\Version 1.3\Version 1.4\Episode 3\Whorecraft E (Der Dateneintrag hat 97 mehr Zeichen).
Task: {2F998368-F010-48EB-98DB-DDD32F5F9939} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {319133E1-FFE2-431C-A518-CCDF27B73499} - System32\Tasks\{C24B1FFD-A9C8-4B74-ABB5-E41FFD5932B7} => D:\Mafia\Game.exe [2012-07-22] (Illusion Softworks)
Task: {3905ACF4-C1B0-4A76-899E-539BB34B91F1} - System32\Tasks\{D857609A-6630-4AF6-8166-5D4EF50910E9} => D:\Mafia\Game.exe [2012-07-22] (Illusion Softworks)
Task: {3FC8F15C-78E3-49D6-B1BE-F2A110A0842F} - System32\Tasks\{A2CF9638-445D-49EA-AFF8-6129022B3F25} => pcalua.exe -a C:\Users\Ozoma\Downloads\ExtractAppsMuseum.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {40EF25DD-EC52-49FF-9A38-2D7963BA5798} - System32\Tasks\{26053BC0-EC68-406D-8A20-F73FC9C92A51} => pcalua.exe -a G:\SETUP.EXE -d G:\
Task: {4790F602-0373-4531-AC19-B7A1FE503282} - System32\Tasks\{993C28E3-6A43-46DD-90DC-D8F20C37B1D8} => pcalua.exe -a C:\Users\Ozoma\Downloads\MassEffect_EFIGS_1.02.exe -d C:\Users\Ozoma\Downloads
Task: {681D2A92-2606-4D0E-AE26-5B5F771D5548} - System32\Tasks\{FD6937A7-3144-47D4-8F68-C7C5C1BEA4DF} => C:\Users\Ozoma\Desktop\rockman4editor.exe
Task: {6B79D072-A49E-4EDE-91BF-6B990CE0E65B} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation)
Task: {725A48C2-0E75-4B66-BD18-9DA716A63DFB} - System32\Tasks\{270D9DA6-F298-4E08-837F-B41D9B8274EF} => pcalua.exe -a "C:\Users\Ozoma\Desktop\Movie\Battle Raper II\StartSetup.exe" -d "C:\Users\Ozoma\Desktop\Movie\Battle Raper II"
Task: {93D88F33-7CEA-4CE9-8302-0C6158E94E00} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3620531602-815428446-3748077359-1001Core => C:\Users\Ozoma\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-16] (Dropbox, Inc.)
Task: {99638B5C-8334-4597-90E4-EEED74C75A3A} - System32\Tasks\{884D5AAD-8A91-41B2-B3CB-0A9582E487B6} => pcalua.exe -a C:\Users\Ozoma\Downloads\Feuergrun_v3.exe -d C:\Users\Ozoma\Downloads
Task: {9EC6B231-CFB6-4BAC-A4DC-CC81B8942798} - System32\Tasks\{2037B8E8-FB71-47DF-AB06-1ED90DB147B5} => pcalua.exe -a E:\SetupLauncher.exe -d E:\
Task: {CF04BBD5-2CDD-41B8-A0BF-33D0CF75387F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-08] (Adobe Systems Incorporated)
Task: {E35BAAEB-E172-4440-9197-932DFCFFF826} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3620531602-815428446-3748077359-1001UA => C:\Users\Ozoma\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-16] (Dropbox, Inc.)
Task: {E8044BD9-F79E-40D0-8D1B-7CD0EA111514} - System32\Tasks\{70ED74C1-E954-450F-9297-AD5012BCA5FF} => D:\Battlecry II.exe [2002-02-25] (Strategic Studies Group)
Task: {F05F58A7-4FCC-4AF9-A825-2271831953A5} - System32\Tasks\{E0D3616E-970D-49EC-B866-F3F1934D07E3} => D:\Battlecry II.exe [2002-02-25] (Strategic Studies Group)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3620531602-815428446-3748077359-1001Core.job => C:\Users\Ozoma\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3620531602-815428446-3748077359-1001UA.job => C:\Users\Ozoma\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Ozoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks\Arena\Launch Arena (Full Screen).lnk -> C:\Program Files (x86)\Bethesda Softworks\Arena\Arena (Full Screen).bat ()
Shortcut: C:\Users\Ozoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks\Arena\Launch Arena (Windowed).lnk -> C:\Program Files (x86)\Bethesda Softworks\Arena\Arena (Windowed).bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2012-04-18 07:46 - 2015-04-08 23:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-23 18:39 - 2014-04-23 18:39 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2016-03-10 09:20 - 2016-03-10 09:20 - 03783656 _____ () C:\Program Files (x86)\LINE\ampkit_windows.dll
2016-03-09 08:44 - 2016-03-09 08:44 - 00123368 _____ () C:\Program Files (x86)\LINE\PlayerHelper.dll
2013-10-18 13:46 - 2013-10-18 13:46 - 01260624 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2014-01-03 13:03 - 2014-01-03 13:03 - 07816192 _____ () D:\avcodec-54.dll
2014-01-03 13:03 - 2014-01-03 13:03 - 00188416 _____ () D:\avutil-52.dll
2014-01-03 13:03 - 2014-01-03 13:03 - 01425920 _____ () D:\avformat-54.dll
2014-01-03 13:03 - 2014-01-03 13:03 - 00336896 _____ () D:\swscale-2.dll
2014-01-03 13:03 - 2014-01-03 13:03 - 00096256 _____ () D:\swresample-0.dll
2013-03-12 17:10 - 2016-03-11 02:56 - 00783360 _____ () D:\Steam\SDL2.dll
2015-02-07 20:00 - 2015-07-03 18:12 - 04962816 _____ () D:\Steam\v8.dll
2015-02-07 20:00 - 2015-07-03 18:12 - 01556992 _____ () D:\Steam\icui18n.dll
2015-02-07 20:00 - 2015-07-03 18:12 - 01187840 _____ () D:\Steam\icuuc.dll
2014-05-24 16:58 - 2016-03-31 22:55 - 02549840 _____ () D:\Steam\video.dll
2014-10-05 00:56 - 2016-02-09 01:14 - 02549760 _____ () D:\Steam\libavcodec-56.dll
2014-10-05 00:56 - 2016-02-09 01:14 - 00442880 _____ () D:\Steam\libavutil-54.dll
2014-10-05 00:56 - 2016-02-09 01:14 - 00491008 _____ () D:\Steam\libavformat-56.dll
2014-10-05 00:56 - 2016-02-09 01:14 - 00332800 _____ () D:\Steam\libavresample-2.dll
2014-10-05 00:56 - 2016-02-09 01:14 - 00485888 _____ () D:\Steam\libswscale-3.dll
2012-06-01 19:07 - 2016-03-31 22:55 - 00829008 _____ () D:\Steam\bin\chromehtml.DLL
2016-03-16 00:24 - 2016-02-18 00:25 - 00281088 _____ () D:\Steam\openvr_api.dll
2015-12-12 13:23 - 2016-02-23 20:19 - 00034768 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-03-19 22:44 - 2016-02-23 20:20 - 00019408 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-03-19 22:44 - 2016-02-23 20:19 - 00116688 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-12 13:23 - 2016-02-23 20:19 - 00093640 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-12 13:23 - 2016-02-23 20:19 - 00018376 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-12 13:23 - 2016-03-12 02:18 - 00019760 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-12 13:23 - 2016-02-23 20:21 - 00105928 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-03-19 22:44 - 2016-02-23 20:19 - 00392144 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-12 13:23 - 2016-03-12 02:18 - 00381752 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-12 13:23 - 2016-02-23 20:19 - 00692688 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-03-19 22:44 - 2016-03-12 02:18 - 00020816 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-12 13:23 - 2016-02-23 20:20 - 00112592 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-03-19 22:44 - 2016-03-12 02:18 - 01682760 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-03-19 22:44 - 2016-03-12 02:18 - 00020808 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-12 13:23 - 2016-03-12 02:18 - 00020800 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-12 13:23 - 2016-03-12 02:18 - 00021840 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-03-19 22:44 - 2016-03-12 02:18 - 00038696 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-03-19 22:44 - 2016-02-23 20:21 - 00020936 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-12 13:23 - 2016-02-23 20:21 - 00024528 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-12 13:23 - 2016-02-23 20:21 - 00114640 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-12 13:23 - 2016-02-23 20:21 - 00124880 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-02-12 06:05 - 2016-03-12 02:18 - 00021832 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2015-12-12 13:23 - 2016-02-23 20:21 - 00024016 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-12 13:23 - 2016-02-23 20:21 - 00175560 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-12 13:23 - 2016-02-23 20:21 - 00030160 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-12 13:23 - 2016-02-23 20:21 - 00043472 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-12 13:23 - 2016-02-23 20:21 - 00028616 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-12 13:23 - 2016-02-23 20:21 - 00048592 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-03-19 22:44 - 2016-03-12 02:18 - 00026456 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-12-12 13:23 - 2016-02-23 20:21 - 00057808 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2015-12-12 13:23 - 2016-02-23 20:21 - 00024016 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-03-19 22:44 - 2016-03-12 02:18 - 00117056 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-03-19 22:44 - 2016-03-12 02:18 - 00024392 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-03-19 22:44 - 2016-02-23 20:21 - 00036296 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\librsync.dll
2015-12-12 13:23 - 2016-03-12 02:18 - 00023376 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-12 13:23 - 2016-02-23 20:19 - 00134608 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-03-19 22:44 - 2016-02-23 20:19 - 00134088 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-03-19 22:44 - 2016-02-23 20:20 - 00240584 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-03-19 22:44 - 2016-03-12 02:18 - 00052024 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-02-12 06:05 - 2016-03-12 02:18 - 00020800 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-12 06:05 - 2016-03-12 02:18 - 00021824 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-02-12 06:05 - 2016-03-12 02:18 - 00019776 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-02-12 06:05 - 2016-03-12 02:18 - 00020800 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-03-19 22:44 - 2016-03-12 02:18 - 00020280 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-12 13:23 - 2016-02-23 20:21 - 00350152 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-02-12 06:05 - 2016-03-12 02:18 - 00022352 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-03-19 22:44 - 2016-03-12 02:18 - 00084792 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-03-19 22:44 - 2016-03-12 02:18 - 01826096 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-12 13:23 - 2016-02-23 20:20 - 00083912 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\sip.pyd
2016-03-19 22:44 - 2016-03-12 02:18 - 03928880 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-03-19 22:44 - 2016-03-12 02:18 - 01971504 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-03-19 22:44 - 2016-03-12 02:18 - 00531248 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-03-19 22:44 - 2016-03-12 02:18 - 00132912 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-03-19 22:44 - 2016-03-12 02:18 - 00223544 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-03-19 22:44 - 2016-03-12 02:18 - 00207672 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-03-19 22:44 - 2016-03-12 02:18 - 00158008 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-03-19 22:44 - 2016-03-12 02:18 - 00042808 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-03-19 22:44 - 2016-02-23 20:23 - 00017864 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-03-19 22:44 - 2016-02-23 20:23 - 01631184 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-12-12 13:23 - 2016-03-12 02:18 - 00024904 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-03-19 22:44 - 2016-03-12 02:18 - 00546096 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-03-19 22:44 - 2016-03-12 02:18 - 00357680 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-03-04 23:45 - 2016-02-23 20:25 - 00697304 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-12-12 13:23 - 2016-02-23 20:21 - 00060880 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32print.pyd
2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2016-04-12 02:21 - 2016-04-06 12:04 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
2016-04-12 02:21 - 2016-04-06 12:04 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll
2016-04-14 16:03 - 2016-04-14 16:03 - 00098816 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\win32api.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 00110080 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\pywintypes27.dll
2016-04-14 16:03 - 2016-04-14 16:03 - 00364544 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\pythoncom27.dll
2016-04-14 16:03 - 2016-04-14 16:03 - 00320512 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\win32com.shell.shell.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 00776704 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\_hashlib.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 01176576 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\wx._core_.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 00806400 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\wx._gdi_.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 00816128 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\wx._windows_.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 01067008 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\wx._controls_.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 00733184 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\wx._misc_.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 00682496 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\pysqlite2._sqlite.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 00088064 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\_ctypes.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 00119808 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\win32file.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 00108544 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\win32security.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 00007168 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\hashobjs_ext.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 00017920 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\thumbnails_ext.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 00088064 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\usb_ext.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 00167936 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\win32gui.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 00018432 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\win32event.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 00046080 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\_socket.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 01208320 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\_ssl.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 00128512 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\_elementtree.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 00127488 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\pyexpat.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 00013824 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\common.time34.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 00038912 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\win32inet.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 00036864 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\_psutil_windows.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 00525208 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\windows._lib_cacheinvalidation.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 00011264 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\win32crypt.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 00077312 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\wx._html2.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 00027136 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\_multiprocessing.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 00020480 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\_yappi.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 00035840 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\win32process.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 00686080 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\unicodedata.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 00078848 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\wx._animate.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 00123392 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\wx._wizard.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 00024064 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\win32pipe.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 00010240 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\select.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 00025600 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\win32pdh.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 00017408 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\win32profile.pyd
2016-04-14 16:03 - 2016-04-14 16:03 - 00022528 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI26242\win32ts.pyd
2016-02-11 04:24 - 2016-02-11 04:24 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\b4aed9b5bac22d4e9008e99e935fe2de\IsdiInterop.ni.dll
2012-04-18 07:50 - 2012-02-01 16:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-06-01 19:07 - 2016-02-09 03:33 - 48400672 _____ () D:\Steam\bin\libcef.dll
2016-04-09 04:08 - 2016-04-08 13:53 - 17532096 _____ () C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\PepperFlash\21.0.0.216\pepflashplayer.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2016-02-01 01:43 - 00001092 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 65.52.240.48
127.0.0.1 activation.cloud.techsmith.com
127.0.0.1 rad.msn.com
127.0.0.1 live.rads.msn.com
127.0.0.1 ads1.msn.com
127.0.0.1 g.msn.com
127.0.0.1 a.ads2.msads.net
127.0.0.1 b.ads2.msads.net
127.0.0.1 ac3.msn.com
127.0.0.1 apps.skype.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3620531602-815428446-3748077359-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ozoma\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{12BCAF86-026F-4D79-B4CB-F54A5C5FD069}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{35D79B31-52F7-4C66-8824-242DAB794F69}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{9AC33360-E476-4DF1-B6FF-DC2E1E2A3023}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{D6F4CBE9-9CA2-49AE-A601-7594FADF3428}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{6FED2B24-5DF8-470C-9B46-1DD6B7CAAFA1}C:\users\ozoma\desktop\online zsnes\zsnesw.exe] => (Allow) C:\users\ozoma\desktop\online zsnes\zsnesw.exe
FirewallRules: [UDP Query User{88DC1B54-418C-4BA7-B994-9C1A073509F3}C:\users\ozoma\desktop\online zsnes\zsnesw.exe] => (Allow) C:\users\ozoma\desktop\online zsnes\zsnesw.exe
FirewallRules: [{91D7BFCD-E0F7-4C9A-A481-9F8D23329274}] => (Block) C:\users\ozoma\desktop\online zsnes\zsnesw.exe
FirewallRules: [{6FDE4EBE-F8E3-4569-93FC-3A65A7002EAD}] => (Block) C:\users\ozoma\desktop\online zsnes\zsnesw.exe
FirewallRules: [{D67F6548-ABF3-42AE-83E8-671F1F18B7A4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{96273DE4-0AA6-400E-9193-C67E916231A9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{46C88F85-4979-46C9-8E89-2A431DA17E50}] => (Allow) D:\Steam\SteamApps\common\vvvvvv\VVVVVV.exe
FirewallRules: [{72FF78B8-6FB4-4104-9154-E63DA3255CD1}] => (Allow) D:\Steam\SteamApps\common\vvvvvv\VVVVVV.exe
FirewallRules: [{D7D3ECB6-C2DA-4EAD-8149-E9926BA60CE4}] => (Allow) D:\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{5A4E662B-B6AF-4F3F-91A3-4C1A56EECD68}] => (Allow) D:\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{06B13E5A-09A2-4156-8030-7587F3AFFA31}] => (Allow) D:\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{E52E9ABE-879E-490E-B473-F8071B2EA36C}] => (Allow) D:\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{A5945085-1658-436E-BB5C-1642F814F426}] => (Allow) D:\Steam\SteamApps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{36849597-7C77-4BCF-ABB9-DBCDBA5DD80F}] => (Allow) D:\Steam\SteamApps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{123B4B38-7616-4544-BD17-5FCE56B86229}] => (Allow) D:\Steam\SteamApps\common\Shadowgrounds\Shadowgrounds.exe
FirewallRules: [{9DE815F7-CB0A-4E76-948E-BC984D0456EC}] => (Allow) D:\Steam\SteamApps\common\Shadowgrounds\Shadowgrounds.exe
FirewallRules: [{D8C2CFEA-DBAF-468C-8323-A3C620307C0A}] => (Allow) D:\Steam\SteamApps\common\Shadowgrounds\ShadowgroundsLauncher.exe
FirewallRules: [{CCF86D0F-F295-4D81-8A8C-24D5383DD843}] => (Allow) D:\Steam\SteamApps\common\Shadowgrounds\ShadowgroundsLauncher.exe
FirewallRules: [{ADF262A4-F152-4A7A-A1F3-BC67EF90FCFE}] => (Allow) D:\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{EE276A8C-E103-4A7E-A598-7B5B498C1F3A}] => (Allow) D:\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{2B57D2AF-F51D-4E34-9C4E-2340D1FF29E7}] => (Allow) D:\Steam\SteamApps\common\Eryi's Action\eryi.exe
FirewallRules: [{B287D3DD-8894-4E38-A16E-C4B38089E966}] => (Allow) D:\Steam\SteamApps\common\Eryi's Action\eryi.exe
FirewallRules: [{0DCF3467-3968-4C5E-8365-C78585C7296E}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{ECD6E97C-1BF3-4105-90D9-BC56EC43EB98}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{70CCCD99-0C40-43E0-BB33-391D0DFA6260}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{B91ED630-6026-4DB8-869B-E10FBA356BA5}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{361F98C8-347C-444F-8CFD-F9756BC7F46A}] => (Allow) D:\Steam\SteamApps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{AE4D9F5D-3F57-4934-ADA4-74889EE7DDC7}] => (Allow) D:\Steam\SteamApps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{B167036C-DF2D-40A3-B595-FBAB072F35F3}] => (Allow) D:\Steam\SteamApps\common\How to Survive\Detect.exe
FirewallRules: [{D945BF41-5788-401D-86E4-63E10B3B83C3}] => (Allow) D:\Steam\SteamApps\common\How to Survive\Detect.exe
FirewallRules: [{15C72BF8-BB7D-4F6F-B1CD-79995E7827A0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CA960B7C-7352-492A-B9F5-F306B08A64ED}] => (Allow) D:\Dark Souls\DARKSOULS.exe
FirewallRules: [{7FE6573C-DD47-4D23-A757-5FF2FCCD4FE0}] => (Allow) D:\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\PublicLauncher.exe
FirewallRules: [{C25C4687-EADB-4E34-BFE7-0AB01D1FF95B}] => (Allow) D:\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\PublicLauncher.exe
FirewallRules: [{5D8278A6-EE9B-4C14-B15D-3BFBE46022EF}] => (Allow) D:\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\MQELDiagnostics.exe
FirewallRules: [{25CF85FD-17BA-44EF-8446-E7981CFC3207}] => (Allow) D:\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\MQELDiagnostics.exe
FirewallRules: [{32425C71-EF17-4DD7-BC2E-B43D5CDA0059}] => (Allow) D:\Steam\SteamApps\common\Evoland\Evoland.exe
FirewallRules: [{9B871024-68B6-4695-992B-3F110050DBA2}] => (Allow) D:\Steam\SteamApps\common\Evoland\Evoland.exe
FirewallRules: [{FCC3B80C-4DD8-4137-A5F4-0D7617D2088F}] => (Allow) D:\Steam\SteamApps\common\The War Z\WarZlauncher.exe
FirewallRules: [{BC4F37AB-03F0-4692-B760-0A76F4D3FAC2}] => (Allow) D:\Steam\SteamApps\common\The War Z\WarZlauncher.exe
FirewallRules: [{6FD6BD2E-0222-472F-9EF9-91224BFE1702}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{89028B63-0A48-428C-824A-1C00EAEC7177}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{459AA8BD-B418-4857-B8DE-4FB3EB3AF524}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{77532795-B254-4C80-82BA-0F0F46A1CEFD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{FADAFDAE-22DE-4336-B0B3-9BB66593F64F}] => (Allow) D:\Program Files (x86)\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{AAFF26F7-C12A-4526-944A-71A92FFC9A21}] => (Allow) D:\Program Files (x86)\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{3C697C97-05AC-485D-912C-70B25E76D3ED}] => (Allow) D:\Steam\SteamApps\common\Dead Space\Dead Space.exe
FirewallRules: [{51BC7BC6-9D5F-4F9F-ABF0-5CAD0ECF48B6}] => (Allow) D:\Steam\SteamApps\common\Dead Space\Dead Space.exe
FirewallRules: [{6B4E35C2-D801-40C3-8FFE-502F743BBFD1}] => (Allow) D:\Steam\SteamApps\common\Ascend Hand of Kul\bin\Game.exe
FirewallRules: [{A8FCE93C-6060-4798-BCE7-BE97CCFF4811}] => (Allow) D:\Steam\SteamApps\common\Ascend Hand of Kul\bin\Game.exe
FirewallRules: [{B2D28569-F65F-40A6-8394-EDF6AEC80F82}] => (Allow) D:\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{78642F73-D7A5-42F7-BCB1-8E79D31243E8}] => (Allow) D:\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{B1EFE2D4-EACF-4AE2-9008-3EE77A42ED6F}] => (Allow) D:\Steam\SteamApps\common\Titan Quest\Titan Quest.exe
FirewallRules: [{CF356B63-1F07-4832-A569-C09796E9566D}] => (Allow) D:\Steam\SteamApps\common\Titan Quest\Titan Quest.exe
FirewallRules: [{AA3F5F98-A398-4E08-8A50-D7EC8DD49A71}] => (Allow) D:\Steam\SteamApps\common\Titan Quest Immortal Throne\Tqit.exe
FirewallRules: [{C69F490D-96BF-4F3C-9188-B7B4A3EA7626}] => (Allow) D:\Steam\SteamApps\common\Titan Quest Immortal Throne\Tqit.exe
FirewallRules: [{7EA11C7F-D7A2-4F87-9762-0BABBBA3C7A7}] => (Allow) D:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [{B3F9FD12-292E-4F80-A8E2-3821743810EA}] => (Allow) D:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [{7288DB20-ABEE-44BD-AD93-3A8322D8162B}] => (Allow) D:\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{6DEB1122-6E51-43A7-939E-D5E3831037DA}] => (Allow) D:\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{DC6FB158-45CF-4E50-B06A-EC714C644166}] => (Allow) D:\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{88DEA666-AE6F-4E51-8940-11D7846B67FF}] => (Allow) D:\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{CB356A17-87B7-4154-8925-2199E0747334}] => (Allow) D:\Steam\SteamApps\common\portal 2\portal2.exe
FirewallRules: [{36B263EF-1BCD-4A5E-8420-8561B836780F}] => (Allow) D:\Steam\SteamApps\common\portal 2\portal2.exe
FirewallRules: [{139E4B83-2071-41BC-A9F5-F574A57684D3}] => (Allow) D:\Steam\SteamApps\common\Ascend Hand of Kul\bin\launcher\Launcher.exe
FirewallRules: [{36E847EF-6931-4BE3-AE33-3621DCD1C47D}] => (Allow) D:\Steam\SteamApps\common\Ascend Hand of Kul\bin\launcher\Launcher.exe
FirewallRules: [{2F7A42E6-EAFA-47F9-BA05-7635BDE3C8AC}] => (Allow) D:\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{9B792092-A861-4804-8425-DFCBA647A269}] => (Allow) D:\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{0D117CE4-6B58-44A8-971C-1F1F9E62932B}] => (Allow) D:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{E55A13E6-4996-4EB3-AD00-BD14577C9E21}] => (Allow) D:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{33F70723-3458-4C23-AC31-51F8008A400C}] => (Allow) C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{51CAAD20-5440-4035-BDC4-CDCAB09449BD}] => (Allow) C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{FE21AF79-3F6D-4C84-9449-B6067E541B40}] => (Allow) C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D2956F1C-0919-4984-921C-1D2651A8272E}] => (Allow) C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{FFDA709F-FF01-40AB-8A49-7F2689D33DF3}] => (Allow) D:\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{491A2393-0566-4F64-903D-06BB3B2AFE91}] => (Allow) D:\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{35F0D035-1C1F-43A5-8A18-D407DFF43306}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{7C18CDF3-B98C-40D5-8E86-783278537FC6}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{4CDED3B7-E0DE-459B-9B38-67DFBA9D943E}] => (Allow) D:\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{A7BBB621-BF35-4E75-AA1C-78E5BDD944D3}] => (Allow) D:\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{E79E8A91-623E-4E53-B7C3-020DCE1DE596}] => (Allow) D:\Steam\SteamApps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{B993B00D-8C93-49D4-B20E-1AA0D4ACCB1A}] => (Allow) D:\Steam\SteamApps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{DC0A7A2F-0F18-4079-95A7-900D9D47DC3C}] => (Allow) D:\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe
FirewallRules: [{8AEB1854-2BE6-475C-802C-01A4612F25F5}] => (Allow) D:\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe
FirewallRules: [{6D729FEC-4139-4541-8AAF-FA39D8D66E81}] => (Allow) D:\Steam\SteamApps\common\Spore\SporebinEP1\SporeApp.exe
FirewallRules: [{52908677-2F43-4D78-8902-611FBE5F45B2}] => (Allow) D:\Steam\SteamApps\common\Spore\SporebinEP1\SporeApp.exe
FirewallRules: [{7CA2E376-5769-48BA-81F1-B7D10E72D755}] => (Allow) D:\Steam\SteamApps\common\Spore\runme.exe
FirewallRules: [{D81242EC-C1A1-4D0A-8485-6FB7F9E6D8D7}] => (Allow) D:\Steam\SteamApps\common\Spore\runme.exe
FirewallRules: [{B3B8A8CC-5EDE-4663-A687-23C5D693079D}] => (Allow) D:\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{88A39CC7-B2A9-4A7B-A2CC-F14644CF5809}] => (Allow) D:\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{DAE77B98-5F31-48A6-816B-F8F3473F255F}] => (Allow) D:\Steam\SteamApps\common\GSTD - Rise of the Owlverlord\launcher\GSLauncher.exe
FirewallRules: [{D167603E-C593-404A-9FA0-476731A5E8D0}] => (Allow) D:\Steam\SteamApps\common\GSTD - Rise of the Owlverlord\launcher\GSLauncher.exe
FirewallRules: [{9418CE79-B3CE-44D1-99EA-5AB693A10778}] => (Allow) D:\Steam\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{A8645C68-21A9-4028-AEC9-E0E7A69FC6A6}] => (Allow) D:\Steam\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{4BA08073-F055-4B84-864C-73D4D5A2DAC8}] => (Allow) D:\Steam\SteamApps\common\the binding of isaac\Isaac.exe
FirewallRules: [{65956AE4-3B7B-4FFE-B49B-4EEBB7CB20A5}] => (Allow) D:\Steam\SteamApps\common\the binding of isaac\Isaac.exe
FirewallRules: [{CEF56466-0BEF-45AE-B2BF-7B5DFBE76B85}] => (Allow) D:\Steam\SteamApps\common\Randal's Monday\Randals.exe
FirewallRules: [{74643DA6-1395-4F24-BCF7-08BCEFDEAD34}] => (Allow) D:\Steam\SteamApps\common\Randal's Monday\Randals.exe
FirewallRules: [{12345CB9-3991-42C4-8695-EF0361765324}] => (Allow) C:\Users\Ozoma\AppData\Roaming\AnkhHeart\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{200DF5BA-9BC6-41DB-847B-F5D066F8E6E4}] => (Allow) C:\Users\Ozoma\AppData\Roaming\AnkhHeart\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{82849538-B76F-4078-97FF-84A7DBDE9FE5}] => (Allow) C:\Program Files (x86)\LINE\LINE.exe
FirewallRules: [{FBEB70FB-EB9D-447C-99E4-5A858EE7DBAC}] => (Allow) C:\Program Files (x86)\LINE\LINE.exe
FirewallRules: [{260094C4-E25C-48DB-B600-969C13A3BF94}] => (Allow) D:\Steam\SteamApps\common\JumpJetRex\JumpJetRex.exe
FirewallRules: [{1E1D6D1B-2FF5-4736-A97F-01201A615A47}] => (Allow) D:\Steam\SteamApps\common\JumpJetRex\JumpJetRex.exe
FirewallRules: [{352D8576-CCE3-4CCB-AD3E-988CACCC708F}] => (Allow) D:\Steam\SteamApps\common\Bardbarian\Bardbarian.exe
FirewallRules: [{7F231965-A7AD-4DD0-BEFB-9941550872E2}] => (Allow) D:\Steam\SteamApps\common\Bardbarian\Bardbarian.exe
FirewallRules: [{EBDDB44E-D1B1-4DB7-81BA-154717E0EB1F}] => (Allow) D:\Steam\SteamApps\common\Angry Video Game Nerd Adventures\avgn.exe
FirewallRules: [{1D05E884-F937-476C-80D9-34D966EF5016}] => (Allow) D:\Steam\SteamApps\common\Angry Video Game Nerd Adventures\avgn.exe
FirewallRules: [{3E0B5641-3EFE-4895-A899-4473E23CC0F7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3568560B-BA94-4639-B4AF-55ACA497AF15}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C4B15F25-8A41-49C5-A765-2E94E9AC2262}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2D53A10C-24BF-43B9-BC16-CD7E2E3B61E1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1CCAD41F-3DB4-43AD-8688-542E6C187FFC}] => (Allow) D:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{6C74F922-9979-4610-85F1-1DA912961A59}] => (Allow) D:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{D0C17A1C-D02D-4698-A2AC-37C1D6DA30FD}] => (Allow) D:\Steam\SteamApps\common\Suzy\Proteus.exe
FirewallRules: [{26C73AAF-915D-4E5D-826A-FAE0FED6EB0A}] => (Allow) D:\Steam\SteamApps\common\Suzy\Proteus.exe
FirewallRules: [{22993591-EFC0-4658-87BA-031496CE8A60}] => (Allow) D:\Steam\SteamApps\common\Deponia The Complete Journey\deponia.exe
FirewallRules: [{17C49006-F6BE-43FF-9E07-42E6AA7917E7}] => (Allow) D:\Steam\SteamApps\common\Deponia The Complete Journey\deponia.exe
FirewallRules: [{66B552DD-7DEA-4CF9-9C9C-B434CCE59CFD}] => (Allow) D:\Steam\SteamApps\common\Deponia The Complete Journey\VisionaireConfigurationTool.exe
FirewallRules: [{A76E07E4-213B-4859-8CE8-FA95EEB37380}] => (Allow) D:\Steam\SteamApps\common\Deponia The Complete Journey\VisionaireConfigurationTool.exe
FirewallRules: [{9A80CE41-8882-4D91-87F0-A4BB59D11872}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

05-04-2016 21:16:58 Windows Update
12-04-2016 16:51:32 Windows Update
14-04-2016 03:00:30 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/14/2016 04:04:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/14/2016 04:03:25 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2016-04-14T16:03:25.586+02:00| vthread-4| E105: Cannot find perfmon object in array returned by perfDLL, index=0

Error: (04/14/2016 03:31:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/14/2016 03:31:31 AM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2016-04-14T03:31:31.312+02:00| vthread-5| E105: Cannot find perfmon object in array returned by perfDLL, index=0

Error: (04/13/2016 04:16:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Skype.exe, Version: 7.21.0.100, Zeitstempel: 0x56d5f4c5
Name des fehlerhaften Moduls: Skype.exe, Version: 7.21.0.100, Zeitstempel: 0x56d5f4c5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x002d0065
ID des fehlerhaften Prozesses: 0xcdc
Startzeit der fehlerhaften Anwendung: 0xSkype.exe0
Pfad der fehlerhaften Anwendung: Skype.exe1
Pfad des fehlerhaften Moduls: Skype.exe2
Berichtskennung: Skype.exe3

Error: (04/13/2016 04:14:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/13/2016 04:12:52 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2016-04-13T16:12:52.695+02:00| vthread-5| E105: Cannot find perfmon object in array returned by perfDLL, index=0

Error: (04/12/2016 04:47:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Skype.exe, Version: 7.21.0.100, Zeitstempel: 0x56d5f4c5
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x12d8e138
ID des fehlerhaften Prozesses: 0xcb0
Startzeit der fehlerhaften Anwendung: 0xSkype.exe0
Pfad der fehlerhaften Anwendung: Skype.exe1
Pfad des fehlerhaften Moduls: Skype.exe2
Berichtskennung: Skype.exe3

Error: (04/12/2016 04:44:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/12/2016 04:43:49 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2016-04-12T16:43:49.104+02:00| vthread-4| E105: Cannot find perfmon object in array returned by perfDLL, index=0


Systemfehler:
=============
Error: (04/14/2016 10:35:32 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/14/2016 10:35:32 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/14/2016 10:35:03 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/14/2016 10:35:03 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/14/2016 10:34:53 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/14/2016 10:34:53 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/14/2016 10:25:28 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/14/2016 10:25:28 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/14/2016 10:01:56 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/14/2016 10:01:56 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.


CodeIntegrity:
===================================
  Date: 2014-10-24 17:52:39.703
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-24 17:52:39.664
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-24 17:52:39.625
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-24 17:52:39.585
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-25 15:36:12.434
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-25 15:36:12.395
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-25 15:36:12.356
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-25 15:36:12.317
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-23 22:38:10.681
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-23 22:38:10.634
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 89%
Installierter physikalischer RAM: 8154.34 MB
Verfügbarer physikalischer RAM: 859.34 MB
Summe virtueller Speicher: 17534.2 MB
Verfügbarer virtueller Speicher: 2884.29 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:160 GB) (Free:17.18 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Data) (Fixed) (Total:771.51 GB) (Free:151.32 GB) NTFS
Drive e: (HP7_DEATHLY_HALLOWS_PART_2) (CDROM) (Total:6.78 GB) (Free:0 GB) UDF
Drive f: (Volume) (Fixed) (Total:1397.14 GB) (Free:132.16 GB) NTFS
Drive g: (BFII) (CDROM) (Total:3.02 GB) (Free:0 GB) UDF

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F0EA4416)
Partition 1: (Active) - (Size=160 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=771.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1397.3 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

Heradi · 14.04.2016, 21:59

TDSSKiller

Code:

ATTFilter

22:48:31.0990 0x2ce0  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
22:48:48.0365 0x2ce0  ============================================================
22:48:48.0365 0x2ce0  Current date / time: 2016/04/14 22:48:48.0365
22:48:48.0365 0x2ce0  SystemInfo:
22:48:48.0365 0x2ce0  
22:48:48.0365 0x2ce0  OS Version: 6.1.7601 ServicePack: 1.0
22:48:48.0365 0x2ce0  Product type: Workstation
22:48:48.0365 0x2ce0  ComputerName: OZOMA-PC
22:48:48.0365 0x2ce0  UserName: Ozoma
22:48:48.0365 0x2ce0  Windows directory: C:\Windows
22:48:48.0365 0x2ce0  System windows directory: C:\Windows
22:48:48.0365 0x2ce0  Running under WOW64
22:48:48.0365 0x2ce0  Processor architecture: Intel x64
22:48:48.0365 0x2ce0  Number of processors: 8
22:48:48.0365 0x2ce0  Page size: 0x1000
22:48:48.0365 0x2ce0  Boot type: Normal boot
22:48:48.0365 0x2ce0  ============================================================
22:48:49.0111 0x2ce0  KLMD registered as C:\Windows\system32\drivers\76634561.sys
22:48:49.0391 0x2ce0  System UUID: {6FBAAC47-3A8B-B90D-D76A-D1F239B60147}
22:48:49.0879 0x2ce0  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:48:49.0889 0x2ce0  Drive \Device\Harddisk1\DR1 - Size: 0x15D50F60000 ( 1397.27 Gb ), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:48:49.0889 0x2ce0  ============================================================
22:48:49.0889 0x2ce0  \Device\Harddisk0\DR0:
22:48:49.0889 0x2ce0  MBR partitions:
22:48:49.0889 0x2ce0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x13FFF800
22:48:49.0889 0x2ce0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x14000000, BlocksNum 0x60706000
22:48:49.0889 0x2ce0  \Device\Harddisk1\DR1:
22:48:49.0889 0x2ce0  GPT partitions:
22:48:49.0889 0x2ce0  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {FA445146-AFE0-4026-AD0A-C42489024885}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
22:48:49.0889 0x2ce0  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {F9FDBABB-E16E-4A7C-83BF-CC2EDC28BCB2}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0xAEA47000
22:48:49.0889 0x2ce0  MBR partitions:
22:48:49.0889 0x2ce0  ============================================================
22:48:49.0949 0x2ce0  C: <-> \Device\Harddisk0\DR0\Partition1
22:48:50.0012 0x2ce0  D: <-> \Device\Harddisk0\DR0\Partition2
22:48:50.0056 0x2ce0  F: <-> \Device\Harddisk1\DR1\Partition2
22:48:50.0076 0x2ce0  ============================================================
22:48:50.0076 0x2ce0  Initialize success
22:48:50.0076 0x2ce0  ============================================================
22:49:23.0806 0x1d6c  ============================================================
22:49:23.0806 0x1d6c  Scan started
22:49:23.0806 0x1d6c  Mode: Manual; SigCheck; TDLFS; 
22:49:23.0806 0x1d6c  ============================================================
22:49:23.0806 0x1d6c  KSN ping started
22:49:37.0273 0x1d6c  KSN ping finished: true
22:49:38.0605 0x1d6c  ================ Scan system memory ========================
22:49:38.0605 0x1d6c  System memory - ok
22:49:38.0606 0x1d6c  ================ Scan services =============================
22:49:38.0691 0x1d6c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
22:49:38.0908 0x1d6c  1394ohci - ok
22:49:38.0938 0x1d6c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:49:38.0958 0x1d6c  ACPI - ok
22:49:38.0978 0x1d6c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
22:49:38.0994 0x1d6c  AcpiPmi - ok
22:49:39.0047 0x1d6c  [ 28FFB14117CCEDD7D2F124596AA9B785, 8FC482C6444C904B5536979B3354597FD714634EC7372B464118C42AA9DCB58A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:49:39.0057 0x1d6c  AdobeFlashPlayerUpdateSvc - ok
22:49:39.0087 0x1d6c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
22:49:39.0107 0x1d6c  adp94xx - ok
22:49:39.0137 0x1d6c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
22:49:39.0157 0x1d6c  adpahci - ok
22:49:39.0167 0x1d6c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
22:49:39.0177 0x1d6c  adpu320 - ok
22:49:39.0227 0x1d6c  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:49:39.0237 0x1d6c  AeLookupSvc - ok
22:49:39.0287 0x1d6c  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
22:49:39.0327 0x1d6c  AFD - ok
22:49:39.0347 0x1d6c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
22:49:39.0347 0x1d6c  agp440 - ok
22:49:39.0377 0x1d6c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
22:49:39.0387 0x1d6c  ALG - ok
22:49:39.0397 0x1d6c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:49:39.0397 0x1d6c  aliide - ok
22:49:39.0407 0x1d6c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
22:49:39.0417 0x1d6c  amdide - ok
22:49:39.0427 0x1d6c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
22:49:39.0437 0x1d6c  AmdK8 - ok
22:49:39.0467 0x1d6c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
22:49:39.0477 0x1d6c  AmdPPM - ok
22:49:39.0507 0x1d6c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:49:39.0517 0x1d6c  amdsata - ok
22:49:39.0547 0x1d6c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
22:49:39.0567 0x1d6c  amdsbs - ok
22:49:39.0587 0x1d6c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:49:39.0597 0x1d6c  amdxata - ok
22:49:39.0637 0x1d6c  [ A9FB80B0BBA6F765F4E691B7AD4963A7, 06BC740AF47ACECEE3707C433357F872EA0D9F2CA1B9FC2489FA3B421A262EF0 ] AppID           C:\Windows\system32\drivers\appid.sys
22:49:39.0647 0x1d6c  AppID - ok
22:49:39.0677 0x1d6c  [ C47B6624AF9AEE4146743DCB133A159D, 10D1E6C9F972C3A8CC304F38B0A52818A78D70B4AF71F6E22CE1773397FC2AB4 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:49:39.0687 0x1d6c  AppIDSvc - ok
22:49:39.0717 0x1d6c  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\Windows\System32\appinfo.dll
22:49:39.0727 0x1d6c  Appinfo - ok
22:49:39.0747 0x1d6c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
22:49:39.0757 0x1d6c  arc - ok
22:49:39.0797 0x1d6c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
22:49:39.0807 0x1d6c  arcsas - ok
22:49:39.0897 0x1d6c  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:49:39.0947 0x1d6c  aspnet_state - ok
22:49:39.0977 0x1d6c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:49:40.0035 0x1d6c  AsyncMac - ok
22:49:40.0057 0x1d6c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
22:49:40.0067 0x1d6c  atapi - ok
22:49:40.0107 0x1d6c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:49:40.0127 0x1d6c  AudioEndpointBuilder - ok
22:49:40.0147 0x1d6c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
22:49:40.0167 0x1d6c  AudioSrv - ok
22:49:40.0197 0x1d6c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:49:40.0207 0x1d6c  AxInstSV - ok
22:49:40.0303 0x1d6c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
22:49:40.0334 0x1d6c  b06bdrv - ok
22:49:40.0374 0x1d6c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
22:49:40.0384 0x1d6c  b57nd60a - ok
22:49:40.0419 0x1d6c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
22:49:40.0428 0x1d6c  BDESVC - ok
22:49:40.0437 0x1d6c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:49:40.0477 0x1d6c  Beep - ok
22:49:40.0549 0x1d6c  [ B1359701847FF1FF415FA083F1610F48, 991F995B9CF614549F5F7EB5C5B2D47F34EFF0F47B35C4BF4CE716666B9DA1D3 ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
22:49:40.0559 0x1d6c  BEService - detected UnsignedFile.Multi.Generic ( 1 )
22:49:42.0947 0x1d6c  Detect skipped due to KSN trusted
22:49:42.0947 0x1d6c  BEService - ok
22:49:43.0010 0x1d6c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
22:49:43.0030 0x1d6c  BFE - ok
22:49:43.0060 0x1d6c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
22:49:43.0100 0x1d6c  BITS - ok
22:49:43.0116 0x1d6c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
22:49:43.0120 0x1d6c  blbdrive - ok
22:49:43.0130 0x1d6c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:49:43.0140 0x1d6c  bowser - ok
22:49:43.0150 0x1d6c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
22:49:43.0160 0x1d6c  BrFiltLo - ok
22:49:43.0170 0x1d6c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
22:49:43.0180 0x1d6c  BrFiltUp - ok
22:49:43.0190 0x1d6c  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
22:49:43.0217 0x1d6c  BridgeMP - ok
22:49:43.0251 0x1d6c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
22:49:43.0271 0x1d6c  Browser - ok
22:49:43.0304 0x1d6c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
22:49:43.0323 0x1d6c  Brserid - ok
22:49:43.0347 0x1d6c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:49:43.0357 0x1d6c  BrSerWdm - ok
22:49:43.0367 0x1d6c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:49:43.0377 0x1d6c  BrUsbMdm - ok
22:49:43.0412 0x1d6c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:49:43.0421 0x1d6c  BrUsbSer - ok
22:49:43.0441 0x1d6c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
22:49:43.0461 0x1d6c  BTHMODEM - ok
22:49:43.0503 0x1d6c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
22:49:43.0537 0x1d6c  bthserv - ok
22:49:43.0537 0x1d6c  catchme - ok
22:49:43.0557 0x1d6c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:49:43.0587 0x1d6c  cdfs - ok
22:49:43.0604 0x1d6c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
22:49:43.0614 0x1d6c  cdrom - ok
22:49:43.0618 0x1d6c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
22:49:43.0637 0x1d6c  CertPropSvc - ok
22:49:43.0657 0x1d6c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
22:49:43.0667 0x1d6c  circlass - ok
22:49:43.0711 0x1d6c  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
22:49:43.0720 0x1d6c  CLFS - ok
22:49:43.0780 0x1d6c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:49:43.0800 0x1d6c  clr_optimization_v2.0.50727_32 - ok
22:49:43.0831 0x1d6c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:49:43.0851 0x1d6c  clr_optimization_v2.0.50727_64 - ok
22:49:43.0907 0x1d6c  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:49:44.0073 0x1d6c  clr_optimization_v4.0.30319_32 - ok
22:49:44.0083 0x1d6c  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:49:44.0130 0x1d6c  clr_optimization_v4.0.30319_64 - ok
22:49:44.0160 0x1d6c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
22:49:44.0170 0x1d6c  CmBatt - ok
22:49:44.0200 0x1d6c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:49:44.0215 0x1d6c  cmdide - ok
22:49:44.0267 0x1d6c  [ CA3FB5A6B626D8A00A89E049CF95954E, CD5E3E40972513195108BA46CEC1D0AEA6B09A67EEBDD17EB759BD1729B07C06 ] CNG             C:\Windows\system32\Drivers\cng.sys
22:49:44.0311 0x1d6c  CNG - ok
22:49:44.0326 0x1d6c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
22:49:44.0332 0x1d6c  Compbatt - ok
22:49:44.0347 0x1d6c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
22:49:44.0357 0x1d6c  CompositeBus - ok
22:49:44.0367 0x1d6c  COMSysApp - ok
22:49:44.0377 0x1d6c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
22:49:44.0387 0x1d6c  crcdisk - ok
22:49:44.0417 0x1d6c  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:49:44.0427 0x1d6c  CryptSvc - ok
22:49:44.0457 0x1d6c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:49:44.0487 0x1d6c  DcomLaunch - ok
22:49:44.0507 0x1d6c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
22:49:44.0537 0x1d6c  defragsvc - ok
22:49:44.0567 0x1d6c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:49:44.0587 0x1d6c  DfsC - ok
22:49:44.0627 0x1d6c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:49:44.0647 0x1d6c  Dhcp - ok
22:49:44.0746 0x1d6c  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
22:49:44.0816 0x1d6c  DiagTrack - ok
22:49:44.0816 0x1d6c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
22:49:44.0846 0x1d6c  discache - ok
22:49:44.0856 0x1d6c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
22:49:44.0866 0x1d6c  Disk - ok
22:49:44.0876 0x1d6c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:49:44.0886 0x1d6c  Dnscache - ok
22:49:44.0906 0x1d6c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:49:44.0936 0x1d6c  dot3svc - ok
22:49:44.0956 0x1d6c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
22:49:44.0976 0x1d6c  DPS - ok
22:49:45.0007 0x1d6c  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:49:45.0037 0x1d6c  drmkaud - ok
22:49:45.0058 0x1d6c  [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
22:49:45.0138 0x1d6c  dtsoftbus01 - ok
22:49:45.0188 0x1d6c  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:49:45.0218 0x1d6c  DXGKrnl - ok
22:49:45.0238 0x1d6c  [ A6DB3A7828B456A574243066E2E77D8C, 852F14E5FD77A47BF901E0A27F6D21BD9236275135C33ABB30589D0346341179 ] E100B           C:\Windows\system32\DRIVERS\efe5b32e.sys
22:49:45.0248 0x1d6c  E100B - ok
22:49:45.0268 0x1d6c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
22:49:45.0298 0x1d6c  EapHost - ok
22:49:45.0398 0x1d6c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
22:49:45.0508 0x1d6c  ebdrv - ok
22:49:45.0518 0x1d6c  [ 626BE7CD27F44185AA4DCD3603830312, EBE197BAA8F0ACEA219B402A1D03534A448048F1010A50680D728493A9B0641E ] EFS             C:\Windows\System32\lsass.exe
22:49:45.0538 0x1d6c  EFS - ok
22:49:45.0580 0x1d6c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:49:45.0601 0x1d6c  ehRecvr - ok
22:49:45.0611 0x1d6c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
22:49:45.0621 0x1d6c  ehSched - ok
22:49:45.0641 0x1d6c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
22:49:45.0661 0x1d6c  elxstor - ok
22:49:45.0671 0x1d6c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:49:45.0688 0x1d6c  ErrDev - ok
22:49:45.0708 0x1d6c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
22:49:45.0748 0x1d6c  EventSystem - ok
22:49:45.0758 0x1d6c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
22:49:45.0788 0x1d6c  exfat - ok
22:49:45.0798 0x1d6c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:49:45.0820 0x1d6c  fastfat - ok
22:49:45.0850 0x1d6c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
22:49:45.0880 0x1d6c  Fax - ok
22:49:45.0918 0x1d6c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
22:49:45.0926 0x1d6c  fdc - ok
22:49:45.0947 0x1d6c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
22:49:45.0967 0x1d6c  fdPHost - ok
22:49:45.0977 0x1d6c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:49:46.0024 0x1d6c  FDResPub - ok
22:49:46.0032 0x1d6c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:49:46.0040 0x1d6c  FileInfo - ok
22:49:46.0050 0x1d6c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:49:46.0073 0x1d6c  Filetrace - ok
22:49:46.0083 0x1d6c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
22:49:46.0093 0x1d6c  flpydisk - ok
22:49:46.0113 0x1d6c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:49:46.0123 0x1d6c  FltMgr - ok
22:49:46.0203 0x1d6c  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
22:49:46.0253 0x1d6c  FontCache - ok
22:49:46.0293 0x1d6c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:49:46.0313 0x1d6c  FontCache3.0.0.0 - ok
22:49:46.0323 0x1d6c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:49:46.0333 0x1d6c  FsDepends - ok
22:49:46.0343 0x1d6c  [ 07DA62C960DDCCC2D35836AEAB4FC578, C67A29E928AF59BF7FB573FAC2176C5598F595406AA90DDB4A364A15BC89A6C4 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
22:49:46.0353 0x1d6c  fssfltr - ok
22:49:46.0433 0x1d6c  [ 28DDEEEC44E988657B732CF404D504CB, 47F83018E5449CDCED3DD447991788EBAAC92C418D4513FBA9408C45E9AB8E7E ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
22:49:46.0483 0x1d6c  fsssvc - ok
22:49:46.0523 0x1d6c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:49:46.0523 0x1d6c  Fs_Rec - ok
22:49:46.0553 0x1d6c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:49:46.0563 0x1d6c  fvevol - ok
22:49:46.0583 0x1d6c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
22:49:46.0601 0x1d6c  gagp30kx - ok
22:49:46.0633 0x1d6c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
22:49:46.0673 0x1d6c  gpsvc - ok
22:49:46.0733 0x1d6c  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:49:46.0743 0x1d6c  gupdate - ok
22:49:46.0753 0x1d6c  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:49:46.0763 0x1d6c  gupdatem - ok
22:49:46.0783 0x1d6c  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
22:49:46.0793 0x1d6c  hamachi - ok
22:49:46.0958 0x1d6c  [ BDC536D4D5280451E12842DEAF7717E5, 7103AC074E2DD1B90FD88DF24E6503E7A6643768A5E43933AA995BE58EE5541E ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
22:49:47.0041 0x1d6c  Hamachi2Svc - ok
22:49:47.0069 0x1d6c  [ 6E02DDFFA0E8C069A92A0888B0CB8415, 44816EA24121AD0C9EB8048BED9250D7992CD0C0ABA69C3269A633D48297B7A7 ] hcmon           C:\Windows\system32\drivers\hcmon.sys
22:49:47.0072 0x1d6c  hcmon - ok
22:49:47.0092 0x1d6c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
22:49:47.0102 0x1d6c  hcw85cir - ok
22:49:47.0132 0x1d6c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
22:49:47.0142 0x1d6c  HDAudBus - ok
22:49:47.0162 0x1d6c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
22:49:47.0162 0x1d6c  HidBatt - ok
22:49:47.0182 0x1d6c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
22:49:47.0192 0x1d6c  HidBth - ok
22:49:47.0212 0x1d6c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
22:49:47.0222 0x1d6c  HidIr - ok
22:49:47.0242 0x1d6c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
22:49:47.0264 0x1d6c  hidserv - ok
22:49:47.0304 0x1d6c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
22:49:47.0324 0x1d6c  HidUsb - ok
22:49:47.0334 0x1d6c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:49:47.0374 0x1d6c  hkmsvc - ok
22:49:47.0384 0x1d6c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:49:47.0416 0x1d6c  HomeGroupListener - ok
22:49:47.0436 0x1d6c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:49:47.0447 0x1d6c  HomeGroupProvider - ok
22:49:47.0457 0x1d6c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:49:47.0467 0x1d6c  HpSAMD - ok
22:49:47.0487 0x1d6c  [ BB27565DA23F7A60841FDE267B35F72B, 7E5D65283163EAE9C282AB82F57F0E138C2C160B919C29B70C1701C4AAFD4D48 ] HssDRV6         C:\Windows\system32\DRIVERS\hssdrv6.sys
22:49:47.0497 0x1d6c  HssDRV6 - ok
22:49:47.0560 0x1d6c  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:49:47.0590 0x1d6c  HTTP - ok
22:49:47.0600 0x1d6c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:49:47.0616 0x1d6c  hwpolicy - ok
22:49:47.0634 0x1d6c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
22:49:47.0637 0x1d6c  i8042prt - ok
22:49:47.0667 0x1d6c  [ D1753C06EE17E29352B065EACF3F10D0, 4DD4C991FAA3CCF99DF8DC9F8F5DEEDEECD55977F0C3AA8C404DEFD21E32A62B ] iaStor          C:\Windows\system32\drivers\iaStor.sys
22:49:47.0687 0x1d6c  iaStor - ok
22:49:47.0730 0x1d6c  [ 545462D0DBE24AF379BA869B7C185CCD, 056F9D0D5FD4FEF37665A35A4029722FF60D02A69854E952DC361CC0E5CD26F9 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:49:47.0730 0x1d6c  IAStorDataMgrSvc - ok
22:49:47.0750 0x1d6c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:49:47.0770 0x1d6c  iaStorV - ok
22:49:47.0815 0x1d6c  [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
22:49:47.0819 0x1d6c  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
22:49:50.0189 0x1d6c  Detect skipped due to KSN trusted
22:49:50.0189 0x1d6c  IDriverT - ok
22:49:50.0279 0x1d6c  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:49:50.0299 0x1d6c  idsvc - ok
22:49:50.0319 0x1d6c  IEEtwCollectorService - ok
22:49:50.0329 0x1d6c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
22:49:50.0339 0x1d6c  iirsp - ok
22:49:50.0409 0x1d6c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
22:49:50.0429 0x1d6c  IKEEXT - ok
22:49:50.0451 0x1d6c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
22:49:50.0454 0x1d6c  intelide - ok
22:49:50.0474 0x1d6c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
22:49:50.0484 0x1d6c  intelppm - ok
22:49:50.0494 0x1d6c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:49:50.0524 0x1d6c  IPBusEnum - ok
22:49:50.0534 0x1d6c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:49:50.0564 0x1d6c  IpFilterDriver - ok
22:49:50.0604 0x1d6c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] IpHlpSvc        C:\Windows\System32\iphlpsvc.dll
22:49:50.0624 0x1d6c  IpHlpSvc - ok
22:49:50.0634 0x1d6c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
22:49:50.0644 0x1d6c  IPMIDRV - ok
22:49:50.0664 0x1d6c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:49:50.0684 0x1d6c  IPNAT - ok
22:49:50.0704 0x1d6c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:49:50.0714 0x1d6c  IRENUM - ok
22:49:50.0724 0x1d6c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:49:50.0734 0x1d6c  isapnp - ok
22:49:50.0764 0x1d6c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
22:49:50.0774 0x1d6c  iScsiPrt - ok
22:49:50.0794 0x1d6c  [ 1D88A23853387D34D52CC8F9DDBFC56C, D00083B61E93E7E1D247EAB332787912FCF7605AF7043F071238C50E4A15016B ] iusb3hub        C:\Windows\system32\drivers\iusb3hub.sys
22:49:50.0814 0x1d6c  iusb3hub - ok
22:49:50.0834 0x1d6c  [ FC5EFD7C797DF19DFB999F0605A7924E, C56CE3840F3B11D81BED38E5F59ABCA190DFB7127F06263193870312A83379AF ] iusb3xhc        C:\Windows\system32\drivers\iusb3xhc.sys
22:49:50.0854 0x1d6c  iusb3xhc - ok
22:49:50.0864 0x1d6c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:49:50.0874 0x1d6c  kbdclass - ok
22:49:50.0884 0x1d6c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
22:49:50.0894 0x1d6c  kbdhid - ok
22:49:50.0904 0x1d6c  [ 626BE7CD27F44185AA4DCD3603830312, EBE197BAA8F0ACEA219B402A1D03534A448048F1010A50680D728493A9B0641E ] KeyIso          C:\Windows\system32\lsass.exe
22:49:50.0924 0x1d6c  KeyIso - ok
22:49:50.0944 0x1d6c  [ B6C2FA7F5E5BC1A488A57C6344D29D64, 857245D664CF9ED8121E2087D73F85DA3FED721484DDC6B51AF6A344EC29A27F ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:49:50.0964 0x1d6c  KSecDD - ok
22:49:50.0974 0x1d6c  [ FB4397DDCC732DB6A7B33B747C7EB708, AD8B9500AAE12C1507B982B74B86731BE75AFAC7F64538332A380AC43EDEC271 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:49:50.0994 0x1d6c  KSecPkg - ok
22:49:51.0001 0x1d6c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
22:49:51.0046 0x1d6c  ksthunk - ok
22:49:51.0070 0x1d6c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:49:51.0110 0x1d6c  KtmRm - ok
22:49:51.0140 0x1d6c  [ B8040D3B97B16B89701E31A17353856C, 41690ACB26536B0AA1CC3B5388F824C9C1CD9648957C8488BAE5F3D57BEE3D85 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
22:49:51.0150 0x1d6c  L1C - ok
22:49:51.0170 0x1d6c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
22:49:51.0200 0x1d6c  LanmanServer - ok
22:49:51.0220 0x1d6c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:49:51.0240 0x1d6c  LanmanWorkstation - ok
22:49:51.0250 0x1d6c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:49:51.0280 0x1d6c  lltdio - ok
22:49:51.0310 0x1d6c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:49:51.0340 0x1d6c  lltdsvc - ok
22:49:51.0360 0x1d6c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:49:51.0380 0x1d6c  lmhosts - ok
22:49:51.0450 0x1d6c  [ D6BF6FD055BD719F3D62E51B90857159, A7777D18E404164B4DA531AD94D2A712D9CC6A9288795B7388037752A558E96F ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
22:49:51.0470 0x1d6c  LMIGuardianSvc - ok
22:49:51.0490 0x1d6c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
22:49:51.0500 0x1d6c  LSI_FC - ok
22:49:51.0510 0x1d6c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
22:49:51.0520 0x1d6c  LSI_SAS - ok
22:49:51.0540 0x1d6c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
22:49:51.0540 0x1d6c  LSI_SAS2 - ok
22:49:51.0560 0x1d6c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
22:49:51.0570 0x1d6c  LSI_SCSI - ok
22:49:51.0580 0x1d6c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
22:49:51.0610 0x1d6c  luafv - ok
22:49:51.0630 0x1d6c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:49:51.0640 0x1d6c  Mcx2Svc - ok
22:49:51.0650 0x1d6c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
22:49:51.0660 0x1d6c  megasas - ok
22:49:51.0680 0x1d6c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
22:49:51.0690 0x1d6c  MegaSR - ok
22:49:51.0710 0x1d6c  [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64          C:\Windows\system32\drivers\HECIx64.sys
22:49:51.0720 0x1d6c  MEIx64 - ok
22:49:51.0730 0x1d6c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
22:49:51.0760 0x1d6c  MMCSS - ok
22:49:51.0770 0x1d6c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
22:49:51.0790 0x1d6c  Modem - ok
22:49:51.0800 0x1d6c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:49:51.0820 0x1d6c  monitor - ok
22:49:51.0830 0x1d6c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:49:51.0840 0x1d6c  mouclass - ok
22:49:51.0850 0x1d6c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:49:51.0860 0x1d6c  mouhid - ok
22:49:51.0890 0x1d6c  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:49:51.0900 0x1d6c  mountmgr - ok
22:49:51.0920 0x1d6c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:49:51.0930 0x1d6c  mpio - ok
22:49:51.0950 0x1d6c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:49:51.0979 0x1d6c  mpsdrv - ok
22:49:52.0014 0x1d6c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:49:52.0059 0x1d6c  MpsSvc - ok
22:49:52.0099 0x1d6c  [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:49:52.0119 0x1d6c  MRxDAV - ok
22:49:52.0149 0x1d6c  [ ACEC16415275E1AD6F7983EF472810E3, E5017E157954F6C21AA66233FF2C1A6B1FF3E4685F26648A8A21F2B9718DD97C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:49:52.0169 0x1d6c  mrxsmb - ok
22:49:52.0209 0x1d6c  [ 0F276F2F2018296FABC7BD2BCCAAB40B, 378A36F7282EE9FFEC8A1D5783ECD0A428E0215B1774AAA166C5AA09B3C636F7 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:49:52.0229 0x1d6c  mrxsmb10 - ok
22:49:52.0249 0x1d6c  [ 1D4B7972375052F5B7877A6FD9BE33A0, B3FD235F6FE975F1869436ED1215913F0E8EB1123BB252FD221C35AB1121C3F5 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:49:52.0259 0x1d6c  mrxsmb20 - ok
22:49:52.0279 0x1d6c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
22:49:52.0289 0x1d6c  msahci - ok
22:49:52.0299 0x1d6c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:49:52.0309 0x1d6c  msdsm - ok
22:49:52.0329 0x1d6c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
22:49:52.0339 0x1d6c  MSDTC - ok
22:49:52.0349 0x1d6c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:49:52.0389 0x1d6c  Msfs - ok
22:49:52.0399 0x1d6c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:49:52.0429 0x1d6c  mshidkmdf - ok
22:49:52.0449 0x1d6c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:49:52.0449 0x1d6c  msisadrv - ok
22:49:52.0469 0x1d6c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:49:52.0499 0x1d6c  MSiSCSI - ok
22:49:52.0499 0x1d6c  msiserver - ok
22:49:52.0509 0x1d6c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:49:52.0529 0x1d6c  MSKSSRV - ok
22:49:52.0539 0x1d6c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:49:52.0569 0x1d6c  MSPCLOCK - ok
22:49:52.0569 0x1d6c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:49:52.0589 0x1d6c  MSPQM - ok
22:49:52.0619 0x1d6c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:49:52.0629 0x1d6c  MsRPC - ok
22:49:52.0649 0x1d6c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
22:49:52.0659 0x1d6c  mssmbios - ok
22:49:52.0659 0x1d6c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:49:52.0689 0x1d6c  MSTEE - ok
22:49:52.0699 0x1d6c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
22:49:52.0699 0x1d6c  MTConfig - ok
22:49:52.0709 0x1d6c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
22:49:52.0719 0x1d6c  Mup - ok
22:49:52.0749 0x1d6c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
22:49:52.0789 0x1d6c  napagent - ok
22:49:52.0809 0x1d6c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:49:52.0819 0x1d6c  NativeWifiP - ok
22:49:52.0910 0x1d6c  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:49:52.0937 0x1d6c  NDIS - ok
22:49:53.0015 0x1d6c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:49:53.0042 0x1d6c  NdisCap - ok
22:49:53.0052 0x1d6c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:49:53.0072 0x1d6c  NdisTapi - ok
22:49:53.0082 0x1d6c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:49:53.0113 0x1d6c  Ndisuio - ok
22:49:53.0129 0x1d6c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:49:53.0147 0x1d6c  NdisWan - ok
22:49:53.0157 0x1d6c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:49:53.0197 0x1d6c  NDProxy - ok
22:49:53.0216 0x1d6c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:49:53.0240 0x1d6c  NetBIOS - ok
22:49:53.0250 0x1d6c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:49:53.0280 0x1d6c  NetBT - ok
22:49:53.0280 0x1d6c  [ 626BE7CD27F44185AA4DCD3603830312, EBE197BAA8F0ACEA219B402A1D03534A448048F1010A50680D728493A9B0641E ] Netlogon        C:\Windows\system32\lsass.exe
22:49:53.0290 0x1d6c  Netlogon - ok
22:49:53.0327 0x1d6c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
22:49:53.0357 0x1d6c  Netman - ok
22:49:53.0387 0x1d6c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:49:53.0430 0x1d6c  NetMsmqActivator - ok
22:49:53.0430 0x1d6c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:49:53.0440 0x1d6c  NetPipeActivator - ok
22:49:53.0470 0x1d6c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
22:49:53.0500 0x1d6c  netprofm - ok
22:49:53.0510 0x1d6c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:49:53.0519 0x1d6c  NetTcpActivator - ok
22:49:53.0524 0x1d6c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:49:53.0533 0x1d6c  NetTcpPortSharing - ok
22:49:53.0546 0x1d6c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
22:49:53.0556 0x1d6c  nfrd960 - ok
22:49:53.0599 0x1d6c  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:49:53.0620 0x1d6c  NlaSvc - ok
22:49:53.0630 0x1d6c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:49:53.0680 0x1d6c  Npfs - ok
22:49:53.0700 0x1d6c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
22:49:53.0729 0x1d6c  nsi - ok
22:49:53.0735 0x1d6c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:49:53.0757 0x1d6c  nsiproxy - ok
22:49:53.0836 0x1d6c  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:49:53.0896 0x1d6c  Ntfs - ok
22:49:53.0896 0x1d6c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
22:49:53.0920 0x1d6c  Null - ok
22:49:53.0940 0x1d6c  [ 7E4355930B28C2798D9F09AB9F81151F, 941C730F3B75BDF99639E76350031EDD15F18D8D860F3B1282C28B62096E7717 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
22:49:53.0950 0x1d6c  NVHDA - ok
22:49:54.0218 0x1d6c  [ 7C28BA74B766F3470128107DA764F711, 43738B3B7F7A493D2B0102B889612A1E91545F38BA82CD911D63361F08048314 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:49:54.0536 0x1d6c  nvlddmkm - ok
22:49:54.0564 0x1d6c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:49:54.0574 0x1d6c  nvraid - ok
22:49:54.0584 0x1d6c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:49:54.0594 0x1d6c  nvstor - ok
22:49:54.0620 0x1d6c  [ 8AC306A237D714C4D0451E422D91B4AF, 9EA3C061A884A427D40955123EF7C4AED28BF7DCC8249CC63BD1DC55B5ABF93F ] NvStUSB         C:\Windows\system32\drivers\nvstusb.sys
22:49:54.0630 0x1d6c  NvStUSB - ok
22:49:54.0690 0x1d6c  [ 2A4F832243E869FD7564AA90402D74BD, E730A517EB6D49036B6FC196BFC930ED93EDB4FD4FA7EB1EB69A434BB94AE3C0 ] nvsvc           C:\Windows\system32\nvvsvc.exe
22:49:54.0726 0x1d6c  nvsvc - ok
22:49:54.0746 0x1d6c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:49:54.0756 0x1d6c  nv_agp - ok
22:49:54.0776 0x1d6c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:49:54.0796 0x1d6c  ohci1394 - ok
22:49:54.0934 0x1d6c  [ A309633A4BA2DE3FC30468C3103E0BA5, 530C707A4FCD36A45E9D370D20105356C8019DE41EF1C1F1A728A523D5FBEE25 ] Origin Client Service D:\Origin\OriginClientService.exe
22:49:55.0033 0x1d6c  Origin Client Service - ok
22:49:55.0063 0x1d6c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:49:55.0119 0x1d6c  p2pimsvc - ok
22:49:55.0150 0x1d6c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
22:49:55.0180 0x1d6c  p2psvc - ok
22:49:55.0190 0x1d6c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
22:49:55.0200 0x1d6c  Parport - ok
22:49:55.0220 0x1d6c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:49:55.0230 0x1d6c  partmgr - ok
22:49:55.0274 0x1d6c  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:49:55.0294 0x1d6c  PcaSvc - ok
22:49:55.0315 0x1d6c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
22:49:55.0325 0x1d6c  pci - ok
22:49:55.0336 0x1d6c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
22:49:55.0346 0x1d6c  pciide - ok
22:49:55.0371 0x1d6c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
22:49:55.0381 0x1d6c  pcmcia - ok
22:49:55.0401 0x1d6c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
22:49:55.0411 0x1d6c  pcw - ok
22:49:55.0461 0x1d6c  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:49:55.0483 0x1d6c  PEAUTH - ok
22:49:55.0533 0x1d6c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
22:49:55.0553 0x1d6c  PerfHost - ok
22:49:55.0623 0x1d6c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
22:49:55.0693 0x1d6c  pla - ok
22:49:55.0723 0x1d6c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:49:55.0743 0x1d6c  PlugPlay - ok
22:49:55.0763 0x1d6c  PnkBstrA - ok
22:49:55.0773 0x1d6c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:49:55.0783 0x1d6c  PNRPAutoReg - ok
22:49:55.0803 0x1d6c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:49:55.0813 0x1d6c  PNRPsvc - ok
22:49:55.0843 0x1d6c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:49:55.0873 0x1d6c  PolicyAgent - ok
22:49:55.0893 0x1d6c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
22:49:55.0923 0x1d6c  Power - ok
22:49:55.0958 0x1d6c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:49:56.0001 0x1d6c  PptpMiniport - ok
22:49:56.0017 0x1d6c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
22:49:56.0025 0x1d6c  Processor - ok
22:49:56.0071 0x1d6c  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
22:49:56.0091 0x1d6c  ProfSvc - ok
22:49:56.0101 0x1d6c  [ 626BE7CD27F44185AA4DCD3603830312, EBE197BAA8F0ACEA219B402A1D03534A448048F1010A50680D728493A9B0641E ] ProtectedStorage C:\Windows\system32\lsass.exe
22:49:56.0111 0x1d6c  ProtectedStorage - ok
22:49:56.0121 0x1d6c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:49:56.0141 0x1d6c  Psched - ok
22:49:56.0161 0x1d6c  [ 5D6C8E778F0218FCD2CCA0EFBC9766CA, 55B9BD7D168790883E748D9C09DA64E4FEEAC36EC172371DCD108F7F148887B3 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
22:49:56.0171 0x1d6c  PxHlpa64 - ok
22:49:56.0211 0x1d6c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
22:49:56.0261 0x1d6c  ql2300 - ok
22:49:56.0281 0x1d6c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
22:49:56.0291 0x1d6c  ql40xx - ok
22:49:56.0311 0x1d6c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
22:49:56.0321 0x1d6c  QWAVE - ok
22:49:56.0341 0x1d6c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:49:56.0351 0x1d6c  QWAVEdrv - ok
22:49:56.0361 0x1d6c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:49:56.0391 0x1d6c  RasAcd - ok
22:49:56.0401 0x1d6c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
22:49:56.0421 0x1d6c  RasAgileVpn - ok
22:49:56.0431 0x1d6c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
22:49:56.0451 0x1d6c  RasAuto - ok
22:49:56.0461 0x1d6c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:49:56.0491 0x1d6c  Rasl2tp - ok
22:49:56.0511 0x1d6c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
22:49:56.0541 0x1d6c  RasMan - ok
22:49:56.0551 0x1d6c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:49:56.0571 0x1d6c  RasPppoe - ok
22:49:56.0581 0x1d6c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:49:56.0611 0x1d6c  RasSstp - ok
22:49:56.0621 0x1d6c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:49:56.0651 0x1d6c  rdbss - ok
22:49:56.0671 0x1d6c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
22:49:56.0691 0x1d6c  rdpbus - ok
22:49:56.0711 0x1d6c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:49:56.0731 0x1d6c  RDPCDD - ok
22:49:56.0751 0x1d6c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:49:56.0771 0x1d6c  RDPENCDD - ok
22:49:56.0781 0x1d6c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:49:56.0813 0x1d6c  RDPREFMP - ok
22:49:56.0840 0x1d6c  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:49:56.0870 0x1d6c  RDPWD - ok
22:49:56.0890 0x1d6c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:49:56.0910 0x1d6c  rdyboost - ok
22:49:56.0919 0x1d6c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:49:56.0940 0x1d6c  RemoteRegistry - ok
22:49:56.0960 0x1d6c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:49:56.0980 0x1d6c  RpcEptMapper - ok
22:49:57.0017 0x1d6c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
22:49:57.0037 0x1d6c  RpcLocator - ok
22:49:57.0063 0x1d6c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
22:49:57.0090 0x1d6c  RpcSs - ok
22:49:57.0120 0x1d6c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:49:57.0140 0x1d6c  rspndr - ok
22:49:57.0150 0x1d6c  [ 626BE7CD27F44185AA4DCD3603830312, EBE197BAA8F0ACEA219B402A1D03534A448048F1010A50680D728493A9B0641E ] SamSs           C:\Windows\system32\lsass.exe
22:49:57.0160 0x1d6c  SamSs - ok
22:49:57.0170 0x1d6c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:49:57.0180 0x1d6c  sbp2port - ok
22:49:57.0200 0x1d6c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:49:57.0230 0x1d6c  SCardSvr - ok
22:49:57.0240 0x1d6c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:49:57.0260 0x1d6c  scfilter - ok
22:49:57.0332 0x1d6c  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
22:49:57.0382 0x1d6c  Schedule - ok
22:49:57.0392 0x1d6c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:49:57.0422 0x1d6c  SCPolicySvc - ok
22:49:57.0462 0x1d6c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:49:57.0492 0x1d6c  SDRSVC - ok
22:49:57.0502 0x1d6c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:49:57.0532 0x1d6c  secdrv - ok
22:49:57.0572 0x1d6c  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
22:49:57.0612 0x1d6c  seclogon - ok
22:49:57.0622 0x1d6c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
22:49:57.0662 0x1d6c  SENS - ok
22:49:57.0672 0x1d6c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:49:57.0702 0x1d6c  SensrSvc - ok
22:49:57.0722 0x1d6c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
22:49:57.0732 0x1d6c  Serenum - ok
22:49:57.0752 0x1d6c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
22:49:57.0762 0x1d6c  Serial - ok
22:49:57.0782 0x1d6c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
22:49:57.0792 0x1d6c  sermouse - ok
22:49:57.0812 0x1d6c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
22:49:57.0832 0x1d6c  SessionEnv - ok
22:49:57.0842 0x1d6c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
22:49:57.0852 0x1d6c  sffdisk - ok
22:49:57.0862 0x1d6c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:49:57.0872 0x1d6c  sffp_mmc - ok
22:49:57.0892 0x1d6c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
22:49:57.0902 0x1d6c  sffp_sd - ok
22:49:57.0922 0x1d6c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
22:49:57.0932 0x1d6c  sfloppy - ok
22:49:57.0952 0x1d6c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:49:57.0992 0x1d6c  SharedAccess - ok
22:49:58.0002 0x1d6c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:49:58.0057 0x1d6c  ShellHWDetection - ok
22:49:58.0073 0x1d6c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
22:49:58.0083 0x1d6c  SiSRaid2 - ok
22:49:58.0093 0x1d6c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
22:49:58.0103 0x1d6c  SiSRaid4 - ok
22:49:58.0173 0x1d6c  [ 3E98CE04689597C76B3EF4D3D0323836, F7FFF675066281190C236F2995EB003A1779231E5164EEE6BEE334A4240B1DF9 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
22:49:58.0203 0x1d6c  SkypeUpdate - ok
22:49:58.0213 0x1d6c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:49:58.0243 0x1d6c  Smb - ok
22:49:58.0243 0x1d6c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:49:58.0253 0x1d6c  SNMPTRAP - ok
22:49:58.0283 0x1d6c  [ 12583AF6CBE0050651EAF2723B3AD7B3, 965D4F981B54669A96C5AB02D09BF0A9850D13862425B8981F1A9271350F28BB ] speedfan        C:\Windows\syswow64\speedfan.sys
22:49:58.0283 0x1d6c  speedfan - ok
22:49:58.0303 0x1d6c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:49:58.0303 0x1d6c  spldr - ok
22:49:58.0333 0x1d6c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
22:49:58.0363 0x1d6c  Spooler - ok
22:49:58.0450 0x1d6c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
22:49:58.0576 0x1d6c  sppsvc - ok
22:49:58.0586 0x1d6c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
22:49:58.0618 0x1d6c  sppuinotify - ok
22:49:58.0646 0x1d6c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:49:58.0666 0x1d6c  srv - ok
22:49:58.0686 0x1d6c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:49:58.0709 0x1d6c  srv2 - ok
22:49:58.0720 0x1d6c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:49:58.0730 0x1d6c  srvnet - ok
22:49:58.0740 0x1d6c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:49:58.0770 0x1d6c  SSDPSRV - ok
22:49:58.0780 0x1d6c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:49:58.0810 0x1d6c  SstpSvc - ok
22:49:58.0846 0x1d6c  [ D27C8C88CEB69075465B41DA6ECF3374, B1A70A30787080474E901E4743996EEE4FCD09BEDBBA89CE57ACAE05A67907AB ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
22:49:58.0876 0x1d6c  Steam Client Service - ok
22:49:59.0229 0x1d6c  [ F82B2FC221CA0E408874884787491667, A9C7FB9C4719484BDA4FB69A8F948DC556CFEA19DFE89D2E63536F2C42725E66 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
22:49:59.0269 0x1d6c  Stereo Service - ok
22:49:59.0318 0x1d6c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
22:49:59.0329 0x1d6c  stexstor - ok
22:49:59.0430 0x1d6c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
22:49:59.0454 0x1d6c  stisvc - ok
22:49:59.0474 0x1d6c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
22:49:59.0484 0x1d6c  swenum - ok
22:49:59.0568 0x1d6c  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
22:49:59.0598 0x1d6c  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
22:50:01.0972 0x1d6c  Detect skipped due to KSN trusted
22:50:01.0972 0x1d6c  SwitchBoard - ok
22:50:02.0033 0x1d6c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
22:50:02.0082 0x1d6c  swprv - ok
22:50:02.0176 0x1d6c  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
22:50:02.0256 0x1d6c  SysMain - ok
22:50:02.0276 0x1d6c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:50:02.0296 0x1d6c  TabletInputService - ok
22:50:02.0319 0x1d6c  [ B08740047145B9BCE15BF75CA0F9718A, 3E2A8A5A2A4DC4D0F05E22EA2C0EBD85AA5C7C6854E873D53538D1F54B8F7C63 ] tap0901t        C:\Windows\system32\DRIVERS\tap0901t.sys
22:50:02.0339 0x1d6c  tap0901t - detected UnsignedFile.Multi.Generic ( 1 )
22:50:04.0729 0x1d6c  Detect skipped due to KSN trusted
22:50:04.0729 0x1d6c  tap0901t - ok
22:50:04.0749 0x1d6c  [ B70DF208E97536CA9F29289E609F5B16, 5D2AF3DE64A6DAF8F0EA8C1F05B13660EA9428450516A6B3FA8AB0C3B3218E2D ] taphss          C:\Windows\system32\DRIVERS\taphss.sys
22:50:04.0769 0x1d6c  taphss - ok
22:50:04.0789 0x1d6c  [ 83C57F165F0216E5CE40D7E4E00DC76D, F3740283A5DB8EF69A6A2AC52D6506FBA5423C6548AAF3A272A13F9F582A2792 ] taphss6         C:\Windows\system32\DRIVERS\taphss6.sys
22:50:04.0799 0x1d6c  taphss6 - ok
22:50:04.0822 0x1d6c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:50:04.0856 0x1d6c  TapiSrv - ok
22:50:04.0866 0x1d6c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
22:50:04.0896 0x1d6c  TBS - ok
22:50:04.0966 0x1d6c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:50:05.0042 0x1d6c  Tcpip - ok
22:50:05.0094 0x1d6c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:50:05.0149 0x1d6c  TCPIP6 - ok
22:50:05.0189 0x1d6c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:50:05.0199 0x1d6c  tcpipreg - ok
22:50:05.0219 0x1d6c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:50:05.0235 0x1d6c  TDPIPE - ok
22:50:05.0245 0x1d6c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:50:05.0255 0x1d6c  TDTCP - ok
22:50:05.0295 0x1d6c  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:50:05.0312 0x1d6c  tdx - ok
22:50:05.0546 0x1d6c  [ E72B44F86082DFE649CD991E3CD2F8B6, C5A1E53E41E48D3465A7D96886A1E5D1C3145C7E1A40FB74E3A05EDC2DA04F84 ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
22:50:05.0759 0x1d6c  TeamViewer - ok
22:50:05.0789 0x1d6c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
22:50:05.0789 0x1d6c  TermDD - ok
22:50:05.0846 0x1d6c  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
22:50:05.0876 0x1d6c  TermService - ok
22:50:05.0896 0x1d6c  [ 9201BE2BAB8A9FF8E20D8439AE3BB04D, D973C4FE5B8D02B15476D72B49105840A04DBFF8BCB77117C0354D046E6C02FB ] Themes          C:\Windows\system32\themeservice.dll
22:50:05.0896 0x1d6c  Themes - detected UnsignedFile.Multi.Generic ( 1 )
22:50:08.0282 0x1d6c  Detect skipped due to KSN trusted
22:50:08.0282 0x1d6c  Themes - ok
22:50:08.0915 0x1d6c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
22:50:08.0965 0x1d6c  THREADORDER - ok
22:50:10.0679 0x1d6c  [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM             C:\Windows\system32\drivers\tpm.sys
22:50:10.0689 0x1d6c  TPM - ok
22:50:11.0445 0x2dd8  Object required for P2P: [ 3E98CE04689597C76B3EF4D3D0323836 ] SkypeUpdate
22:50:11.0735 0x1d6c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
22:50:11.0775 0x1d6c  TrkWks - ok
22:50:14.0005 0x2dd8  Object send P2P result: true
22:50:14.0640 0x1d6c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:50:14.0720 0x1d6c  TrustedInstaller - ok
22:50:14.0831 0x1d6c  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:50:14.0841 0x1d6c  tssecsrv - ok
22:50:14.0906 0x1d6c  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:50:14.0918 0x1d6c  TsUsbFlt - ok
22:50:14.0938 0x1d6c  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
22:50:14.0948 0x1d6c  TsUsbGD - ok
22:50:14.0968 0x1d6c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:50:15.0002 0x1d6c  tunnel - ok
22:50:15.0083 0x1d6c  [ 0F744A57BFA0B92AA5A626CF7DD2A667, 539471E1AE10E6B8845CFD1B4A6F68039B6E6A2C042A2BBA07CD34ED701C6F7A ] TunngleService  C:\Program Files (x86)\Tunngle\TnglCtrl.exe
22:50:15.0185 0x1d6c  TunngleService - detected UnsignedFile.Multi.Generic ( 1 )
22:50:17.0588 0x1d6c  Detect skipped due to KSN trusted
22:50:17.0588 0x1d6c  TunngleService - ok
22:50:17.0608 0x1d6c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
22:50:17.0618 0x1d6c  uagp35 - ok
22:50:17.0648 0x1d6c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:50:17.0678 0x1d6c  udfs - ok
22:50:17.0708 0x1d6c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:50:17.0718 0x1d6c  UI0Detect - ok
22:50:17.0738 0x1d6c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:50:17.0748 0x1d6c  uliagpkx - ok
22:50:17.0768 0x1d6c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
22:50:17.0778 0x1d6c  umbus - ok
22:50:17.0788 0x1d6c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
22:50:17.0798 0x1d6c  UmPass - ok
22:50:17.0828 0x1d6c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
22:50:17.0858 0x1d6c  upnphost - ok
22:50:17.0908 0x1d6c  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
22:50:17.0948 0x1d6c  usbaudio - ok
22:50:17.0978 0x1d6c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:50:17.0998 0x1d6c  usbccgp - ok
22:50:18.0033 0x1d6c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:50:18.0054 0x1d6c  usbcir - ok
22:50:18.0064 0x1d6c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
22:50:18.0074 0x1d6c  usbehci - ok
22:50:18.0114 0x1d6c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:50:18.0124 0x1d6c  usbhub - ok
22:50:18.0144 0x1d6c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
22:50:18.0154 0x1d6c  usbohci - ok
22:50:18.0174 0x1d6c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
22:50:18.0184 0x1d6c  usbprint - ok
22:50:18.0204 0x1d6c  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
22:50:18.0224 0x1d6c  USBSTOR - ok
22:50:18.0244 0x1d6c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
22:50:18.0254 0x1d6c  usbuhci - ok
22:50:18.0264 0x1d6c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
22:50:18.0294 0x1d6c  UxSms - ok
22:50:18.0324 0x1d6c  [ 626BE7CD27F44185AA4DCD3603830312, EBE197BAA8F0ACEA219B402A1D03534A448048F1010A50680D728493A9B0641E ] VaultSvc        C:\Windows\system32\lsass.exe
22:50:18.0334 0x1d6c  VaultSvc - ok
22:50:18.0425 0x1d6c  [ BC72F198968C1D483435F29ACFAFEA78, C1514E9D309A461D9D10D0C2637757F7796946B93A276200F7BE78CA428BFB0A ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys
22:50:18.0459 0x1d6c  VBoxDrv - ok
22:50:18.0509 0x1d6c  [ 8FD4BE594B4247E534E5D7CADA47FF20, A1D4DF89FAE48B2A6E3443C49533000A3E13A3CE1C18D8DB5DAEE4DDD9C51E88 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
22:50:18.0529 0x1d6c  VBoxNetAdp - ok
22:50:18.0574 0x1d6c  [ 7C7B16651E383C828A8FAB2B4E7D144E, 4EC92D9E83A2768F9B368FD88DE99F426E2B6FDCDEB346ED1B75DBA2E6E53F43 ] VBoxNetFlt      C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
22:50:18.0594 0x1d6c  VBoxNetFlt - ok
22:50:18.0645 0x1d6c  [ 97F31032ECA2AA9CD6F456ADEA27EDA4, 7057ADFC8B73F860A690064565F259D5145B07C90DA811F6351CF2283BD61161 ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
22:50:18.0656 0x1d6c  VBoxUSBMon - ok
22:50:18.0686 0x1d6c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:50:18.0696 0x1d6c  vdrvroot - ok
22:50:18.0716 0x1d6c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
22:50:18.0766 0x1d6c  vds - ok
22:50:18.0827 0x1d6c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:50:18.0845 0x1d6c  vga - ok
22:50:18.0885 0x1d6c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:50:18.0919 0x1d6c  VgaSave - ok
22:50:18.0935 0x1d6c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
22:50:18.0945 0x1d6c  vhdmp - ok
22:50:19.0015 0x1d6c  [ 9DA8850BB123912C79D87564536B52A0, 9DFC762243BEC6F6EE095095B6828A6AB90BA9E2B67E8DA57FF494AD0F291E65 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
22:50:19.0083 0x1d6c  VIAHdAudAddService - ok
22:50:19.0103 0x1d6c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:50:19.0113 0x1d6c  viaide - ok
22:50:19.0123 0x1d6c  [ 9C43B87FED8CF5A9BA2BF209429DF853, 691C6646E657D6B1F27CFAD4C3380EA2E63A0E7D4C94BA17913EF355BEE4181B ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
22:50:19.0133 0x1d6c  VIAKaraokeService - ok
22:50:19.0173 0x1d6c  [ 549CD7035F5CF5CEE4DE11539C9715F4, 6FED4D5161420890A92C3B811B4CBD18A1A106D5F5E674166E538E65A1C68E04 ] VMAuthdService  C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
22:50:19.0173 0x1d6c  VMAuthdService - ok
22:50:19.0183 0x1d6c  [ BE8E5E5D53ACF71D4E8E686B68C99B04, 4F30A360095FCB2627068FA6A65A951688058E8FDDF5CE895E2AE39500A413B1 ] vmci            C:\Windows\system32\DRIVERS\vmci.sys
22:50:19.0193 0x1d6c  vmci - ok
22:50:19.0203 0x1d6c  [ CCB2A61113D093B9B5CCCF1D60D65E7A, 4459DD26ACF1B7675016B16BA02814E2A35FE862DEDA31AC7110CE2C2E3947AA ] vmkbd           C:\Windows\system32\drivers\VMkbd.sys
22:50:19.0213 0x1d6c  vmkbd - ok
22:50:19.0213 0x1d6c  [ 18AA5F4A3B1204AD00045EE5AD39BCDB, 0211A8E94F169A2A52CD39CD580293907EBE104E52038DC36B988DE1CA7F2392 ] VMnetAdapter    C:\Windows\system32\DRIVERS\vmnetadapter.sys
22:50:19.0223 0x1d6c  VMnetAdapter - ok
22:50:19.0240 0x1d6c  [ 04CD4347CD9E8C40F78AD51F7FF426D0, BCA3E593E118BCA30142B23CD1CBE6905442D31C3DEB4C71B06D721E601F7BD8 ] VMnetBridge     C:\Windows\system32\DRIVERS\vmnetbridge.sys
22:50:19.0240 0x1d6c  VMnetBridge - ok
22:50:19.0260 0x1d6c  [ 9C9D86BEDE5D4A357FD7924F2CB02791, 7430F60308B7F82F2F16F76AE06485B88A9210883CF8FD91C43C41CCF38D2644 ] VMnetDHCP       C:\WINDOWS\SYSWOW64\VMNETDHCP.EXE
22:50:19.0280 0x1d6c  VMnetDHCP - ok
22:50:19.0290 0x1d6c  [ 668C12E04D5AB4981864B12494AF907F, 20D94E5E060EB04558B39B33A81C989D7F9DB52C7378FECF9D430F1DC385E4E0 ] VMnetuserif     C:\Windows\system32\drivers\vmnetuserif.sys
22:50:19.0300 0x1d6c  VMnetuserif - ok
22:50:19.0330 0x1d6c  [ 093B967896BA9EF2ADFCD75E185B9DA9, 3D6F5FF56311D4B506D02F77620B80EDB54E6E560BDF53AC9F3CDBB037D0ACA0 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
22:50:19.0350 0x1d6c  VMUSBArbService - ok
22:50:19.0380 0x1d6c  [ 363B76E94C65E235C2D6F676B49829E5, 7B0ED16F486E15D784C9D1827E7608840C59E287247C67550E667068CA8B7AE1 ] VMware NAT Service C:\WINDOWS\SYSWOW64\VMNAT.EXE
22:50:19.0390 0x1d6c  VMware NAT Service - ok
22:50:19.0420 0x1d6c  [ EBAC38A198308359FD89C10704265E5E, 7C234FE34D6A65D754F8B2EA0458365997CF97B88779B01551E5227910943224 ] vmx86           C:\Windows\system32\drivers\vmx86.sys
22:50:19.0430 0x1d6c  vmx86 - ok
22:50:19.0450 0x1d6c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:50:19.0460 0x1d6c  volmgr - ok
22:50:19.0470 0x1d6c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:50:19.0480 0x1d6c  volmgrx - ok
22:50:19.0500 0x1d6c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:50:19.0510 0x1d6c  volsnap - ok
22:50:19.0540 0x1d6c  [ ABD9B4A7E2D0AE51A3B8DF1AF3152D61, 1EAA4D8D35008E4D5C4AEA91C3ABD3D5BB5F8DF2D95D35792B3F3BB31EABB7CF ] vpcbus          C:\Windows\system32\DRIVERS\vpchbus.sys
22:50:19.0580 0x1d6c  vpcbus - ok
22:50:19.0600 0x1d6c  [ 31924E31BC315773E6D149B157DB46D5, 8E2A8785D2D7327F9DE046E6245F233280395AA42D5BAD1048021109628840C2 ] vpcusb          C:\Windows\system32\DRIVERS\vpcusb.sys
22:50:19.0620 0x1d6c  vpcusb - ok
22:50:19.0650 0x1d6c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
22:50:19.0660 0x1d6c  vsmraid - ok
22:50:19.0680 0x1d6c  [ CB4D2E3C5E8BFA3CF6AFFF6DDC6CC70D, 32A891045AF36FEAC62373894B98ABDCEA437978BDE027169C22EBC2C72D586E ] vsock           C:\Windows\system32\drivers\vsock.sys
22:50:19.0690 0x1d6c  vsock - ok
22:50:19.0785 0x1d6c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
22:50:19.0865 0x1d6c  VSS - ok
22:50:19.0885 0x1d6c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
22:50:19.0895 0x1d6c  vwifibus - ok
22:50:19.0945 0x1d6c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
22:50:19.0975 0x1d6c  W32Time - ok
22:50:20.0009 0x1d6c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
22:50:20.0034 0x1d6c  WacomPen - ok
22:50:20.0049 0x1d6c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:50:20.0079 0x1d6c  WANARP - ok
22:50:20.0079 0x1d6c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:50:20.0109 0x1d6c  Wanarpv6 - ok
22:50:20.0379 0x1d6c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
22:50:20.0445 0x1d6c  wbengine - ok
22:50:20.0455 0x1d6c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:50:20.0475 0x1d6c  WbioSrvc - ok
22:50:20.0485 0x1d6c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:50:20.0516 0x1d6c  wcncsvc - ok
22:50:20.0534 0x1d6c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:50:20.0545 0x1d6c  WcsPlugInService - ok
22:50:20.0565 0x1d6c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
22:50:20.0575 0x1d6c  Wd - ok
22:50:20.0675 0x1d6c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:50:20.0728 0x1d6c  Wdf01000 - ok
22:50:20.0758 0x1d6c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:50:20.0768 0x1d6c  WdiServiceHost - ok
22:50:20.0778 0x1d6c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:50:20.0788 0x1d6c  WdiSystemHost - ok
22:50:20.0845 0x1d6c  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
22:50:20.0875 0x1d6c  WebClient - ok
22:50:20.0895 0x1d6c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:50:20.0928 0x1d6c  Wecsvc - ok
22:50:20.0938 0x1d6c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:50:20.0968 0x1d6c  wercplsupport - ok
22:50:20.0997 0x1d6c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:50:21.0040 0x1d6c  WerSvc - ok
22:50:21.0042 0x1d6c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:50:21.0063 0x1d6c  WfpLwf - ok
22:50:21.0073 0x1d6c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:50:21.0083 0x1d6c  WIMMount - ok
22:50:21.0093 0x1d6c  WinDefend - ok
22:50:21.0103 0x1d6c  WinHttpAutoProxySvc - ok
22:50:21.0145 0x1d6c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:50:21.0175 0x1d6c  Winmgmt - ok
22:50:21.0409 0x1d6c  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
22:50:21.0478 0x1d6c  WinRM - ok
22:50:21.0520 0x1d6c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
22:50:21.0535 0x1d6c  WinUsb - ok
22:50:21.0575 0x1d6c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:50:21.0614 0x1d6c  Wlansvc - ok
22:50:21.0638 0x1d6c  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
22:50:21.0638 0x1d6c  wlcrasvc - ok
22:50:21.0827 0x1d6c  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:50:21.0921 0x1d6c  wlidsvc - ok
22:50:21.0965 0x1d6c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
22:50:21.0975 0x1d6c  WmiAcpi - ok
22:50:22.0012 0x1d6c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:50:22.0032 0x1d6c  wmiApSrv - ok
22:50:22.0035 0x1d6c  WMPNetworkSvc - ok
22:50:22.0053 0x1d6c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:50:22.0073 0x1d6c  WPCSvc - ok
22:50:22.0083 0x1d6c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:50:22.0093 0x1d6c  WPDBusEnum - ok
22:50:22.0118 0x1d6c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:50:22.0138 0x1d6c  ws2ifsl - ok
22:50:22.0158 0x1d6c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
22:50:22.0168 0x1d6c  wscsvc - ok
22:50:22.0168 0x1d6c  WSearch - ok
22:50:22.0305 0x1d6c  [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:50:22.0406 0x1d6c  wuauserv - ok
22:50:22.0428 0x1d6c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:50:22.0458 0x1d6c  WudfPf - ok
22:50:22.0488 0x1d6c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:50:22.0510 0x1d6c  WUDFRd - ok
22:50:22.0534 0x1d6c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:50:22.0554 0x1d6c  wudfsvc - ok
22:50:22.0608 0x1d6c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:50:22.0638 0x1d6c  WwanSvc - ok
22:50:22.0708 0x1d6c  [ 4A5CE13408945E525503B5F73D29B9C5, D58BB31AF17752508EA67931BF170CE46877DC204FC5DA7EED5A078AEB0CA0FD ] xnacc           C:\Windows\system32\DRIVERS\xnacc.sys
22:50:22.0732 0x1d6c  xnacc - ok
22:50:22.0776 0x1d6c  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
22:50:22.0807 0x1d6c  xusb21 - ok
22:50:22.0828 0x1d6c  ================ Scan global ===============================
22:50:22.0870 0x1d6c  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
22:50:22.0923 0x1d6c  [ 841BF993597DCD498247684B5D3AE845, B80FDDE2F36F7DC9BCE253FFE0148C918DC3DD4357F37761B364DE7B887239EA ] C:\Windows\system32\winsrv.dll
22:50:22.0943 0x1d6c  [ 841BF993597DCD498247684B5D3AE845, B80FDDE2F36F7DC9BCE253FFE0148C918DC3DD4357F37761B364DE7B887239EA ] C:\Windows\system32\winsrv.dll
22:50:22.0963 0x1d6c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
22:50:23.0013 0x1d6c  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
22:50:23.0013 0x1d6c  [ Global ] - ok
22:50:23.0013 0x1d6c  ================ Scan MBR ==================================
22:50:23.0024 0x1d6c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:50:26.0626 0x1d6c  \Device\Harddisk0\DR0 - ok
22:50:26.0630 0x1d6c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
22:50:26.0738 0x1d6c  \Device\Harddisk1\DR1 - ok
22:50:26.0738 0x1d6c  ================ Scan VBR ==================================
22:50:26.0738 0x1d6c  [ E5CD593D795ECA0EA47B4C30697689CE ] \Device\Harddisk0\DR0\Partition1
22:50:26.0828 0x1d6c  \Device\Harddisk0\DR0\Partition1 - ok
22:50:26.0868 0x1d6c  [ 6195E4B8BA8441BFF91D988C13814283 ] \Device\Harddisk0\DR0\Partition2
22:50:26.0921 0x1d6c  \Device\Harddisk0\DR0\Partition2 - ok
22:50:26.0924 0x1d6c  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
22:50:26.0925 0x1d6c  \Device\Harddisk1\DR1\Partition1 - ok
22:50:26.0928 0x1d6c  [ 2BA2CAD7BA7720CAA86B78B6F81D0FFC ] \Device\Harddisk1\DR1\Partition2
22:50:26.0974 0x1d6c  \Device\Harddisk1\DR1\Partition2 - ok
22:50:26.0974 0x1d6c  ================ Scan generic autorun ======================
22:50:27.0138 0x1d6c  [ 1315C5C5C54CE2AA37A155F97027DB59, 70CDA6AE7FF4FD08FAD931477C524957952EDC89985696FD988B9786A349C565 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
22:50:27.0168 0x1d6c  AdobeAAMUpdater-1.0 - ok
22:50:27.0198 0x1d6c  [ 5514B64F7F2D25E09E2FDAF5D62B688C, 43263715ADC49250762A01E41DB2832C6A8B63CE4F66CDD8FC0B51DCA031DF27 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
22:50:27.0216 0x1d6c  IAStorIcon - ok
22:50:27.0248 0x1d6c  [ 8DDA2B606279753601F9415DA503CA63, 2C9AD8218E150B6D50817991377ED3230A1672EFBD7AE29D0CD9E55E2418C800 ] C:\Program Files (x86)\QuickTime\QTTask.exe
22:50:27.0268 0x1d6c  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
22:50:29.0632 0x1d6c  Detect skipped due to KSN trusted
22:50:29.0642 0x1d6c  QuickTime Task - ok
22:50:29.0762 0x1d6c  [ F4F7C86191A981C804326E2EF6F3604F, 1ECE05E643AFFB27A148A8B86615F6C167875EF29D6FF7E2FD15B8DCBE6B8A16 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
22:50:29.0772 0x1d6c  Adobe Reader Speed Launcher - ok
22:50:29.0853 0x1d6c  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
22:50:29.0880 0x1d6c  Adobe ARM - ok
22:50:29.0938 0x1d6c  [ 39D5333A11EC3CB56F80D42312F2EE7C, B6CBF4BCCE9A506E1F669312DC3A92498B919E755B11783C434D72B8A886252F ] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
22:50:29.0968 0x1d6c  DivXMediaServer - detected UnsignedFile.Multi.Generic ( 1 )
22:50:32.0347 0x1d6c  Detect skipped due to KSN trusted
22:50:32.0347 0x1d6c  DivXMediaServer - ok
22:50:32.0424 0x1d6c  [ 16AFB34618E1286FF856DC600AC49C79, 431EC110507685A0F4472EAE35383B4C1E3DC0B56E01CDECFB18F753181DC995 ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
22:50:32.0484 0x1d6c  DivXUpdate - ok
22:50:32.0534 0x1d6c  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
22:50:32.0564 0x1d6c  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
22:50:32.0564 0x1d6c  Detect skipped due to KSN trusted
22:50:32.0564 0x1d6c  SwitchBoard - ok
22:50:32.0617 0x1d6c  [ 8FE651ACBA3344E645CFEB6286FFF6B8, ECE4DFFEB7EB0B19B6790FD0F619A5C4B23CA0BA9CC3F25924925F8EA07264B6 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
22:50:32.0657 0x1d6c  AdobeCS6ServiceManager - ok
22:50:32.0874 0x1d6c  [ 6E62D050FB78F1A46C388A526F8C6B58, E1A29FB35C7E2F52FC78AEB41E90207B24BAFFE763FC6B1D35DF027DE29AD6FF ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
22:50:33.0063 0x1d6c  LogMeIn Hamachi Ui - ok
22:50:33.0197 0x1d6c  [ DC34596BFCF0BD472AA1D48449D8A7DF, B1A1AD8A72D585525CC4FEA4984EAD0AC0077640D2A4CF478BAA10BA3F08711A ] D:\DAEMON Tools Lite\DTLite.exe
22:50:33.0306 0x1d6c  DAEMON Tools Lite - ok
22:50:33.0394 0x1d6c  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Ozoma\AppData\Local\Dropbox\Update\DropboxUpdate.exe
22:50:33.0415 0x1d6c  Dropbox Update - ok
22:50:33.0877 0x1d6c  [ 7AC549AE61BBCE79E108D68B51EF85A0, 1B4036A58660AE9EDEB89BC69562A9E1B51FC869B615B40549EC68F5C5097CC1 ] C:\Program Files (x86)\LINE\line.exe
22:50:34.0365 0x1d6c  LINE - ok
22:50:34.0415 0x1d6c  GoogleDriveSync - ok
22:50:34.0455 0x1d6c  Skype - ok
22:50:34.0597 0x1d6c  [ 2CD5F1053AB2BC2ED35EF1B253B9E44A, 28A0A3785797D9DDD0A0D0D07B291E24E68B3523F55DE223C60EF59F5FD3361C ] D:\Steam\steam.exe
22:50:34.0697 0x1d6c  Steam - ok
22:50:34.0697 0x1d6c  Waiting for KSN requests completion. In queue: 11
22:50:35.0698 0x1d6c  Waiting for KSN requests completion. In queue: 11
22:50:36.0698 0x1d6c  Waiting for KSN requests completion. In queue: 11
22:50:37.0877 0x1d6c  Win FW state via NFP2: disabled ( trusted )
22:50:51.0362 0x1d6c  ============================================================
22:50:51.0362 0x1d6c  Scan finished
22:50:51.0362 0x1d6c  ============================================================
22:50:51.0362 0x2bd4  Detected object count: 0
22:50:51.0362 0x2bd4  Actual detected object count: 0

burningice · 15.04.2016, 00:46

Schritt: 1
CKScanner
Bitte lade dir CKScanner von diesem Link: CKScanner

Speichere es auf deinem Desktop
Mache einen Rechtsklick auf CKScanner.exe und wähle "Als Administrator ausführen"
Wähle "Search For Files"
Wenn der Scan fertig ist, klicke auf "Save List To File"
Öffne die "CKFiles.txt" auf deinem Desktop und poste mir deren Inhalt in der nächsten Antwort.

Führe das Tool nur ein Mal aus!

Heradi · 15.04.2016, 11:49

Code:

ATTFilter

CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
c:\program files\gimp 2\share\gimp\2.0\patterns\cracked.pat
c:\users\ozoma\desktop\ordner\blender-2.75a-windows64\blender-2.75a-windows64\2.75\python\lib\site-packages\numpy\f2py\crackfortran.py
c:\users\ozoma\desktop\ordner\mal wieder aufräumen\cube world crack by creyplays - kopie.rar
c:\users\ozoma\desktop\ordner\mal wieder aufräumen\cube world crack by creyplays - kopie\cube.exe
c:\users\ozoma\desktop\ordner\mal wieder aufräumen\cube world crack by creyplays - kopie\cubelauncher.exe
c:\users\ozoma\desktop\ordner\mal wieder aufräumen\cube world crack by creyplays - kopie\cursor.plx
c:\users\ozoma\desktop\ordner\mal wieder aufräumen\cube world crack by creyplays - kopie\data1.db
c:\users\ozoma\desktop\ordner\mal wieder aufräumen\cube world crack by creyplays - kopie\data2.db
c:\users\ozoma\desktop\ordner\mal wieder aufräumen\cube world crack by creyplays - kopie\data3.db
c:\users\ozoma\desktop\ordner\mal wieder aufräumen\cube world crack by creyplays - kopie\data4.db
c:\users\ozoma\desktop\ordner\mal wieder aufräumen\cube world crack by creyplays - kopie\freeimage.dll
c:\users\ozoma\desktop\ordner\mal wieder aufräumen\cube world crack by creyplays - kopie\gui.plx
c:\users\ozoma\desktop\ordner\mal wieder aufräumen\cube world crack by creyplays - kopie\help.plx
c:\users\ozoma\desktop\ordner\mal wieder aufräumen\cube world crack by creyplays - kopie\interface.plx
c:\users\ozoma\desktop\ordner\mal wieder aufräumen\cube world crack by creyplays - kopie\msvcp110.dll
c:\users\ozoma\desktop\ordner\mal wieder aufräumen\cube world crack by creyplays - kopie\msvcr110.dll
c:\users\ozoma\desktop\ordner\mal wieder aufräumen\cube world crack by creyplays - kopie\options.cfg
c:\users\ozoma\desktop\ordner\mal wieder aufräumen\cube world crack by creyplays - kopie\quest-tag.plx
c:\users\ozoma\desktop\ordner\mal wieder aufräumen\cube world crack by creyplays - kopie\resource1.dat
c:\users\ozoma\desktop\ordner\mal wieder aufräumen\cube world crack by creyplays - kopie\resource2.dat
c:\users\ozoma\desktop\ordner\mal wieder aufräumen\cube world crack by creyplays - kopie\server.cfg
c:\users\ozoma\desktop\ordner\mal wieder aufräumen\cube world crack by creyplays - kopie\start.plx
c:\users\ozoma\desktop\ordner\mal wieder aufräumen\cube world crack by creyplays - kopie\unins000.dat
c:\users\ozoma\desktop\ordner\mal wieder aufräumen\cube world crack by creyplays - kopie\unins000.exe
c:\users\ozoma\desktop\ordner\mal wieder aufräumen\cube world crack by creyplays - kopie\vccorlib110.dll
c:\users\ozoma\desktop\ordner\mal wieder aufräumen\cube world crack by creyplays - kopie\xaudio2_8.dll
c:\users\ozoma\desktop\ordner\mal wieder aufräumen\cube world crack by creyplays - kopie\zlib1.dll
c:\users\ozoma\desktop\ordner\mal wieder aufräumen\cube world crack by creyplays - kopie\save\characters.db
c:\users\ozoma\desktop\ordner\mal wieder aufräumen\cube world crack by creyplays - kopie\save\map_erste welt.db
c:\users\ozoma\desktop\ordner\mal wieder aufräumen\cube world crack by creyplays - kopie\save\map_online_26879.db
c:\users\ozoma\desktop\ordner\mal wieder aufräumen\cube world crack by creyplays - kopie\save\worlds.db
c:\users\ozoma\desktop\ordner\mal wieder aufräumen\cube world crack by creyplays - kopie\save\world_erste welt.db
c:\users\ozoma\desktop\ordner\mal wieder aufräumen\cube world crack by creyplays - kopie\save\world_server_26879.db
c:\users\ozoma\desktop\ordner\mal wieder aufräumen\cube world crack by creyplays - kopie\save\world_server_26879.db-journal
c:\users\ozoma\desktop\ordner\race\crack\makahost.dll
c:\users\ozoma\desktop\ordner\race\crack\xsplit.core.exe
scanner sequence 3.ZZ.11.SNAPKZ
 ----- EOF -----

burningice · 15.04.2016, 12:36

Lesestoff:
Illegale Software: Cracks, Keygens und Co

Code:

ATTFilter

127.0.0.1 activation.cloud.techsmith.com
c:\users\ozoma\desktop\ordner\mal wieder aufräumen\cube world crack by creyplays

Die unter anderem von mir kopierten Zeilen deuten darauf hin, dass du unrechtmäßig erworbene Software verwendest.
Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Du musst wissen, das Cracks häufig ein einfacher Weg sind, um sich zu infizieren. Ja, Spiele und andere Softwareprodukte sind oft teuer, aber trotzdem sollte man sich fragen, ob das immer notwendig ist, denn so umfangreiche Produkte zu entwickeln kostet die Entwickler auch sehr viel Geld.

Schritt 1
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Bitte poste in deiner nächsten Antwort also:

Logfile von AdwCleaner
Logfile von Malwarebytes
Frst.txt
Addition.txt

Heradi · 15.04.2016, 15:49

Ich möchte mich dafür entschuldigen das ich dieses Zipfile auf dem PC habe. Ich kann euch aber versichern das ich es niemals geöffnet habe und somit auch keinem Entwickler Geld unterschlagen habe. Ich habe sowieso kein Interesse an dem Spiel....warum ich es trotzdem auf dem PC habe ist weil mir jemand meinte ich soll es mir doch mal anzocken..hab ich nie gemacht. So hier erstmal ADWCleaner:

Code:

ATTFilter

# AdwCleaner v5.111 - Bericht erstellt am 15/04/2016 um 16:31:36
# Aktualisiert am 14/04/2016 von Xplode
# Datenbank : 2016-04-11.4 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (X64)
# Benutzername : Ozoma - OZOMA-PC
# Gestartet von : C:\Users\Ozoma\Desktop\AdwCleaner_5.111.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner gelöscht : C:\Users\Ozoma\AppData\Roaming\OpenCandy

***** [ Dateien ] *****

[-] Datei gelöscht : C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] Datei gelöscht : C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht : HKCU\Software\Classes\CLSID\{DB40EAF2-2025-4F74-B9EF-7C0782F26C84}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Interface\{94952EC4-DB66-3F32-BE4C-F0BB875EA98E}
[-] Wert gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Schlüssel gelöscht : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\Web Assistant
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3038A20B9089EC34D8F74220191FAB30
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\watch4.de
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.watch4.de

***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [3635 Bytes] - [15/04/2016 16:31:36]
C:\AdwCleaner\AdwCleaner[R0].txt - [84667 Bytes] - [25/11/2013 16:25:03]
C:\AdwCleaner\AdwCleaner[R1].txt - [3877 Bytes] - [06/01/2014 19:36:43]
C:\AdwCleaner\AdwCleaner[R2].txt - [1182 Bytes] - [06/01/2014 20:26:03]
C:\AdwCleaner\AdwCleaner[R3].txt - [5424 Bytes] - [07/01/2014 14:05:55]
C:\AdwCleaner\AdwCleaner[R4].txt - [8754 Bytes] - [21/09/2015 13:03:45]
C:\AdwCleaner\AdwCleaner[S0].txt - [83297 Bytes] - [25/11/2013 16:25:39]
C:\AdwCleaner\AdwCleaner[S1].txt - [7986 Bytes] - [06/01/2014 19:53:12]
C:\AdwCleaner\AdwCleaner[S2].txt - [1244 Bytes] - [06/01/2014 20:26:46]
C:\AdwCleaner\AdwCleaner[S3].txt - [3993 Bytes] - [07/01/2014 14:06:35]
C:\AdwCleaner\AdwCleaner[S4].txt - [7651 Bytes] - [21/09/2015 13:09:12]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [4440 Bytes] ##########

Malewarebytes Anti-Maleware 1.x ( danach folgen einige zeichen die ich nicht schreiben und kopieren kann wie °a also der punkt über dem a und so weiter dann irgendwann nochmal Anti-Maleware 1.x, nochmal einige zeichen.) Diese Fehelrmeldung mit dem Titel "Setup" wird mir ausgegeben wenn ich versuche MBAM zu installieren.Ich könnte es als Bild zeigen wenn du mir sagst wie das geht. Daher poste ich erstmal nur noch FRST:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:13-04-2016
durchgeführt von Ozoma (Administrator) auf OZOMA-PC (15-04-2016 16:51:15)
Gestartet von C:\Users\Ozoma\Desktop
Geladene Profile: Ozoma (Verfügbare Profile: Ozoma)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(LINE Corporation) C:\Program Files (x86)\LINE\LINE.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Valve Corporation) D:\Steam\Steam.exe
(Dropbox, Inc.) C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\Dropbox.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-02-14] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2016-04-05] (LogMeIn Inc.)
HKU\S-1-5-21-3620531602-815428446-3748077359-1001\...\Run: [DAEMON Tools Lite] => D:\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-3620531602-815428446-3748077359-1001\...\Run: [Dropbox Update] => C:\Users\Ozoma\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-16] (Dropbox, Inc.)
HKU\S-1-5-21-3620531602-815428446-3748077359-1001\...\Run: [LINE] => C:\Program Files (x86)\LINE\line.exe [17227240 2016-03-10] (LINE Corporation)
HKU\S-1-5-21-3620531602-815428446-3748077359-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3620531602-815428446-3748077359-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23260000 2016-02-24] (Google)
HKU\S-1-5-21-3620531602-815428446-3748077359-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50670720 2016-03-01] (Skype Technologies S.A.)
HKU\S-1-5-21-3620531602-815428446-3748077359-1001\...\Run: [Steam] => D:\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
HKU\S-1-5-21-3620531602-815428446-3748077359-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Users\Ozoma\Desktop\IMG005~1.SCR
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
Startup: C:\Users\Ozoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-04-15]
ShortcutTarget: Dropbox.lnk -> C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [231424 2013-09-08] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224 2009-07-14] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\napinsp.dll"
Winsock: Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024 2009-07-14] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024 2009-07-14] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424 2013-09-08] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992 2009-07-14] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\System32\winrnr.dll"
Winsock: Catalog5-x64 01 C:\Windows\System32\mswsock.dll [327168 2013-09-08] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\NLAapi.dll"
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{027C0094-CB13-4C44-920B-6595D581C01B}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-3620531602-815428446-3748077359-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3620531602-815428446-3748077359-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-3620531602-815428446-3748077359-1001 -> {371DBE33-47B9-4EA9-ADBA-E5886E44D4E9} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-3620531602-815428446-3748077359-1001 -> {96CEEE20-AFBC-439F-8348-317552AEDFF2} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-3620531602-815428446-3748077359-1001 -> {9A278DCD-E49C-4FA0-8988-6C51AF86CEAA} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-3620531602-815428446-3748077359-1001 -> {FA5B4673-0177-431A-BF39-E3B5DA5A21AA} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll => Keine Datei
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-25] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-25] (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-03-02] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Ozoma\AppData\Roaming\Mozilla\Firefox\Profiles\xf4j3rjr.default-1389032603445
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: www.google.com
FF Session Restore: -> ist aktiviert.
FF Keyword.URL: hxxps://www.google.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-08] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1214154.dll [2014-11-26] (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-02-18] (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-25] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3620531602-815428446-3748077359-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ozoma\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-03-24] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll [2012-01-12] (BitComet)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Extension: SaveFrom.net - helper - C:\Users\Ozoma\AppData\Roaming\Mozilla\Firefox\Profiles\xf4j3rjr.default-1389032603445\Extensions\helper-sig@savefrom.net.xpi [2016-02-10]
FF Extension: ExHentai Easy 2 - C:\Users\Ozoma\AppData\Roaming\Mozilla\Firefox\Profiles\xf4j3rjr.default-1389032603445\Extensions\jid1-7NbXi2AqS1oUFw@jetpack.xpi [2015-02-02] [ist nicht signiert]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-02-20] [ist nicht signiert]

Chrome: 
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxp://websearch.searchdwebs.info/?pid=34&r=2013/06/20&hid=952745596&lg=EN&cc=DE&unqvl=22","hxxp://www.youtube.com/watch?v=b3WNiI7OtT0","hxxp://www.youtube.com/watch?v=MOY1QbcH3a4","hxxp://www.detektiv-conan.ch/index.php?page=jpnepisoden.php&episoden=681697","hxxp://detektivconan-wiki.com/wiki/Liste_der_Anime-Episoden","hxxp://megaman.wikia.com/wiki/List_of_Mega_Man_6_enemies","hxxp://www.youtube.com/watch?v=DeHHPLMMCfs","hxxp://www.youtube.com/watch?v=n8ofa-afC6c&list=WL012A62390FD9B1E6","hxxp://www.youtube.com/watch?v=TLVGmvmNitg&list=SP2B009153AC977F90","hxxp://www.burning-seri.es/serie/Akte-X/1/17-Taeuschungsmanoever","hxxp://www.burning-seri.es/serie/Startrek-Enterprise/1/20-Schiff-der-Geister/PutLocker-1","hxxp://annayseult.blogspot.de/?zx=e8d1c655866936ed","hxxp://www.youtube.com/results?search_query=megaman+folge+3&oq=megaman+folge+3&gs_l=youtube.3..0l3.1499583.1500130.0.1500560.2.2.0.0.0.0.197.262.1j1.2.0...0.0...1ac.1.11.youtube.oNVa4RtNhJ8","hxxps://mail.google.com/mail/u/0/?ui=2&shva=1#inbox","hxxp://searchiy.gboxapp.com/?pid=500&src=ch1&r=2013/06/28&hid=952745596&lg=EN&cc=DE","hxxp://searchiy.gboxapp.com/?pid=500&src=ch1&r=2013/07/17&hid=952745596&lg=EN&cc=DE"
CHR Session Restore: Default -> ist aktiviert.
CHR Profile: C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-08]
CHR Extension: (Google Docs) - C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-08]
CHR Extension: (Google Drive) - C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-08]
CHR Extension: (YouTube) - C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-08]
CHR Extension: (Adblock Plus) - C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-10]
CHR Extension: (Google-Suche) - C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-08]
CHR Extension: (Tampermonkey) - C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-04-11]
CHR Extension: (Google Tabellen) - C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-08]
CHR Extension: (Google Docs Offline) - C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-18]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Google Mail) - C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-08]
CHR HKU\S-1-5-21-3620531602-815428446-3748077359-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Ozoma\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2015-09-09]
CHR HKU\S-1-5-21-3620531602-815428446-3748077359-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3620531602-815428446-3748077359-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-06-15] () [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2016-04-05] (LogMeIn, Inc.)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2104840 2016-02-13] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-23] ()
S4 RemoteAccess; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2015-12-27] (Microsoft Corporation) [Datei ist nicht signiert]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [746392 2013-03-20] (Tunngle.net GmbH) [Datei ist nicht signiert]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-07-12] (VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-31] (DT Soft Ltd)
S3 E100B; C:\Windows\System32\DRIVERS\efe5b32e.sys [192256 2009-06-10] (Intel Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [46792 2013-07-24] (AnchorFree Inc.)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-15 16:39 - 2016-04-15 16:39 - 22851472 _____ (Malwarebytes ) C:\Users\Ozoma\Desktop\mbam-setup-2.2.1.1043 (1).exe
2016-04-15 16:18 - 2016-04-15 16:18 - 03677760 _____ C:\Users\Ozoma\Desktop\AdwCleaner_5.111.exe
2016-04-15 12:48 - 2016-04-15 12:48 - 00003775 _____ C:\Users\Ozoma\Desktop\ckfiles.txt
2016-04-15 12:37 - 2016-04-15 12:37 - 00468480 _____ () C:\Users\Ozoma\Desktop\CKScanner.exe
2016-04-15 07:55 - 2016-04-15 07:55 - 00000000 ____D C:\Users\Ozoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-04-14 22:48 - 2016-04-14 22:59 - 00209110 _____ C:\TDSSKiller.3.1.0.9_14.04.2016_22.48.31_log.txt
2016-04-14 22:47 - 2016-04-14 22:47 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Ozoma\Desktop\tdsskiller.exe
2016-04-14 22:45 - 2016-04-14 22:46 - 00076720 _____ C:\Users\Ozoma\Desktop\Addition.txt
2016-04-14 22:38 - 2016-04-15 16:51 - 00027620 _____ C:\Users\Ozoma\Desktop\FRST.txt
2016-04-14 22:37 - 2016-04-14 22:38 - 02375168 _____ (Farbar) C:\Users\Ozoma\Desktop\FRST64.exe
2016-04-14 18:29 - 2016-04-14 18:29 - 22851472 _____ (Malwarebytes ) C:\Users\Ozoma\Desktop\mbam-setup-2.2.1.1043.exe
2016-04-13 17:14 - 2016-03-31 20:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-04-13 17:14 - 2016-03-31 02:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-04-13 17:14 - 2016-03-31 02:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-04-13 17:14 - 2016-03-31 02:21 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-04-13 17:14 - 2016-03-31 02:17 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-04-13 17:14 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-04-13 17:14 - 2016-03-31 02:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-04-13 17:14 - 2016-03-31 01:59 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-04-13 17:14 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-04-13 17:14 - 2016-03-31 01:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-04-13 17:14 - 2016-03-31 01:52 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-04-13 17:14 - 2016-03-31 01:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-04-13 17:14 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-04-13 17:14 - 2016-03-31 01:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-04-13 17:14 - 2016-03-31 01:33 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-04-13 17:14 - 2016-03-31 01:31 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-04-13 17:14 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-04-13 17:14 - 2016-03-31 01:29 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-04-13 17:14 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-04-13 17:14 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-04-13 17:13 - 2016-03-31 21:25 - 00394952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-04-13 17:13 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-04-13 17:13 - 2016-03-31 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-04-13 17:13 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-04-13 17:13 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-04-13 17:13 - 2016-03-31 02:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-04-13 17:13 - 2016-03-31 02:27 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-04-13 17:13 - 2016-03-31 02:27 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-04-13 17:13 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-04-13 17:13 - 2016-03-31 02:22 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-04-13 17:13 - 2016-03-31 02:19 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-04-13 17:13 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-04-13 17:13 - 2016-03-31 02:17 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-04-13 17:13 - 2016-03-31 02:17 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-04-13 17:13 - 2016-03-31 02:11 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-04-13 17:13 - 2016-03-31 02:08 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-04-13 17:13 - 2016-03-31 02:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-04-13 17:13 - 2016-03-31 01:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-04-13 17:13 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-04-13 17:13 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-04-13 17:13 - 2016-03-31 01:53 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-04-13 17:13 - 2016-03-31 01:52 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-04-13 17:13 - 2016-03-31 01:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-04-13 17:13 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-04-13 17:13 - 2016-03-31 01:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-04-13 17:13 - 2016-03-31 01:46 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-04-13 17:13 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-04-13 17:13 - 2016-03-31 01:45 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-04-13 17:13 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-04-13 17:13 - 2016-03-31 01:45 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-04-13 17:13 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-04-13 17:13 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-04-13 17:13 - 2016-03-31 01:42 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-04-13 17:13 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-04-13 17:13 - 2016-03-31 01:38 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-04-13 17:13 - 2016-03-31 01:31 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-04-13 17:13 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-04-13 17:13 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-04-13 17:13 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-04-13 17:13 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-04-13 17:13 - 2016-03-31 01:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-04-13 17:13 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-04-13 17:13 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-04-13 17:13 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-04-13 17:13 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-04-13 17:13 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-04-13 17:13 - 2016-03-18 01:04 - 05551336 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-04-13 17:13 - 2016-03-18 01:04 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-04-13 17:13 - 2016-03-18 01:04 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-04-13 17:13 - 2016-03-18 01:04 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-04-13 17:13 - 2016-03-18 01:01 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-13 17:13 - 2016-03-18 01:01 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-04-13 17:13 - 2016-03-18 00:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-04-13 17:13 - 2016-03-18 00:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-04-13 17:13 - 2016-03-18 00:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-04-13 17:13 - 2016-03-18 00:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-04-13 17:13 - 2016-03-18 00:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-04-13 17:13 - 2016-03-18 00:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-04-13 17:13 - 2016-03-18 00:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-04-13 17:13 - 2016-03-18 00:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-04-13 17:13 - 2016-03-18 00:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-04-13 17:13 - 2016-03-18 00:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-04-13 17:13 - 2016-03-18 00:57 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-04-13 17:13 - 2016-03-18 00:57 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-04-13 17:13 - 2016-03-18 00:57 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-04-13 17:13 - 2016-03-18 00:57 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-04-13 17:13 - 2016-03-18 00:57 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-04-13 17:13 - 2016-03-18 00:56 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-13 17:13 - 2016-03-18 00:56 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-04-13 17:13 - 2016-03-18 00:54 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-04-13 17:13 - 2016-03-18 00:54 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-04-13 17:13 - 2016-03-18 00:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-04-13 17:13 - 2016-03-18 00:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-04-13 17:13 - 2016-03-18 00:53 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-13 17:13 - 2016-03-18 00:53 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-04-13 17:13 - 2016-03-18 00:53 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-04-13 17:13 - 2016-03-18 00:53 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:36 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-04-13 17:13 - 2016-03-18 00:36 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-04-13 17:13 - 2016-03-18 00:33 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-04-13 17:13 - 2016-03-18 00:31 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-04-13 17:13 - 2016-03-18 00:31 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-04-13 17:13 - 2016-03-18 00:31 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-04-13 17:13 - 2016-03-18 00:31 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-04-13 17:13 - 2016-03-18 00:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-04-13 17:13 - 2016-03-18 00:30 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-04-13 17:13 - 2016-03-18 00:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-04-13 17:13 - 2016-03-18 00:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-04-13 17:13 - 2016-03-18 00:29 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-04-13 17:13 - 2016-03-18 00:29 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-04-13 17:13 - 2016-03-18 00:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-04-13 17:13 - 2016-03-18 00:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-04-13 17:13 - 2016-03-18 00:27 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-04-13 17:13 - 2016-03-18 00:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-04-13 17:13 - 2016-03-18 00:27 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-04-13 17:13 - 2016-03-18 00:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-04-13 17:13 - 2016-03-18 00:26 - 00553984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-04-13 17:13 - 2016-03-18 00:25 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-13 17:13 - 2016-03-17 23:53 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-04-13 17:13 - 2016-03-17 23:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-04-13 17:13 - 2016-03-17 23:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-04-13 17:13 - 2016-03-17 23:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-04-13 17:13 - 2016-03-17 23:44 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-04-13 17:13 - 2016-03-17 23:43 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-04-13 17:13 - 2016-03-17 23:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-04-13 17:13 - 2016-03-17 23:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-04-13 17:13 - 2016-03-17 23:37 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-04-13 17:13 - 2016-03-17 23:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-04-13 17:13 - 2016-03-17 23:35 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-04-13 17:13 - 2016-03-17 23:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-04-13 17:13 - 2016-03-17 23:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-04-13 17:13 - 2016-03-17 23:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-04-13 17:13 - 2016-03-17 23:30 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-04-13 17:13 - 2016-03-17 23:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-04-13 17:13 - 2016-03-17 23:29 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-04-13 17:13 - 2016-03-17 23:29 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-13 17:13 - 2016-03-17 23:29 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 17:13 - 2016-03-17 23:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 17:13 - 2016-03-17 23:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-13 17:13 - 2016-03-06 20:53 - 01885696 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-13 17:13 - 2016-03-06 20:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-04-13 17:13 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-13 17:13 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-04-13 17:12 - 2016-03-29 19:53 - 03216896 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-04-13 17:12 - 2016-03-16 02:16 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-13 17:12 - 2016-03-16 02:16 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-13 17:12 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-13 17:12 - 2016-03-11 20:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-04-13 17:12 - 2016-03-11 20:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-04-08 00:28 - 2016-04-08 00:28 - 05934784 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-04-06 16:07 - 2016-04-06 16:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-04-06 16:07 - 2016-04-06 16:07 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-04-05 19:40 - 2016-04-05 19:40 - 00000844 _____ C:\Users\Ozoma\AppData\Local\recently-used.xbel
2016-04-05 19:39 - 2016-04-05 19:39 - 00000000 ____D C:\Users\Ozoma\.fontconfig
2016-04-03 20:40 - 2016-04-03 20:39 - 00524304 _____ C:\Users\Ozoma\Desktop\Overload 3 Beta Test 5.nes
2016-03-31 21:59 - 2016-03-31 21:59 - 00006235 _____ C:\Users\Ozoma\Desktop\^414E80C65348E4630387FDD2AB4066B16597FC635919258E64^pimgpsh_thumbnail_win_distr.jpg
2016-03-31 21:46 - 2016-03-31 21:53 - 00393232 _____ C:\Users\Ozoma\Desktop\Overload 4.nes
2016-03-31 20:39 - 1997-05-19 21:36 - 00393232 ____R C:\Users\Ozoma\Desktop\Mega Man 3 (U) [!].nes
2016-03-30 22:16 - 2016-03-30 22:16 - 00000000 ____D C:\Users\Ozoma\Desktop\Cache
2016-03-28 14:08 - 2016-03-28 14:06 - 00524304 _____ C:\Users\Ozoma\Desktop\Overload 3 Beta Test 4.nes
2016-03-28 13:44 - 2016-03-28 13:44 - 00000022 _____ C:\Users\Ozoma\Desktop\Story.txt
2016-03-26 14:48 - 2016-03-26 14:44 - 00524304 _____ C:\Users\Ozoma\Desktop\Overload 3 Beta Test 3.nes
2016-03-20 02:34 - 2016-03-17 02:49 - 00524304 _____ C:\Users\Ozoma\Desktop\Overload 3 Beta Test 2.nes
2016-03-19 20:17 - 2016-03-19 20:20 - 00000000 ____D C:\Users\Ozoma\AppData\Roaming\MMFApplications
2016-03-19 15:47 - 2016-03-19 15:47 - 00000202 _____ C:\Users\Ozoma\Desktop\Deponia The Complete Journey.url
2016-03-17 20:56 - 2016-03-17 20:56 - 00000000 ____D C:\Users\Ozoma\AppData\Roaming\MegaMan
2016-03-17 00:02 - 2016-03-17 00:02 - 00000202 _____ C:\Users\Ozoma\Desktop\Mega Man Legacy Collection.url
2016-03-16 00:44 - 2016-03-16 00:44 - 00000516 _____ C:\Users\Public\Desktop\Steam.lnk
2016-03-16 00:44 - 2016-03-16 00:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-03-16 00:42 - 2016-03-16 00:43 - 01380712 _____ C:\Users\Ozoma\Desktop\SteamSetup.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-15 16:55 - 2012-04-24 08:18 - 00000000 ____D C:\Users\Ozoma\AppData\Roaming\Skype
2016-04-15 16:51 - 2013-11-25 15:51 - 00000000 ____D C:\FRST
2016-04-15 16:43 - 2009-07-14 06:45 - 00027920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-15 16:43 - 2009-07-14 06:45 - 00027920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-15 16:35 - 2014-07-13 17:08 - 00000000 ___RD C:\Users\Ozoma\Dropbox
2016-04-15 16:34 - 2013-05-11 14:54 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-15 16:34 - 2013-04-29 20:53 - 00000000 ____D C:\Users\Ozoma\AppData\Local\LogMeIn Hamachi
2016-04-15 16:33 - 2014-01-11 17:38 - 00000000 ____D C:\ProgramData\VMware
2016-04-15 16:33 - 2012-04-18 07:46 - 00000000 ____D C:\ProgramData\NVIDIA
2016-04-15 16:33 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-15 16:31 - 2013-11-25 16:24 - 00000000 ____D C:\AdwCleaner
2016-04-15 16:28 - 2013-01-04 00:39 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-15 16:20 - 2015-07-16 05:09 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3620531602-815428446-3748077359-1001UA.job
2016-04-15 16:20 - 2012-04-20 23:59 - 00000000 ____D C:\Users\Ozoma\AppData\Roaming\TS3Client
2016-04-15 16:17 - 2013-05-11 14:54 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-15 16:16 - 2014-03-30 17:29 - 00000000 ____D C:\Users\Ozoma\AppData\Local\Battle.net
2016-04-15 07:56 - 2014-07-13 17:05 - 00000000 ____D C:\Users\Ozoma\AppData\Roaming\Dropbox
2016-04-15 07:55 - 2015-07-16 05:09 - 00000000 ____D C:\Users\Ozoma\AppData\Local\Dropbox
2016-04-15 02:20 - 2015-07-16 05:09 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3620531602-815428446-3748077359-1001Core.job
2016-04-14 21:02 - 2012-08-17 00:56 - 00030720 _____ C:\Users\Ozoma\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-04-14 04:08 - 2015-03-11 05:06 - 00000000 ____D C:\Windows\rescache
2016-04-14 03:31 - 2009-07-14 06:45 - 04927232 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-14 03:11 - 2013-09-06 01:05 - 00000000 ____D C:\Windows\system32\MRT
2016-04-14 03:04 - 2012-07-23 17:49 - 135176864 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-04-13 20:38 - 2015-03-21 21:19 - 00000000 ____D C:\Users\Ozoma\Desktop\Challenge
2016-04-13 20:33 - 2015-09-01 00:37 - 00005246 _____ C:\Users\Ozoma\Desktop\Mögliche Mangaprojekte.txt
2016-04-12 02:21 - 2016-01-08 19:41 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-08 00:28 - 2013-12-11 16:28 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-08 00:28 - 2013-01-04 00:39 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-04-08 00:28 - 2012-04-21 19:09 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-06 16:07 - 2015-12-04 04:51 - 00000932 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2016-04-06 10:18 - 2010-11-21 05:27 - 00453280 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-04-05 19:41 - 2012-10-01 17:39 - 00000000 ____D C:\Users\Ozoma\AppData\Local\Paint.NET
2016-04-05 19:41 - 2012-07-08 22:19 - 00000000 ____D C:\Users\Ozoma\.gimp-2.6
2016-04-05 19:39 - 2012-04-20 23:45 - 00000000 ____D C:\Users\Ozoma
2016-04-05 16:18 - 2013-01-20 14:24 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2016-04-03 20:40 - 2016-03-13 13:39 - 00000000 ____D C:\Users\Ozoma\Desktop\Overload Test
2016-04-02 12:39 - 2016-01-28 23:02 - 00000000 ____D C:\ProgramData\F-Secure
2016-03-20 17:03 - 2015-06-18 19:03 - 00000000 ____D C:\Users\Ozoma\AppData\Local\Daedalic Entertainment GmbH
2016-03-19 20:23 - 2013-06-27 20:58 - 00000000 ____D C:\Users\Ozoma\Desktop\JoyToKey_en

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-29 11:02 - 2016-01-25 19:37 - 0000132 _____ () C:\Users\Ozoma\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2012-07-10 22:24 - 2012-07-13 19:06 - 0000096 _____ () C:\Users\Ozoma\AppData\Roaming\Camdata.ini
2012-07-10 22:24 - 2012-07-13 19:06 - 0000408 _____ () C:\Users\Ozoma\AppData\Roaming\CamLayout.ini
2012-07-10 22:24 - 2012-07-13 19:06 - 0000408 _____ () C:\Users\Ozoma\AppData\Roaming\CamShapes.ini
2012-07-10 22:24 - 2012-07-13 19:06 - 0004416 _____ () C:\Users\Ozoma\AppData\Roaming\CamStudio.cfg
2012-07-13 18:19 - 2012-07-13 18:19 - 0000000 _____ () C:\Users\Ozoma\AppData\Roaming\CamStudio.Producer.Data.ini
2012-07-13 18:19 - 2012-07-13 18:19 - 0001206 _____ () C:\Users\Ozoma\AppData\Roaming\CamStudio.Producer.ini
2015-02-27 17:14 - 2015-02-27 17:14 - 0000194 _____ () C:\Users\Ozoma\AppData\Roaming\dmsettings.xml
2004-01-26 17:15 - 2004-01-26 17:15 - 0233472 ____R () C:\Users\Ozoma\AppData\Roaming\MafiaSetup.exe
2012-08-19 23:15 - 2012-08-21 11:03 - 0000000 ____H () C:\Users\Ozoma\AppData\Roaming\winbras.sys
2012-08-19 23:15 - 2012-08-21 11:03 - 0000000 ____H () C:\Users\Ozoma\AppData\Roaming\windrvconfig.txt
2012-08-17 00:56 - 2016-04-14 21:02 - 0030720 _____ () C:\Users\Ozoma\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-04-05 19:40 - 2016-04-05 19:40 - 0000844 _____ () C:\Users\Ozoma\AppData\Local\recently-used.xbel
2012-07-08 23:49 - 2014-08-18 23:22 - 0007602 _____ () C:\Users\Ozoma\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
C:\Users\Ozoma\AppData\Local\temp\drm_dialogs.dll
C:\Users\Ozoma\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpl70lnf.dll
C:\Users\Ozoma\AppData\Local\temp\ICSharpCode.SharpZipLib.dll
C:\Users\Ozoma\AppData\Local\temp\libeay32.dll
C:\Users\Ozoma\AppData\Local\temp\MBSetup311.exe
C:\Users\Ozoma\AppData\Local\temp\MBSetup360.exe
C:\Users\Ozoma\AppData\Local\temp\MBSetup908.exe
C:\Users\Ozoma\AppData\Local\temp\msvcr120.dll
C:\Users\Ozoma\AppData\Local\temp\Quarantine.exe
C:\Users\Ozoma\AppData\Local\temp\SkypeSetup.exe
C:\Users\Ozoma\AppData\Local\temp\sqlite3.dll
C:\Users\Ozoma\AppData\Local\temp\YgoUpdater.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-08 02:57

==================== Ende von FRST.txt ============================

Heradi · 15.04.2016, 16:00

Addition:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:13-04-2016
durchgeführt von Ozoma (2016-04-15 16:56:07)
Gestartet von C:\Users\Ozoma\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-04-20 21:45:42)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3620531602-815428446-3748077359-500 - Administrator - Disabled)
fbwuser (S-1-5-21-3620531602-815428446-3748077359-1004 - Limited - Enabled)
Gast (S-1-5-21-3620531602-815428446-3748077359-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3620531602-815428446-3748077359-1003 - Limited - Enabled)
Ozoma (S-1-5-21-3620531602-815428446-3748077359-1001 - Administrator - Enabled) => C:\Users\Ozoma

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7 Days to Die (HKLM-x32\...\Steam App 251570) (Version:  - The Fun Pimps)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2 - Adobe Systems Incorporated)
Adobe Flash Media Live Encoder 3.2 (HKLM-x32\...\{0659E943-DDF4-44FC-9FEE-A13B09F8BB08}) (Version: 3.2.0 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.4.154 - Adobe Systems, Inc.)
Aegisub 3.2.2 (HKLM\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Alice Madness Returns (HKLM-x32\...\{93A3AB24-36E8-41BA-80C6-CCEC237836DC}) (Version: 1.0.0.0 - Electronic Arts)
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version:  - )
Angry Video Game Nerd Adventures (HKLM-x32\...\Steam App 237740) (Version:  - FreakZone Games)
AnkhBotR2 version 1.0.0.16 (HKLM-x32\...\{08D3C5BB-C492-4916-B111-725081845380}_is1) (Version: 1.0.0.16 - Marcin Swierzowski aka AnkhHeart)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Ascend: Hand of Kul (HKLM-x32\...\Steam App 233630) (Version:  - Signal Studios)
Audacity Recovery Utility (HKLM-x32\...\AURC_is1) (Version:  - Markus Meyer)
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
Bardbarian (HKLM-x32\...\Steam App 269490) (Version:  - TreeFortress Games)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
Beyond Divinity (HKLM-x32\...\{4C9BE645-3EF8-335D-9A7C-77F2A8689C5E}_is1) (Version: 1.0.7 - )
Camtasia Studio 7 (HKLM-x32\...\{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}) (Version: 7.1.1 - TechSmith Corporation)
CH2_1Demo (HKLM-x32\...\UDK-15b41068-9227-4540-bf45-79ec3a1d0195) (Version:  - Epic Games, Inc.)
CH2E1.1 (HKLM-x32\...\UDK-c126d00d-307a-404d-94b3-39a023e4f252) (Version:  - Epic Games, Inc.)
CH2Ep1 (HKLM-x32\...\UDK-a9cfc93b-489d-4dcf-bda6-ef42d613f81b) (Version:  - Epic Games, Inc.)
Craften Terminal 4.1.2 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 4.1.2 - Craften.de)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Dark Souls Prepare to Die Edition (HKLM-x32\...\GFWL_{4E4D0FA1-F880-4CCB-999A-501000008200}) (Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.)
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0002.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
'Das Achte Weltwunder' (HKLM-x32\...\'Das Achte Weltwunder') (Version:  - )
DayZ Commander (HKLM-x32\...\{B3653588-3AC0-4A1D-950F-D96531E84374}) (Version: 0.92.91 - Dotjosh Studios)
Dead Space (HKLM-x32\...\Steam App 17470) (Version:  - EA Redwood Shores)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Deponia: The Complete Journey (HKLM\...\Steam App 292910) (Version:  - Daedalic Entertainment)
DEVIL MAY CRY 4 BENCHMARK (HKLM-x32\...\{B824BEEF-262B-4B48-9984-D0C6B43C40DD}) (Version: 1.00.000 - CAPCOM CO., LTD.)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Diablo III Beta (HKLM-x32\...\Diablo III Beta) (Version: 0.2.0.7162 - Blizzard Entertainment)
Divine Divinity (HKLM-x32\...\{9278c4eb-1dfd-44ec-a0bb-3696f36a2767}_is1) (Version: 1.0.7 - )
Divine Divinity (HKLM-x32\...\Divine Divinity) (Version:  - )
Divine Divinity (HKLM-x32\...\Divine Divinity_is1) (Version:  - GOG.com)
Divinity II - Developer's Cut (HKLM-x32\...\CDCE6956-DCDC-4F82-ACA0-E4C7BAD6B26A_is1) (Version: 1.4 - Larian)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)
Dropbox (HKU\S-1-5-21-3620531602-815428446-3748077359-1001\...\Dropbox) (Version: 3.18.1 - Dropbox, Inc.)
ep2v1.0 (HKLM\...\UDK-c429a1cb-a825-4d9b-9244-6524f32619d2) (Version:  - Epic Games, Inc.)
Ep2v1.3.1 (HKLM\...\UDK-2a05942d-2635-4510-9d16-90851ac5f19d) (Version:  - Epic Games, Inc.)
EP2v1.4 (HKLM\...\UDK-4c647596-6948-492d-bfab-d89ca48f0bd3) (Version:  - Epic Games, Inc.)
Ep3v1.21 (HKLM-x32\...\UDK-8cd56b9e-f402-46df-81d4-78eee2dfccef) (Version:  - Epic Games, Inc.)
EP3v1.4 (HKLM-x32\...\UDK-9be77e23-cec9-4fbf-9d6f-45eb0e6107d0) (Version:  - Epic Games, Inc.)
EP4v1.0 (HKLM-x32\...\UDK-a4faf819-0f87-491e-adfd-7130f6f290df) (Version:  - Epic Games, Inc.)
Ep4v1.1ee (HKLM-x32\...\UDK-26c9a51b-9515-4f59-8e88-c1aca495ebfe) (Version:  - Epic Games, Inc.)
Ep5v1.01 (HKLM-x32\...\UDK-e37a630b-5d78-4674-848a-ddf58d95ca9d) (Version:  - Epic Games, Inc.)
Episode 1 1.0b (HKLM-x32\...\Episode 1 1.0b) (Version: 1.0b - Whorecraft 2)
Episode 1 1.1 (HKLM-x32\...\Episode 1 1.1) (Version: 1.1 - Whorecraft 2)
episode 4 1.1ee (HKLM-x32\...\episode 4 1.1ee) (Version: 1.1ee - Whorecraft)
Episode 5 1.01 (HKLM-x32\...\Episode 5 1.01) (Version: 1.01 - Whorecraft)
Episode1 Demo (HKLM-x32\...\Episode1 Demo) (Version: Demo - Whorecraft 2)
Eryi's Action (HKLM-x32\...\Steam App 261700) (Version:  - Xtal Sword)
Evoland (HKLM-x32\...\Steam App 233470) (Version:  - Shiro Games)
FormatFactory 2.96 (HKLM-x32\...\FormatFactory) (Version: 2.96 - Free Time)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Gajim (HKLM-x32\...\Gajim) (Version: 0.16.3 - )
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version:  - Greenheart Games)
Giana Sisters: Twisted Dreams - Rise of the Owlverlord (HKLM-x32\...\Steam App 246960) (Version:  - Black Forest Games)
GIMP 2.6.12 (HKLM\...\GIMP-2_is1) (Version: 2.6.12 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Drive (HKLM-x32\...\{895D0391-459F-4D45-B8DD-13F0DE70C66E}) (Version: 1.28.1549.1322 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HashTab 5.2.0.14 (HKLM\...\HashTab) (Version: 5.2.0.14 - Implbits Software)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of Might & Magic V: Hammers of Fate (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200091}) (Version:  - )
Heroes of Might and Magic V - Tribes of the East (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200092}) (Version:  - )
Heroes of Might and Magic V (HKLM-x32\...\{20071984-5EB1-4881-8EDB-082532ACEC6D}) (Version:  - )
Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
Historion Version 1.0 (HKLM-x32\...\Historion) (Version:  - )
How to Survive (HKLM-x32\...\Steam App 250400) (Version:  - )
HyperCam 2 (HKLM\...\HyperCam 2) (Version: 2.27.00 - Hyperionics Technology LLC)
HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.27.00 - Hyperionics Technology LLC)
ILLUSION BattleRaper2 (HKLM-x32\...\{32470264-B8B8-408E-A404-73A9DF16B8FE}) (Version: 1.00.0000 - ILLUSION)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Infestation: Survivor Stories (HKLM-x32\...\Steam App 226700) (Version:  - Hammerpoint Interactive)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JumpJet Rex (HKLM-x32\...\Steam App 329460) (Version:  - TreeFortress Games)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LIMBO (HKU\S-1-5-21-3620531602-815428446-3748077359-1001\...\Limbo) (Version:  - )
LINE (HKLM-x32\...\LINE) (Version: 4.5.0.873 - LINE Corporation)
LittleDemo (HKLM\...\UDK-839faa2d-bf16-4951-99bc-21a472f6cb93) (Version:  - Epic Games, Inc.)
LittleDemo (HKLM\...\UDK-9c0cafad-4317-466e-9f0a-7c1b37ff88cd) (Version:  - Epic Games, Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.422 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.422 - LogMeIn, Inc.) Hidden
Mafia (HKLM-x32\...\Mafia) (Version:  - )
Mafia II (HKLM-x32\...\Steam App 50130) (Version:  - 2K Czech)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Mass Effect (HKLM-x32\...\{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}) (Version: 1.00 - Electronic Arts, Inc.)
Mega Man Legacy Collection (HKLM\...\Steam App 363440) (Version:  - Capcom)
Megaman - Revenge of the Fallen (HKLM-x32\...\Megaman - Revenge of the Fallen) (Version:  - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - THQ)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft 1.8 1.00 (HKLM-x32\...\Minecraft 1.8 1.00) (Version:  - )
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mumble 1.2.4 (HKLM-x32\...\{AF348C2E-7596-481B-92E0-B211836AB949}) (Version: 1.2.4 - Thorvald Natvig)
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.51.0 - Black Tree Gaming)
NVIDIA 3D Vision Treiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation)
NVIDIA Grafiktreiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
Oracle VM VirtualBox 4.3.16 (HKLM\...\{D7FAEA32-7CE3-4D9F-9139-F7B87BCC50AF}) (Version: 4.3.16 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r4600) (Version:  - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
PerformanceTest v7.0 (64-bit) (HKLM\...\PerformanceTest 7_is1) (Version: 7.0 - Passmark Software)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
Pokemon Game Editor (HKLM-x32\...\{D5B7B2BB-6B7E-4AD4-9F2F-7CCF2B48AA58}) (Version: 1.0.0.0 - 0xRH)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version:  - PokerStars.eu)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
R.U.S.E (HKLM-x32\...\Steam App 21970) (Version:  - Ubisoft)
Randal's Monday (HKLM-x32\...\Steam App 314810) (Version:  - Nexus Game Studios)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
RPG Maker VX (HKLM-x32\...\RPG Maker VX_is1) (Version: 1.02 - Enterbrain)
RPG Maker VX RTP (HKLM-x32\...\RPG Maker VX RTP_is1) (Version: 1.02 - Enterbrain)
RPGXP (HKLM-x32\...\{9B34CAC6-738F-4A20-B428-A115C3E3474C}) (Version: 1.0.0 - Enterbrain)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
Shadowgrounds (HKLM-x32\...\Steam App 2500) (Version:  - Frozenbyte)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.10.9560 - Skype Technologies S.A.)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spore (HKLM-x32\...\Steam App 17390) (Version:  - Maxis™)
Spore: Creepy & Cute Parts Pack (HKLM-x32\...\Steam App 17440) (Version:  - Maxis™)
Spore: Galactic Adventures (HKLM-x32\...\Steam App 24720) (Version:  - EA - Maxis)
Star Wars Battlefront II (HKLM-x32\...\{3D374523-CFDE-461A-827E-2A102E2AB365}) (Version: 1.0 - LucasArts)
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Super Mario Bros. X version 1.3 (HKLM-x32\...\{C9EAEE6B-741F-421D-B9CE-9FA300DA92AD}_is1) (Version: 1.3 - SuperMarioBrothers.org)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18.1 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
TechnoMage (HKLM-x32\...\TechnoMage) (Version:  - )
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - )
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Elder Scrolls Arena (HKLM-x32\...\{62E2BBFA-BE97-42CD-AE89-A4EEF7F36992}) (Version: 1.00.0000 - Bethesda Softworks)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Mighty Quest For Epic Loot (HKLM-x32\...\Steam App 239220) (Version:  - Ubisoft Montreal)
Titan Quest (HKLM-x32\...\Steam App 4540) (Version:  - Iron Lore Entertainment)
Titan Quest: Immortal Throne (HKLM-x32\...\Steam App 4550) (Version:  - Iron Lore Entertainment)
Tobias and the Dark Sceptres (HKU\S-1-5-21-3620531602-815428446-3748077359-1001\...\Tobias and the Dark Sceptres) (Version:  - )
TrackMania Nations Forever (HKLM-x32\...\Steam App 11020) (Version:  - Nadeo)
TreeSize Free V3.1 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.1 - JAM Software)
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
UE4 Prerequisites (x64) (HKLM-x32\...\{b46d36bc-2438-471e-abe8-1fbbd51754ee}) (Version: 1.0.10.0 - Epic Games, Inc.)
UE4 Prerequisites (x64) (Version: 1.0.10.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x86) (HKLM-x32\...\{162863d7-4b83-429c-baa7-fcedd09f331f}) (Version: 1.0.8.0 - Epic Games, Inc.)
UE4 Prerequisites (x86) (x32 Version: 1.0.8.0 - Epic Games, Inc.) Hidden
UltraISO Premium V9.53 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Unity Web Player (HKU\S-1-5-21-3620531602-815428446-3748077359-1001\...\UnityWebPlayer) (Version: 4.6.4f1 - Unity Technologies ApS)
Unreal Development Kit: 2012-10 (HKLM\...\UDK-500ce7d3-b1a2-4d48-9fc2-606f9a0881b8) (Version:  - Epic Games, Inc.)
Unreal Development Kit: 2012-10 (HKLM\...\UDK-f57ea555-07bd-4398-93bb-8dc4222dc97d) (Version:  - Epic Games, Inc.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 6.0.1 - VMware, Inc)
VMware Player (Version: 6.0.1 - VMware, Inc.) Hidden
VVVVVV (HKLM-x32\...\Steam App 70300) (Version:  - Terry Cavanagh)
Warlords Battlecry II (HKLM-x32\...\Warlords Battlecry II) (Version:  - )
WCEp1FreeDemo (HKLM\...\UDK-a087dcb5-0a4e-4ffb-8159-4eb092e7f2b4) (Version:  - Epic Games, Inc.)
WhoreCraft (HKLM-x32\...\WhoreCraft1.6.1r) (Version: 1.6.1r - DaemiaCo)
Whorecraft (HKLM-x32\...\WhorecraftEpisode1) (Version: Episode1 - AY)
Whorecraft 1.4 (HKLM-x32\...\Whorecraft 1.4) (Version: 1.4 - DC)
WhoreCraft Episode 3 (HKLM-x32\...\WhoreCraft Episode 3v1.3.1) (Version: v1.3.1 - DaemiaCo)
Whorecraft Episode 3 1.21 (HKLM-x32\...\Whorecraft Episode 3 1.21) (Version: 1.21 - DaemiaCo)
Whorecraft v.1.0r (HKLM-x32\...\Whorecraft v.1.0r) (Version: v.1.0r - DC)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
X-Change (HKLM-x32\...\X-Change) (Version:  - )
Xfire (remove only) (HKLM-x32\...\Xfire) (Version:  - )
XSplit Broadcaster (HKLM-x32\...\{6459F338-FE52-4034-BCA7-74772DA0F24D}) (Version: 1.3.1403.1202 - SplitMediaLabs)
XXXmas (HKLM-x32\...\UDK-3e00fd63-559c-41f4-bae2-51cac0817293) (Version:  - Epic Games, Inc.)
XXXmas 1.0 (HKLM-x32\...\XXXmas 1.0) (Version: 1.0 - DC)
YGOPro DevPro (HKLM-x32\...\{A115F80F-2B26-464E-97A3-8B13EC533C3D}) (Version: 2.1.2 - DevPro, LLC)
YGOPro DevPro Version 1.9.2r2 (HKLM-x32\...\{3CF2634F-3F38-4DD3-9201-CB2FE6B5FF23}_is1) (Version: 1.9.2r2 - YGOPro DevPro Online)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3620531602-815428446-3748077359-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3620531602-815428446-3748077359-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3620531602-815428446-3748077359-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3620531602-815428446-3748077359-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3620531602-815428446-3748077359-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3620531602-815428446-3748077359-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3620531602-815428446-3748077359-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3620531602-815428446-3748077359-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3620531602-815428446-3748077359-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0259C9A4-42A1-4223-8237-4EB291D5B2DE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {02BEB1D2-34AA-4F6B-9D89-0CF5D036D26B} - System32\Tasks\{50F1FEFD-11AE-42FC-AB55-11893344A904} => pcalua.exe -a C:\Users\Ozoma\AppData\Roaming\awesomehp\UninstallManager.exe
Task: {06871124-6745-4C44-A4CD-B4AF2148288A} - System32\Tasks\{566421A7-5D4C-49FE-8D1C-4FBD28658795} => pcalua.exe -a "C:\Users\Ozoma\Downloads\World of Warcraft Beta Setup.exe" -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {06DB7695-FC2F-4574-9CF9-91B0681EF6E5} - System32\Tasks\{F823224C-61C4-43CC-8B2A-8B74EA5C6255} => pcalua.exe -a "F:\Whorecraft the game\Version 1.6\Episode 2\Version 1.3\Version 1.4\Episode 3\Whorecraft Episode 3\Episode 4\Episode 4 Extendet\episode 4\Episode 5\Episode 5\Ep 2 Ch 1\Episode 1\Binaries\UnSetup.exe" -d "F:\Whorecraft the game\Version 1.6\Episode 2\Version 1.3\Version 1.4\Episode 3\Whorecraft E (Der Dateneintrag hat 97 mehr Zeichen).
Task: {2F998368-F010-48EB-98DB-DDD32F5F9939} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {319133E1-FFE2-431C-A518-CCDF27B73499} - System32\Tasks\{C24B1FFD-A9C8-4B74-ABB5-E41FFD5932B7} => D:\Mafia\Game.exe [2012-07-22] (Illusion Softworks)
Task: {3905ACF4-C1B0-4A76-899E-539BB34B91F1} - System32\Tasks\{D857609A-6630-4AF6-8166-5D4EF50910E9} => D:\Mafia\Game.exe [2012-07-22] (Illusion Softworks)
Task: {3FC8F15C-78E3-49D6-B1BE-F2A110A0842F} - System32\Tasks\{A2CF9638-445D-49EA-AFF8-6129022B3F25} => pcalua.exe -a C:\Users\Ozoma\Downloads\ExtractAppsMuseum.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {40EF25DD-EC52-49FF-9A38-2D7963BA5798} - System32\Tasks\{26053BC0-EC68-406D-8A20-F73FC9C92A51} => pcalua.exe -a G:\SETUP.EXE -d G:\
Task: {4790F602-0373-4531-AC19-B7A1FE503282} - System32\Tasks\{993C28E3-6A43-46DD-90DC-D8F20C37B1D8} => pcalua.exe -a C:\Users\Ozoma\Downloads\MassEffect_EFIGS_1.02.exe -d C:\Users\Ozoma\Downloads
Task: {681D2A92-2606-4D0E-AE26-5B5F771D5548} - System32\Tasks\{FD6937A7-3144-47D4-8F68-C7C5C1BEA4DF} => C:\Users\Ozoma\Desktop\rockman4editor.exe
Task: {6B79D072-A49E-4EDE-91BF-6B990CE0E65B} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation)
Task: {725A48C2-0E75-4B66-BD18-9DA716A63DFB} - System32\Tasks\{270D9DA6-F298-4E08-837F-B41D9B8274EF} => pcalua.exe -a "C:\Users\Ozoma\Desktop\Movie\Battle Raper II\StartSetup.exe" -d "C:\Users\Ozoma\Desktop\Movie\Battle Raper II"
Task: {93D88F33-7CEA-4CE9-8302-0C6158E94E00} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3620531602-815428446-3748077359-1001Core => C:\Users\Ozoma\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-16] (Dropbox, Inc.)
Task: {99638B5C-8334-4597-90E4-EEED74C75A3A} - System32\Tasks\{884D5AAD-8A91-41B2-B3CB-0A9582E487B6} => pcalua.exe -a C:\Users\Ozoma\Downloads\Feuergrun_v3.exe -d C:\Users\Ozoma\Downloads
Task: {9EC6B231-CFB6-4BAC-A4DC-CC81B8942798} - System32\Tasks\{2037B8E8-FB71-47DF-AB06-1ED90DB147B5} => pcalua.exe -a E:\SetupLauncher.exe -d E:\
Task: {CF04BBD5-2CDD-41B8-A0BF-33D0CF75387F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-08] (Adobe Systems Incorporated)
Task: {E35BAAEB-E172-4440-9197-932DFCFFF826} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3620531602-815428446-3748077359-1001UA => C:\Users\Ozoma\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-16] (Dropbox, Inc.)
Task: {E8044BD9-F79E-40D0-8D1B-7CD0EA111514} - System32\Tasks\{70ED74C1-E954-450F-9297-AD5012BCA5FF} => D:\Battlecry II.exe [2002-02-25] (Strategic Studies Group)
Task: {F05F58A7-4FCC-4AF9-A825-2271831953A5} - System32\Tasks\{E0D3616E-970D-49EC-B866-F3F1934D07E3} => D:\Battlecry II.exe [2002-02-25] (Strategic Studies Group)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3620531602-815428446-3748077359-1001Core.job => C:\Users\Ozoma\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3620531602-815428446-3748077359-1001UA.job => C:\Users\Ozoma\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Ozoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks\Arena\Launch Arena (Full Screen).lnk -> C:\Program Files (x86)\Bethesda Softworks\Arena\Arena (Full Screen).bat ()
Shortcut: C:\Users\Ozoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks\Arena\Launch Arena (Windowed).lnk -> C:\Program Files (x86)\Bethesda Softworks\Arena\Arena (Windowed).bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2012-04-18 07:46 - 2015-04-08 23:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-23 18:39 - 2014-04-23 18:39 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-06-10 00:21 - 2012-02-17 20:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2013-10-18 13:46 - 2013-10-18 13:46 - 01260624 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2016-03-10 09:20 - 2016-03-10 09:20 - 03783656 _____ () C:\Program Files (x86)\LINE\ampkit_windows.dll
2016-03-09 08:44 - 2016-03-09 08:44 - 00123368 _____ () C:\Program Files (x86)\LINE\PlayerHelper.dll
2014-01-03 13:03 - 2014-01-03 13:03 - 07816192 _____ () D:\avcodec-54.dll
2014-01-03 13:03 - 2014-01-03 13:03 - 00188416 _____ () D:\avutil-52.dll
2014-01-03 13:03 - 2014-01-03 13:03 - 01425920 _____ () D:\avformat-54.dll
2014-01-03 13:03 - 2014-01-03 13:03 - 00336896 _____ () D:\swscale-2.dll
2014-01-03 13:03 - 2014-01-03 13:03 - 00096256 _____ () D:\swresample-0.dll
2013-03-12 17:10 - 2016-03-11 02:56 - 00783360 _____ () D:\Steam\SDL2.dll
2015-02-07 20:00 - 2015-07-03 18:12 - 04962816 _____ () D:\Steam\v8.dll
2015-02-07 20:00 - 2015-07-03 18:12 - 01556992 _____ () D:\Steam\icui18n.dll
2015-02-07 20:00 - 2015-07-03 18:12 - 01187840 _____ () D:\Steam\icuuc.dll
2014-05-24 16:58 - 2016-03-31 22:55 - 02549840 _____ () D:\Steam\video.dll
2014-10-05 00:56 - 2016-02-09 01:14 - 02549760 _____ () D:\Steam\libavcodec-56.dll
2014-10-05 00:56 - 2016-02-09 01:14 - 00442880 _____ () D:\Steam\libavutil-54.dll
2014-10-05 00:56 - 2016-02-09 01:14 - 00491008 _____ () D:\Steam\libavformat-56.dll
2014-10-05 00:56 - 2016-02-09 01:14 - 00332800 _____ () D:\Steam\libavresample-2.dll
2014-10-05 00:56 - 2016-02-09 01:14 - 00485888 _____ () D:\Steam\libswscale-3.dll
2012-06-01 19:07 - 2016-03-31 22:55 - 00829008 _____ () D:\Steam\bin\chromehtml.DLL
2016-03-16 00:24 - 2016-02-18 00:25 - 00281088 _____ () D:\Steam\openvr_api.dll
2015-12-12 13:23 - 2016-03-21 23:50 - 00034768 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-04-15 07:54 - 2016-03-21 23:51 - 00019408 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-04-15 07:54 - 2016-03-21 23:50 - 00116688 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-12 13:23 - 2016-03-21 23:50 - 00093640 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-12 13:23 - 2016-03-21 23:50 - 00018376 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-12 13:23 - 2016-04-08 20:20 - 00019760 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-12 13:23 - 2016-03-21 23:52 - 00105928 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-04-15 07:54 - 2016-03-21 23:50 - 00392144 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-12 13:23 - 2016-04-08 20:20 - 00381752 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-12 13:23 - 2016-03-21 23:50 - 00692688 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-04-15 07:54 - 2016-04-08 20:19 - 00020816 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-12 13:23 - 2016-03-21 23:51 - 00112592 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-04-15 07:54 - 2016-04-08 20:19 - 01682760 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-04-15 07:54 - 2016-04-08 20:19 - 00020808 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-12 13:23 - 2016-04-08 20:20 - 00021840 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-04-15 07:54 - 2016-04-08 20:19 - 00038696 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-04-15 07:54 - 2016-03-21 23:52 - 00020936 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-12 13:23 - 2016-03-21 23:52 - 00024528 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-12 13:23 - 2016-03-21 23:52 - 00114640 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-12 13:23 - 2016-03-21 23:52 - 00124880 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-02-12 06:05 - 2016-04-08 20:20 - 00021832 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2015-12-12 13:23 - 2016-03-21 23:52 - 00024016 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-12 13:23 - 2016-03-21 23:52 - 00175560 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-12 13:23 - 2016-03-21 23:52 - 00030160 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-12 13:23 - 2016-03-21 23:52 - 00043472 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-12 13:23 - 2016-03-21 23:52 - 00028616 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-12 13:23 - 2016-03-21 23:52 - 00048592 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-04-15 07:54 - 2016-04-08 20:19 - 00026456 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-12-12 13:23 - 2016-03-21 23:52 - 00057808 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2015-12-12 13:23 - 2016-03-21 23:52 - 00024016 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-04-15 07:54 - 2016-04-08 20:19 - 00117056 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2015-12-12 13:23 - 2016-04-08 20:20 - 00023376 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-12 13:23 - 2016-03-21 23:50 - 00134608 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-04-15 07:54 - 2016-03-21 23:50 - 00134088 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-04-15 07:54 - 2016-03-21 23:51 - 00240584 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-04-15 07:54 - 2016-04-08 20:19 - 00024392 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-04-15 07:54 - 2016-03-21 23:52 - 00036296 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\librsync.dll
2016-04-15 07:54 - 2016-04-08 20:19 - 00052024 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-02-12 06:05 - 2016-04-08 20:20 - 00020800 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-12 06:05 - 2016-04-08 20:20 - 00021824 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-02-12 06:05 - 2016-04-08 20:20 - 00019776 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-02-12 06:05 - 2016-04-08 20:20 - 00020800 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-04-15 07:54 - 2016-04-08 20:19 - 00020280 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-12 13:23 - 2016-03-21 23:52 - 00350152 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-02-12 06:05 - 2016-04-08 20:20 - 00022352 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-04-15 07:54 - 2016-04-08 20:19 - 00084280 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-04-15 07:54 - 2016-04-08 20:20 - 01826096 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-12 13:23 - 2016-03-21 23:51 - 00083912 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\sip.pyd
2016-04-15 07:54 - 2016-04-08 20:20 - 03928880 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-04-15 07:54 - 2016-04-08 20:20 - 01971504 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-04-15 07:54 - 2016-04-08 20:20 - 00531248 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-04-15 07:54 - 2016-04-08 20:20 - 00132912 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-04-15 07:54 - 2016-04-08 20:20 - 00223544 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-04-15 07:54 - 2016-04-08 20:20 - 00207672 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-04-15 07:54 - 2016-04-08 20:20 - 00158008 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-04-15 07:54 - 2016-04-08 20:20 - 00042808 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-04-15 07:54 - 2016-03-21 23:54 - 00017864 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-04-15 07:54 - 2016-03-21 23:54 - 01631184 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-12-12 13:23 - 2016-04-08 20:20 - 00024904 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-04-15 07:54 - 2016-04-08 20:20 - 00546096 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-04-15 07:54 - 2016-04-08 20:20 - 00357680 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-03-04 23:45 - 2016-03-21 23:56 - 00697304 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2016-04-15 16:34 - 2016-04-15 16:34 - 00098816 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\win32api.pyd
2016-04-15 16:33 - 2016-04-15 16:33 - 00110080 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\pywintypes27.dll
2016-04-15 16:34 - 2016-04-15 16:34 - 00364544 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\pythoncom27.dll
2016-04-15 16:34 - 2016-04-15 16:34 - 00320512 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\win32com.shell.shell.pyd
2016-04-15 16:34 - 2016-04-15 16:34 - 00776704 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\_hashlib.pyd
2016-04-15 16:34 - 2016-04-15 16:34 - 01176576 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\wx._core_.pyd
2016-04-15 16:34 - 2016-04-15 16:34 - 00806400 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\wx._gdi_.pyd
2016-04-15 16:34 - 2016-04-15 16:34 - 00816128 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\wx._windows_.pyd
2016-04-15 16:34 - 2016-04-15 16:34 - 01067008 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\wx._controls_.pyd
2016-04-15 16:34 - 2016-04-15 16:34 - 00733184 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\wx._misc_.pyd
2016-04-15 16:34 - 2016-04-15 16:34 - 00682496 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\pysqlite2._sqlite.pyd
2016-04-15 16:34 - 2016-04-15 16:34 - 00088064 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\_ctypes.pyd
2016-04-15 16:34 - 2016-04-15 16:34 - 00119808 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\win32file.pyd
2016-04-15 16:34 - 2016-04-15 16:34 - 00108544 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\win32security.pyd
2016-04-15 16:34 - 2016-04-15 16:34 - 00007168 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\hashobjs_ext.pyd
2016-04-15 16:34 - 2016-04-15 16:34 - 00017920 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\thumbnails_ext.pyd
2016-04-15 16:34 - 2016-04-15 16:34 - 00088064 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\usb_ext.pyd
2016-04-15 16:34 - 2016-04-15 16:34 - 00167936 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\win32gui.pyd
2016-04-15 16:34 - 2016-04-15 16:34 - 00018432 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\win32event.pyd
2016-04-15 16:34 - 2016-04-15 16:34 - 00046080 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\_socket.pyd
2016-04-15 16:34 - 2016-04-15 16:34 - 01208320 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\_ssl.pyd
2016-04-15 16:34 - 2016-04-15 16:34 - 00128512 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\_elementtree.pyd
2016-04-15 16:34 - 2016-04-15 16:34 - 00127488 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\pyexpat.pyd
2016-04-15 16:34 - 2016-04-15 16:34 - 00013824 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\common.time34.pyd
2016-04-15 16:34 - 2016-04-15 16:34 - 00038912 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\win32inet.pyd
2016-04-15 16:34 - 2016-04-15 16:34 - 00036864 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\_psutil_windows.pyd
2016-04-15 16:34 - 2016-04-15 16:34 - 00525208 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\windows._lib_cacheinvalidation.pyd
2016-04-15 16:34 - 2016-04-15 16:34 - 00011264 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\win32crypt.pyd
2016-04-15 16:34 - 2016-04-15 16:34 - 00077312 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\wx._html2.pyd
2016-04-15 16:34 - 2016-04-15 16:34 - 00027136 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\_multiprocessing.pyd
2016-04-15 16:34 - 2016-04-15 16:34 - 00020480 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\_yappi.pyd
2016-04-15 16:34 - 2016-04-15 16:34 - 00035840 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\win32process.pyd
2016-04-15 16:34 - 2016-04-15 16:34 - 00686080 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\unicodedata.pyd
2016-04-15 16:34 - 2016-04-15 16:34 - 00078848 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\wx._animate.pyd
2016-04-15 16:34 - 2016-04-15 16:34 - 00123392 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\wx._wizard.pyd
2016-04-15 16:34 - 2016-04-15 16:34 - 00024064 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\win32pipe.pyd
2016-04-15 16:34 - 2016-04-15 16:34 - 00010240 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\select.pyd
2016-04-15 16:34 - 2016-04-15 16:34 - 00025600 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\win32pdh.pyd
2016-04-15 16:34 - 2016-04-15 16:34 - 00017408 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\win32profile.pyd
2016-04-15 16:34 - 2016-04-15 16:34 - 00022528 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32522\win32ts.pyd
2016-04-12 02:21 - 2016-04-06 12:04 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
2016-04-12 02:21 - 2016-04-06 12:04 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll
2016-02-11 04:24 - 2016-02-11 04:24 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\b4aed9b5bac22d4e9008e99e935fe2de\IsdiInterop.ni.dll
2012-04-18 07:50 - 2012-02-01 16:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-06-01 19:07 - 2016-02-09 03:33 - 48400672 _____ () D:\Steam\bin\libcef.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2016-02-01 01:43 - 00001092 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 65.52.240.48
127.0.0.1 activation.cloud.techsmith.com
127.0.0.1 rad.msn.com
127.0.0.1 live.rads.msn.com
127.0.0.1 ads1.msn.com
127.0.0.1 g.msn.com
127.0.0.1 a.ads2.msads.net
127.0.0.1 b.ads2.msads.net
127.0.0.1 ac3.msn.com
127.0.0.1 apps.skype.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3620531602-815428446-3748077359-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ozoma\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{12BCAF86-026F-4D79-B4CB-F54A5C5FD069}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{35D79B31-52F7-4C66-8824-242DAB794F69}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{9AC33360-E476-4DF1-B6FF-DC2E1E2A3023}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{D6F4CBE9-9CA2-49AE-A601-7594FADF3428}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{6FED2B24-5DF8-470C-9B46-1DD6B7CAAFA1}C:\users\ozoma\desktop\online zsnes\zsnesw.exe] => (Allow) C:\users\ozoma\desktop\online zsnes\zsnesw.exe
FirewallRules: [UDP Query User{88DC1B54-418C-4BA7-B994-9C1A073509F3}C:\users\ozoma\desktop\online zsnes\zsnesw.exe] => (Allow) C:\users\ozoma\desktop\online zsnes\zsnesw.exe
FirewallRules: [{91D7BFCD-E0F7-4C9A-A481-9F8D23329274}] => (Block) C:\users\ozoma\desktop\online zsnes\zsnesw.exe
FirewallRules: [{6FDE4EBE-F8E3-4569-93FC-3A65A7002EAD}] => (Block) C:\users\ozoma\desktop\online zsnes\zsnesw.exe
FirewallRules: [{D67F6548-ABF3-42AE-83E8-671F1F18B7A4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{96273DE4-0AA6-400E-9193-C67E916231A9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{46C88F85-4979-46C9-8E89-2A431DA17E50}] => (Allow) D:\Steam\SteamApps\common\vvvvvv\VVVVVV.exe
FirewallRules: [{72FF78B8-6FB4-4104-9154-E63DA3255CD1}] => (Allow) D:\Steam\SteamApps\common\vvvvvv\VVVVVV.exe
FirewallRules: [{D7D3ECB6-C2DA-4EAD-8149-E9926BA60CE4}] => (Allow) D:\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{5A4E662B-B6AF-4F3F-91A3-4C1A56EECD68}] => (Allow) D:\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{06B13E5A-09A2-4156-8030-7587F3AFFA31}] => (Allow) D:\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{E52E9ABE-879E-490E-B473-F8071B2EA36C}] => (Allow) D:\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{A5945085-1658-436E-BB5C-1642F814F426}] => (Allow) D:\Steam\SteamApps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{36849597-7C77-4BCF-ABB9-DBCDBA5DD80F}] => (Allow) D:\Steam\SteamApps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{123B4B38-7616-4544-BD17-5FCE56B86229}] => (Allow) D:\Steam\SteamApps\common\Shadowgrounds\Shadowgrounds.exe
FirewallRules: [{9DE815F7-CB0A-4E76-948E-BC984D0456EC}] => (Allow) D:\Steam\SteamApps\common\Shadowgrounds\Shadowgrounds.exe
FirewallRules: [{D8C2CFEA-DBAF-468C-8323-A3C620307C0A}] => (Allow) D:\Steam\SteamApps\common\Shadowgrounds\ShadowgroundsLauncher.exe
FirewallRules: [{CCF86D0F-F295-4D81-8A8C-24D5383DD843}] => (Allow) D:\Steam\SteamApps\common\Shadowgrounds\ShadowgroundsLauncher.exe
FirewallRules: [{ADF262A4-F152-4A7A-A1F3-BC67EF90FCFE}] => (Allow) D:\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{EE276A8C-E103-4A7E-A598-7B5B498C1F3A}] => (Allow) D:\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{2B57D2AF-F51D-4E34-9C4E-2340D1FF29E7}] => (Allow) D:\Steam\SteamApps\common\Eryi's Action\eryi.exe
FirewallRules: [{B287D3DD-8894-4E38-A16E-C4B38089E966}] => (Allow) D:\Steam\SteamApps\common\Eryi's Action\eryi.exe
FirewallRules: [{0DCF3467-3968-4C5E-8365-C78585C7296E}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{ECD6E97C-1BF3-4105-90D9-BC56EC43EB98}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{70CCCD99-0C40-43E0-BB33-391D0DFA6260}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{B91ED630-6026-4DB8-869B-E10FBA356BA5}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{361F98C8-347C-444F-8CFD-F9756BC7F46A}] => (Allow) D:\Steam\SteamApps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{AE4D9F5D-3F57-4934-ADA4-74889EE7DDC7}] => (Allow) D:\Steam\SteamApps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{B167036C-DF2D-40A3-B595-FBAB072F35F3}] => (Allow) D:\Steam\SteamApps\common\How to Survive\Detect.exe
FirewallRules: [{D945BF41-5788-401D-86E4-63E10B3B83C3}] => (Allow) D:\Steam\SteamApps\common\How to Survive\Detect.exe
FirewallRules: [{15C72BF8-BB7D-4F6F-B1CD-79995E7827A0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CA960B7C-7352-492A-B9F5-F306B08A64ED}] => (Allow) D:\Dark Souls\DARKSOULS.exe
FirewallRules: [{7FE6573C-DD47-4D23-A757-5FF2FCCD4FE0}] => (Allow) D:\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\PublicLauncher.exe
FirewallRules: [{C25C4687-EADB-4E34-BFE7-0AB01D1FF95B}] => (Allow) D:\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\PublicLauncher.exe
FirewallRules: [{5D8278A6-EE9B-4C14-B15D-3BFBE46022EF}] => (Allow) D:\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\MQELDiagnostics.exe
FirewallRules: [{25CF85FD-17BA-44EF-8446-E7981CFC3207}] => (Allow) D:\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\MQELDiagnostics.exe
FirewallRules: [{32425C71-EF17-4DD7-BC2E-B43D5CDA0059}] => (Allow) D:\Steam\SteamApps\common\Evoland\Evoland.exe
FirewallRules: [{9B871024-68B6-4695-992B-3F110050DBA2}] => (Allow) D:\Steam\SteamApps\common\Evoland\Evoland.exe
FirewallRules: [{FCC3B80C-4DD8-4137-A5F4-0D7617D2088F}] => (Allow) D:\Steam\SteamApps\common\The War Z\WarZlauncher.exe
FirewallRules: [{BC4F37AB-03F0-4692-B760-0A76F4D3FAC2}] => (Allow) D:\Steam\SteamApps\common\The War Z\WarZlauncher.exe
FirewallRules: [{6FD6BD2E-0222-472F-9EF9-91224BFE1702}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{89028B63-0A48-428C-824A-1C00EAEC7177}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{459AA8BD-B418-4857-B8DE-4FB3EB3AF524}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{77532795-B254-4C80-82BA-0F0F46A1CEFD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{FADAFDAE-22DE-4336-B0B3-9BB66593F64F}] => (Allow) D:\Program Files (x86)\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{AAFF26F7-C12A-4526-944A-71A92FFC9A21}] => (Allow) D:\Program Files (x86)\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{3C697C97-05AC-485D-912C-70B25E76D3ED}] => (Allow) D:\Steam\SteamApps\common\Dead Space\Dead Space.exe
FirewallRules: [{51BC7BC6-9D5F-4F9F-ABF0-5CAD0ECF48B6}] => (Allow) D:\Steam\SteamApps\common\Dead Space\Dead Space.exe
FirewallRules: [{6B4E35C2-D801-40C3-8FFE-502F743BBFD1}] => (Allow) D:\Steam\SteamApps\common\Ascend Hand of Kul\bin\Game.exe
FirewallRules: [{A8FCE93C-6060-4798-BCE7-BE97CCFF4811}] => (Allow) D:\Steam\SteamApps\common\Ascend Hand of Kul\bin\Game.exe
FirewallRules: [{B2D28569-F65F-40A6-8394-EDF6AEC80F82}] => (Allow) D:\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{78642F73-D7A5-42F7-BCB1-8E79D31243E8}] => (Allow) D:\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{B1EFE2D4-EACF-4AE2-9008-3EE77A42ED6F}] => (Allow) D:\Steam\SteamApps\common\Titan Quest\Titan Quest.exe
FirewallRules: [{CF356B63-1F07-4832-A569-C09796E9566D}] => (Allow) D:\Steam\SteamApps\common\Titan Quest\Titan Quest.exe
FirewallRules: [{AA3F5F98-A398-4E08-8A50-D7EC8DD49A71}] => (Allow) D:\Steam\SteamApps\common\Titan Quest Immortal Throne\Tqit.exe
FirewallRules: [{C69F490D-96BF-4F3C-9188-B7B4A3EA7626}] => (Allow) D:\Steam\SteamApps\common\Titan Quest Immortal Throne\Tqit.exe
FirewallRules: [{7EA11C7F-D7A2-4F87-9762-0BABBBA3C7A7}] => (Allow) D:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [{B3F9FD12-292E-4F80-A8E2-3821743810EA}] => (Allow) D:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [{7288DB20-ABEE-44BD-AD93-3A8322D8162B}] => (Allow) D:\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{6DEB1122-6E51-43A7-939E-D5E3831037DA}] => (Allow) D:\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{DC6FB158-45CF-4E50-B06A-EC714C644166}] => (Allow) D:\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{88DEA666-AE6F-4E51-8940-11D7846B67FF}] => (Allow) D:\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{CB356A17-87B7-4154-8925-2199E0747334}] => (Allow) D:\Steam\SteamApps\common\portal 2\portal2.exe
FirewallRules: [{36B263EF-1BCD-4A5E-8420-8561B836780F}] => (Allow) D:\Steam\SteamApps\common\portal 2\portal2.exe
FirewallRules: [{139E4B83-2071-41BC-A9F5-F574A57684D3}] => (Allow) D:\Steam\SteamApps\common\Ascend Hand of Kul\bin\launcher\Launcher.exe
FirewallRules: [{36E847EF-6931-4BE3-AE33-3621DCD1C47D}] => (Allow) D:\Steam\SteamApps\common\Ascend Hand of Kul\bin\launcher\Launcher.exe
FirewallRules: [{2F7A42E6-EAFA-47F9-BA05-7635BDE3C8AC}] => (Allow) D:\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{9B792092-A861-4804-8425-DFCBA647A269}] => (Allow) D:\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{0D117CE4-6B58-44A8-971C-1F1F9E62932B}] => (Allow) D:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{E55A13E6-4996-4EB3-AD00-BD14577C9E21}] => (Allow) D:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{33F70723-3458-4C23-AC31-51F8008A400C}] => (Allow) C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{51CAAD20-5440-4035-BDC4-CDCAB09449BD}] => (Allow) C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{FE21AF79-3F6D-4C84-9449-B6067E541B40}] => (Allow) C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D2956F1C-0919-4984-921C-1D2651A8272E}] => (Allow) C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{FFDA709F-FF01-40AB-8A49-7F2689D33DF3}] => (Allow) D:\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{491A2393-0566-4F64-903D-06BB3B2AFE91}] => (Allow) D:\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{35F0D035-1C1F-43A5-8A18-D407DFF43306}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{7C18CDF3-B98C-40D5-8E86-783278537FC6}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{4CDED3B7-E0DE-459B-9B38-67DFBA9D943E}] => (Allow) D:\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{A7BBB621-BF35-4E75-AA1C-78E5BDD944D3}] => (Allow) D:\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{E79E8A91-623E-4E53-B7C3-020DCE1DE596}] => (Allow) D:\Steam\SteamApps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{B993B00D-8C93-49D4-B20E-1AA0D4ACCB1A}] => (Allow) D:\Steam\SteamApps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{DC0A7A2F-0F18-4079-95A7-900D9D47DC3C}] => (Allow) D:\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe
FirewallRules: [{8AEB1854-2BE6-475C-802C-01A4612F25F5}] => (Allow) D:\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe
FirewallRules: [{6D729FEC-4139-4541-8AAF-FA39D8D66E81}] => (Allow) D:\Steam\SteamApps\common\Spore\SporebinEP1\SporeApp.exe
FirewallRules: [{52908677-2F43-4D78-8902-611FBE5F45B2}] => (Allow) D:\Steam\SteamApps\common\Spore\SporebinEP1\SporeApp.exe
FirewallRules: [{7CA2E376-5769-48BA-81F1-B7D10E72D755}] => (Allow) D:\Steam\SteamApps\common\Spore\runme.exe
FirewallRules: [{D81242EC-C1A1-4D0A-8485-6FB7F9E6D8D7}] => (Allow) D:\Steam\SteamApps\common\Spore\runme.exe
FirewallRules: [{B3B8A8CC-5EDE-4663-A687-23C5D693079D}] => (Allow) D:\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{88A39CC7-B2A9-4A7B-A2CC-F14644CF5809}] => (Allow) D:\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{DAE77B98-5F31-48A6-816B-F8F3473F255F}] => (Allow) D:\Steam\SteamApps\common\GSTD - Rise of the Owlverlord\launcher\GSLauncher.exe
FirewallRules: [{D167603E-C593-404A-9FA0-476731A5E8D0}] => (Allow) D:\Steam\SteamApps\common\GSTD - Rise of the Owlverlord\launcher\GSLauncher.exe
FirewallRules: [{9418CE79-B3CE-44D1-99EA-5AB693A10778}] => (Allow) D:\Steam\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{A8645C68-21A9-4028-AEC9-E0E7A69FC6A6}] => (Allow) D:\Steam\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{4BA08073-F055-4B84-864C-73D4D5A2DAC8}] => (Allow) D:\Steam\SteamApps\common\the binding of isaac\Isaac.exe
FirewallRules: [{65956AE4-3B7B-4FFE-B49B-4EEBB7CB20A5}] => (Allow) D:\Steam\SteamApps\common\the binding of isaac\Isaac.exe
FirewallRules: [{CEF56466-0BEF-45AE-B2BF-7B5DFBE76B85}] => (Allow) D:\Steam\SteamApps\common\Randal's Monday\Randals.exe
FirewallRules: [{74643DA6-1395-4F24-BCF7-08BCEFDEAD34}] => (Allow) D:\Steam\SteamApps\common\Randal's Monday\Randals.exe
FirewallRules: [{12345CB9-3991-42C4-8695-EF0361765324}] => (Allow) C:\Users\Ozoma\AppData\Roaming\AnkhHeart\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{200DF5BA-9BC6-41DB-847B-F5D066F8E6E4}] => (Allow) C:\Users\Ozoma\AppData\Roaming\AnkhHeart\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{82849538-B76F-4078-97FF-84A7DBDE9FE5}] => (Allow) C:\Program Files (x86)\LINE\LINE.exe
FirewallRules: [{FBEB70FB-EB9D-447C-99E4-5A858EE7DBAC}] => (Allow) C:\Program Files (x86)\LINE\LINE.exe
FirewallRules: [{260094C4-E25C-48DB-B600-969C13A3BF94}] => (Allow) D:\Steam\SteamApps\common\JumpJetRex\JumpJetRex.exe
FirewallRules: [{1E1D6D1B-2FF5-4736-A97F-01201A615A47}] => (Allow) D:\Steam\SteamApps\common\JumpJetRex\JumpJetRex.exe
FirewallRules: [{352D8576-CCE3-4CCB-AD3E-988CACCC708F}] => (Allow) D:\Steam\SteamApps\common\Bardbarian\Bardbarian.exe
FirewallRules: [{7F231965-A7AD-4DD0-BEFB-9941550872E2}] => (Allow) D:\Steam\SteamApps\common\Bardbarian\Bardbarian.exe
FirewallRules: [{EBDDB44E-D1B1-4DB7-81BA-154717E0EB1F}] => (Allow) D:\Steam\SteamApps\common\Angry Video Game Nerd Adventures\avgn.exe
FirewallRules: [{1D05E884-F937-476C-80D9-34D966EF5016}] => (Allow) D:\Steam\SteamApps\common\Angry Video Game Nerd Adventures\avgn.exe
FirewallRules: [{3E0B5641-3EFE-4895-A899-4473E23CC0F7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3568560B-BA94-4639-B4AF-55ACA497AF15}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C4B15F25-8A41-49C5-A765-2E94E9AC2262}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2D53A10C-24BF-43B9-BC16-CD7E2E3B61E1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1CCAD41F-3DB4-43AD-8688-542E6C187FFC}] => (Allow) D:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{6C74F922-9979-4610-85F1-1DA912961A59}] => (Allow) D:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{D0C17A1C-D02D-4698-A2AC-37C1D6DA30FD}] => (Allow) D:\Steam\SteamApps\common\Suzy\Proteus.exe
FirewallRules: [{26C73AAF-915D-4E5D-826A-FAE0FED6EB0A}] => (Allow) D:\Steam\SteamApps\common\Suzy\Proteus.exe
FirewallRules: [{22993591-EFC0-4658-87BA-031496CE8A60}] => (Allow) D:\Steam\SteamApps\common\Deponia The Complete Journey\deponia.exe
FirewallRules: [{17C49006-F6BE-43FF-9E07-42E6AA7917E7}] => (Allow) D:\Steam\SteamApps\common\Deponia The Complete Journey\deponia.exe
FirewallRules: [{66B552DD-7DEA-4CF9-9C9C-B434CCE59CFD}] => (Allow) D:\Steam\SteamApps\common\Deponia The Complete Journey\VisionaireConfigurationTool.exe
FirewallRules: [{A76E07E4-213B-4859-8CE8-FA95EEB37380}] => (Allow) D:\Steam\SteamApps\common\Deponia The Complete Journey\VisionaireConfigurationTool.exe
FirewallRules: [{9A80CE41-8882-4D91-87F0-A4BB59D11872}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

05-04-2016 21:16:58 Windows Update
12-04-2016 16:51:32 Windows Update
14-04-2016 03:00:30 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/15/2016 04:35:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/15/2016 04:34:07 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2016-04-15T16:34:07.538+02:00| vthread-5| E105: Cannot find perfmon object in array returned by perfDLL, index=0

Error: (04/14/2016 04:04:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/14/2016 04:03:25 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2016-04-14T16:03:25.586+02:00| vthread-4| E105: Cannot find perfmon object in array returned by perfDLL, index=0

Error: (04/14/2016 03:31:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/14/2016 03:31:31 AM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2016-04-14T03:31:31.312+02:00| vthread-5| E105: Cannot find perfmon object in array returned by perfDLL, index=0

Error: (04/13/2016 04:16:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Skype.exe, Version: 7.21.0.100, Zeitstempel: 0x56d5f4c5
Name des fehlerhaften Moduls: Skype.exe, Version: 7.21.0.100, Zeitstempel: 0x56d5f4c5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x002d0065
ID des fehlerhaften Prozesses: 0xcdc
Startzeit der fehlerhaften Anwendung: 0xSkype.exe0
Pfad der fehlerhaften Anwendung: Skype.exe1
Pfad des fehlerhaften Moduls: Skype.exe2
Berichtskennung: Skype.exe3

Error: (04/13/2016 04:14:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/13/2016 04:12:52 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2016-04-13T16:12:52.695+02:00| vthread-5| E105: Cannot find perfmon object in array returned by perfDLL, index=0

Error: (04/12/2016 04:47:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Skype.exe, Version: 7.21.0.100, Zeitstempel: 0x56d5f4c5
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x12d8e138
ID des fehlerhaften Prozesses: 0xcb0
Startzeit der fehlerhaften Anwendung: 0xSkype.exe0
Pfad der fehlerhaften Anwendung: Skype.exe1
Pfad des fehlerhaften Moduls: Skype.exe2
Berichtskennung: Skype.exe3


Systemfehler:
=============
Error: (04/15/2016 04:56:27 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/15/2016 04:56:27 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/15/2016 04:54:48 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/15/2016 04:54:48 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/15/2016 04:39:26 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/15/2016 04:39:26 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/15/2016 04:39:23 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/15/2016 04:39:23 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/15/2016 04:39:23 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/15/2016 04:39:16 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.


CodeIntegrity:
===================================
  Date: 2014-10-24 17:52:39.703
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-24 17:52:39.664
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-24 17:52:39.625
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-24 17:52:39.585
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-25 15:36:12.434
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-25 15:36:12.395
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-25 15:36:12.356
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-25 15:36:12.317
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-23 22:38:10.681
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-23 22:38:10.634
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 90%
Installierter physikalischer RAM: 8154.34 MB
Verfügbarer physikalischer RAM: 803.89 MB
Summe virtueller Speicher: 16306.86 MB
Verfügbarer virtueller Speicher: 7522.16 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:160 GB) (Free:17.98 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Data) (Fixed) (Total:771.51 GB) (Free:151.32 GB) NTFS
Drive e: (HP7_DEATHLY_HALLOWS_PART_2) (CDROM) (Total:6.78 GB) (Free:0 GB) UDF
Drive f: (Volume) (Fixed) (Total:1397.14 GB) (Free:132.11 GB) NTFS
Drive g: (BFII) (CDROM) (Total:3.02 GB) (Free:0 GB) UDF

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F0EA4416)
Partition 1: (Active) - (Size=160 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=771.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1397.3 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

burningice · 17.04.2016, 03:58

Schritt: 1
Neuinstallation von Malwarebytes

Bitte lade dir folgendes Tool: mbam-clean.exe
Folge den Anweisungen und lasse den PC neustarten, wenn es verlangt wird.

Schritt: 2
Lade dir folgendes Programm herunter und installiere es:

Malwarebytes Anti-Malware Hier findest du dazu eine bebilderte Anleitung

Klicke auf die Einstellungen / Erkennung und Schutz und setze dabei den Haken bei "Nach Rootkits suchen"
Klicke im Anschluss auf Durchsuchen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Suchlaufprotokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Heradi · 17.04.2016, 21:04

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 17.04.2016
Suchlaufzeit: 19:05
Protokolldatei: mbam.txt
Administrator: Ja

Version: 0.0.0.0000
Malware-Datenbank: v2016.04.17.05
Rootkit-Datenbank: v2016.04.17.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Ozoma

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 451326
Abgelaufene Zeit: 46 Min., 46 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

burningice · 17.04.2016, 23:05

Schritt: 1

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Hinweis: Dieser Scan kann schon einmal mehrere Stunden dauern...

Schritt: 2
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Hast du noch irgendwelche Probleme mit deinem Rechner?

Heradi · 19.04.2016, 12:37

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f5c96da94935ef42b00bb4b6d20c77d4
# end=init
# utc_time=2016-04-18 06:22:11
# local_time=2016-04-18 08:22:11 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=37126
Update Finalize
Updated modules version: 0
Old modules - leave modules
Update Init
Update Download
Update Finalize
Updated modules version: 29125
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=53251
Update Finalize
Updated modules version: 29125
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f5c96da94935ef42b00bb4b6d20c77d4
# end=updated
# utc_time=2016-04-18 07:36:36
# local_time=2016-04-18 09:36:36 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=f5c96da94935ef42b00bb4b6d20c77d4
# engine=29125
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-04-18 11:24:50
# local_time=2016-04-19 01:24:50 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 32302 212651740 0 0
# scanned=754987
# found=81
# cleaned=0
# scan_time=13693
sh=0584C9CB92243B7573E279ED02BD398B879F0E48 ft=1 fh=2db76d2503b75670 vn="MSIL/Solvusoft.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\FileViewPro\FileViewPro.exe.vir"
sh=FED3068DED54AABA2A7C34BBE4EA34E66C5A0518 ft=1 fh=c71c0011f3ca19b4 vn="Variante von Win32/Toolbar.Perion.J evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Web Assistant\DGChrome.exe.vir"
sh=F5D0ED01E1035A91B2FAAE5A0909DEB9C6CEFBB3 ft=1 fh=86958bb315306a7f vn="Variante von Win32/Toolbar.Perion.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Web Assistant\Extension32.dll.vir"
sh=FA6121A491B83D3123AFDEFC172211867BDEFF57 ft=1 fh=c2b4ac81204e0e89 vn="Variante von Win64/Toolbar.Perion.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Web Assistant\Extension64.dll.vir"
sh=09A3125A130157578915859AEF6C433F7ED39C01 ft=1 fh=20aaf13582cf1552 vn="Variante von Win32/Toolbar.BitCocktail.B evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Web Assistant\ExtensionUpdaterService.exe.vir"
sh=0E7AE2A0D1AE812232F8D9977171317146D47D08 ft=1 fh=07ffa18f4a4cf8ac vn="Variante von Win32/Toolbar.BitCocktail.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Web Assistant\InstallerHelper.dll.vir"
sh=4F64AB4816597B0F65638C35A6EA41B4E94D5AD9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Perion.K evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Web Assistant\source.crx.vir"
sh=47A2E20CB1DD7EC5B9B4DBC397504DCFE8E15F7C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Perion.D evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Web Assistant\Firefox\chrome\content\main.js.vir"
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir"
sh=16EA32333E70AC8C516FA3867B521AE714EFAFB2 ft=1 fh=c71c0011c84760bd vn="Win32/Somoto.O evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Minibar\Minibar.dll.vir"
sh=6BB16D37C39BB23A500B12BCE5CDA4182C805D6F ft=1 fh=1a2102acc8b58f79 vn="Variante von Win32/SProtector.B evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Ss.Helper\uninstall.exe.vir"
sh=0B9E805077320B0CE1E6620488BD34F1C4D7827E ft=1 fh=c71c00111d2b8c05 vn="Variante von Win32/Adware.MultiPlug.I Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Doiwneload keepeeRa\2TW6QpDS.dll.vir"
sh=0B9E805077320B0CE1E6620488BD34F1C4D7827E ft=1 fh=c71c00111d2b8c05 vn="Variante von Win32/Adware.MultiPlug.I Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Downllooad keeper\bOdeIA2.dll.vir"
sh=0B9E805077320B0CE1E6620488BD34F1C4D7827E ft=1 fh=c71c00111d2b8c05 vn="Variante von Win32/Adware.MultiPlug.I Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\DownloAud. kkEeper\O612R0Wa.dll.vir"
sh=0B9E805077320B0CE1E6620488BD34F1C4D7827E ft=1 fh=c71c00111d2b8c05 vn="Variante von Win32/Adware.MultiPlug.I Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\DowNNlooad keepper\oOqvgRBUz4.dll.vir"
sh=415225AFD800A0D4A6D99F465FCE670CEB6FCF6F ft=1 fh=c71c00111a3a89bc vn="Variante von Win32/Adware.MultiPlug.OT Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Savensharee a\641pEoVYVkN.exe.vir"
sh=D6CFE89E51D1CF5C0043E538BC26C4477CE3EF3E ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ozoma\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie2.2.0.zip.vir"
sh=65DBF1D094F3C63AD12C8F034D8D132A962FA46E ft=1 fh=073c304ffb9fa3a8 vn="Variante von Win32/Adware.Mobogenie.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ozoma\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\aapt.exe.vir"
sh=B7832A1BC15B67EEA01C25B6C688021372FB4656 ft=1 fh=217f6af847730ddc vn="Variante von Win32/Adware.Mobogenie.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ozoma\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\CrashReport.exe.vir"
sh=85CC7149AE9F5B9C345C6E4291159EDB1E6D4AA2 ft=1 fh=28079c1ecc971f93 vn="Variante von Win32/Adware.Mobogenie.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ozoma\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\CrashRpt.dll.vir"
sh=9E2C3D7CDEDE2543CC0F7960D9837D1B6D2BE75F ft=1 fh=7a481a0f621bd9cc vn="Variante von Win32/Adware.Mobogenie.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ozoma\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\devcon_x64.exe.vir"
sh=E54955407B312B936C2873446E59355F0EA5CA73 ft=1 fh=d287fe18b11aa882 vn="Variante von Win32/Adware.Mobogenie.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ozoma\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\devcon_x86.exe.vir"
sh=77FF724EA6530E24FBD9EA8C2D59B1B291796874 ft=1 fh=d2ee2046d07ae837 vn="Variante von Win32/Adware.Mobogenie.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ozoma\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\DriverInstall_x64.exe.vir"
sh=1A8B4BA11E613DE010E51F03D89B513527846AA4 ft=1 fh=95b4c8bc1ea46e9e vn="Variante von Win32/Adware.Mobogenie.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ozoma\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\DriverInstall_x86.exe.vir"
sh=8EE77C3EA732059837B316BEEE37A0809CD68F0B ft=1 fh=77f6a6fe09a20461 vn="Variante von Win32/Adware.Mobogenie.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ozoma\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\lsusb.exe.vir"
sh=F62E24423D06DDAF273DFFBA831C25EBC13B82EE ft=1 fh=9b120be6f077dc20 vn="Variante von Win32/Adware.Mobogenie.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ozoma\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\mgadb.exe.vir"
sh=02D365A799FDCBF8C8A507FCFC69946B402FEA53 ft=1 fh=92f3782890b0d44b vn="Variante von Win32/Adware.Mobogenie.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ozoma\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\mgusb.exe.vir"
sh=1FD24BAE5755536F5B1CDF3F46A6C75BFD137933 ft=0 fh=0000000000000000 vn="Variante von Android/Mobserv.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ozoma\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\MUServer.apk.vir"
sh=8C6F55634ADBCA6FAA8101C1B2FB024B4855499D ft=1 fh=2876557c9c75ac21 vn="Variante von Win32/Adware.Mobogenie.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ozoma\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\OutlookOperatorC.exe.vir"
sh=A24B9FB4F38473ECAC32B472CCE9B3491B81726C ft=1 fh=c71c0011b420df55 vn="Variante von Win32/BrowserCompanion.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ozoma\AppData\LocalLow\bbrs_002.tb\content\BCHelper.exe.vir"
sh=E33473A547B46503C4F7D8D6095F084570496E0F ft=1 fh=3cc725458bf86889 vn="Win32/BrowserCompanion evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ozoma\AppData\Roaming\BrowserCompanion\tcbhn.exe.vir"
sh=7347094BB7355D843C3B590B6944158EF33010C2 ft=1 fh=d6498a4cb5105e4e vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ozoma\AppData\Roaming\Mozilla\Firefox\Profiles\1mzye7mr.default\Extensions\{40C3CC16-7269-4B32-9531-17F2950FB06F}\Plugins\npConduitFirefoxPlugin.dll.vir"
sh=ABE61DFB4D7BC60E0B5FC055BF39337AA068B8D8 ft=0 fh=0000000000000000 vn="JS/Lightning.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ozoma\AppData\Roaming\Mozilla\Firefox\Profiles\xf4j3rjr.default-1389032603445\Extensions\faststartff@gmail.com\chrome\content\index.html.vir"
sh=4383C6E4FDCA1422F195521CDF41A241BC4DC0AB ft=0 fh=0000000000000000 vn="JS/Lightning.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ozoma\AppData\Roaming\Mozilla\Firefox\Profiles\xf4j3rjr.default-1389032603445\Extensions\faststartff@gmail.com\chrome\content\js\js.js.vir"
sh=42F28DA037F556ABCAB46C07305C7C0030C44F2F ft=0 fh=0000000000000000 vn="JS/Lightning.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ozoma\AppData\Roaming\Mozilla\Firefox\Profiles\xf4j3rjr.default-1389032603445\Extensions\faststartff@gmail.com\chrome\content\js\module\mostgrid.js.vir"
sh=40A9D3BEA42B052037CEE6799461413FAE30C4FF ft=0 fh=0000000000000000 vn="JS/Lightning.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ozoma\AppData\Roaming\Mozilla\Firefox\Profiles\xf4j3rjr.default-1389032603445\Extensions\faststartff@gmail.com\chrome\content\js\pack\common.js.vir"
sh=DEB9D0A1BE36DEA3215C458DC3722ACF622A20FB ft=0 fh=0000000000000000 vn="JS/Lightning.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ozoma\AppData\Roaming\Mozilla\Firefox\Profiles\xf4j3rjr.default-1389032603445\Extensions\faststartff@gmail.com\chrome\content\js\pack\xagainit.js.vir"
sh=2F016F395DA134CB240A375BD4AFE67BC4F4AACE ft=1 fh=d29baf39a786373a vn="Win32/Adware.Synatix Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Ozoma\AppData\Roaming\Windows Net Data\net.exe.vir"
sh=9EFBF2F1D28936E18B2A17CB853E8623F192E292 ft=1 fh=d263f505812ebd88 vn="Win32/Toolbar.CrossRider.O evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\FRST\Quarantine\CS Browser Assistant 2.0\CS Browser Assistant 2.0-bho.dll"
sh=7EFC16C587164083105DD52683CA453F9A64FB17 ft=1 fh=8ae64906c9422b23 vn="Win32/Packed.ScrambleWrapper.G evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\FRST\Quarantine\CSBrowserHelper\cs-browser-assistant-2-0.exe"
sh=28E7682E6C2E29E3CEC11582C6EA8DE78F7A82F9 ft=1 fh=1843afb1c5f71d45 vn="Win32/Somoto.F evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Program Files (x86)\HyperCam 2\hctoolbar.exe"
sh=94DC55D7F4684907E617B7FC549920F6DABB1B6C ft=1 fh=ba6b5e56e91f2724 vn="Variante von Win32/InstalleRex.T evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\ProgramData\InstallMate\{0129680E-8A29-4EDB-AC30-C20BDACA4AF8}\Custom.dll"
sh=E835A409250E695DD2622FFB787A9432C80D1D9E ft=1 fh=b5322d5fe91f2724 vn="Variante von Win32/InstalleRex.T evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\ProgramData\InstallMate\{28780500-896F-460B-A4E0-C14DF39B27F6}\Custom.dll"
sh=1DD769D04E61E44AD3CAF3AA28EB39B466477B34 ft=1 fh=98a68eb879f9b060 vn="Variante von Win32/InstalleRex.T evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\ProgramData\InstallMate\{62513890-FAF0-49D8-AB33-B2D2B9B21A66}\Custom.dll"
sh=E835A409250E695DD2622FFB787A9432C80D1D9E ft=1 fh=b5322d5fe91f2724 vn="Variante von Win32/InstalleRex.T evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\ProgramData\InstallMate\{71B9088F-187D-4CAD-AE46-505FAA5A2A79}\Custom.dll"
sh=E835A409250E695DD2622FFB787A9432C80D1D9E ft=1 fh=b5322d5fe91f2724 vn="Variante von Win32/InstalleRex.T evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\ProgramData\InstallMate\{82DCB037-1D3A-48FB-AA10-5518593F92C1}\Custom.dll"
sh=E835A409250E695DD2622FFB787A9432C80D1D9E ft=1 fh=b5322d5fe91f2724 vn="Variante von Win32/InstalleRex.T evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\ProgramData\InstallMate\{958270B4-ABDF-427A-A091-E3FD4E615242}\Custom.dll"
sh=E835A409250E695DD2622FFB787A9432C80D1D9E ft=1 fh=b5322d5fe91f2724 vn="Variante von Win32/InstalleRex.T evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\ProgramData\InstallMate\{D3F3CA9E-04E9-4A42-A8A9-4CCB0810E868}\Custom.dll"
sh=94DC55D7F4684907E617B7FC549920F6DABB1B6C ft=1 fh=ba6b5e56e91f2724 vn="Variante von Win32/InstalleRex.T evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\ProgramData\InstallMate\{E1DE377B-F244-4F25-ADCE-BA663A3D158D}\Custom.dll"
sh=1DD769D04E61E44AD3CAF3AA28EB39B466477B34 ft=1 fh=98a68eb879f9b060 vn="Variante von Win32/InstalleRex.T evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\ProgramData\InstallMate\{F75CAF92-0477-4750-A5BB-4C552CBF8D64}\Custom.dll"
sh=E835A409250E695DD2622FFB787A9432C80D1D9E ft=1 fh=b5322d5fe91f2724 vn="Variante von Win32/InstalleRex.T evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\ProgramData\InstallMate\{FA203602-DE2C-4B87-A96C-960E21C314F4}\Custom.dll"
sh=94DC55D7F4684907E617B7FC549920F6DABB1B6C ft=1 fh=ba6b5e56e91f2724 vn="Variante von Win32/InstalleRex.T evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\All Users\InstallMate\{0129680E-8A29-4EDB-AC30-C20BDACA4AF8}\Custom.dll"
sh=E835A409250E695DD2622FFB787A9432C80D1D9E ft=1 fh=b5322d5fe91f2724 vn="Variante von Win32/InstalleRex.T evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\All Users\InstallMate\{28780500-896F-460B-A4E0-C14DF39B27F6}\Custom.dll"
sh=1DD769D04E61E44AD3CAF3AA28EB39B466477B34 ft=1 fh=98a68eb879f9b060 vn="Variante von Win32/InstalleRex.T evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\All Users\InstallMate\{62513890-FAF0-49D8-AB33-B2D2B9B21A66}\Custom.dll"
sh=E835A409250E695DD2622FFB787A9432C80D1D9E ft=1 fh=b5322d5fe91f2724 vn="Variante von Win32/InstalleRex.T evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\All Users\InstallMate\{71B9088F-187D-4CAD-AE46-505FAA5A2A79}\Custom.dll"
sh=E835A409250E695DD2622FFB787A9432C80D1D9E ft=1 fh=b5322d5fe91f2724 vn="Variante von Win32/InstalleRex.T evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\All Users\InstallMate\{82DCB037-1D3A-48FB-AA10-5518593F92C1}\Custom.dll"
sh=E835A409250E695DD2622FFB787A9432C80D1D9E ft=1 fh=b5322d5fe91f2724 vn="Variante von Win32/InstalleRex.T evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\All Users\InstallMate\{958270B4-ABDF-427A-A091-E3FD4E615242}\Custom.dll"
sh=E835A409250E695DD2622FFB787A9432C80D1D9E ft=1 fh=b5322d5fe91f2724 vn="Variante von Win32/InstalleRex.T evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\All Users\InstallMate\{D3F3CA9E-04E9-4A42-A8A9-4CCB0810E868}\Custom.dll"
sh=94DC55D7F4684907E617B7FC549920F6DABB1B6C ft=1 fh=ba6b5e56e91f2724 vn="Variante von Win32/InstalleRex.T evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\All Users\InstallMate\{E1DE377B-F244-4F25-ADCE-BA663A3D158D}\Custom.dll"
sh=1DD769D04E61E44AD3CAF3AA28EB39B466477B34 ft=1 fh=98a68eb879f9b060 vn="Variante von Win32/InstalleRex.T evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\All Users\InstallMate\{F75CAF92-0477-4750-A5BB-4C552CBF8D64}\Custom.dll"
sh=E835A409250E695DD2622FFB787A9432C80D1D9E ft=1 fh=b5322d5fe91f2724 vn="Variante von Win32/InstalleRex.T evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\All Users\InstallMate\{FA203602-DE2C-4B87-A96C-960E21C314F4}\Custom.dll"
sh=712DE87D51AAC46AB47A3EB212D4530BC4FB260C ft=1 fh=06652911dc11249b vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Ozoma\AppData\Local\temp\DMR\dmr_72.exe"
sh=32EA63CCAA3B483748C9B493BA98D5E480CFD5CF ft=1 fh=872aadcb87824154 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Ozoma\Desktop\Challenge\Photoshop\Typesetting\NexusFont - CHIP-Installer.exe"
sh=7B83D6EBBEC8C90C468200AE683197EC40B11CDB ft=0 fh=0000000000000000 vn="Variante von Win32/InstallCore.ACZ evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Ozoma\Desktop\Ordner\AufrÃ¤umen unwichtiger Dateien\Wario\installer.zip"
sh=7E365573C3BB3233C7BA8528D44CA10F931C8D2D ft=1 fh=a4f3ff9ad9f809e7 vn="Win32/Vittalia.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Ozoma\Desktop\Ordner\AufrÃ¤umen....again\PSP Test\Test 2\installer_sonicstage_4_3_Deutsch.exe"
sh=8DB51595492609FFF73800174DDBC6363C1DA181 ft=1 fh=e03aa7f093055e9b vn="Variante von Win32/Toolbar.Iminent.K evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Ozoma\Desktop\Ordner\Desktop zeug\IminentSetup_2-KFRPtAWP-1_.exe"
sh=1CA92C4EA18B2DE382FC69916810CB1A57DD294A ft=1 fh=5389521047dcbfc0 vn="Win32/Solvusoft.B evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Ozoma\Downloads\Setup_FileViewPro_[2015].exe"
sh=ACC4B0183E217A2B9526DCB03D909CCB05D5DEAD ft=1 fh=8fd071d8d108cb71 vn="Variante von Win32/ELEX.GY evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Windows\SysWOW64\msvcp100.dll"
sh=99B55248D1BE83258E3A9BB7D73FABD1D7FDF10C ft=1 fh=b7f3a8ed85fd25c7 vn="Variante von Win32/ELEX.GY evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Windows\SysWOW64\msvcr100.dll"
sh=CBF551E30BE4D1F1D63254FE677C5DC8DD58DAB3 ft=1 fh=288286e22c9149de vn="Variante von Win32/Toolbar.Perion.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\update[1]"
sh=7E4EB6BE72F03DDF2517B0176EBB1FE6A9B47576 ft=0 fh=0000000000000000 vn="Variante von Win32/Packed.Themida verdÃ¤chtige Datei" ac=I fn="D:\RÃ¼berziehen\Neu\I Wanna Kill The Kamilia 3 v1.30.zip"
sh=FFF9AC921E38045BF9FFAB6693DB191FEF656A9A ft=1 fh=e4f51885f31bbe61 vn="Variante von Win32/Packed.Themida verdÃ¤chtige Datei" ac=I fn="D:\RÃ¼berziehen\Neu\K3\I Wanna Kill The Kamilia 3 v1.30.exe"
sh=1F103692D20FB119B64F951B27CFE9E5AB2DE301 ft=1 fh=8edf59d8455c51dd vn="Variante von Win32/Somoto.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="F:\Datensicherung\Desktop zeug\HC2Setup.exe"
sh=9BF9AD26905468017C8030705365EDE7503E5772 ft=1 fh=12cb482e0191ec72 vn="Variante von Win32/Somoto.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="F:\Datensicherung\Desktop zeug\HC2Setup64.exe"
sh=8DB51595492609FFF73800174DDBC6363C1DA181 ft=1 fh=e03aa7f093055e9b vn="Variante von Win32/Toolbar.Iminent.K evtl. unerwÃ¼nschte Anwendung" ac=I fn="F:\Datensicherung\Desktop zeug\IminentSetup_2-KFRPtAWP-1_.exe"
sh=690B67EAEF24286588EE98ECF72AADCF21F4A658 ft=1 fh=8dde4a59d16bf16b vn="Win32/Toolbar.Montiera.I evtl. unerwÃ¼nschte Anwendung" ac=I fn="F:\Datensicherung\Desktop zeug\softonic_ggl_1.5.24.3.exe"
sh=1F103692D20FB119B64F951B27CFE9E5AB2DE301 ft=1 fh=8edf59d8455c51dd vn="Variante von Win32/Somoto.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="F:\Desktop zeug\HC2Setup.exe"
sh=9BF9AD26905468017C8030705365EDE7503E5772 ft=1 fh=12cb482e0191ec72 vn="Variante von Win32/Somoto.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="F:\Desktop zeug\HC2Setup64.exe"
sh=8DB51595492609FFF73800174DDBC6363C1DA181 ft=1 fh=e03aa7f093055e9b vn="Variante von Win32/Toolbar.Iminent.K evtl. unerwÃ¼nschte Anwendung" ac=I fn="F:\Desktop zeug\IminentSetup_2-KFRPtAWP-1_.exe"
sh=690B67EAEF24286588EE98ECF72AADCF21F4A658 ft=1 fh=8dde4a59d16bf16b vn="Win32/Toolbar.Montiera.I evtl. unerwÃ¼nschte Anwendung" ac=I fn="F:\Desktop zeug\softonic_ggl_1.5.24.3.exe"
sh=B31ED7A213C782AE118F6E21112F8D833E290513 ft=0 fh=0000000000000000 vn="Variante von Win32/Amonetize.NY evtl. unerwÃ¼nschte Anwendung" ac=I fn="F:\Kingdom Hearts Final Mix\NESBattleKidFortressOfPerilFULLNESROM125KB.rar"

Frst

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:13-04-2016
durchgeführt von Ozoma (Administrator) auf OZOMA-PC (19-04-2016 13:27:11)
Gestartet von C:\Users\Ozoma\Desktop
Geladene Profile: Ozoma (Verfügbare Profile: Ozoma)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LINE Corporation) C:\Program Files (x86)\LINE\LINE.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Valve Corporation) D:\Steam\Steam.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(Dropbox, Inc.) C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-02-14] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2016-04-05] (LogMeIn Inc.)
HKU\S-1-5-21-3620531602-815428446-3748077359-1001\...\Run: [DAEMON Tools Lite] => D:\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-3620531602-815428446-3748077359-1001\...\Run: [Dropbox Update] => C:\Users\Ozoma\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-16] (Dropbox, Inc.)
HKU\S-1-5-21-3620531602-815428446-3748077359-1001\...\Run: [LINE] => C:\Program Files (x86)\LINE\line.exe [17227240 2016-03-10] (LINE Corporation)
HKU\S-1-5-21-3620531602-815428446-3748077359-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3620531602-815428446-3748077359-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23260000 2016-02-24] (Google)
HKU\S-1-5-21-3620531602-815428446-3748077359-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50670720 2016-03-01] (Skype Technologies S.A.)
HKU\S-1-5-21-3620531602-815428446-3748077359-1001\...\Run: [Steam] => D:\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
HKU\S-1-5-21-3620531602-815428446-3748077359-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Users\Ozoma\Desktop\IMG005~1.SCR
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
Startup: C:\Users\Ozoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-04-15]
ShortcutTarget: Dropbox.lnk -> C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [231424 2013-09-08] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224 2009-07-14] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\napinsp.dll"
Winsock: Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024 2009-07-14] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024 2009-07-14] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424 2013-09-08] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992 2009-07-14] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\System32\winrnr.dll"
Winsock: Catalog5-x64 01 C:\Windows\System32\mswsock.dll [327168 2013-09-08] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\NLAapi.dll"
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\..\Interfaces\{027C0094-CB13-4C44-920B-6595D581C01B}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-3620531602-815428446-3748077359-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3620531602-815428446-3748077359-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-3620531602-815428446-3748077359-1001 -> {371DBE33-47B9-4EA9-ADBA-E5886E44D4E9} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-3620531602-815428446-3748077359-1001 -> {96CEEE20-AFBC-439F-8348-317552AEDFF2} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-3620531602-815428446-3748077359-1001 -> {9A278DCD-E49C-4FA0-8988-6C51AF86CEAA} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-3620531602-815428446-3748077359-1001 -> {FA5B4673-0177-431A-BF39-E3B5DA5A21AA} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll => Keine Datei
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-25] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-25] (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-03-02] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Ozoma\AppData\Roaming\Mozilla\Firefox\Profiles\xf4j3rjr.default-1389032603445
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: www.google.com
FF Session Restore: -> ist aktiviert.
FF Keyword.URL: hxxps://www.google.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-08] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1214154.dll [2014-11-26] (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-02-18] (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-25] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3620531602-815428446-3748077359-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ozoma\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-03-24] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll [2012-01-12] (BitComet)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Extension: ExHentai Easy 2 - C:\Users\Ozoma\AppData\Roaming\Mozilla\Firefox\Profiles\xf4j3rjr.default-1389032603445\Extensions\jid1-7NbXi2AqS1oUFw@jetpack.xpi [2015-02-02] [ist nicht signiert]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-02-20] [ist nicht signiert]

Chrome: 
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxp://websearch.searchdwebs.info/?pid=34&r=2013/06/20&hid=952745596&lg=EN&cc=DE&unqvl=22","hxxp://www.youtube.com/watch?v=b3WNiI7OtT0","hxxp://www.youtube.com/watch?v=MOY1QbcH3a4","hxxp://www.detektiv-conan.ch/index.php?page=jpnepisoden.php&episoden=681697","hxxp://detektivconan-wiki.com/wiki/Liste_der_Anime-Episoden","hxxp://megaman.wikia.com/wiki/List_of_Mega_Man_6_enemies","hxxp://www.youtube.com/watch?v=DeHHPLMMCfs","hxxp://www.youtube.com/watch?v=n8ofa-afC6c&list=WL012A62390FD9B1E6","hxxp://www.youtube.com/watch?v=TLVGmvmNitg&list=SP2B009153AC977F90","hxxp://www.burning-seri.es/serie/Akte-X/1/17-Taeuschungsmanoever","hxxp://www.burning-seri.es/serie/Startrek-Enterprise/1/20-Schiff-der-Geister/PutLocker-1","hxxp://annayseult.blogspot.de/?zx=e8d1c655866936ed","hxxp://www.youtube.com/results?search_query=megaman+folge+3&oq=megaman+folge+3&gs_l=youtube.3..0l3.1499583.1500130.0.1500560.2.2.0.0.0.0.197.262.1j1.2.0...0.0...1ac.1.11.youtube.oNVa4RtNhJ8","hxxps://mail.google.com/mail/u/0/?ui=2&shva=1#inbox","hxxp://searchiy.gboxapp.com/?pid=500&src=ch1&r=2013/06/28&hid=952745596&lg=EN&cc=DE","hxxp://searchiy.gboxapp.com/?pid=500&src=ch1&r=2013/07/17&hid=952745596&lg=EN&cc=DE"
CHR Session Restore: Default -> ist aktiviert.
CHR Profile: C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-08]
CHR Extension: (Google Docs) - C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-08]
CHR Extension: (Google Drive) - C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-08]
CHR Extension: (YouTube) - C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-08]
CHR Extension: (Adblock Plus) - C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-10]
CHR Extension: (Google-Suche) - C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-08]
CHR Extension: (Tampermonkey) - C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2016-04-11]
CHR Extension: (Google Tabellen) - C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-08]
CHR Extension: (Google Docs Offline) - C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-04-17]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Google Mail) - C:\Users\Ozoma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-08]
CHR HKU\S-1-5-21-3620531602-815428446-3748077359-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Ozoma\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2015-09-09]
CHR HKU\S-1-5-21-3620531602-815428446-3748077359-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3620531602-815428446-3748077359-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-06-15] () [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2016-04-05] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2104840 2016-02-13] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-23] ()
S4 RemoteAccess; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2015-12-27] (Microsoft Corporation) [Datei ist nicht signiert]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [746392 2013-03-20] (Tunngle.net GmbH) [Datei ist nicht signiert]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-07-12] (VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-31] (DT Soft Ltd)
S3 E100B; C:\Windows\System32\DRIVERS\efe5b32e.sys [192256 2009-06-10] (Intel Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [46792 2013-07-24] (AnchorFree Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-04-19] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-18 20:19 - 2016-04-18 20:19 - 02870984 _____ (ESET) C:\Users\Ozoma\Desktop\esetsmartinstaller_deu.exe
2016-04-17 22:03 - 2016-04-17 22:03 - 00001197 _____ C:\Users\Ozoma\Desktop\mbam.txt
2016-04-17 08:11 - 2016-04-19 13:20 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-17 08:11 - 2016-04-17 08:11 - 00001108 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-04-17 08:11 - 2016-04-17 08:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-04-17 08:11 - 2016-04-17 08:11 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-04-17 08:11 - 2016-04-17 08:11 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-04-17 08:11 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-04-17 08:11 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-04-17 08:11 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-04-17 08:09 - 2016-04-17 08:10 - 22851472 _____ (Malwarebytes ) C:\Users\Ozoma\Desktop\mbam-setup-2.2.1.1043 (2).exe
2016-04-17 08:03 - 2016-04-17 08:03 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Ozoma\Desktop\mbam-clean-2.1.1.1001.exe
2016-04-15 16:39 - 2016-04-15 16:39 - 22851472 _____ (Malwarebytes ) C:\Users\Ozoma\Desktop\mbam-setup-2.2.1.1043 (1).exe
2016-04-15 16:18 - 2016-04-15 16:18 - 03677760 _____ C:\Users\Ozoma\Desktop\AdwCleaner_5.111.exe
2016-04-15 12:48 - 2016-04-15 12:48 - 00003775 _____ C:\Users\Ozoma\Desktop\ckfiles.txt
2016-04-15 12:37 - 2016-04-15 12:37 - 00468480 _____ () C:\Users\Ozoma\Desktop\CKScanner.exe
2016-04-15 07:55 - 2016-04-15 07:55 - 00000000 ____D C:\Users\Ozoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-04-14 22:48 - 2016-04-14 22:59 - 00209110 _____ C:\TDSSKiller.3.1.0.9_14.04.2016_22.48.31_log.txt
2016-04-14 22:47 - 2016-04-14 22:47 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Ozoma\Desktop\tdsskiller.exe
2016-04-14 22:45 - 2016-04-15 16:57 - 00076410 _____ C:\Users\Ozoma\Desktop\Addition.txt
2016-04-14 22:38 - 2016-04-19 13:27 - 00029051 _____ C:\Users\Ozoma\Desktop\FRST.txt
2016-04-14 22:37 - 2016-04-14 22:38 - 02375168 _____ (Farbar) C:\Users\Ozoma\Desktop\FRST64.exe
2016-04-14 18:29 - 2016-04-14 18:29 - 22851472 _____ (Malwarebytes ) C:\Users\Ozoma\Desktop\mbam-setup-2.2.1.1043.exe
2016-04-13 17:14 - 2016-03-31 20:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-04-13 17:14 - 2016-03-31 02:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-04-13 17:14 - 2016-03-31 02:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-04-13 17:14 - 2016-03-31 02:21 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-04-13 17:14 - 2016-03-31 02:17 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-04-13 17:14 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-04-13 17:14 - 2016-03-31 02:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-04-13 17:14 - 2016-03-31 01:59 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-04-13 17:14 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-04-13 17:14 - 2016-03-31 01:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-04-13 17:14 - 2016-03-31 01:52 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-04-13 17:14 - 2016-03-31 01:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-04-13 17:14 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-04-13 17:14 - 2016-03-31 01:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-04-13 17:14 - 2016-03-31 01:33 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-04-13 17:14 - 2016-03-31 01:31 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-04-13 17:14 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-04-13 17:14 - 2016-03-31 01:29 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-04-13 17:14 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-04-13 17:14 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-04-13 17:13 - 2016-03-31 21:25 - 00394952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-04-13 17:13 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-04-13 17:13 - 2016-03-31 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-04-13 17:13 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-04-13 17:13 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-04-13 17:13 - 2016-03-31 02:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-04-13 17:13 - 2016-03-31 02:27 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-04-13 17:13 - 2016-03-31 02:27 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-04-13 17:13 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-04-13 17:13 - 2016-03-31 02:22 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-04-13 17:13 - 2016-03-31 02:19 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-04-13 17:13 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-04-13 17:13 - 2016-03-31 02:17 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-04-13 17:13 - 2016-03-31 02:17 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-04-13 17:13 - 2016-03-31 02:11 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-04-13 17:13 - 2016-03-31 02:08 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-04-13 17:13 - 2016-03-31 02:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-04-13 17:13 - 2016-03-31 01:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-04-13 17:13 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-04-13 17:13 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-04-13 17:13 - 2016-03-31 01:53 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-04-13 17:13 - 2016-03-31 01:52 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-04-13 17:13 - 2016-03-31 01:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-04-13 17:13 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-04-13 17:13 - 2016-03-31 01:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-04-13 17:13 - 2016-03-31 01:46 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-04-13 17:13 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-04-13 17:13 - 2016-03-31 01:45 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-04-13 17:13 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-04-13 17:13 - 2016-03-31 01:45 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-04-13 17:13 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-04-13 17:13 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-04-13 17:13 - 2016-03-31 01:42 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-04-13 17:13 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-04-13 17:13 - 2016-03-31 01:38 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-04-13 17:13 - 2016-03-31 01:31 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-04-13 17:13 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-04-13 17:13 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-04-13 17:13 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-04-13 17:13 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-04-13 17:13 - 2016-03-31 01:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-04-13 17:13 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-04-13 17:13 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-04-13 17:13 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-04-13 17:13 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-04-13 17:13 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-04-13 17:13 - 2016-03-18 01:04 - 05551336 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-04-13 17:13 - 2016-03-18 01:04 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-04-13 17:13 - 2016-03-18 01:04 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-04-13 17:13 - 2016-03-18 01:04 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-04-13 17:13 - 2016-03-18 01:01 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-13 17:13 - 2016-03-18 01:01 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-04-13 17:13 - 2016-03-18 00:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-04-13 17:13 - 2016-03-18 00:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-04-13 17:13 - 2016-03-18 00:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-04-13 17:13 - 2016-03-18 00:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-04-13 17:13 - 2016-03-18 00:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-04-13 17:13 - 2016-03-18 00:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-04-13 17:13 - 2016-03-18 00:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-04-13 17:13 - 2016-03-18 00:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-04-13 17:13 - 2016-03-18 00:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-04-13 17:13 - 2016-03-18 00:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-04-13 17:13 - 2016-03-18 00:57 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-04-13 17:13 - 2016-03-18 00:57 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-04-13 17:13 - 2016-03-18 00:57 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-04-13 17:13 - 2016-03-18 00:57 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-04-13 17:13 - 2016-03-18 00:57 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-04-13 17:13 - 2016-03-18 00:56 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-13 17:13 - 2016-03-18 00:56 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-04-13 17:13 - 2016-03-18 00:54 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-04-13 17:13 - 2016-03-18 00:54 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-04-13 17:13 - 2016-03-18 00:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-04-13 17:13 - 2016-03-18 00:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-04-13 17:13 - 2016-03-18 00:53 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-13 17:13 - 2016-03-18 00:53 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-04-13 17:13 - 2016-03-18 00:53 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-04-13 17:13 - 2016-03-18 00:53 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:36 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-04-13 17:13 - 2016-03-18 00:36 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-04-13 17:13 - 2016-03-18 00:33 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-04-13 17:13 - 2016-03-18 00:31 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-04-13 17:13 - 2016-03-18 00:31 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-04-13 17:13 - 2016-03-18 00:31 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-04-13 17:13 - 2016-03-18 00:31 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-04-13 17:13 - 2016-03-18 00:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-04-13 17:13 - 2016-03-18 00:30 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-04-13 17:13 - 2016-03-18 00:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-04-13 17:13 - 2016-03-18 00:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-04-13 17:13 - 2016-03-18 00:29 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-04-13 17:13 - 2016-03-18 00:29 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-04-13 17:13 - 2016-03-18 00:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-04-13 17:13 - 2016-03-18 00:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-04-13 17:13 - 2016-03-18 00:27 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-04-13 17:13 - 2016-03-18 00:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-04-13 17:13 - 2016-03-18 00:27 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-04-13 17:13 - 2016-03-18 00:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-04-13 17:13 - 2016-03-18 00:26 - 00553984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-04-13 17:13 - 2016-03-18 00:25 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 17:13 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-13 17:13 - 2016-03-17 23:53 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-04-13 17:13 - 2016-03-17 23:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-04-13 17:13 - 2016-03-17 23:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-04-13 17:13 - 2016-03-17 23:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-04-13 17:13 - 2016-03-17 23:44 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-04-13 17:13 - 2016-03-17 23:43 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-04-13 17:13 - 2016-03-17 23:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-04-13 17:13 - 2016-03-17 23:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-04-13 17:13 - 2016-03-17 23:37 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-04-13 17:13 - 2016-03-17 23:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-04-13 17:13 - 2016-03-17 23:35 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-04-13 17:13 - 2016-03-17 23:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-04-13 17:13 - 2016-03-17 23:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-04-13 17:13 - 2016-03-17 23:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-04-13 17:13 - 2016-03-17 23:30 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-04-13 17:13 - 2016-03-17 23:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-04-13 17:13 - 2016-03-17 23:29 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-04-13 17:13 - 2016-03-17 23:29 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-13 17:13 - 2016-03-17 23:29 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 17:13 - 2016-03-17 23:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 17:13 - 2016-03-17 23:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-13 17:13 - 2016-03-06 20:53 - 01885696 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-13 17:13 - 2016-03-06 20:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-04-13 17:13 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-13 17:13 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-04-13 17:12 - 2016-03-29 19:53 - 03216896 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-04-13 17:12 - 2016-03-16 02:16 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-13 17:12 - 2016-03-16 02:16 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-13 17:12 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-13 17:12 - 2016-03-11 20:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-04-13 17:12 - 2016-03-11 20:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-04-08 00:28 - 2016-04-08 00:28 - 05934784 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-04-06 16:07 - 2016-04-06 16:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-04-06 16:07 - 2016-04-06 16:07 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-04-05 19:40 - 2016-04-05 19:40 - 00000844 _____ C:\Users\Ozoma\AppData\Local\recently-used.xbel
2016-04-05 19:39 - 2016-04-05 19:39 - 00000000 ____D C:\Users\Ozoma\.fontconfig
2016-04-03 20:40 - 2016-04-03 20:39 - 00524304 _____ C:\Users\Ozoma\Desktop\Overload 3 Beta Test 5.nes
2016-03-31 21:59 - 2016-03-31 21:59 - 00006235 _____ C:\Users\Ozoma\Desktop\^414E80C65348E4630387FDD2AB4066B16597FC635919258E64^pimgpsh_thumbnail_win_distr.jpg
2016-03-31 21:46 - 2016-03-31 21:53 - 00393232 _____ C:\Users\Ozoma\Desktop\Overload 4.nes
2016-03-31 20:39 - 1997-05-19 21:36 - 00393232 ____R C:\Users\Ozoma\Desktop\Mega Man 3 (U) [!].nes
2016-03-30 22:16 - 2016-03-30 22:16 - 00000000 ____D C:\Users\Ozoma\Desktop\Cache
2016-03-28 14:08 - 2016-03-28 14:06 - 00524304 _____ C:\Users\Ozoma\Desktop\Overload 3 Beta Test 4.nes
2016-03-28 13:44 - 2016-03-28 13:44 - 00000022 _____ C:\Users\Ozoma\Desktop\Story.txt
2016-03-26 14:48 - 2016-03-26 14:44 - 00524304 _____ C:\Users\Ozoma\Desktop\Overload 3 Beta Test 3.nes
2016-03-20 02:34 - 2016-03-17 02:49 - 00524304 _____ C:\Users\Ozoma\Desktop\Overload 3 Beta Test 2.nes

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-19 13:34 - 2012-04-24 08:18 - 00000000 ____D C:\Users\Ozoma\AppData\Roaming\Skype
2016-04-19 13:27 - 2013-11-25 15:51 - 00000000 ____D C:\FRST
2016-04-19 13:21 - 2015-07-16 05:09 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3620531602-815428446-3748077359-1001UA.job
2016-04-19 13:21 - 2014-07-13 17:08 - 00000000 ___RD C:\Users\Ozoma\Dropbox
2016-04-19 13:20 - 2014-01-11 17:38 - 00000000 ____D C:\ProgramData\VMware
2016-04-19 13:20 - 2013-05-11 14:54 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-19 13:20 - 2013-04-29 20:53 - 00000000 ____D C:\Users\Ozoma\AppData\Local\LogMeIn Hamachi
2016-04-19 13:19 - 2012-04-18 07:46 - 00000000 ____D C:\ProgramData\NVIDIA
2016-04-19 13:19 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-19 02:32 - 2015-07-16 05:09 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3620531602-815428446-3748077359-1001Core.job
2016-04-19 02:28 - 2013-01-04 00:39 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-19 02:17 - 2013-05-11 14:54 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-19 00:13 - 2015-09-01 00:37 - 00005290 _____ C:\Users\Ozoma\Desktop\Mögliche Mangaprojekte.txt
2016-04-18 17:10 - 2009-07-14 06:45 - 00027920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-18 17:10 - 2009-07-14 06:45 - 00027920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-17 21:11 - 2014-01-06 20:12 - 00000000 ____D C:\Windows\CD09642E061D4844BA37ED1480916404.TMP
2016-04-16 14:02 - 2016-02-05 15:45 - 00001221 _____ C:\Users\Ozoma\Desktop\Neues Textdokument (2).txt
2016-04-15 23:52 - 2012-08-17 00:56 - 00030720 _____ C:\Users\Ozoma\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-04-15 16:31 - 2013-11-25 16:24 - 00000000 ____D C:\AdwCleaner
2016-04-15 16:20 - 2012-04-20 23:59 - 00000000 ____D C:\Users\Ozoma\AppData\Roaming\TS3Client
2016-04-15 16:16 - 2014-03-30 17:29 - 00000000 ____D C:\Users\Ozoma\AppData\Local\Battle.net
2016-04-15 07:56 - 2014-07-13 17:05 - 00000000 ____D C:\Users\Ozoma\AppData\Roaming\Dropbox
2016-04-15 07:55 - 2015-07-16 05:09 - 00000000 ____D C:\Users\Ozoma\AppData\Local\Dropbox
2016-04-14 04:08 - 2015-03-11 05:06 - 00000000 ____D C:\Windows\rescache
2016-04-14 03:31 - 2009-07-14 06:45 - 04927232 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-14 03:11 - 2013-09-06 01:05 - 00000000 ____D C:\Windows\system32\MRT
2016-04-14 03:04 - 2012-07-23 17:49 - 135176864 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-04-13 20:38 - 2015-03-21 21:19 - 00000000 ____D C:\Users\Ozoma\Desktop\Challenge
2016-04-12 02:21 - 2016-01-08 19:41 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-08 00:28 - 2013-12-11 16:28 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-08 00:28 - 2013-01-04 00:39 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-04-08 00:28 - 2012-04-21 19:09 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-06 16:07 - 2015-12-04 04:51 - 00000932 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2016-04-06 10:18 - 2010-11-21 05:27 - 00453280 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-04-05 19:41 - 2012-10-01 17:39 - 00000000 ____D C:\Users\Ozoma\AppData\Local\Paint.NET
2016-04-05 19:41 - 2012-07-08 22:19 - 00000000 ____D C:\Users\Ozoma\.gimp-2.6
2016-04-05 19:39 - 2012-04-20 23:45 - 00000000 ____D C:\Users\Ozoma
2016-04-05 16:18 - 2013-01-20 14:24 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2016-04-03 20:40 - 2016-03-13 13:39 - 00000000 ____D C:\Users\Ozoma\Desktop\Overload Test
2016-04-02 12:39 - 2016-01-28 23:02 - 00000000 ____D C:\ProgramData\F-Secure
2016-03-20 17:03 - 2015-06-18 19:03 - 00000000 ____D C:\Users\Ozoma\AppData\Local\Daedalic Entertainment GmbH

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-29 11:02 - 2016-01-25 19:37 - 0000132 _____ () C:\Users\Ozoma\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2012-07-10 22:24 - 2012-07-13 19:06 - 0000096 _____ () C:\Users\Ozoma\AppData\Roaming\Camdata.ini
2012-07-10 22:24 - 2012-07-13 19:06 - 0000408 _____ () C:\Users\Ozoma\AppData\Roaming\CamLayout.ini
2012-07-10 22:24 - 2012-07-13 19:06 - 0000408 _____ () C:\Users\Ozoma\AppData\Roaming\CamShapes.ini
2012-07-10 22:24 - 2012-07-13 19:06 - 0004416 _____ () C:\Users\Ozoma\AppData\Roaming\CamStudio.cfg
2012-07-13 18:19 - 2012-07-13 18:19 - 0000000 _____ () C:\Users\Ozoma\AppData\Roaming\CamStudio.Producer.Data.ini
2012-07-13 18:19 - 2012-07-13 18:19 - 0001206 _____ () C:\Users\Ozoma\AppData\Roaming\CamStudio.Producer.ini
2015-02-27 17:14 - 2015-02-27 17:14 - 0000194 _____ () C:\Users\Ozoma\AppData\Roaming\dmsettings.xml
2004-01-26 17:15 - 2004-01-26 17:15 - 0233472 ____R () C:\Users\Ozoma\AppData\Roaming\MafiaSetup.exe
2012-08-19 23:15 - 2012-08-21 11:03 - 0000000 ____H () C:\Users\Ozoma\AppData\Roaming\winbras.sys
2012-08-19 23:15 - 2012-08-21 11:03 - 0000000 ____H () C:\Users\Ozoma\AppData\Roaming\windrvconfig.txt
2012-08-17 00:56 - 2016-04-15 23:52 - 0030720 _____ () C:\Users\Ozoma\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-04-05 19:40 - 2016-04-05 19:40 - 0000844 _____ () C:\Users\Ozoma\AppData\Local\recently-used.xbel
2012-07-08 23:49 - 2014-08-18 23:22 - 0007602 _____ () C:\Users\Ozoma\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
C:\Users\Ozoma\AppData\Local\temp\drm_dialogs.dll
C:\Users\Ozoma\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpl70lnf.dll
C:\Users\Ozoma\AppData\Local\temp\ICSharpCode.SharpZipLib.dll
C:\Users\Ozoma\AppData\Local\temp\libeay32.dll
C:\Users\Ozoma\AppData\Local\temp\msvcr120.dll
C:\Users\Ozoma\AppData\Local\temp\Quarantine.exe
C:\Users\Ozoma\AppData\Local\temp\SkypeSetup.exe
C:\Users\Ozoma\AppData\Local\temp\sqlite3.dll
C:\Users\Ozoma\AppData\Local\temp\YgoUpdater.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-18 04:26

==================== Ende von FRST.txt ============================

Heradi · 19.04.2016, 12:38

Addition

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:13-04-2016
durchgeführt von Ozoma (2016-04-19 13:34:47)
Gestartet von C:\Users\Ozoma\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-04-20 21:45:42)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3620531602-815428446-3748077359-500 - Administrator - Disabled)
fbwuser (S-1-5-21-3620531602-815428446-3748077359-1004 - Limited - Enabled)
Gast (S-1-5-21-3620531602-815428446-3748077359-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3620531602-815428446-3748077359-1003 - Limited - Enabled)
Ozoma (S-1-5-21-3620531602-815428446-3748077359-1001 - Administrator - Enabled) => C:\Users\Ozoma

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7 Days to Die (HKLM-x32\...\Steam App 251570) (Version:  - The Fun Pimps)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2 - Adobe Systems Incorporated)
Adobe Flash Media Live Encoder 3.2 (HKLM-x32\...\{0659E943-DDF4-44FC-9FEE-A13B09F8BB08}) (Version: 3.2.0 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.4.154 - Adobe Systems, Inc.)
Aegisub 3.2.2 (HKLM\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Alice Madness Returns (HKLM-x32\...\{93A3AB24-36E8-41BA-80C6-CCEC237836DC}) (Version: 1.0.0.0 - Electronic Arts)
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version:  - )
Angry Video Game Nerd Adventures (HKLM-x32\...\Steam App 237740) (Version:  - FreakZone Games)
AnkhBotR2 version 1.0.0.16 (HKLM-x32\...\{08D3C5BB-C492-4916-B111-725081845380}_is1) (Version: 1.0.0.16 - Marcin Swierzowski aka AnkhHeart)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Ascend: Hand of Kul (HKLM-x32\...\Steam App 233630) (Version:  - Signal Studios)
Audacity Recovery Utility (HKLM-x32\...\AURC_is1) (Version:  - Markus Meyer)
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
Bardbarian (HKLM-x32\...\Steam App 269490) (Version:  - TreeFortress Games)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
Beyond Divinity (HKLM-x32\...\{4C9BE645-3EF8-335D-9A7C-77F2A8689C5E}_is1) (Version: 1.0.7 - )
Camtasia Studio 7 (HKLM-x32\...\{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}) (Version: 7.1.1 - TechSmith Corporation)
CH2_1Demo (HKLM-x32\...\UDK-15b41068-9227-4540-bf45-79ec3a1d0195) (Version:  - Epic Games, Inc.)
CH2E1.1 (HKLM-x32\...\UDK-c126d00d-307a-404d-94b3-39a023e4f252) (Version:  - Epic Games, Inc.)
CH2Ep1 (HKLM-x32\...\UDK-a9cfc93b-489d-4dcf-bda6-ef42d613f81b) (Version:  - Epic Games, Inc.)
Craften Terminal 4.1.2 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 4.1.2 - Craften.de)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Dark Souls Prepare to Die Edition (HKLM-x32\...\GFWL_{4E4D0FA1-F880-4CCB-999A-501000008200}) (Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.)
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0002.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
'Das Achte Weltwunder' (HKLM-x32\...\'Das Achte Weltwunder') (Version:  - )
DayZ Commander (HKLM-x32\...\{B3653588-3AC0-4A1D-950F-D96531E84374}) (Version: 0.92.91 - Dotjosh Studios)
Dead Space (HKLM-x32\...\Steam App 17470) (Version:  - EA Redwood Shores)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Deponia: The Complete Journey (HKLM\...\Steam App 292910) (Version:  - Daedalic Entertainment)
DEVIL MAY CRY 4 BENCHMARK (HKLM-x32\...\{B824BEEF-262B-4B48-9984-D0C6B43C40DD}) (Version: 1.00.000 - CAPCOM CO., LTD.)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Diablo III Beta (HKLM-x32\...\Diablo III Beta) (Version: 0.2.0.7162 - Blizzard Entertainment)
Divine Divinity (HKLM-x32\...\{9278c4eb-1dfd-44ec-a0bb-3696f36a2767}_is1) (Version: 1.0.7 - )
Divine Divinity (HKLM-x32\...\Divine Divinity) (Version:  - )
Divine Divinity (HKLM-x32\...\Divine Divinity_is1) (Version:  - GOG.com)
Divinity II - Developer's Cut (HKLM-x32\...\CDCE6956-DCDC-4F82-ACA0-E4C7BAD6B26A_is1) (Version: 1.4 - Larian)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)
Dropbox (HKU\S-1-5-21-3620531602-815428446-3748077359-1001\...\Dropbox) (Version: 3.18.1 - Dropbox, Inc.)
ep2v1.0 (HKLM\...\UDK-c429a1cb-a825-4d9b-9244-6524f32619d2) (Version:  - Epic Games, Inc.)
Ep2v1.3.1 (HKLM\...\UDK-2a05942d-2635-4510-9d16-90851ac5f19d) (Version:  - Epic Games, Inc.)
EP2v1.4 (HKLM\...\UDK-4c647596-6948-492d-bfab-d89ca48f0bd3) (Version:  - Epic Games, Inc.)
Ep3v1.21 (HKLM-x32\...\UDK-8cd56b9e-f402-46df-81d4-78eee2dfccef) (Version:  - Epic Games, Inc.)
EP3v1.4 (HKLM-x32\...\UDK-9be77e23-cec9-4fbf-9d6f-45eb0e6107d0) (Version:  - Epic Games, Inc.)
EP4v1.0 (HKLM-x32\...\UDK-a4faf819-0f87-491e-adfd-7130f6f290df) (Version:  - Epic Games, Inc.)
Ep4v1.1ee (HKLM-x32\...\UDK-26c9a51b-9515-4f59-8e88-c1aca495ebfe) (Version:  - Epic Games, Inc.)
Ep5v1.01 (HKLM-x32\...\UDK-e37a630b-5d78-4674-848a-ddf58d95ca9d) (Version:  - Epic Games, Inc.)
Episode 1 1.0b (HKLM-x32\...\Episode 1 1.0b) (Version: 1.0b - Whorecraft 2)
Episode 1 1.1 (HKLM-x32\...\Episode 1 1.1) (Version: 1.1 - Whorecraft 2)
episode 4 1.1ee (HKLM-x32\...\episode 4 1.1ee) (Version: 1.1ee - Whorecraft)
Episode 5 1.01 (HKLM-x32\...\Episode 5 1.01) (Version: 1.01 - Whorecraft)
Episode1 Demo (HKLM-x32\...\Episode1 Demo) (Version: Demo - Whorecraft 2)
Eryi's Action (HKLM-x32\...\Steam App 261700) (Version:  - Xtal Sword)
Evoland (HKLM-x32\...\Steam App 233470) (Version:  - Shiro Games)
FormatFactory 2.96 (HKLM-x32\...\FormatFactory) (Version: 2.96 - Free Time)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Gajim (HKLM-x32\...\Gajim) (Version: 0.16.3 - )
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version:  - Greenheart Games)
Giana Sisters: Twisted Dreams - Rise of the Owlverlord (HKLM-x32\...\Steam App 246960) (Version:  - Black Forest Games)
GIMP 2.6.12 (HKLM\...\GIMP-2_is1) (Version: 2.6.12 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Drive (HKLM-x32\...\{895D0391-459F-4D45-B8DD-13F0DE70C66E}) (Version: 1.28.1549.1322 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HashTab 5.2.0.14 (HKLM\...\HashTab) (Version: 5.2.0.14 - Implbits Software)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of Might & Magic V: Hammers of Fate (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200091}) (Version:  - )
Heroes of Might and Magic V - Tribes of the East (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200092}) (Version:  - )
Heroes of Might and Magic V (HKLM-x32\...\{20071984-5EB1-4881-8EDB-082532ACEC6D}) (Version:  - )
Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
Historion Version 1.0 (HKLM-x32\...\Historion) (Version:  - )
How to Survive (HKLM-x32\...\Steam App 250400) (Version:  - )
HyperCam 2 (HKLM\...\HyperCam 2) (Version: 2.27.00 - Hyperionics Technology LLC)
HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.27.00 - Hyperionics Technology LLC)
ILLUSION BattleRaper2 (HKLM-x32\...\{32470264-B8B8-408E-A404-73A9DF16B8FE}) (Version: 1.00.0000 - ILLUSION)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Infestation: Survivor Stories (HKLM-x32\...\Steam App 226700) (Version:  - Hammerpoint Interactive)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JumpJet Rex (HKLM-x32\...\Steam App 329460) (Version:  - TreeFortress Games)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LIMBO (HKU\S-1-5-21-3620531602-815428446-3748077359-1001\...\Limbo) (Version:  - )
LINE (HKLM-x32\...\LINE) (Version: 4.5.0.873 - LINE Corporation)
LittleDemo (HKLM\...\UDK-839faa2d-bf16-4951-99bc-21a472f6cb93) (Version:  - Epic Games, Inc.)
LittleDemo (HKLM\...\UDK-9c0cafad-4317-466e-9f0a-7c1b37ff88cd) (Version:  - Epic Games, Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.422 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.422 - LogMeIn, Inc.) Hidden
Mafia (HKLM-x32\...\Mafia) (Version:  - )
Mafia II (HKLM-x32\...\Steam App 50130) (Version:  - 2K Czech)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mass Effect (HKLM-x32\...\{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}) (Version: 1.00 - Electronic Arts, Inc.)
Mega Man Legacy Collection (HKLM\...\Steam App 363440) (Version:  - Capcom)
Megaman - Revenge of the Fallen (HKLM-x32\...\Megaman - Revenge of the Fallen) (Version:  - )
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - THQ)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft 1.8 1.00 (HKLM-x32\...\Minecraft 1.8 1.00) (Version:  - )
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mumble 1.2.4 (HKLM-x32\...\{AF348C2E-7596-481B-92E0-B211836AB949}) (Version: 1.2.4 - Thorvald Natvig)
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.51.0 - Black Tree Gaming)
NVIDIA 3D Vision Treiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation)
NVIDIA Grafiktreiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
Oracle VM VirtualBox 4.3.16 (HKLM\...\{D7FAEA32-7CE3-4D9F-9139-F7B87BCC50AF}) (Version: 4.3.16 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r4600) (Version:  - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
PerformanceTest v7.0 (64-bit) (HKLM\...\PerformanceTest 7_is1) (Version: 7.0 - Passmark Software)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
Pokemon Game Editor (HKLM-x32\...\{D5B7B2BB-6B7E-4AD4-9F2F-7CCF2B48AA58}) (Version: 1.0.0.0 - 0xRH)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version:  - PokerStars.eu)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
R.U.S.E (HKLM-x32\...\Steam App 21970) (Version:  - Ubisoft)
Randal's Monday (HKLM-x32\...\Steam App 314810) (Version:  - Nexus Game Studios)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
RPG Maker VX (HKLM-x32\...\RPG Maker VX_is1) (Version: 1.02 - Enterbrain)
RPG Maker VX RTP (HKLM-x32\...\RPG Maker VX RTP_is1) (Version: 1.02 - Enterbrain)
RPGXP (HKLM-x32\...\{9B34CAC6-738F-4A20-B428-A115C3E3474C}) (Version: 1.0.0 - Enterbrain)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
Shadowgrounds (HKLM-x32\...\Steam App 2500) (Version:  - Frozenbyte)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.10.9560 - Skype Technologies S.A.)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spore (HKLM-x32\...\Steam App 17390) (Version:  - Maxis™)
Spore: Creepy & Cute Parts Pack (HKLM-x32\...\Steam App 17440) (Version:  - Maxis™)
Spore: Galactic Adventures (HKLM-x32\...\Steam App 24720) (Version:  - EA - Maxis)
Star Wars Battlefront II (HKLM-x32\...\{3D374523-CFDE-461A-827E-2A102E2AB365}) (Version: 1.0 - LucasArts)
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Super Mario Bros. X version 1.3 (HKLM-x32\...\{C9EAEE6B-741F-421D-B9CE-9FA300DA92AD}_is1) (Version: 1.3 - SuperMarioBrothers.org)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18.1 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
TechnoMage (HKLM-x32\...\TechnoMage) (Version:  - )
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - )
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Elder Scrolls Arena (HKLM-x32\...\{62E2BBFA-BE97-42CD-AE89-A4EEF7F36992}) (Version: 1.00.0000 - Bethesda Softworks)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Mighty Quest For Epic Loot (HKLM-x32\...\Steam App 239220) (Version:  - Ubisoft Montreal)
Titan Quest (HKLM-x32\...\Steam App 4540) (Version:  - Iron Lore Entertainment)
Titan Quest: Immortal Throne (HKLM-x32\...\Steam App 4550) (Version:  - Iron Lore Entertainment)
Tobias and the Dark Sceptres (HKU\S-1-5-21-3620531602-815428446-3748077359-1001\...\Tobias and the Dark Sceptres) (Version:  - )
TrackMania Nations Forever (HKLM-x32\...\Steam App 11020) (Version:  - Nadeo)
TreeSize Free V3.1 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.1 - JAM Software)
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
UE4 Prerequisites (x64) (HKLM-x32\...\{b46d36bc-2438-471e-abe8-1fbbd51754ee}) (Version: 1.0.10.0 - Epic Games, Inc.)
UE4 Prerequisites (x64) (Version: 1.0.10.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x86) (HKLM-x32\...\{162863d7-4b83-429c-baa7-fcedd09f331f}) (Version: 1.0.8.0 - Epic Games, Inc.)
UE4 Prerequisites (x86) (x32 Version: 1.0.8.0 - Epic Games, Inc.) Hidden
UltraISO Premium V9.53 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Unity Web Player (HKU\S-1-5-21-3620531602-815428446-3748077359-1001\...\UnityWebPlayer) (Version: 4.6.4f1 - Unity Technologies ApS)
Unreal Development Kit: 2012-10 (HKLM\...\UDK-500ce7d3-b1a2-4d48-9fc2-606f9a0881b8) (Version:  - Epic Games, Inc.)
Unreal Development Kit: 2012-10 (HKLM\...\UDK-f57ea555-07bd-4398-93bb-8dc4222dc97d) (Version:  - Epic Games, Inc.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 6.0.1 - VMware, Inc)
VMware Player (Version: 6.0.1 - VMware, Inc.) Hidden
VVVVVV (HKLM-x32\...\Steam App 70300) (Version:  - Terry Cavanagh)
Warlords Battlecry II (HKLM-x32\...\Warlords Battlecry II) (Version:  - )
WCEp1FreeDemo (HKLM\...\UDK-a087dcb5-0a4e-4ffb-8159-4eb092e7f2b4) (Version:  - Epic Games, Inc.)
WhoreCraft (HKLM-x32\...\WhoreCraft1.6.1r) (Version: 1.6.1r - DaemiaCo)
Whorecraft (HKLM-x32\...\WhorecraftEpisode1) (Version: Episode1 - AY)
Whorecraft 1.4 (HKLM-x32\...\Whorecraft 1.4) (Version: 1.4 - DC)
WhoreCraft Episode 3 (HKLM-x32\...\WhoreCraft Episode 3v1.3.1) (Version: v1.3.1 - DaemiaCo)
Whorecraft Episode 3 1.21 (HKLM-x32\...\Whorecraft Episode 3 1.21) (Version: 1.21 - DaemiaCo)
Whorecraft v.1.0r (HKLM-x32\...\Whorecraft v.1.0r) (Version: v.1.0r - DC)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
X-Change (HKLM-x32\...\X-Change) (Version:  - )
Xfire (remove only) (HKLM-x32\...\Xfire) (Version:  - )
XSplit Broadcaster (HKLM-x32\...\{6459F338-FE52-4034-BCA7-74772DA0F24D}) (Version: 1.3.1403.1202 - SplitMediaLabs)
XXXmas (HKLM-x32\...\UDK-3e00fd63-559c-41f4-bae2-51cac0817293) (Version:  - Epic Games, Inc.)
XXXmas 1.0 (HKLM-x32\...\XXXmas 1.0) (Version: 1.0 - DC)
YGOPro DevPro (HKLM-x32\...\{A115F80F-2B26-464E-97A3-8B13EC533C3D}) (Version: 2.1.2 - DevPro, LLC)
YGOPro DevPro Version 1.9.2r2 (HKLM-x32\...\{3CF2634F-3F38-4DD3-9201-CB2FE6B5FF23}_is1) (Version: 1.9.2r2 - YGOPro DevPro Online)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3620531602-815428446-3748077359-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3620531602-815428446-3748077359-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3620531602-815428446-3748077359-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3620531602-815428446-3748077359-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3620531602-815428446-3748077359-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3620531602-815428446-3748077359-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3620531602-815428446-3748077359-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3620531602-815428446-3748077359-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3620531602-815428446-3748077359-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0259C9A4-42A1-4223-8237-4EB291D5B2DE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {02BEB1D2-34AA-4F6B-9D89-0CF5D036D26B} - System32\Tasks\{50F1FEFD-11AE-42FC-AB55-11893344A904} => pcalua.exe -a C:\Users\Ozoma\AppData\Roaming\awesomehp\UninstallManager.exe
Task: {06871124-6745-4C44-A4CD-B4AF2148288A} - System32\Tasks\{566421A7-5D4C-49FE-8D1C-4FBD28658795} => pcalua.exe -a "C:\Users\Ozoma\Downloads\World of Warcraft Beta Setup.exe" -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {06DB7695-FC2F-4574-9CF9-91B0681EF6E5} - System32\Tasks\{F823224C-61C4-43CC-8B2A-8B74EA5C6255} => pcalua.exe -a "F:\Whorecraft the game\Version 1.6\Episode 2\Version 1.3\Version 1.4\Episode 3\Whorecraft Episode 3\Episode 4\Episode 4 Extendet\episode 4\Episode 5\Episode 5\Ep 2 Ch 1\Episode 1\Binaries\UnSetup.exe" -d "F:\Whorecraft the game\Version 1.6\Episode 2\Version 1.3\Version 1.4\Episode 3\Whorecraft E (Der Dateneintrag hat 97 mehr Zeichen).
Task: {2F998368-F010-48EB-98DB-DDD32F5F9939} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {319133E1-FFE2-431C-A518-CCDF27B73499} - System32\Tasks\{C24B1FFD-A9C8-4B74-ABB5-E41FFD5932B7} => D:\Mafia\Game.exe [2012-07-22] (Illusion Softworks)
Task: {3905ACF4-C1B0-4A76-899E-539BB34B91F1} - System32\Tasks\{D857609A-6630-4AF6-8166-5D4EF50910E9} => D:\Mafia\Game.exe [2012-07-22] (Illusion Softworks)
Task: {3FC8F15C-78E3-49D6-B1BE-F2A110A0842F} - System32\Tasks\{A2CF9638-445D-49EA-AFF8-6129022B3F25} => pcalua.exe -a C:\Users\Ozoma\Downloads\ExtractAppsMuseum.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {40EF25DD-EC52-49FF-9A38-2D7963BA5798} - System32\Tasks\{26053BC0-EC68-406D-8A20-F73FC9C92A51} => pcalua.exe -a G:\SETUP.EXE -d G:\
Task: {4790F602-0373-4531-AC19-B7A1FE503282} - System32\Tasks\{993C28E3-6A43-46DD-90DC-D8F20C37B1D8} => pcalua.exe -a C:\Users\Ozoma\Downloads\MassEffect_EFIGS_1.02.exe -d C:\Users\Ozoma\Downloads
Task: {681D2A92-2606-4D0E-AE26-5B5F771D5548} - System32\Tasks\{FD6937A7-3144-47D4-8F68-C7C5C1BEA4DF} => C:\Users\Ozoma\Desktop\rockman4editor.exe
Task: {6B79D072-A49E-4EDE-91BF-6B990CE0E65B} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation)
Task: {725A48C2-0E75-4B66-BD18-9DA716A63DFB} - System32\Tasks\{270D9DA6-F298-4E08-837F-B41D9B8274EF} => pcalua.exe -a "C:\Users\Ozoma\Desktop\Movie\Battle Raper II\StartSetup.exe" -d "C:\Users\Ozoma\Desktop\Movie\Battle Raper II"
Task: {93D88F33-7CEA-4CE9-8302-0C6158E94E00} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3620531602-815428446-3748077359-1001Core => C:\Users\Ozoma\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-16] (Dropbox, Inc.)
Task: {99638B5C-8334-4597-90E4-EEED74C75A3A} - System32\Tasks\{884D5AAD-8A91-41B2-B3CB-0A9582E487B6} => pcalua.exe -a C:\Users\Ozoma\Downloads\Feuergrun_v3.exe -d C:\Users\Ozoma\Downloads
Task: {9EC6B231-CFB6-4BAC-A4DC-CC81B8942798} - System32\Tasks\{2037B8E8-FB71-47DF-AB06-1ED90DB147B5} => pcalua.exe -a E:\SetupLauncher.exe -d E:\
Task: {CF04BBD5-2CDD-41B8-A0BF-33D0CF75387F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-08] (Adobe Systems Incorporated)
Task: {E35BAAEB-E172-4440-9197-932DFCFFF826} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3620531602-815428446-3748077359-1001UA => C:\Users\Ozoma\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-16] (Dropbox, Inc.)
Task: {E8044BD9-F79E-40D0-8D1B-7CD0EA111514} - System32\Tasks\{70ED74C1-E954-450F-9297-AD5012BCA5FF} => D:\Battlecry II.exe [2002-02-25] (Strategic Studies Group)
Task: {F05F58A7-4FCC-4AF9-A825-2271831953A5} - System32\Tasks\{E0D3616E-970D-49EC-B866-F3F1934D07E3} => D:\Battlecry II.exe [2002-02-25] (Strategic Studies Group)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3620531602-815428446-3748077359-1001Core.job => C:\Users\Ozoma\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3620531602-815428446-3748077359-1001UA.job => C:\Users\Ozoma\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Ozoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks\Arena\Launch Arena (Full Screen).lnk -> C:\Program Files (x86)\Bethesda Softworks\Arena\Arena (Full Screen).bat ()
Shortcut: C:\Users\Ozoma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks\Arena\Launch Arena (Windowed).lnk -> C:\Program Files (x86)\Bethesda Softworks\Arena\Arena (Windowed).bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2012-04-18 07:46 - 2015-04-08 23:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-23 18:39 - 2014-04-23 18:39 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2016-03-10 09:20 - 2016-03-10 09:20 - 03783656 _____ () C:\Program Files (x86)\LINE\ampkit_windows.dll
2016-03-09 08:44 - 2016-03-09 08:44 - 00123368 _____ () C:\Program Files (x86)\LINE\PlayerHelper.dll
2014-01-03 13:03 - 2014-01-03 13:03 - 07816192 _____ () D:\avcodec-54.dll
2014-01-03 13:03 - 2014-01-03 13:03 - 00188416 _____ () D:\avutil-52.dll
2014-01-03 13:03 - 2014-01-03 13:03 - 01425920 _____ () D:\avformat-54.dll
2014-01-03 13:03 - 2014-01-03 13:03 - 00336896 _____ () D:\swscale-2.dll
2014-01-03 13:03 - 2014-01-03 13:03 - 00096256 _____ () D:\swresample-0.dll
2013-03-12 17:10 - 2016-03-11 02:56 - 00783360 _____ () D:\Steam\SDL2.dll
2015-02-07 20:00 - 2015-07-03 18:12 - 04962816 _____ () D:\Steam\v8.dll
2015-02-07 20:00 - 2015-07-03 18:12 - 01556992 _____ () D:\Steam\icui18n.dll
2015-02-07 20:00 - 2015-07-03 18:12 - 01187840 _____ () D:\Steam\icuuc.dll
2014-05-24 16:58 - 2016-03-31 22:55 - 02549840 _____ () D:\Steam\video.dll
2014-10-05 00:56 - 2016-02-09 01:14 - 02549760 _____ () D:\Steam\libavcodec-56.dll
2014-10-05 00:56 - 2016-02-09 01:14 - 00442880 _____ () D:\Steam\libavutil-54.dll
2014-10-05 00:56 - 2016-02-09 01:14 - 00491008 _____ () D:\Steam\libavformat-56.dll
2014-10-05 00:56 - 2016-02-09 01:14 - 00332800 _____ () D:\Steam\libavresample-2.dll
2014-10-05 00:56 - 2016-02-09 01:14 - 00485888 _____ () D:\Steam\libswscale-3.dll
2012-06-01 19:07 - 2016-03-31 22:55 - 00829008 _____ () D:\Steam\bin\chromehtml.DLL
2016-03-16 00:24 - 2016-02-18 00:25 - 00281088 _____ () D:\Steam\openvr_api.dll
2013-10-18 13:46 - 2013-10-18 13:46 - 01260624 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2015-12-12 13:23 - 2016-03-21 23:50 - 00034768 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-04-15 07:54 - 2016-03-21 23:51 - 00019408 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-04-15 07:54 - 2016-03-21 23:50 - 00116688 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-12 13:23 - 2016-03-21 23:50 - 00093640 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-12 13:23 - 2016-03-21 23:50 - 00018376 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-12 13:23 - 2016-04-08 20:20 - 00019760 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-12 13:23 - 2016-03-21 23:52 - 00105928 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-04-15 07:54 - 2016-03-21 23:50 - 00392144 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-12 13:23 - 2016-04-08 20:20 - 00381752 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-12 13:23 - 2016-03-21 23:50 - 00692688 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-04-15 07:54 - 2016-04-08 20:19 - 00020816 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-12 13:23 - 2016-03-21 23:51 - 00112592 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-04-15 07:54 - 2016-04-08 20:19 - 01682760 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-04-15 07:54 - 2016-04-08 20:19 - 00020808 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-12 13:23 - 2016-04-08 20:20 - 00021840 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-04-15 07:54 - 2016-04-08 20:19 - 00038696 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-04-15 07:54 - 2016-03-21 23:52 - 00020936 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-12 13:23 - 2016-03-21 23:52 - 00024528 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-12 13:23 - 2016-03-21 23:52 - 00114640 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-12 13:23 - 2016-03-21 23:52 - 00124880 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-02-12 06:05 - 2016-04-08 20:20 - 00021832 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2015-12-12 13:23 - 2016-03-21 23:52 - 00024016 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-12 13:23 - 2016-03-21 23:52 - 00175560 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-12 13:23 - 2016-03-21 23:52 - 00030160 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-12 13:23 - 2016-03-21 23:52 - 00043472 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-12 13:23 - 2016-03-21 23:52 - 00028616 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-12 13:23 - 2016-03-21 23:52 - 00048592 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-04-15 07:54 - 2016-04-08 20:19 - 00026456 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-12-12 13:23 - 2016-03-21 23:52 - 00057808 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2015-12-12 13:23 - 2016-03-21 23:52 - 00024016 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-04-15 07:54 - 2016-04-08 20:19 - 00117056 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2015-12-12 13:23 - 2016-04-08 20:20 - 00023376 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-12 13:23 - 2016-03-21 23:50 - 00134608 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-04-15 07:54 - 2016-03-21 23:50 - 00134088 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-04-15 07:54 - 2016-03-21 23:51 - 00240584 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-04-15 07:54 - 2016-04-08 20:19 - 00024392 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-04-15 07:54 - 2016-03-21 23:52 - 00036296 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\librsync.dll
2016-04-15 07:54 - 2016-04-08 20:19 - 00052024 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-02-12 06:05 - 2016-04-08 20:20 - 00020800 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-12 06:05 - 2016-04-08 20:20 - 00021824 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-02-12 06:05 - 2016-04-08 20:20 - 00019776 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-02-12 06:05 - 2016-04-08 20:20 - 00020800 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-04-15 07:54 - 2016-04-08 20:19 - 00020280 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-12 13:23 - 2016-03-21 23:52 - 00350152 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-02-12 06:05 - 2016-04-08 20:20 - 00022352 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-04-15 07:54 - 2016-04-08 20:19 - 00084280 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-04-15 07:54 - 2016-04-08 20:20 - 01826096 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-12 13:23 - 2016-03-21 23:51 - 00083912 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\sip.pyd
2016-04-15 07:54 - 2016-04-08 20:20 - 03928880 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-04-15 07:54 - 2016-04-08 20:20 - 01971504 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-04-15 07:54 - 2016-04-08 20:20 - 00531248 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-04-15 07:54 - 2016-04-08 20:20 - 00132912 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-04-15 07:54 - 2016-04-08 20:20 - 00223544 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-04-15 07:54 - 2016-04-08 20:20 - 00207672 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-04-15 07:54 - 2016-04-08 20:20 - 00158008 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-04-15 07:54 - 2016-04-08 20:20 - 00042808 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-04-15 07:54 - 2016-03-21 23:54 - 00017864 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-04-15 07:54 - 2016-03-21 23:54 - 01631184 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-12-12 13:23 - 2016-04-08 20:20 - 00024904 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-04-15 07:54 - 2016-04-08 20:20 - 00546096 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-04-15 07:54 - 2016-04-08 20:20 - 00357680 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-03-04 23:45 - 2016-03-21 23:56 - 00697304 _____ () C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2016-04-19 13:20 - 2016-04-19 13:20 - 00098816 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\win32api.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 00110080 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\pywintypes27.dll
2016-04-19 13:20 - 2016-04-19 13:20 - 00364544 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\pythoncom27.dll
2016-04-19 13:20 - 2016-04-19 13:20 - 00320512 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\win32com.shell.shell.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 00776704 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\_hashlib.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 01176576 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\wx._core_.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 00806400 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\wx._gdi_.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 00816128 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\wx._windows_.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 01067008 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\wx._controls_.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 00733184 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\wx._misc_.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 00682496 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\pysqlite2._sqlite.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 00088064 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\_ctypes.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 00119808 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\win32file.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 00108544 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\win32security.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 00007168 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\hashobjs_ext.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 00017920 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\thumbnails_ext.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 00088064 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\usb_ext.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 00167936 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\win32gui.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 00018432 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\win32event.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 00046080 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\_socket.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 01208320 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\_ssl.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 00128512 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\_elementtree.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 00127488 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\pyexpat.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 00013824 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\common.time34.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 00038912 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\win32inet.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 00036864 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\_psutil_windows.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 00525208 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\windows._lib_cacheinvalidation.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 00011264 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\win32crypt.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 00077312 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\wx._html2.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 00027136 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\_multiprocessing.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 00020480 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\_yappi.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 00035840 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\win32process.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 00686080 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\unicodedata.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 00078848 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\wx._animate.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 00123392 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\wx._wizard.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 00024064 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\win32pipe.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 00010240 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\select.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 00025600 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\win32pdh.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 00017408 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\win32profile.pyd
2016-04-19 13:20 - 2016-04-19 13:20 - 00022528 _____ () C:\Users\Ozoma\AppData\Local\Temp\_MEI32482\win32ts.pyd
2016-04-12 02:21 - 2016-04-06 12:04 - 01675928 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
2016-04-12 02:21 - 2016-04-06 12:04 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll
2016-02-11 04:24 - 2016-02-11 04:24 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\b4aed9b5bac22d4e9008e99e935fe2de\IsdiInterop.ni.dll
2012-04-18 07:50 - 2012-02-01 16:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-06-01 19:07 - 2016-02-09 03:33 - 48400672 _____ () D:\Steam\bin\libcef.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2016-02-01 01:43 - 00001092 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 65.52.240.48
127.0.0.1 activation.cloud.techsmith.com
127.0.0.1 rad.msn.com
127.0.0.1 live.rads.msn.com
127.0.0.1 ads1.msn.com
127.0.0.1 g.msn.com
127.0.0.1 a.ads2.msads.net
127.0.0.1 b.ads2.msads.net
127.0.0.1 ac3.msn.com
127.0.0.1 apps.skype.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3620531602-815428446-3748077359-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ozoma\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [TCP Query User{12BCAF86-026F-4D79-B4CB-F54A5C5FD069}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{35D79B31-52F7-4C66-8824-242DAB794F69}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{9AC33360-E476-4DF1-B6FF-DC2E1E2A3023}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{D6F4CBE9-9CA2-49AE-A601-7594FADF3428}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{6FED2B24-5DF8-470C-9B46-1DD6B7CAAFA1}C:\users\ozoma\desktop\online zsnes\zsnesw.exe] => (Allow) C:\users\ozoma\desktop\online zsnes\zsnesw.exe
FirewallRules: [UDP Query User{88DC1B54-418C-4BA7-B994-9C1A073509F3}C:\users\ozoma\desktop\online zsnes\zsnesw.exe] => (Allow) C:\users\ozoma\desktop\online zsnes\zsnesw.exe
FirewallRules: [{91D7BFCD-E0F7-4C9A-A481-9F8D23329274}] => (Block) C:\users\ozoma\desktop\online zsnes\zsnesw.exe
FirewallRules: [{6FDE4EBE-F8E3-4569-93FC-3A65A7002EAD}] => (Block) C:\users\ozoma\desktop\online zsnes\zsnesw.exe
FirewallRules: [{D67F6548-ABF3-42AE-83E8-671F1F18B7A4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{96273DE4-0AA6-400E-9193-C67E916231A9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{46C88F85-4979-46C9-8E89-2A431DA17E50}] => (Allow) D:\Steam\SteamApps\common\vvvvvv\VVVVVV.exe
FirewallRules: [{72FF78B8-6FB4-4104-9154-E63DA3255CD1}] => (Allow) D:\Steam\SteamApps\common\vvvvvv\VVVVVV.exe
FirewallRules: [{D7D3ECB6-C2DA-4EAD-8149-E9926BA60CE4}] => (Allow) D:\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{5A4E662B-B6AF-4F3F-91A3-4C1A56EECD68}] => (Allow) D:\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{06B13E5A-09A2-4156-8030-7587F3AFFA31}] => (Allow) D:\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{E52E9ABE-879E-490E-B473-F8071B2EA36C}] => (Allow) D:\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{A5945085-1658-436E-BB5C-1642F814F426}] => (Allow) D:\Steam\SteamApps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{36849597-7C77-4BCF-ABB9-DBCDBA5DD80F}] => (Allow) D:\Steam\SteamApps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{123B4B38-7616-4544-BD17-5FCE56B86229}] => (Allow) D:\Steam\SteamApps\common\Shadowgrounds\Shadowgrounds.exe
FirewallRules: [{9DE815F7-CB0A-4E76-948E-BC984D0456EC}] => (Allow) D:\Steam\SteamApps\common\Shadowgrounds\Shadowgrounds.exe
FirewallRules: [{D8C2CFEA-DBAF-468C-8323-A3C620307C0A}] => (Allow) D:\Steam\SteamApps\common\Shadowgrounds\ShadowgroundsLauncher.exe
FirewallRules: [{CCF86D0F-F295-4D81-8A8C-24D5383DD843}] => (Allow) D:\Steam\SteamApps\common\Shadowgrounds\ShadowgroundsLauncher.exe
FirewallRules: [{ADF262A4-F152-4A7A-A1F3-BC67EF90FCFE}] => (Allow) D:\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{EE276A8C-E103-4A7E-A598-7B5B498C1F3A}] => (Allow) D:\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{2B57D2AF-F51D-4E34-9C4E-2340D1FF29E7}] => (Allow) D:\Steam\SteamApps\common\Eryi's Action\eryi.exe
FirewallRules: [{B287D3DD-8894-4E38-A16E-C4B38089E966}] => (Allow) D:\Steam\SteamApps\common\Eryi's Action\eryi.exe
FirewallRules: [{0DCF3467-3968-4C5E-8365-C78585C7296E}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{ECD6E97C-1BF3-4105-90D9-BC56EC43EB98}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{70CCCD99-0C40-43E0-BB33-391D0DFA6260}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{B91ED630-6026-4DB8-869B-E10FBA356BA5}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{361F98C8-347C-444F-8CFD-F9756BC7F46A}] => (Allow) D:\Steam\SteamApps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{AE4D9F5D-3F57-4934-ADA4-74889EE7DDC7}] => (Allow) D:\Steam\SteamApps\common\How to Survive\HowToSurvive.exe
FirewallRules: [{B167036C-DF2D-40A3-B595-FBAB072F35F3}] => (Allow) D:\Steam\SteamApps\common\How to Survive\Detect.exe
FirewallRules: [{D945BF41-5788-401D-86E4-63E10B3B83C3}] => (Allow) D:\Steam\SteamApps\common\How to Survive\Detect.exe
FirewallRules: [{15C72BF8-BB7D-4F6F-B1CD-79995E7827A0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CA960B7C-7352-492A-B9F5-F306B08A64ED}] => (Allow) D:\Dark Souls\DARKSOULS.exe
FirewallRules: [{7FE6573C-DD47-4D23-A757-5FF2FCCD4FE0}] => (Allow) D:\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\PublicLauncher.exe
FirewallRules: [{C25C4687-EADB-4E34-BFE7-0AB01D1FF95B}] => (Allow) D:\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\PublicLauncher.exe
FirewallRules: [{5D8278A6-EE9B-4C14-B15D-3BFBE46022EF}] => (Allow) D:\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\MQELDiagnostics.exe
FirewallRules: [{25CF85FD-17BA-44EF-8446-E7981CFC3207}] => (Allow) D:\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\MQELDiagnostics.exe
FirewallRules: [{32425C71-EF17-4DD7-BC2E-B43D5CDA0059}] => (Allow) D:\Steam\SteamApps\common\Evoland\Evoland.exe
FirewallRules: [{9B871024-68B6-4695-992B-3F110050DBA2}] => (Allow) D:\Steam\SteamApps\common\Evoland\Evoland.exe
FirewallRules: [{FCC3B80C-4DD8-4137-A5F4-0D7617D2088F}] => (Allow) D:\Steam\SteamApps\common\The War Z\WarZlauncher.exe
FirewallRules: [{BC4F37AB-03F0-4692-B760-0A76F4D3FAC2}] => (Allow) D:\Steam\SteamApps\common\The War Z\WarZlauncher.exe
FirewallRules: [{6FD6BD2E-0222-472F-9EF9-91224BFE1702}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{89028B63-0A48-428C-824A-1C00EAEC7177}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{459AA8BD-B418-4857-B8DE-4FB3EB3AF524}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{77532795-B254-4C80-82BA-0F0F46A1CEFD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{FADAFDAE-22DE-4336-B0B3-9BB66593F64F}] => (Allow) D:\Program Files (x86)\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{AAFF26F7-C12A-4526-944A-71A92FFC9A21}] => (Allow) D:\Program Files (x86)\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{3C697C97-05AC-485D-912C-70B25E76D3ED}] => (Allow) D:\Steam\SteamApps\common\Dead Space\Dead Space.exe
FirewallRules: [{51BC7BC6-9D5F-4F9F-ABF0-5CAD0ECF48B6}] => (Allow) D:\Steam\SteamApps\common\Dead Space\Dead Space.exe
FirewallRules: [{6B4E35C2-D801-40C3-8FFE-502F743BBFD1}] => (Allow) D:\Steam\SteamApps\common\Ascend Hand of Kul\bin\Game.exe
FirewallRules: [{A8FCE93C-6060-4798-BCE7-BE97CCFF4811}] => (Allow) D:\Steam\SteamApps\common\Ascend Hand of Kul\bin\Game.exe
FirewallRules: [{B2D28569-F65F-40A6-8394-EDF6AEC80F82}] => (Allow) D:\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{78642F73-D7A5-42F7-BCB1-8E79D31243E8}] => (Allow) D:\Steam\SteamApps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{B1EFE2D4-EACF-4AE2-9008-3EE77A42ED6F}] => (Allow) D:\Steam\SteamApps\common\Titan Quest\Titan Quest.exe
FirewallRules: [{CF356B63-1F07-4832-A569-C09796E9566D}] => (Allow) D:\Steam\SteamApps\common\Titan Quest\Titan Quest.exe
FirewallRules: [{AA3F5F98-A398-4E08-8A50-D7EC8DD49A71}] => (Allow) D:\Steam\SteamApps\common\Titan Quest Immortal Throne\Tqit.exe
FirewallRules: [{C69F490D-96BF-4F3C-9188-B7B4A3EA7626}] => (Allow) D:\Steam\SteamApps\common\Titan Quest Immortal Throne\Tqit.exe
FirewallRules: [{7EA11C7F-D7A2-4F87-9762-0BABBBA3C7A7}] => (Allow) D:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [{B3F9FD12-292E-4F80-A8E2-3821743810EA}] => (Allow) D:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [{7288DB20-ABEE-44BD-AD93-3A8322D8162B}] => (Allow) D:\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{6DEB1122-6E51-43A7-939E-D5E3831037DA}] => (Allow) D:\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{DC6FB158-45CF-4E50-B06A-EC714C644166}] => (Allow) D:\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{88DEA666-AE6F-4E51-8940-11D7846B67FF}] => (Allow) D:\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{CB356A17-87B7-4154-8925-2199E0747334}] => (Allow) D:\Steam\SteamApps\common\portal 2\portal2.exe
FirewallRules: [{36B263EF-1BCD-4A5E-8420-8561B836780F}] => (Allow) D:\Steam\SteamApps\common\portal 2\portal2.exe
FirewallRules: [{139E4B83-2071-41BC-A9F5-F574A57684D3}] => (Allow) D:\Steam\SteamApps\common\Ascend Hand of Kul\bin\launcher\Launcher.exe
FirewallRules: [{36E847EF-6931-4BE3-AE33-3621DCD1C47D}] => (Allow) D:\Steam\SteamApps\common\Ascend Hand of Kul\bin\launcher\Launcher.exe
FirewallRules: [{2F7A42E6-EAFA-47F9-BA05-7635BDE3C8AC}] => (Allow) D:\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{9B792092-A861-4804-8425-DFCBA647A269}] => (Allow) D:\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{0D117CE4-6B58-44A8-971C-1F1F9E62932B}] => (Allow) D:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{E55A13E6-4996-4EB3-AD00-BD14577C9E21}] => (Allow) D:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{33F70723-3458-4C23-AC31-51F8008A400C}] => (Allow) C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{51CAAD20-5440-4035-BDC4-CDCAB09449BD}] => (Allow) C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{FE21AF79-3F6D-4C84-9449-B6067E541B40}] => (Allow) C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D2956F1C-0919-4984-921C-1D2651A8272E}] => (Allow) C:\Users\Ozoma\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{FFDA709F-FF01-40AB-8A49-7F2689D33DF3}] => (Allow) D:\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{491A2393-0566-4F64-903D-06BB3B2AFE91}] => (Allow) D:\Steam\SteamApps\common\skyrim\SkyrimLauncher.exe
FirewallRules: [{35F0D035-1C1F-43A5-8A18-D407DFF43306}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{7C18CDF3-B98C-40D5-8E86-783278537FC6}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{4CDED3B7-E0DE-459B-9B38-67DFBA9D943E}] => (Allow) D:\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{A7BBB621-BF35-4E75-AA1C-78E5BDD944D3}] => (Allow) D:\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{E79E8A91-623E-4E53-B7C3-020DCE1DE596}] => (Allow) D:\Steam\SteamApps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{B993B00D-8C93-49D4-B20E-1AA0D4ACCB1A}] => (Allow) D:\Steam\SteamApps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{DC0A7A2F-0F18-4079-95A7-900D9D47DC3C}] => (Allow) D:\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe
FirewallRules: [{8AEB1854-2BE6-475C-802C-01A4612F25F5}] => (Allow) D:\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe
FirewallRules: [{6D729FEC-4139-4541-8AAF-FA39D8D66E81}] => (Allow) D:\Steam\SteamApps\common\Spore\SporebinEP1\SporeApp.exe
FirewallRules: [{52908677-2F43-4D78-8902-611FBE5F45B2}] => (Allow) D:\Steam\SteamApps\common\Spore\SporebinEP1\SporeApp.exe
FirewallRules: [{7CA2E376-5769-48BA-81F1-B7D10E72D755}] => (Allow) D:\Steam\SteamApps\common\Spore\runme.exe
FirewallRules: [{D81242EC-C1A1-4D0A-8485-6FB7F9E6D8D7}] => (Allow) D:\Steam\SteamApps\common\Spore\runme.exe
FirewallRules: [{B3B8A8CC-5EDE-4663-A687-23C5D693079D}] => (Allow) D:\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{88A39CC7-B2A9-4A7B-A2CC-F14644CF5809}] => (Allow) D:\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{DAE77B98-5F31-48A6-816B-F8F3473F255F}] => (Allow) D:\Steam\SteamApps\common\GSTD - Rise of the Owlverlord\launcher\GSLauncher.exe
FirewallRules: [{D167603E-C593-404A-9FA0-476731A5E8D0}] => (Allow) D:\Steam\SteamApps\common\GSTD - Rise of the Owlverlord\launcher\GSLauncher.exe
FirewallRules: [{9418CE79-B3CE-44D1-99EA-5AB693A10778}] => (Allow) D:\Steam\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{A8645C68-21A9-4028-AEC9-E0E7A69FC6A6}] => (Allow) D:\Steam\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{4BA08073-F055-4B84-864C-73D4D5A2DAC8}] => (Allow) D:\Steam\SteamApps\common\the binding of isaac\Isaac.exe
FirewallRules: [{65956AE4-3B7B-4FFE-B49B-4EEBB7CB20A5}] => (Allow) D:\Steam\SteamApps\common\the binding of isaac\Isaac.exe
FirewallRules: [{CEF56466-0BEF-45AE-B2BF-7B5DFBE76B85}] => (Allow) D:\Steam\SteamApps\common\Randal's Monday\Randals.exe
FirewallRules: [{74643DA6-1395-4F24-BCF7-08BCEFDEAD34}] => (Allow) D:\Steam\SteamApps\common\Randal's Monday\Randals.exe
FirewallRules: [{12345CB9-3991-42C4-8695-EF0361765324}] => (Allow) C:\Users\Ozoma\AppData\Roaming\AnkhHeart\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{200DF5BA-9BC6-41DB-847B-F5D066F8E6E4}] => (Allow) C:\Users\Ozoma\AppData\Roaming\AnkhHeart\AnkhBotR2\AnkhBotR2.exe
FirewallRules: [{82849538-B76F-4078-97FF-84A7DBDE9FE5}] => (Allow) C:\Program Files (x86)\LINE\LINE.exe
FirewallRules: [{FBEB70FB-EB9D-447C-99E4-5A858EE7DBAC}] => (Allow) C:\Program Files (x86)\LINE\LINE.exe
FirewallRules: [{260094C4-E25C-48DB-B600-969C13A3BF94}] => (Allow) D:\Steam\SteamApps\common\JumpJetRex\JumpJetRex.exe
FirewallRules: [{1E1D6D1B-2FF5-4736-A97F-01201A615A47}] => (Allow) D:\Steam\SteamApps\common\JumpJetRex\JumpJetRex.exe
FirewallRules: [{352D8576-CCE3-4CCB-AD3E-988CACCC708F}] => (Allow) D:\Steam\SteamApps\common\Bardbarian\Bardbarian.exe
FirewallRules: [{7F231965-A7AD-4DD0-BEFB-9941550872E2}] => (Allow) D:\Steam\SteamApps\common\Bardbarian\Bardbarian.exe
FirewallRules: [{EBDDB44E-D1B1-4DB7-81BA-154717E0EB1F}] => (Allow) D:\Steam\SteamApps\common\Angry Video Game Nerd Adventures\avgn.exe
FirewallRules: [{1D05E884-F937-476C-80D9-34D966EF5016}] => (Allow) D:\Steam\SteamApps\common\Angry Video Game Nerd Adventures\avgn.exe
FirewallRules: [{3E0B5641-3EFE-4895-A899-4473E23CC0F7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3568560B-BA94-4639-B4AF-55ACA497AF15}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C4B15F25-8A41-49C5-A765-2E94E9AC2262}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2D53A10C-24BF-43B9-BC16-CD7E2E3B61E1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1CCAD41F-3DB4-43AD-8688-542E6C187FFC}] => (Allow) D:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{6C74F922-9979-4610-85F1-1DA912961A59}] => (Allow) D:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{D0C17A1C-D02D-4698-A2AC-37C1D6DA30FD}] => (Allow) D:\Steam\SteamApps\common\Suzy\Proteus.exe
FirewallRules: [{26C73AAF-915D-4E5D-826A-FAE0FED6EB0A}] => (Allow) D:\Steam\SteamApps\common\Suzy\Proteus.exe
FirewallRules: [{22993591-EFC0-4658-87BA-031496CE8A60}] => (Allow) D:\Steam\SteamApps\common\Deponia The Complete Journey\deponia.exe
FirewallRules: [{17C49006-F6BE-43FF-9E07-42E6AA7917E7}] => (Allow) D:\Steam\SteamApps\common\Deponia The Complete Journey\deponia.exe
FirewallRules: [{66B552DD-7DEA-4CF9-9C9C-B434CCE59CFD}] => (Allow) D:\Steam\SteamApps\common\Deponia The Complete Journey\VisionaireConfigurationTool.exe
FirewallRules: [{A76E07E4-213B-4859-8CE8-FA95EEB37380}] => (Allow) D:\Steam\SteamApps\common\Deponia The Complete Journey\VisionaireConfigurationTool.exe
FirewallRules: [{9A80CE41-8882-4D91-87F0-A4BB59D11872}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

05-04-2016 21:16:58 Windows Update
12-04-2016 16:51:32 Windows Update
14-04-2016 03:00:30 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/19/2016 01:23:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (04/19/2016 01:21:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2016 01:20:46 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2016-04-19T13:20:46.233+02:00| vthread-5| E105: Cannot find perfmon object in array returned by perfDLL, index=0

Error: (04/18/2016 08:22:01 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (04/18/2016 08:21:47 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (04/18/2016 08:21:46 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (04/18/2016 08:20:00 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (04/18/2016 08:19:57 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (04/18/2016 04:27:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/18/2016 04:25:42 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2016-04-18T16:25:42.826+02:00| vthread-5| E105: Cannot find perfmon object in array returned by perfDLL, index=0


Systemfehler:
=============
Error: (04/19/2016 01:24:13 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/19/2016 01:24:13 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/19/2016 01:24:01 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/19/2016 01:24:01 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/19/2016 01:24:01 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/19/2016 01:24:01 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/19/2016 01:23:43 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/19/2016 01:23:43 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/19/2016 01:23:43 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (04/19/2016 01:22:56 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.


CodeIntegrity:
===================================
  Date: 2014-10-24 17:52:39.703
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-24 17:52:39.664
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-24 17:52:39.625
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-10-24 17:52:39.585
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-25 15:36:12.434
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-25 15:36:12.395
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-25 15:36:12.356
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-25 15:36:12.317
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-23 22:38:10.681
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-23 22:38:10.634
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 89%
Installierter physikalischer RAM: 8154.34 MB
Verfügbarer physikalischer RAM: 821.36 MB
Summe virtueller Speicher: 16306.86 MB
Verfügbarer virtueller Speicher: 7140.18 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:160 GB) (Free:16.83 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Data) (Fixed) (Total:771.51 GB) (Free:151.26 GB) NTFS
Drive e: (HP7_DEATHLY_HALLOWS_PART_2) (CDROM) (Total:6.78 GB) (Free:0 GB) UDF
Drive f: (Volume) (Fixed) (Total:1397.14 GB) (Free:96.11 GB) NTFS
Drive g: (BFII) (CDROM) (Total:3.02 GB) (Free:0 GB) UDF

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F0EA4416)
Partition 1: (Active) - (Size=160 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=771.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1397.3 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

Nein hatte in letzter Zeit keine Probleme aber die traten auch ziemlich zufällig auf.