|
Log-Analyse und Auswertung: Windows 8: Für mich unbekannter Trojaner von Avira gefundenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
10.05.2016, 16:04 | #1 |
| Windows 8: Für mich unbekannter Trojaner von Avira gefunden Hallo zusammen! Heute habe ich einen Virenscan mit Avira gestartet und es wurde folgender Trojaner gefunden: TR/Crypt.EPACK.Gen8 (Cloud) Ich weiß jetzt nicht was ich unternehmen muss, da ich erstens ziemlich "neu" im Thema Viren bin und als ich den Virus in der Quarantäne entfernt habe, war der Virus im Nachhinein wieder gefunden worden! Den Log von Avira habe ich Momentan nicht. Ich bedanke mich bei jedem der mir bei diesem Problem helfen kann! Des weiteren entschuldige ich mich für jegliche Fehler meinerseits! MFG Chronos Hier nun die FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:09-05-2016 durchgeführt von André (Administrator) auf ANDRÉ-PC (10-05-2016 16:33:48) Gestartet von C:\Users\André\Downloads Geladene Profile: André & (Verfügbare Profile: André) Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Bitsum LLC) C:\Program Files\ParkControl\ParkControl.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Activision Publishing Inc.) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\javaw.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Microsoft Corporation) C:\Windows\System32\SystemPropertiesProtection.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2013-11-20] (Hewlett-Packard ) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-11-20] (IDT, Inc.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2396096 2016-03-30] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.) HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink) HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [807392 2016-03-15] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-03-18] (Apple Inc.) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-03-30] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [FireStormStartUpAutoRun] => C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe [24278016 2015-03-11] (PC Partner Co.Ltd) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Spotify Web Helper] => C:\Users\André\AppData\Roaming\Spotify \SpotifyWebHelper.exe [1525360 2016-04-26] (Spotify Ltd) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Spotify] => C:\Users\André\AppData\Roaming\Spotify\Spotify.exe [6890608 2016- 04-26] (Spotify Ltd) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [51662464 2016-04-08] (Skype Technologies S.A.) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8813784 2016-03-11] (Piriform Ltd) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [scsi3-3] => C:\ProgramData\scsi3-36\scsi3-21.exe [818048 2016-05-10] () HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\RunOnce: [faraday-84] => C:\Users\André\AppData\Roaming\faraday-1\faraday-73.exe [777216 2016-05-10] () HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Policies\Explorer: [DisallowRun] 1 HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\MountPoints2: {4314a68d-f93b-11e3-bef5-b4b52fc7b10a} - "G:\setup.exe" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\MountPoints2: {8fad102a-54d2-11e2-be6d-806e6f6e6963} - "E:\ZToolBar.exe" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [132608 2014-11- 21] (Microsoft Corporation) HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation) HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users \André\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-04-26] (Spotify Ltd) HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify] => C:\Users\André\AppData \Roaming\Spotify\Spotify.exe [6890608 2016-04-26] (Spotify Ltd) HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [51662464 2016-04-08] (Skype Technologies S.A.) HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8813784 2016-03-11] (Piriform Ltd) HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [scsi3-3] => C:\ProgramData\scsi3- 36\scsi3-21.exe [818048 2016-05-10] () HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [faraday-84] => C:\Users\André \AppData\Roaming\faraday-1\faraday-73.exe [777216 2016-05-10] () HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [DisallowRun] 1 HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {4314a68d-f93b-11e3-bef5- b4b52fc7b10a} - "G:\setup.exe" HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {8fad102a-54d2-11e2-be6d- 806e6f6e6963} - "E:\ZToolBar.exe" HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C: \WINDOWS\system32\Ribbons.scr [132608 2014-11-21] (Microsoft Corporation) Startup: C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scsi2-6.lnk [2016-05-10] ShortcutTarget: scsi2-6.lnk -> C:\Users\André\AppData\Roaming\scsi2-13\scsi2-7.exe (SkinSharp Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{9A94A0F4-2D9B-45C3-9E0A-94ED23BCC2BF}: [DhcpNameServer] 192.168.0.1 192.168.0.2 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F %2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKLM -> {E9CF137E-FB25-49C6-A0D0-A0DE744D2C27} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb- 21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKU\S-1-5-21-447048058-3512354665-2473454594-1001 -> DefaultScope {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout SearchScopes: HKU\S-1-5-21-447048058-3512354665-2473454594-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout SearchScopes: HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {D944BB61-2E34- 4DBF-A683-47E505C587DC} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout SearchScopes: HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {D944BB61-2E34-4DBF-A683- 47E505C587DC} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework \Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25] (HP) BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin \IEDownloadMenuAndBtns64.dll [2014-11-07] (DVDVideoSoft Ltd.) BHO-x32: Kein Name -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> Keine Datei BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-19] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-19] (Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework \Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP) DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095} DPF: HKLM-x32 {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.203.0.cab DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} hxxps://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.96.0.cab Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies) FireFox: ======== FF ProfilePath: C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-16] () FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [Keine Datei] FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-16] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-16] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] () FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [Keine Datei] FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-07-18] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT \npIntelWebAPIUpdater.dll [2012-07-18] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-19] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-19] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-03-08] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-03-08] (NVIDIA Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-447048058-3512354665-2473454594-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\André\AppData\LocalLow \Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\André\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-05-03] (Adobe Systems Inc.) FF Extension: WEB.DE MailCheck - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\extensions \mailcheck@web.de [2016-03-18] FF Extension: FoxyProxy Standard - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\Extensions \foxyproxy@eric.h.jung [2016-02-18] FF Extension: ProxTube - Unblock YouTube - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default- 1438960782100\Extensions\ich@maltegoetz.de.xpi [2016-01-25] FF Extension: Game Debate PC System Requirement Tool - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default- 1438960782100\Extensions\jid1-E6k1NoroBGfTwA@jetpack.xpi [2016-04-28] FF Extension: Adblock Plus - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\Extensions\{d10d0bf8- f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28] Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\André\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj \amazon-icon-2.crx <nicht gefunden> ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [955736 2016-03-15] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466504 2016-03-15] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466504 2016-03-15] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1424880 2016-03-15] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [272304 2016-03-30] (Avira Operations GmbH & Co. KG) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1860616 2016-04-04] () R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-03-23] (Digital Wave Ltd.) S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [243984 2016-03-22] (EasyAntiCheat Ltd) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-03-30] (NVIDIA Corporation) R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-18] (Hewlett-Packard Company) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert] R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07 -18] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-03-30] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-03-30] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-03-30] (NVIDIA Corporation) S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-26] (Electronic Arts) R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2015-03-26] () R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-11-20] (IDT, Inc.) [Datei ist nicht signiert] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2014-03-01] (Advanced Micro Devices, Inc.) S3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [13209088 2014-07-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert] S3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [626688 2014-07-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert] S3 athrusb; C:\Windows\system32\DRIVERS\athrxusb.sys [1075712 2008-07-29] (Atheros Communications, Inc.) S3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Advanced Micro Devices) [Datei ist nicht signiert] R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-03-15] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [137952 2016-03-15] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-15] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [68936 2016-03-15] (Avira Operations GmbH & Co. KG) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-05-10] (Malwarebytes) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-03-30] (NVIDIA Corporation) R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [47672 2016-03-08] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-03-21] (NVIDIA Corporation) S3 USBTINSP; C:\Windows\System32\drivers\tinspusb.sys [142848 2010-03-29] (Texas Instruments) U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [71680 2014-04-30] (Microsoft Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) S3 ZDCNDIS6a64; C:\windows\system32\ZDCNDIS6a64.sys [41280 2009-06-26] (Printing Communications Assoc., Inc. (PCAUSA)) S3 ZDCNDIS6a64; C:\windows\SysWOW64\ZDCNDIS6a64.sys [41280 2009-06-26] (Printing Communications Assoc., Inc. (PCAUSA)) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-05-10 16:33 - 2016-05-10 16:34 - 00026324 _____ C:\Users\André\Downloads\FRST.txt 2016-05-10 16:32 - 2016-05-10 16:33 - 00000000 ____D C:\FRST 2016-05-10 16:31 - 2016-05-10 16:31 - 02381312 _____ (Farbar) C:\Users\André\Downloads\FRST64.exe 2016-05-10 16:14 - 2016-05-10 16:14 - 00000094 ____H C:\Users\André\Downloads\.~lock.Hurricanes.pptx# 2016-05-10 16:12 - 2016-05-10 16:12 - 00000094 ____H C:\Users\André\Downloads\.~lock.Chemie.pptx# 2016-05-10 15:59 - 2016-05-10 15:59 - 00000000 ____D C:\Users\André\AppData\Roaming\scsi2-13 2016-05-10 15:56 - 2016-05-10 15:56 - 00000000 ____D C:\ProgramData\componet-66 2016-05-10 15:07 - 2016-05-10 15:07 - 03640384 _____ C:\Users\André\Downloads\adwcleaner_5.116.exe 2016-05-10 14:38 - 2016-05-10 14:39 - 129662736 _____ (Microsoft Corporation) C:\Users\André\Downloads\msert.exe 2016-05-10 14:28 - 2016-05-10 14:28 - 00001116 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-05-10 14:28 - 2016-05-10 14:28 - 00000000 ____D C:\Users\André\AppData\Roaming\faraday-1 2016-05-10 14:20 - 2016-05-10 14:20 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-05-10 14:20 - 2016-05-10 14:20 - 00002069 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk 2016-05-10 14:18 - 2016-05-10 14:18 - 00000000 ____D C:\ProgramData\scsi3-36 2016-05-10 14:17 - 2016-05-10 14:17 - 90330808 _____ (Adobe Systems Incorporated) C:\Users\André\Downloads\AcroRdrDC1501620039_de_DE.exe 2016-05-10 14:16 - 2016-05-10 15:02 - 00000000 ____D C:\ProgramData\uum 2016-05-09 21:41 - 2016-05-09 21:41 - 04489175 _____ C:\Users\André\Downloads\Hurricanes .pptx 2016-05-09 15:51 - 2016-05-09 15:51 - 00212133 _____ C:\Users\André\Desktop\WhatsApp-Image-20160509 2016-05-09 15:50 - 2016-05-09 15:51 - 00212133 _____ C:\Users\André\Downloads\WhatsApp-Image-20160509 2016-05-08 14:07 - 2016-05-08 14:07 - 00000222 _____ C:\Users\André\Desktop\Cosmic DJ.url 2016-05-08 14:07 - 2016-05-08 14:07 - 00000000 ____D C:\Users\André\AppData\LocalLow\GL33k 2016-05-08 12:08 - 2016-05-10 15:34 - 00003050 _____ C:\WINDOWS\System32\Tasks\ParkControl 2016-05-07 23:22 - 2016-05-07 23:22 - 00466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll 2016-05-07 23:22 - 2016-05-07 23:22 - 00444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll 2016-05-07 23:22 - 2016-05-07 23:22 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll 2016-05-07 23:22 - 2016-05-07 23:22 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll 2016-05-07 23:22 - 2016-05-07 23:22 - 00000000 ____D C:\Program Files (x86)\OpenAL 2016-05-06 18:17 - 2016-05-06 18:17 - 00000222 _____ C:\Users\André\Desktop\Hotline Miami 2 Wrong Number.url 2016-05-06 18:17 - 2016-05-06 18:17 - 00000137 _____ C:\Users\André\Desktop\Hotline Miami.url 2016-05-05 02:23 - 2016-05-05 02:23 - 00000000 ____D C:\Users\André\Documents\Overwatch 2016-05-05 01:08 - 2016-05-05 01:08 - 00001114 _____ C:\Users\Public\Desktop\Overwatch.lnk 2016-05-05 01:08 - 2016-05-05 01:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch 2016-05-05 01:00 - 2016-05-10 14:14 - 00000000 ____D C:\Program Files (x86)\Overwatch 2016-05-02 20:13 - 2016-05-02 20:15 - 85367756 _____ C:\Users\André\Downloads\Why Do We Fall - Motivational Video.mp4 2016-05-02 19:19 - 2016-04-30 21:42 - 04483870 _____ C:\Users\André\Desktop\Hurricanes.pptx 2016-05-02 19:14 - 2016-05-02 19:15 - 00477426 _____ C:\Users\André\Downloads\Chemie.pptx 2016-05-02 18:46 - 2016-05-02 18:46 - 00169110 _____ C:\Users\André\Downloads\WhatsApp-Image-20160502 2016-05-02 18:10 - 2016-05-02 18:10 - 00194857 _____ C:\Users\André\Downloads\WhatsApp-Image-20160430 2016-04-30 14:56 - 2016-04-30 14:56 - 00001644 _____ C:\Users\André\Desktop\Neues Textdokument.txt 2016-04-30 12:56 - 2016-04-30 12:56 - 04448793 _____ C:\Users\André\Downloads\Hurricanes.pptx 2016-04-26 20:11 - 2016-04-26 20:11 - 00121060 _____ C:\Users\André\Downloads\Cgco6leh.jpeg 2016-04-25 16:48 - 2016-04-25 16:48 - 00146693 _____ C:\Users\André\Downloads\GlSILUQj.jpeg 2016-04-24 20:55 - 2016-04-24 20:57 - 00000000 ____D C:\Users\André\AppData\Roaming\MediaPurge 2016-04-24 20:55 - 2016-04-24 20:55 - 00001945 _____ C:\Users\André\Desktop\Mediapurge.lnk 2016-04-24 20:55 - 2016-04-24 20:55 - 00000000 ____D C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mediapurge 2016-04-24 20:55 - 2016-04-24 20:55 - 00000000 ____D C:\Program Files (x86)\Mediapurge 2016-04-24 20:54 - 2016-04-24 20:54 - 01475080 _____ C:\Users\André\Downloads\MediaPurge - CHIP-Installer.exe 2016-04-24 20:44 - 2016-04-24 20:44 - 00001259 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk 2016-04-22 22:15 - 2016-04-22 22:15 - 74885612 _____ C:\Users\André\Downloads\3DM-MGS5-v1.005-Crack_only.rar 2016-04-21 10:01 - 2016-04-23 14:37 - 00000000 ____D C:\driver_memscan 2016-04-16 14:22 - 2016-04-16 14:22 - 00000222 _____ C:\Users\André\Desktop\Call of Duty Black Ops II - Zombies.url 2016-04-16 14:18 - 2016-04-16 14:18 - 00000222 _____ C:\Users\André\Desktop\Call of Duty Black Ops II - Multiplayer.url 2016-04-16 13:56 - 2016-04-16 13:56 - 00000222 _____ C:\Users\André\Desktop\Call of Duty Black Ops II.url 2016-04-14 16:11 - 2016-04-14 16:11 - 00000836 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-04-14 16:11 - 2016-04-14 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2016-04-14 16:07 - 2016-04-14 16:07 - 05683392 _____ (Piriform Ltd) C:\Users\André\Downloads\ccsetup516_slim.exe 2016-04-13 18:45 - 2016-04-13 18:49 - 00000518 _____ C:\Users\André\Documents\Neues Textdokument.txt 2016-04-13 13:58 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-04-13 13:58 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-04-13 13:58 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-04-13 13:58 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-04-13 13:58 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-04-13 13:58 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-04-13 13:58 - 2016-03-31 01:43 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-04-13 13:58 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-04-13 13:58 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-04-13 13:58 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-04-13 13:58 - 2016-03-31 01:23 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-04-13 13:58 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-04-13 13:58 - 2016-02-02 20:16 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys 2016-04-13 13:57 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-04-13 13:57 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2016-04-13 13:57 - 2016-03-31 01:56 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2016-04-13 13:57 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2016-04-13 13:57 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2016-04-13 13:57 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-04-13 13:57 - 2016-03-31 01:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2016-04-13 13:57 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2016-04-13 13:57 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2016-04-13 13:57 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-04-13 13:57 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-04-13 13:57 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2016-04-13 13:57 - 2016-03-31 01:30 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2016-04-13 13:57 - 2016-03-31 01:27 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2016-04-13 13:57 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2016-04-13 13:57 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-04-13 13:57 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-04-13 13:57 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-04-13 13:57 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-04-13 13:57 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-04-13 13:57 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-04-13 13:57 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-04-13 13:56 - 2016-04-04 08:35 - 00046768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-04-13 13:56 - 2016-04-02 15:26 - 01386496 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-04-13 13:56 - 2016-04-02 15:26 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-04-13 13:56 - 2016-03-28 15:21 - 00698368 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-04-13 13:56 - 2016-03-28 15:21 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-04-13 13:56 - 2016-03-28 15:21 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-04-13 13:56 - 2016-03-28 15:21 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2016-04-13 13:56 - 2016-03-28 15:21 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-04-13 13:56 - 2016-03-16 01:00 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-04-13 13:56 - 2016-03-15 16:14 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-04-13 13:56 - 2016-03-11 16:48 - 00833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2016-04-13 13:56 - 2016-03-10 20:22 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2016-04-13 13:56 - 2016-03-10 20:21 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2016-04-13 13:56 - 2016-03-10 20:20 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2016-04-13 13:56 - 2016-03-10 19:44 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2016-04-13 13:56 - 2016-03-10 19:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2016-04-13 13:56 - 2016-03-10 19:03 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll 2016-04-13 13:56 - 2016-03-10 18:48 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll 2016-04-13 13:56 - 2016-03-03 18:47 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2016-04-13 13:56 - 2016-03-03 18:33 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2016-04-13 13:56 - 2016-03-03 03:39 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-04-13 13:56 - 2016-03-03 03:39 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-04-13 13:56 - 2016-02-09 03:31 - 22365472 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-04-13 13:56 - 2016-02-09 03:31 - 19794896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-04-13 13:56 - 2016-02-09 03:31 - 02757616 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-04-13 13:56 - 2016-02-09 03:31 - 02412576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-04-13 13:56 - 2016-02-09 03:31 - 00273264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2016-04-13 13:56 - 2016-02-08 22:55 - 02712576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2016-04-13 13:56 - 2016-02-08 22:15 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll 2016-04-13 13:56 - 2016-02-08 22:02 - 01197056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll 2016-04-13 13:56 - 2016-02-08 21:48 - 12879360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-04-13 13:56 - 2016-02-08 21:43 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2016-04-13 13:56 - 2016-02-08 21:40 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll 2016-04-13 13:56 - 2016-02-08 21:39 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll 2016-04-13 13:56 - 2016-02-08 21:37 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll 2016-04-13 13:56 - 2016-02-08 21:35 - 00954880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2016-04-13 13:56 - 2016-02-08 21:34 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2016-04-13 13:56 - 2016-02-08 21:33 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll 2016-04-13 13:56 - 2016-02-08 20:50 - 03120640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2016-04-13 13:56 - 2016-02-08 19:55 - 02592256 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll 2016-04-13 13:56 - 2016-02-08 19:33 - 01278464 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll 2016-04-13 13:56 - 2016-02-08 19:12 - 14466560 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-04-13 13:56 - 2016-02-08 19:02 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2016-04-13 13:56 - 2016-02-08 19:00 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll 2016-04-13 13:56 - 2016-02-08 18:58 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll 2016-04-13 13:56 - 2016-02-08 18:55 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll 2016-04-13 13:56 - 2016-02-08 18:53 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll 2016-04-13 13:56 - 2016-02-08 18:53 - 01348096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-04-13 13:56 - 2016-02-08 18:50 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2016-04-13 13:56 - 2016-02-08 18:50 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2016-04-13 13:56 - 2016-02-08 18:48 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2016-04-13 13:56 - 2016-02-08 18:47 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2016-04-13 13:56 - 2016-02-08 18:44 - 00955392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2016-04-13 13:56 - 2016-02-05 16:46 - 01455104 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe 2016-04-13 13:56 - 2016-02-03 17:14 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys 2016-04-13 13:56 - 2016-02-03 17:11 - 01673728 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll 2016-04-13 13:56 - 2016-02-02 19:51 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll 2016-04-13 13:56 - 2016-02-02 19:19 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll 2016-04-13 13:56 - 2016-02-02 19:15 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll 2016-04-13 13:56 - 2016-02-02 19:01 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll 2016-04-13 13:56 - 2016-02-02 18:51 - 02609152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll 2016-04-13 13:56 - 2016-02-02 18:48 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll 2016-04-13 13:56 - 2016-02-02 18:46 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll 2016-04-13 13:56 - 2016-02-02 18:41 - 02170880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2016-04-13 13:56 - 2016-02-02 18:39 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll 2016-04-13 13:56 - 2016-01-27 17:18 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2016-04-13 13:56 - 2016-01-26 21:15 - 00072024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys 2016-04-13 13:56 - 2016-01-21 21:35 - 00952928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2016-04-13 13:56 - 2016-01-21 20:42 - 00786152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2016-04-13 13:56 - 2016-01-21 00:40 - 00099672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys 2016-04-13 13:56 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2016-04-13 13:56 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2016-04-13 13:55 - 2016-03-29 16:05 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2016-04-13 13:55 - 2016-03-10 21:19 - 07452512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-04-13 13:55 - 2016-03-10 21:17 - 01663192 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-04-13 13:55 - 2016-03-10 21:17 - 01523216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-04-13 13:55 - 2016-03-10 21:17 - 01490128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2016-04-13 13:55 - 2016-03-10 21:17 - 01358960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2016-04-13 13:55 - 2016-03-10 21:17 - 01133752 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-04-13 13:55 - 2016-03-10 19:48 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-04-13 13:55 - 2016-03-10 19:43 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll 2016-04-13 13:55 - 2016-03-10 18:55 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll 2016-04-13 13:55 - 2016-03-10 18:42 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll 2016-04-13 13:55 - 2016-03-03 18:13 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll 2016-04-13 13:55 - 2016-02-07 01:05 - 00551256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2016-04-13 13:55 - 2016-02-07 00:41 - 00316760 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys 2016-04-13 13:55 - 2016-02-05 21:07 - 00378712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2016-04-13 13:55 - 2016-02-05 17:11 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2016-04-13 13:55 - 2016-02-05 17:11 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL 2016-04-13 13:55 - 2016-02-05 17:07 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL 2016-04-13 13:55 - 2016-02-05 17:02 - 01083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2016-04-13 13:55 - 2016-02-04 20:07 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpsapi.dll 2016-04-13 13:55 - 2016-02-04 19:35 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpsapi.dll 2016-04-13 13:55 - 2016-02-04 18:23 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll 2016-04-13 13:55 - 2016-02-04 18:22 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll 2016-04-13 13:55 - 2016-02-02 19:18 - 01574912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe 2016-04-13 13:55 - 2016-01-31 19:17 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe 2016-04-13 13:55 - 2016-01-22 07:22 - 02487296 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll 2016-04-13 13:55 - 2016-01-22 07:11 - 01482240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-05-10 16:24 - 2013-01-03 16:09 - 00000000 ____D C:\Users\André\AppData\Roaming\Skype 2016-05-10 16:12 - 2015-02-22 21:08 - 00753152 ___SH C:\Users\André\Downloads\Thumbs.db 2016-05-10 16:12 - 2013-01-03 15:41 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-05-10 15:50 - 2013-02-18 14:36 - 00007667 _____ C:\Users\André\AppData\Local\resmon.resmoncfg 2016-05-10 15:43 - 2013-11-11 21:04 - 00000000 ____D C:\AdwCleaner 2016-05-10 15:36 - 2014-09-24 19:06 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-05-10 15:35 - 2013-02-02 18:30 - 00000000 ____D C:\Program Files (x86)\Steam 2016-05-10 15:34 - 2016-03-18 22:35 - 00000000 ____D C:\ProgramData\NVIDIA 2016-05-10 15:34 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-05-10 15:33 - 2014-09-24 19:06 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-05-10 15:33 - 2014-01-06 18:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-05-10 15:06 - 2013-01-02 14:08 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-447048058- 3512354665-2473454594-1001 2016-05-10 14:28 - 2014-09-24 19:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-05-10 14:21 - 2014-12-29 11:31 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2016-05-10 14:20 - 2013-01-05 14:01 - 00000000 ____D C:\Program Files (x86)\Adobe 2016-05-10 14:20 - 2013-01-03 15:39 - 00000000 ____D C:\ProgramData\Adobe 2016-05-10 14:15 - 2015-02-06 20:43 - 00003930 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E60977FA-3A81-4898-8919- E45EAAFEA251} 2016-05-10 14:13 - 2015-07-29 16:33 - 00000000 ____D C:\Users\André\AppData\Local\Battle.net 2016-05-10 14:13 - 2015-07-29 16:33 - 00000000 ____D C:\Program Files (x86)\Battle.net 2016-05-09 21:53 - 2014-11-21 05:35 - 01980998 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-05-09 21:53 - 2014-11-21 04:45 - 00841326 _____ C:\WINDOWS\system32\perfh007.dat 2016-05-09 21:53 - 2014-11-21 04:45 - 00191558 _____ C:\WINDOWS\system32\perfc007.dat 2016-05-09 21:53 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf 2016-05-09 21:44 - 2013-06-19 16:13 - 00000000 ____D C:\Users\André\AppData\Roaming\TS3Client 2016-05-09 20:47 - 2014-01-13 17:25 - 00000000 ____D C:\Users\André\AppData\Local\DayZ 2016-05-08 20:22 - 2015-10-01 18:48 - 00000000 ____D C:\Users\André\AppData\Roaming\Spotify 2016-05-08 20:17 - 2015-10-09 13:23 - 00000000 ____D C:\Users\André\AppData\Local\Spotify 2016-05-08 19:54 - 2015-04-02 12:38 - 00000000 ____D C:\Users\André\Downloads\Wallpaper 2016-05-08 12:15 - 2015-01-30 20:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-05-07 23:23 - 2013-07-06 14:35 - 00000000 ____D C:\Users\André\Documents\My Games 2016-05-06 14:25 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-05-06 14:23 - 2015-08-30 19:09 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX 2016-05-06 14:23 - 2015-08-30 19:09 - 00000000 ___SD C:\WINDOWS\system32\GWX 2016-05-06 14:23 - 2015-02-03 19:00 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-05-05 00:43 - 2016-03-26 00:19 - 00000000 ____D C:\Program Files (x86)\Hearthstone 2016-05-04 21:02 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps 2016-05-04 21:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-05-03 21:16 - 2013-08-22 15:25 - 01048576 ___SH C:\WINDOWS\system32\config\BBI 2016-05-02 21:00 - 2015-02-01 12:26 - 00601600 ___SH C:\Users\André\Desktop\Thumbs.db 2016-05-02 20:31 - 2013-01-12 14:43 - 00000000 ____D C:\Users\André\AppData\Local\ElevatedDiagnostics 2016-04-29 21:41 - 2016-02-18 20:30 - 00000000 ____D C:\Users\André\Documents\CCleaner Reg Backups! 2016-04-29 21:40 - 2016-03-19 15:32 - 00000000 ____D C:\Users\André\AppData\Local\CrashDumps 2016-04-29 07:31 - 2015-03-24 14:29 - 00000000 ____D C:\Users\André\Downloads\LUPO 2016-04-29 06:35 - 2013-01-11 20:49 - 00000000 ____D C:\Users\André\AppData\Roaming\DVDVideoSoft 2016-04-27 20:40 - 2014-08-16 14:13 - 00000000 ____D C:\ProgramData\Package Cache 2016-04-27 20:20 - 2013-09-06 14:40 - 00000000 ____D C:\Users\André\AppData\Roaming\OBS 2016-04-26 15:17 - 2016-02-17 15:39 - 00000000 ____D C:\Users\André\AppData\Local\TeamSpeak 3 Client 2016-04-26 13:01 - 2016-01-01 15:33 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-04-26 13:01 - 2013-01-03 16:09 - 00000000 ____D C:\ProgramData\Skype 2016-04-24 20:44 - 2016-03-25 15:57 - 00001416 _____ C:\Users\Public\Desktop\Free YouTube To MP3 Converter.lnk 2016-04-24 20:44 - 2013-08-18 13:28 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft 2016-04-24 20:44 - 2013-01-11 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2016-04-20 12:35 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache 2016-04-19 14:45 - 2013-05-04 10:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2016-04-16 21:16 - 2013-01-03 15:41 - 00003766 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2016-04-14 16:20 - 2013-01-02 14:01 - 00000000 ____D C:\Users\André\AppData\Local\Packages 2016-04-14 16:18 - 2012-11-22 11:37 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-04-14 16:17 - 2013-01-18 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ 2016-04-14 16:17 - 2013-01-18 20:38 - 00000000 ____D C:\Program Files (x86)\THQ 2016-04-14 16:15 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files\Windows Sidebar 2016-04-14 16:15 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar 2016-04-14 16:12 - 2015-03-27 22:10 - 00000000 ____D C:\WINDOWS\Minidump 2016-04-14 14:43 - 2013-08-22 16:44 - 00405368 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-04-13 20:59 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData 2016-04-13 19:20 - 2013-08-15 12:24 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-04-13 19:17 - 2013-01-03 18:22 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-04-13 13:50 - 2016-01-13 13:43 - 00177488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-04-13 13:47 - 2016-03-09 15:30 - 01501488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-04-13 13:47 - 2016-03-09 15:30 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2016-04-13 13:46 - 2016-03-09 15:30 - 01737080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-09-14 19:20 - 2014-09-14 19:20 - 0000297 _____ () C:\Users\André\AppData\Roaming\BreakingPoint_Login.ini 2014-09-14 19:23 - 2014-09-14 19:23 - 0001370 _____ () C:\Users\André\AppData\Roaming\BreakingPoint_Options.ini 2014-02-15 10:22 - 2014-02-15 10:22 - 0000011 _____ () C:\Users\André\AppData\Roaming\Network Meter_Usage.ini 2013-08-21 13:54 - 2013-12-21 14:58 - 0000134 _____ () C:\Users\André\AppData\Roaming\Network Monitor II_Traffic.ini 2013-08-21 13:04 - 2013-08-21 13:04 - 0000725 _____ () C:\Users\André\AppData\Roaming\Ping Monitor_Settings.ini 2014-12-21 15:16 - 2014-12-21 15:16 - 0000000 _____ () C:\Users\André\AppData\Roaming\Stardockfences_debug_snapshot.dat 2014-06-19 18:50 - 2014-06-19 18:50 - 0000024 _____ () C:\Users\André\AppData\Roaming\temp.ini 2013-02-16 16:01 - 2013-02-19 18:05 - 0004608 _____ () C:\Users\André\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-03-13 21:16 - 2016-03-13 21:16 - 0007890 _____ () C:\Users\André\AppData\Local\recently-used.xbel 2013-02-18 14:36 - 2016-05-10 15:50 - 0007667 _____ () C:\Users\André\AppData\Local\resmon.resmoncfg 2013-11-25 18:04 - 2013-11-25 18:04 - 0000057 _____ () C:\ProgramData\Ament.ini 2013-01-02 14:02 - 2013-01-02 14:02 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\André\Arcanum4.dat C:\Users\André\Arcanum5.dat C:\Users\André\Arcanum6.dat Einige Dateien in TEMP: ==================== C:\Users\André\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-05-06 14:22 ==================== Ende von FRST.txt ============================ Geändert von Chronos5896 (10.05.2016 um 16:12 Uhr) Grund: Weitere Information |
10.05.2016, 16:52 | #2 |
/// TB-Ausbilder | Windows 8: Für mich unbekannter Trojaner von Avira gefundenMein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags: So funktioniert es: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! "TR/Crypt.EPACK.Gen8" ist nichtssagend... bitte die Logdatei von Avira nachreichen. Zur ersten Analyse bitte FRST und TDSS-Killer ausführen: Schritt 1
Schritt 2 Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
10.05.2016, 17:20 | #3 |
| Windows 8: Für mich unbekannter Trojaner von Avira gefundenCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:09-05-2016 durchgeführt von André (Administrator) auf ANDRÉ-PC (10-05-2016 17:57:12) Gestartet von C:\Users\André\Downloads Geladene Profile: André & (Verfügbare Profile: André) Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Bitsum LLC) C:\Program Files\ParkControl\ParkControl.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Bethesda Softworks) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe (The Creative Assembly Ltd) C:\Program Files (x86)\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe (Farbar) C:\Users\André\Downloads\FRST64(1).exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2013-11-20] (Hewlett-Packard ) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-11-20] (IDT, Inc.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2396096 2016-03-30] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.) HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink) HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [807392 2016-03-15] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-03-18] (Apple Inc.) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-03-30] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [FireStormStartUpAutoRun] => C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe [24278016 2015-03-11] (PC Partner Co.Ltd) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Spotify Web Helper] => C:\Users\André\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-04-26] (Spotify Ltd) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Spotify] => C:\Users\André\AppData\Roaming\Spotify\Spotify.exe [6890608 2016-04-26] (Spotify Ltd) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [51662464 2016-04-08] (Skype Technologies S.A.) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8813784 2016-03-11] (Piriform Ltd) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\RunOnce: [faraday-84] => C:\Users\André\AppData\Roaming\faraday-1\faraday-73.exe [777216 2016-05-10] () HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Policies\Explorer: [DisallowRun] 1 HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\MountPoints2: {4314a68d-f93b-11e3-bef5-b4b52fc7b10a} - "G:\setup.exe" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\MountPoints2: {8fad102a-54d2-11e2-be6d-806e6f6e6963} - "E:\ZToolBar.exe" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [132608 2014-11-21] (Microsoft Corporation) HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation) HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\André\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-04-26] (Spotify Ltd) HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify] => C:\Users\André\AppData\Roaming\Spotify\Spotify.exe [6890608 2016-04-26] (Spotify Ltd) HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [51662464 2016-04-08] (Skype Technologies S.A.) HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8813784 2016-03-11] (Piriform Ltd) HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [faraday-84] => C:\Users\André\AppData\Roaming\faraday-1\faraday-73.exe [777216 2016-05-10] () HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [DisallowRun] 1 HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {4314a68d-f93b-11e3-bef5-b4b52fc7b10a} - "G:\setup.exe" HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {8fad102a-54d2-11e2-be6d-806e6f6e6963} - "E:\ZToolBar.exe" HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [132608 2014-11-21] (Microsoft Corporation) Startup: C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scsi2-6.lnk [2016-05-10] ShortcutTarget: scsi2-6.lnk -> C:\Users\André\AppData\Roaming\scsi2-13\scsi2-7.exe (SkinSharp Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{9A94A0F4-2D9B-45C3-9E0A-94ED23BCC2BF}: [DhcpNameServer] 192.168.0.1 192.168.0.2 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKLM -> {E9CF137E-FB25-49C6-A0D0-A0DE744D2C27} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKU\S-1-5-21-447048058-3512354665-2473454594-1001 -> DefaultScope {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout SearchScopes: HKU\S-1-5-21-447048058-3512354665-2473454594-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout SearchScopes: HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout SearchScopes: HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25] (HP) BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-11-07] (DVDVideoSoft Ltd.) BHO-x32: Kein Name -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> Keine Datei BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-19] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-19] (Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP) DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095} DPF: HKLM-x32 {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.203.0.cab DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} hxxps://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.96.0.cab Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies) FireFox: ======== FF ProfilePath: C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-16] () FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [Keine Datei] FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-16] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-16] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] () FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [Keine Datei] FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-07-18] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-07-18] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-19] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-19] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-03-08] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-03-08] (NVIDIA Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-447048058-3512354665-2473454594-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\André\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\André\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-05-03] (Adobe Systems Inc.) FF Extension: WEB.DE MailCheck - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\extensions\mailcheck@web.de [2016-03-18] FF Extension: FoxyProxy Standard - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\Extensions\foxyproxy@eric.h.jung [2016-02-18] FF Extension: ProxTube - Unblock YouTube - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\Extensions\ich@maltegoetz.de.xpi [2016-01-25] FF Extension: Game Debate PC System Requirement Tool - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\Extensions\jid1-E6k1NoroBGfTwA@jetpack.xpi [2016-04-28] FF Extension: Adblock Plus - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28] Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\André\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx <nicht gefunden> ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [955736 2016-03-15] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466504 2016-03-15] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466504 2016-03-15] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1424880 2016-03-15] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [272304 2016-03-30] (Avira Operations GmbH & Co. KG) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1860616 2016-04-04] () R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-03-23] (Digital Wave Ltd.) S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [243984 2016-03-22] (EasyAntiCheat Ltd) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-03-30] (NVIDIA Corporation) R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-18] (Hewlett-Packard Company) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert] R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-03-30] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-03-30] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-03-30] (NVIDIA Corporation) S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-26] (Electronic Arts) R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2015-03-26] () R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-11-20] (IDT, Inc.) [Datei ist nicht signiert] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2014-03-01] (Advanced Micro Devices, Inc.) S3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [13209088 2014-07-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert] S3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [626688 2014-07-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert] S3 athrusb; C:\Windows\system32\DRIVERS\athrxusb.sys [1075712 2008-07-29] (Atheros Communications, Inc.) S3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Advanced Micro Devices) [Datei ist nicht signiert] R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-03-15] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [137952 2016-03-15] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-15] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [68936 2016-03-15] (Avira Operations GmbH & Co. KG) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-03-30] (NVIDIA Corporation) R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [47672 2016-03-08] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-03-21] (NVIDIA Corporation) S3 USBTINSP; C:\Windows\System32\drivers\tinspusb.sys [142848 2010-03-29] (Texas Instruments) U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [71680 2014-04-30] (Microsoft Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) S3 ZDCNDIS6a64; C:\windows\system32\ZDCNDIS6a64.sys [41280 2009-06-26] (Printing Communications Assoc., Inc. (PCAUSA)) S3 ZDCNDIS6a64; C:\windows\SysWOW64\ZDCNDIS6a64.sys [41280 2009-06-26] (Printing Communications Assoc., Inc. (PCAUSA)) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-05-10 17:59 - 2016-05-10 17:59 - 00000230 _____ C:\TDSSKiller.3.1.0.9_10.05.2016_17.59.03_log.txt 2016-05-10 17:58 - 2016-05-10 17:58 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\André\Desktop\tdsskiller.exe 2016-05-10 17:56 - 2016-05-10 17:56 - 02381312 _____ (Farbar) C:\Users\André\Downloads\FRST64(1).exe 2016-05-10 17:42 - 2016-05-10 17:42 - 00000000 ____D C:\ProgramData\AVAST Software 2016-05-10 17:34 - 2016-05-10 17:34 - 05066104 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_online.exe 2016-05-10 17:34 - 2016-05-10 17:34 - 05066104 _____ (AVAST Software) C:\Users\André\Downloads\avast_free_antivirus_setup_online.exe 2016-05-10 16:50 - 2016-05-10 16:54 - 00083169 _____ C:\Users\André\Desktop\Addition.txt 2016-05-10 16:49 - 2016-05-10 16:49 - 00057004 _____ C:\Users\André\Desktop\FRST.txt 2016-05-10 16:38 - 2016-05-10 16:45 - 00083172 _____ C:\Users\André\Downloads\Addition.txt 2016-05-10 16:33 - 2016-05-10 17:59 - 00025993 _____ C:\Users\André\Downloads\FRST.txt 2016-05-10 16:32 - 2016-05-10 17:57 - 00000000 ____D C:\FRST 2016-05-10 16:31 - 2016-05-10 16:31 - 02381312 _____ (Farbar) C:\Users\André\Downloads\FRST64.exe 2016-05-10 16:14 - 2016-05-10 16:14 - 00000094 ____H C:\Users\André\Downloads\.~lock.Hurricanes.pptx# 2016-05-10 16:12 - 2016-05-10 16:12 - 00000094 ____H C:\Users\André\Downloads\.~lock.Chemie.pptx# 2016-05-10 15:59 - 2016-05-10 15:59 - 00000000 ____D C:\Users\André\AppData\Roaming\scsi2-13 2016-05-10 15:56 - 2016-05-10 15:56 - 00000000 ____D C:\ProgramData\componet-66 2016-05-10 15:07 - 2016-05-10 15:07 - 03640384 _____ C:\Users\André\Downloads\adwcleaner_5.116.exe 2016-05-10 14:38 - 2016-05-10 14:39 - 129662736 _____ (Microsoft Corporation) C:\Users\André\Downloads\msert.exe 2016-05-10 14:28 - 2016-05-10 14:28 - 00001116 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-05-10 14:28 - 2016-05-10 14:28 - 00000000 ____D C:\Users\André\AppData\Roaming\faraday-1 2016-05-10 14:20 - 2016-05-10 14:20 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-05-10 14:20 - 2016-05-10 14:20 - 00002069 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk 2016-05-10 14:17 - 2016-05-10 14:17 - 90330808 _____ (Adobe Systems Incorporated) C:\Users\André\Downloads\AcroRdrDC1501620039_de_DE.exe 2016-05-10 14:16 - 2016-05-10 15:02 - 00000000 ____D C:\ProgramData\uum 2016-05-09 21:41 - 2016-05-09 21:41 - 04489175 _____ C:\Users\André\Downloads\Hurricanes .pptx 2016-05-09 15:51 - 2016-05-09 15:51 - 00212133 _____ C:\Users\André\Desktop\WhatsApp-Image-20160509 2016-05-09 15:50 - 2016-05-09 15:51 - 00212133 _____ C:\Users\André\Downloads\WhatsApp-Image-20160509 2016-05-08 14:07 - 2016-05-08 14:07 - 00000222 _____ C:\Users\André\Desktop\Cosmic DJ.url 2016-05-08 14:07 - 2016-05-08 14:07 - 00000000 ____D C:\Users\André\AppData\LocalLow\GL33k 2016-05-08 12:08 - 2016-05-10 17:23 - 00003050 _____ C:\WINDOWS\System32\Tasks\ParkControl 2016-05-07 23:22 - 2016-05-07 23:22 - 00466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll 2016-05-07 23:22 - 2016-05-07 23:22 - 00444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll 2016-05-07 23:22 - 2016-05-07 23:22 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll 2016-05-07 23:22 - 2016-05-07 23:22 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll 2016-05-07 23:22 - 2016-05-07 23:22 - 00000000 ____D C:\Program Files (x86)\OpenAL 2016-05-06 18:17 - 2016-05-06 18:17 - 00000222 _____ C:\Users\André\Desktop\Hotline Miami 2 Wrong Number.url 2016-05-06 18:17 - 2016-05-06 18:17 - 00000137 _____ C:\Users\André\Desktop\Hotline Miami.url 2016-05-05 02:23 - 2016-05-05 02:23 - 00000000 ____D C:\Users\André\Documents\Overwatch 2016-05-05 01:08 - 2016-05-05 01:08 - 00001114 _____ C:\Users\Public\Desktop\Overwatch.lnk 2016-05-05 01:08 - 2016-05-05 01:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch 2016-05-05 01:00 - 2016-05-10 14:14 - 00000000 ____D C:\Program Files (x86)\Overwatch 2016-05-02 20:13 - 2016-05-02 20:15 - 85367756 _____ C:\Users\André\Downloads\Why Do We Fall - Motivational Video.mp4 2016-05-02 19:19 - 2016-04-30 21:42 - 04483870 _____ C:\Users\André\Desktop\Hurricanes.pptx 2016-05-02 19:14 - 2016-05-02 19:15 - 00477426 _____ C:\Users\André\Downloads\Chemie.pptx 2016-05-02 18:46 - 2016-05-02 18:46 - 00169110 _____ C:\Users\André\Downloads\WhatsApp-Image-20160502 2016-05-02 18:10 - 2016-05-02 18:10 - 00194857 _____ C:\Users\André\Downloads\WhatsApp-Image-20160430 2016-04-30 14:56 - 2016-04-30 14:56 - 00001644 _____ C:\Users\André\Desktop\Neues Textdokument.txt 2016-04-30 12:56 - 2016-04-30 12:56 - 04448793 _____ C:\Users\André\Downloads\Hurricanes.pptx 2016-04-26 20:11 - 2016-04-26 20:11 - 00121060 _____ C:\Users\André\Downloads\Cgco6leh.jpeg 2016-04-25 16:48 - 2016-04-25 16:48 - 00146693 _____ C:\Users\André\Downloads\GlSILUQj.jpeg 2016-04-24 20:55 - 2016-04-24 20:57 - 00000000 ____D C:\Users\André\AppData\Roaming\MediaPurge 2016-04-24 20:55 - 2016-04-24 20:55 - 00001945 _____ C:\Users\André\Desktop\Mediapurge.lnk 2016-04-24 20:55 - 2016-04-24 20:55 - 00000000 ____D C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mediapurge 2016-04-24 20:55 - 2016-04-24 20:55 - 00000000 ____D C:\Program Files (x86)\Mediapurge 2016-04-24 20:54 - 2016-04-24 20:54 - 01475080 _____ C:\Users\André\Downloads\MediaPurge - CHIP-Installer.exe 2016-04-24 20:44 - 2016-04-24 20:44 - 00001259 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk 2016-04-22 22:15 - 2016-04-22 22:15 - 74885612 _____ C:\Users\André\Downloads\3DM-MGS5-v1.005-Crack_only.rar 2016-04-21 10:01 - 2016-04-23 14:37 - 00000000 ____D C:\driver_memscan 2016-04-16 14:22 - 2016-04-16 14:22 - 00000222 _____ C:\Users\André\Desktop\Call of Duty Black Ops II - Zombies.url 2016-04-16 14:18 - 2016-04-16 14:18 - 00000222 _____ C:\Users\André\Desktop\Call of Duty Black Ops II - Multiplayer.url 2016-04-16 13:56 - 2016-04-16 13:56 - 00000222 _____ C:\Users\André\Desktop\Call of Duty Black Ops II.url 2016-04-14 16:11 - 2016-04-14 16:11 - 00000836 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-04-14 16:11 - 2016-04-14 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2016-04-14 16:07 - 2016-04-14 16:07 - 05683392 _____ (Piriform Ltd) C:\Users\André\Downloads\ccsetup516_slim.exe 2016-04-13 18:45 - 2016-04-13 18:49 - 00000518 _____ C:\Users\André\Documents\Neues Textdokument.txt 2016-04-13 13:58 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-04-13 13:58 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-04-13 13:58 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-04-13 13:58 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-04-13 13:58 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-04-13 13:58 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-04-13 13:58 - 2016-03-31 01:43 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-04-13 13:58 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-04-13 13:58 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-04-13 13:58 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-04-13 13:58 - 2016-03-31 01:23 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-04-13 13:58 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-04-13 13:58 - 2016-02-02 20:16 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys 2016-04-13 13:57 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-04-13 13:57 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2016-04-13 13:57 - 2016-03-31 01:56 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2016-04-13 13:57 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2016-04-13 13:57 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2016-04-13 13:57 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-04-13 13:57 - 2016-03-31 01:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2016-04-13 13:57 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2016-04-13 13:57 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2016-04-13 13:57 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-04-13 13:57 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-04-13 13:57 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2016-04-13 13:57 - 2016-03-31 01:30 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2016-04-13 13:57 - 2016-03-31 01:27 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2016-04-13 13:57 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2016-04-13 13:57 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-04-13 13:57 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-04-13 13:57 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-04-13 13:57 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-04-13 13:57 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-04-13 13:57 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-04-13 13:57 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-04-13 13:56 - 2016-04-04 08:35 - 00046768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-04-13 13:56 - 2016-04-02 15:26 - 01386496 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-04-13 13:56 - 2016-04-02 15:26 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-04-13 13:56 - 2016-03-28 15:21 - 00698368 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-04-13 13:56 - 2016-03-28 15:21 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-04-13 13:56 - 2016-03-28 15:21 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-04-13 13:56 - 2016-03-28 15:21 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2016-04-13 13:56 - 2016-03-28 15:21 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-04-13 13:56 - 2016-03-16 01:00 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-04-13 13:56 - 2016-03-15 16:14 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-04-13 13:56 - 2016-03-11 16:48 - 00833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2016-04-13 13:56 - 2016-03-10 20:22 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2016-04-13 13:56 - 2016-03-10 20:21 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2016-04-13 13:56 - 2016-03-10 20:20 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2016-04-13 13:56 - 2016-03-10 19:44 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2016-04-13 13:56 - 2016-03-10 19:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2016-04-13 13:56 - 2016-03-10 19:03 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll 2016-04-13 13:56 - 2016-03-10 18:48 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll 2016-04-13 13:56 - 2016-03-03 18:47 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2016-04-13 13:56 - 2016-03-03 18:33 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2016-04-13 13:56 - 2016-03-03 03:39 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-04-13 13:56 - 2016-03-03 03:39 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-04-13 13:56 - 2016-02-09 03:31 - 22365472 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-04-13 13:56 - 2016-02-09 03:31 - 19794896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-04-13 13:56 - 2016-02-09 03:31 - 02757616 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-04-13 13:56 - 2016-02-09 03:31 - 02412576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-04-13 13:56 - 2016-02-09 03:31 - 00273264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2016-04-13 13:56 - 2016-02-08 22:55 - 02712576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2016-04-13 13:56 - 2016-02-08 22:15 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll 2016-04-13 13:56 - 2016-02-08 22:02 - 01197056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll 2016-04-13 13:56 - 2016-02-08 21:48 - 12879360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-04-13 13:56 - 2016-02-08 21:43 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2016-04-13 13:56 - 2016-02-08 21:40 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll 2016-04-13 13:56 - 2016-02-08 21:39 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll 2016-04-13 13:56 - 2016-02-08 21:37 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll 2016-04-13 13:56 - 2016-02-08 21:35 - 00954880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2016-04-13 13:56 - 2016-02-08 21:34 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2016-04-13 13:56 - 2016-02-08 21:33 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll 2016-04-13 13:56 - 2016-02-08 20:50 - 03120640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2016-04-13 13:56 - 2016-02-08 19:55 - 02592256 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll 2016-04-13 13:56 - 2016-02-08 19:33 - 01278464 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll 2016-04-13 13:56 - 2016-02-08 19:12 - 14466560 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-04-13 13:56 - 2016-02-08 19:02 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2016-04-13 13:56 - 2016-02-08 19:00 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll 2016-04-13 13:56 - 2016-02-08 18:58 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll 2016-04-13 13:56 - 2016-02-08 18:55 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll 2016-04-13 13:56 - 2016-02-08 18:53 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll 2016-04-13 13:56 - 2016-02-08 18:53 - 01348096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-04-13 13:56 - 2016-02-08 18:50 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2016-04-13 13:56 - 2016-02-08 18:50 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2016-04-13 13:56 - 2016-02-08 18:48 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2016-04-13 13:56 - 2016-02-08 18:47 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2016-04-13 13:56 - 2016-02-08 18:44 - 00955392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2016-04-13 13:56 - 2016-02-05 16:46 - 01455104 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe 2016-04-13 13:56 - 2016-02-03 17:14 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys 2016-04-13 13:56 - 2016-02-03 17:11 - 01673728 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll 2016-04-13 13:56 - 2016-02-02 19:51 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll 2016-04-13 13:56 - 2016-02-02 19:19 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll 2016-04-13 13:56 - 2016-02-02 19:15 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll 2016-04-13 13:56 - 2016-02-02 19:01 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll 2016-04-13 13:56 - 2016-02-02 18:51 - 02609152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll 2016-04-13 13:56 - 2016-02-02 18:48 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll 2016-04-13 13:56 - 2016-02-02 18:46 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll 2016-04-13 13:56 - 2016-02-02 18:41 - 02170880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2016-04-13 13:56 - 2016-02-02 18:39 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll 2016-04-13 13:56 - 2016-01-27 17:18 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2016-04-13 13:56 - 2016-01-26 21:15 - 00072024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys 2016-04-13 13:56 - 2016-01-21 21:35 - 00952928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2016-04-13 13:56 - 2016-01-21 20:42 - 00786152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2016-04-13 13:56 - 2016-01-21 00:40 - 00099672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys 2016-04-13 13:56 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2016-04-13 13:56 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2016-04-13 13:55 - 2016-03-29 16:05 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2016-04-13 13:55 - 2016-03-10 21:19 - 07452512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-04-13 13:55 - 2016-03-10 21:17 - 01663192 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-04-13 13:55 - 2016-03-10 21:17 - 01523216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-04-13 13:55 - 2016-03-10 21:17 - 01490128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2016-04-13 13:55 - 2016-03-10 21:17 - 01358960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2016-04-13 13:55 - 2016-03-10 21:17 - 01133752 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-04-13 13:55 - 2016-03-10 19:48 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-04-13 13:55 - 2016-03-10 19:43 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll 2016-04-13 13:55 - 2016-03-10 18:55 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll 2016-04-13 13:55 - 2016-03-10 18:42 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll 2016-04-13 13:55 - 2016-03-03 18:13 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll 2016-04-13 13:55 - 2016-02-07 01:05 - 00551256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2016-04-13 13:55 - 2016-02-07 00:41 - 00316760 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys 2016-04-13 13:55 - 2016-02-05 21:07 - 00378712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2016-04-13 13:55 - 2016-02-05 17:11 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2016-04-13 13:55 - 2016-02-05 17:11 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL 2016-04-13 13:55 - 2016-02-05 17:07 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL 2016-04-13 13:55 - 2016-02-05 17:02 - 01083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2016-04-13 13:55 - 2016-02-04 20:07 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpsapi.dll 2016-04-13 13:55 - 2016-02-04 19:35 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpsapi.dll 2016-04-13 13:55 - 2016-02-04 18:23 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll 2016-04-13 13:55 - 2016-02-04 18:22 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll 2016-04-13 13:55 - 2016-02-02 19:18 - 01574912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe 2016-04-13 13:55 - 2016-01-31 19:17 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe 2016-04-13 13:55 - 2016-01-22 07:22 - 02487296 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll 2016-04-13 13:55 - 2016-01-22 07:11 - 01482240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-05-10 17:36 - 2014-09-24 19:06 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-05-10 17:24 - 2013-02-02 18:30 - 00000000 ____D C:\Program Files (x86)\Steam 2016-05-10 17:23 - 2016-03-18 22:35 - 00000000 ____D C:\ProgramData\NVIDIA 2016-05-10 17:23 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-05-10 17:23 - 2013-08-22 15:25 - 01048576 ___SH C:\WINDOWS\system32\config\BBI 2016-05-10 17:17 - 2013-01-03 16:09 - 00000000 ____D C:\Users\André\AppData\Roaming\Skype 2016-05-10 17:12 - 2013-01-03 15:41 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-05-10 16:50 - 2015-02-01 12:26 - 00601600 ___SH C:\Users\André\Desktop\Thumbs.db 2016-05-10 16:37 - 2015-03-13 21:29 - 00000000 ____D C:\Users\André\Downloads\Archives 2016-05-10 16:37 - 2015-02-22 21:08 - 00753152 ___SH C:\Users\André\Downloads\Thumbs.db 2016-05-10 15:50 - 2013-02-18 14:36 - 00007667 _____ C:\Users\André\AppData\Local\resmon.resmoncfg 2016-05-10 15:43 - 2013-11-11 21:04 - 00000000 ____D C:\AdwCleaner 2016-05-10 15:33 - 2014-09-24 19:06 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-05-10 15:33 - 2014-01-06 18:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-05-10 15:06 - 2013-01-02 14:08 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-447048058-3512354665-2473454594-1001 2016-05-10 14:28 - 2014-09-24 19:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-05-10 14:21 - 2014-12-29 11:31 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2016-05-10 14:20 - 2013-01-05 14:01 - 00000000 ____D C:\Program Files (x86)\Adobe 2016-05-10 14:20 - 2013-01-03 15:39 - 00000000 ____D C:\ProgramData\Adobe 2016-05-10 14:15 - 2015-02-06 20:43 - 00003930 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E60977FA-3A81-4898-8919-E45EAAFEA251} 2016-05-10 14:13 - 2015-07-29 16:33 - 00000000 ____D C:\Users\André\AppData\Local\Battle.net 2016-05-10 14:13 - 2015-07-29 16:33 - 00000000 ____D C:\Program Files (x86)\Battle.net 2016-05-09 21:53 - 2014-11-21 05:35 - 01980998 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-05-09 21:53 - 2014-11-21 04:45 - 00841326 _____ C:\WINDOWS\system32\perfh007.dat 2016-05-09 21:53 - 2014-11-21 04:45 - 00191558 _____ C:\WINDOWS\system32\perfc007.dat 2016-05-09 21:53 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf 2016-05-09 21:44 - 2013-06-19 16:13 - 00000000 ____D C:\Users\André\AppData\Roaming\TS3Client 2016-05-09 20:47 - 2014-01-13 17:25 - 00000000 ____D C:\Users\André\AppData\Local\DayZ 2016-05-08 20:22 - 2015-10-01 18:48 - 00000000 ____D C:\Users\André\AppData\Roaming\Spotify 2016-05-08 20:17 - 2015-10-09 13:23 - 00000000 ____D C:\Users\André\AppData\Local\Spotify 2016-05-08 19:54 - 2015-04-02 12:38 - 00000000 ____D C:\Users\André\Downloads\Wallpaper 2016-05-08 12:15 - 2015-01-30 20:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-05-07 23:23 - 2013-07-06 14:35 - 00000000 ____D C:\Users\André\Documents\My Games 2016-05-06 14:25 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-05-06 14:23 - 2015-08-30 19:09 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX 2016-05-06 14:23 - 2015-08-30 19:09 - 00000000 ___SD C:\WINDOWS\system32\GWX 2016-05-06 14:23 - 2015-02-03 19:00 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-05-05 00:43 - 2016-03-26 00:19 - 00000000 ____D C:\Program Files (x86)\Hearthstone 2016-05-04 21:02 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps 2016-05-04 21:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-05-02 20:31 - 2013-01-12 14:43 - 00000000 ____D C:\Users\André\AppData\Local\ElevatedDiagnostics 2016-04-29 21:41 - 2016-02-18 20:30 - 00000000 ____D C:\Users\André\Documents\CCleaner Reg Backups! 2016-04-29 21:40 - 2016-03-19 15:32 - 00000000 ____D C:\Users\André\AppData\Local\CrashDumps 2016-04-29 07:31 - 2015-03-24 14:29 - 00000000 ____D C:\Users\André\Downloads\LUPO 2016-04-29 06:35 - 2013-01-11 20:49 - 00000000 ____D C:\Users\André\AppData\Roaming\DVDVideoSoft 2016-04-27 20:40 - 2014-08-16 14:13 - 00000000 ____D C:\ProgramData\Package Cache 2016-04-27 20:20 - 2013-09-06 14:40 - 00000000 ____D C:\Users\André\AppData\Roaming\OBS 2016-04-26 15:17 - 2016-02-17 15:39 - 00000000 ____D C:\Users\André\AppData\Local\TeamSpeak 3 Client 2016-04-26 13:01 - 2016-01-01 15:33 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-04-26 13:01 - 2013-01-03 16:09 - 00000000 ____D C:\ProgramData\Skype 2016-04-24 20:44 - 2016-03-25 15:57 - 00001416 _____ C:\Users\Public\Desktop\Free YouTube To MP3 Converter.lnk 2016-04-24 20:44 - 2013-08-18 13:28 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft 2016-04-24 20:44 - 2013-01-11 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2016-04-20 12:35 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache 2016-04-19 14:45 - 2013-05-04 10:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2016-04-16 21:16 - 2013-01-03 15:41 - 00003766 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2016-04-14 16:20 - 2013-01-02 14:01 - 00000000 ____D C:\Users\André\AppData\Local\Packages 2016-04-14 16:18 - 2012-11-22 11:37 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-04-14 16:17 - 2013-01-18 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ 2016-04-14 16:17 - 2013-01-18 20:38 - 00000000 ____D C:\Program Files (x86)\THQ 2016-04-14 16:15 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files\Windows Sidebar 2016-04-14 16:15 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar 2016-04-14 16:12 - 2015-03-27 22:10 - 00000000 ____D C:\WINDOWS\Minidump 2016-04-14 14:43 - 2013-08-22 16:44 - 00405368 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-04-13 20:59 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData 2016-04-13 19:20 - 2013-08-15 12:24 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-04-13 19:17 - 2013-01-03 18:22 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-04-13 13:50 - 2016-01-13 13:43 - 00177488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-04-13 13:47 - 2016-03-09 15:30 - 01501488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-04-13 13:47 - 2016-03-09 15:30 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2016-04-13 13:46 - 2016-03-09 15:30 - 01737080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-09-14 19:20 - 2014-09-14 19:20 - 0000297 _____ () C:\Users\André\AppData\Roaming\BreakingPoint_Login.ini 2014-09-14 19:23 - 2014-09-14 19:23 - 0001370 _____ () C:\Users\André\AppData\Roaming\BreakingPoint_Options.ini 2014-02-15 10:22 - 2014-02-15 10:22 - 0000011 _____ () C:\Users\André\AppData\Roaming\Network Meter_Usage.ini 2013-08-21 13:54 - 2013-12-21 14:58 - 0000134 _____ () C:\Users\André\AppData\Roaming\Network Monitor II_Traffic.ini 2013-08-21 13:04 - 2013-08-21 13:04 - 0000725 _____ () C:\Users\André\AppData\Roaming\Ping Monitor_Settings.ini 2014-12-21 15:16 - 2014-12-21 15:16 - 0000000 _____ () C:\Users\André\AppData\Roaming\Stardockfences_debug_snapshot.dat 2014-06-19 18:50 - 2014-06-19 18:50 - 0000024 _____ () C:\Users\André\AppData\Roaming\temp.ini 2013-02-16 16:01 - 2013-02-19 18:05 - 0004608 _____ () C:\Users\André\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-03-13 21:16 - 2016-03-13 21:16 - 0007890 _____ () C:\Users\André\AppData\Local\recently-used.xbel 2013-02-18 14:36 - 2016-05-10 15:50 - 0007667 _____ () C:\Users\André\AppData\Local\resmon.resmoncfg 2013-11-25 18:04 - 2013-11-25 18:04 - 0000057 _____ () C:\ProgramData\Ament.ini 2013-01-02 14:02 - 2013-01-02 14:02 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\André\Arcanum4.dat C:\Users\André\Arcanum5.dat C:\Users\André\Arcanum6.dat Einige Dateien in TEMP: ==================== C:\Users\André\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-05-06 14:22 ==================== Ende von FRST.txt ============================ Geändert von Chronos5896 (10.05.2016 um 17:22 Uhr) Grund: Fehler Meinerseits |
10.05.2016, 17:21 | #4 |
| Windows 8: Für mich unbekannter Trojaner von Avira gefundenCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:09-05-2016 durchgeführt von André (2016-05-10 18:01:14) Gestartet von C:\Users\André\Downloads Windows 8.1 (X64) (2015-01-31 20:32:58) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-447048058-3512354665-2473454594-500 - Administrator - Enabled) André (S-1-5-21-447048058-3512354665-2473454594-1001 - Administrator - Enabled) => C:\Users\André Gast (S-1-5-21-447048058-3512354665-2473454594-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-447048058-3512354665-2473454594-1003 - Limited - Enabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20039 - Adobe Systems Incorporated) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated) Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version: - Ensemble Studios) Apple Application Support (32-Bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) Arma 3 (HKLM\...\Steam App 107410) (Version: - Bohemia Interactive) Assassin's Creed IV Black Flag (HKLM-x32\...\Steam App 242050) (Version: - Ubisoft Montreal) Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.16.282 - Avira Operations GmbH & Co. KG) Avira Launcher (HKLM-x32\...\{3b87484e-d70b-4b4f-ad59-2ae89571e2cf}) (Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG) Avira Launcher (HKLM-x32\...\{74d1ef14-dd39-4749-b051-e183a1e27f5e}) (Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG) Avira Launcher (HKLM-x32\...\{ccdc9cfe-8ba7-4c6c-ac5f-b2d6cfa49efc}) (Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG) Avira Launcher (x32 Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG) Hidden Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield 2(TM) (HKLM-x32\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version: - ) Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Call of Duty: Black Ops II - Multiplayer (HKLM\...\Steam App 202990) (Version: - Treyarch) Call of Duty: Black Ops II - Zombies (HKLM\...\Steam App 212910) (Version: - ) Call of Duty: Black Ops II (HKLM\...\Steam App 202970) (Version: - Treyarch) Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform) Cosmic DJ (HKLM\...\Steam App 297110) (Version: - Gl33k) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.) CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.) CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.) CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4319 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DayZ (HKLM\...\Steam App 221100) (Version: - Bohemia Interactive) Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - Klei Entertainment) Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version: - Klei Entertainment) DVDVideoSoftTB DE Toolbar (HKLM-x32\...\DVDVideoSoftTB_DE Toolbar) (Version: 6.9.0.16 - DVDVideoSoftTB DE) Empire Earth II (HKLM-x32\...\{DF315348-721C-40B8-BAE2-58C6C7D935A2}) (Version: 1.02 - Sierra) Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version: - Bethesda Game Studios) Fistful of Frags (HKLM-x32\...\Steam App 265630) (Version: - Fistful of Frags Team) Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Garry) GD Hardware Scan (HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\GD Hardware Scan) (Version: 00.00.00.01 - Social Web Tech LTD) GD Hardware Scan (HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\GD Hardware Scan) (Version: 00.00.00.01 - Social Web Tech LTD) Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version: - Rockstar North) Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden Hotline Miami (HKLM\...\Steam App 219150) (Version: - Dennaton Games) Hotline Miami 2: Wrong Number (HKLM\...\Steam App 274170) (Version: - Dennaton Games) HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd) HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1206 - Hewlett-Packard) HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (HKLM\...\{61ADDE9C-3AE6-46FC-9127-DFFF637AED03}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Deskjet 3050A J611 series Hilfe (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard) HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.2.8.25 - Hewlett-Packard Company) HP Support Solutions Framework (HKLM-x32\...\{B1AD4FFB-DD17-43EC-8C30-B9E71EAD9132}) (Version: 12.2.8.17 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan) iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.) Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation) League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games ) League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden LibreOffice 4.0.0.3 (HKLM-x32\...\{8EA569F1-97AF-4C3E-A0CB-4846C2D35A81}) (Version: 4.0.0.3 - The Document Foundation) Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Mediapurge (HKLM-x32\...\Mediapurge) (Version: 5.74 - Peter Lorenz) METAL GEAR SOLID V: GROUND ZEROES (HKLM-x32\...\Steam App 311340) (Version: - Kojima Productions) METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM-x32\...\Steam App 287700) (Version: - Konami Digital Entertainment) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation) Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) Mozilla Firefox 46.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 de)) (Version: 46.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.2 - Notepad++ Team) NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 364.51 - NVIDIA Corporation) NVIDIA GeForce Experience 2.11.2.55 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.2.55 - NVIDIA Corporation) NVIDIA Grafiktreiber 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.51 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation) NVIDIA Miracast Virtueller Ton 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 364.51 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) Oblivion (HKLM-x32\...\{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}) (Version: 1.2.0416 - Bethesda Softworks) Oddworld: New 'n' Tasty (HKLM-x32\...\Steam App 314660) (Version: - Just Add Water (Developments), Ltd.) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation) Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.) Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC) ParkControl (HKLM-x32\...\ParkControl) (Version: 1.0.1.1 - Bitsum) Path of Exile (HKLM-x32\...\Steam App 238960) (Version: - Grinding Gear Games) PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.) Portal (HKLM-x32\...\Steam App 400) (Version: - Valve) Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve) Prezi (HKLM-x32\...\{63B8F931-2BF3-4D5D-9C28-E2EF88D83DFD}) (Version: 5.2.8 - Ihr Firmenname) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.) Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games) Rust (HKLM\...\Steam App 252490) (Version: - Facepunch Studios) Savant - Ascent (HKLM-x32\...\Steam App 259530) (Version: - DPad Studios) SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.11.2.55 - NVIDIA Corporation) Hidden Shovel Knight (HKLM-x32\...\Steam App 250760) (Version: - Yacht Club Games) Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.) Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.) Source SDK Base 2006 (HKLM-x32\...\Steam App 215) (Version: - Valve) Spelunky (HKLM-x32\...\Steam App 239350) (Version: - ) Splinter Cell Pandora Tomorrow (HKLM-x32\...\{084A9731-D05B-4ADA-B4A0-0ADD25FD7152}) (Version: 1.00.000 - ) Spore (HKLM-x32\...\Steam App 17390) (Version: - Maxis™) Spore: Creepy & Cute Parts Pack (HKLM-x32\...\Steam App 17440) (Version: - Maxis™) Spore: Galactic Adventures (HKLM-x32\...\Steam App 24720) (Version: - EA - Maxis) Spotify (HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Spotify) (Version: 1.0.28.87.g8f9312a4 - Spotify AB) Spotify (HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 1.0.28.87.g8f9312a4 - Spotify AB) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: 1.20.0000 - Firefly Studios) Stronghold 2 (HKLM-x32\...\{16D2C649-CBA8-44EE-B730-12584667D487}) (Version: 1.40.1000 - Firefly Studios) Stronghold Legends (HKLM-x32\...\{66A405D2-BA14-4594-BF36-B3B544F0754E}) (Version: 1.20.0000 - Firefly Studios) Studie zur Verbesserung von HP Deskjet 3050A J611 series Produkten (HKLM\...\{EF27865C-E636-47C4-8B35-CE8A88045681}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve) TeamSpeak 3 Client (HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH) TeamSpeak 3 Client (HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH) Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic) The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version: - Nicalis, Inc.) The Culling (HKLM\...\Steam App 437220) (Version: - Xaviant) The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios) The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts) TI xHCI Filter Driver 1.0.0.4 (HKLM-x32\...\TI xHCI Filter Driver) (Version: 1.0.0.4 - Texas Instruments Inc.) TI-Nspire™ Computer Link (HKLM-x32\...\{6C5AC088-3136-4043-8985-8B0772A9580E}) (Version: 3.9.0.455 - Texas Instruments Inc.) Titan Quest (HKLM-x32\...\{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}) (Version: 1.00.0000 - Iron Lore) Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Steam App 359550) (Version: - Ubisoft Montreal) Tom Clancy's Splinter Cell (HKLM-x32\...\{A174402A-2EE6-4B86-A930-7BC85A9933BD}) (Version: 1.00.000 - ) Tom Clancy's Splinter Cell Chaos Theory (HKLM-x32\...\{888DD888-82BE-4D85-BCB2-2E042CD3E844}) (Version: 1.05.157 - Ubisoft) Tom Clancy's Splinter Cell Double Agent (HKLM-x32\...\{CAD1691A-FA24-4B95-9009-3257B8440ECC}) (Version: 1.00.0000 - Ubisoft) Torchlight (HKLM-x32\...\{4F64A46D-67F7-4497-AEA2-313D4305A5F6}) (Version: 1.0.0 - JoWooD) Total War: SHOGUN 2 (HKLM-x32\...\Steam App 34330) (Version: - The Creative Assembly) UE4 Prerequisites (x64) (HKLM-x32\...\{b46d36bc-2438-471e-abe8-1fbbd51754ee}) (Version: 1.0.10.0 - Epic Games, Inc.) UE4 Prerequisites (x64) (Version: 1.0.10.0 - Epic Games, Inc.) Hidden Unity Web Player (HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS) Unity Web Player (HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS) Uplay (HKLM-x32\...\Uplay) (Version: 13.0 - Ubisoft) VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN) Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.) Warface Launcher (Beta) (HKLM-x32\...\{28D1723C-31C4-4A83-9799-DFFB3739026D}) (Version: 1.0.0 - Crytek GmbH) WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 3.0.2.1739 - 1&1 Mail & Media GmbH) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) Windows Phone app for desktop (HKLM-x32\...\{19773614-FC22-4ACC-AAA3-E6BDA81ACF92}) (Version: 1.1.2726.0 - Microsoft Corporation) WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) Xfire (remove only) (HKLM-x32\...\Xfire) (Version: - ) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-447048058-3512354665-2473454594-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\André\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {07B1D83F-8BE6-4268-AC95-5B99EDED3305} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard) Task: {1134DC2D-A6A0-4857-8DFB-4E0F493CAD27} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-01-29] (Oracle Corporation) Task: {209E117D-060D-4095-8226-DA5E1595625F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-13] (Microsoft Corporation) Task: {3580C528-E0CC-4735-86E3-63A0B8BCC508} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd) Task: {47FBDEF3-2941-4F4E-B108-6C180438BAE8} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard) Task: {49C98BDB-BD1D-44D9-96D6-A9FD5A0AA4AA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-04-06] (Hewlett-Packard) Task: {4F62D898-94B2-44CA-967B-B256E3AA2E0F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-03-07] (Hewlett-Packard) Task: {515A7EF6-E89A-4707-835F-F8036BCBB02A} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => C:\Windows\system32\GWX\GWXDetector.exe [2016-04-26] (Microsoft Corporation) Task: {6F39FF7F-B3BA-4B3A-A5AB-3A23DF5DAB64} - System32\Tasks\ScanToPCActivationApp.exe_{1848EEB4-045A-492D-97B5-A1ABDF8FFF51} => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2012-10-17] (Hewlett-Packard Co.) Task: {90E192D0-C384-4A23-B468-0E310141A87C} - System32\Tasks\ParkControl => C:\Program Files\ParkControl\ParkControl.exe [2015-12-19] (Bitsum LLC) Task: {92B2AB27-9A52-4CB1-8134-B402BA47CF27} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {9D530CB6-040B-44AE-9475-D09A3FB7A7AC} - System32\Tasks\AdobeFlashPlayerUpdate => C:\windows\SysWOW64\FlashPlayerUpdateService.exe Task: {9DC3DA29-DD1B-43FF-AE81-EAAF2E7E2D03} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-16] (Adobe Systems Incorporated) Task: {A5222A0D-D798-4B9B-AB9E-7AE2C8386DCC} - System32\Tasks\{4E94E5CB-7B80-4D4F-9653-5B045DBB0562} => pcalua.exe -a "C:\Users\André\Desktop\Slender\Slender - The Eight Pages.exe" -d C:\Users\André\Desktop\Slender Task: {CE8DAAA5-D76A-4FA8-9C91-D49F86D10B9A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {D019B7C6-F960-47C3-90A7-9C8E4C03031F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company) Task: {D36339C6-3F6E-4807-AD00-0BB992F63485} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\windows\SysWOW64\FlashPlayerUpdateService.exe Task: {D506C41B-B7C3-473F-B43A-792AF9162E0D} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe Task: {D66487DC-8EB8-41B7-8AB1-DB26B7F97C86} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {FDD4D2D1-CB44-4FBA-B4E2-759CB8AA2E0C} - System32\Tasks\Game_Booster_Startup => C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\HP Deskjet 3050A J611 series.exe_{ADEB0F8D-477A-423E-88C7-3805843D3C4B}.job => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HP Deskjet 3050A J611 series.exeĖ-install -prfn HP Deskjet 3050A J611 series (Netzwerk) -ePCUrl hxxps:/h30495.www3.hp.com Task: C:\WINDOWS\Tasks\HPCustPartic.exe_{490607ED-986D-40BF-BE2C-16BB55AA064D}.job => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe Task: C:\WINDOWS\Tasks\ScanToPCActivationApp.exe_{E224E030-DCCD-4312-8F4E-8929E6A12B66}.job => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe Task: C:\WINDOWS\Tasks\Toolbox.exe_{69C0F34C-8CBD-4512-B13B-F24BE0CC5553}.job => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\Toolbox.exe Task: C:\WINDOWS\Tasks\XboxStatTask.job => C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2016-03-18 22:35 - 2016-03-08 08:27 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-03-18 23:56 - 2016-03-18 23:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-03-18 23:56 - 2016-03-18 23:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2016-03-18 22:37 - 2016-03-30 03:21 - 00366528 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll 2016-03-18 22:36 - 2016-03-30 03:21 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll 2016-04-01 13:38 - 2016-03-30 03:21 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll 2016-03-18 22:37 - 2016-03-30 03:22 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll 2013-01-03 19:54 - 2015-03-26 21:23 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe 2016-04-01 13:38 - 2016-03-30 03:21 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll 2016-04-01 13:38 - 2016-03-30 03:21 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll 2016-04-01 13:38 - 2016-03-30 03:22 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll 2016-03-18 22:37 - 2016-03-30 03:22 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll 2016-04-01 13:38 - 2016-03-30 03:20 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll 2016-04-01 13:38 - 2016-03-30 03:20 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll 2016-03-11 22:49 - 2016-03-11 22:49 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll 2014-11-23 10:58 - 2016-03-23 14:06 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll 2014-11-23 10:58 - 2016-03-23 14:06 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll 2014-11-23 10:58 - 2016-03-23 14:06 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll 2014-11-23 10:58 - 2016-03-23 14:06 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll 2014-11-23 10:58 - 2016-03-23 14:06 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll 2014-11-23 10:58 - 2016-03-23 14:06 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll 2016-03-18 22:36 - 2016-03-30 03:28 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2013-03-12 18:10 - 2016-04-29 22:10 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2015-01-23 16:20 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll 2014-05-23 14:15 - 2016-04-30 02:10 - 02549840 _____ () C:\Program Files (x86)\Steam\video.dll 2015-01-23 16:20 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2015-01-23 16:20 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2014-08-29 14:47 - 2016-02-09 01:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2014-08-29 14:47 - 2016-02-09 01:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2014-08-29 14:47 - 2016-02-09 01:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2014-08-29 14:47 - 2016-02-09 01:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2014-08-29 14:47 - 2016-02-09 01:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2013-02-02 18:37 - 2016-04-30 02:10 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2016-03-09 15:02 - 2016-02-18 00:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll 2013-02-02 18:37 - 2016-04-28 03:00 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2012-11-22 11:38 - 2012-07-18 10:50 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2015-01-23 16:20 - 2015-09-25 01:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\André\Downloads\Wallpaper\wallhaven-156813.jpg HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\André\Downloads\Wallpaper\wallhaven-156813.jpg DNS Servers: 192.168.0.1 - 192.168.0.2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: AMD External Events Utility => 2 MSCONFIG\Services: Apple Mobile Device => 2 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: Origin Client Service => 3 MSCONFIG\Services: WeGameClientService => 2 HKLM\...\StartupApproved\StartupFolder: => "Speedport W 101 WLAN Manager.lnk" HKLM\...\StartupApproved\StartupFolder: => "LOLRecorder.lnk" HKLM\...\StartupApproved\StartupFolder: => "simplicheck.lnk" HKLM\...\StartupApproved\Run: => "XboxStat" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "APSDaemon" HKLM\...\StartupApproved\Run32: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "BingDesktop" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKLM\...\StartupApproved\Run32: => "QuickTime Task" HKLM\...\StartupApproved\Run32: => "BF2Hub Client" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\StartupFolder: => "Xfire.lnk" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\StartupFolder: => "OpenOffice.org 3.4.1.lnk" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\StartupFolder: => "Steam.lnk" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "Akamai NetSession Interface" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "SUPERAntiSpyware" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "GUDelayStartup" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "Spotify Web Helper" HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "Xfire.lnk" HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "OpenOffice.org 3.4.1.lnk" HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "Steam.lnk" HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Akamai NetSession Interface" HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "SUPERAntiSpyware" HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "GUDelayStartup" HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify Web Helper" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{2F81C9A0-7BBE-4D71-8051-29AB84EE6F7C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{9DE8F934-ADAD-4318-880A-BA8C00675792}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{525FF56F-BD8E-4FF1-AC06-78A70ED5832D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SavantAscent\Savant_Ascent.exe FirewallRules: [{40D1C4D5-5783-45CE-B50D-2EEC03C7C17A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SavantAscent\Savant_Ascent.exe FirewallRules: [UDP Query User{C90CE360-557C-4657-B704-20F529B34C8E}C:\songan's ttt server - kopie\srcds.exe] => (Allow) C:\songan's ttt server - kopie\srcds.exe FirewallRules: [TCP Query User{D4F0CF27-9B16-40CA-B125-178FA527F955}C:\songan's ttt server - kopie\srcds.exe] => (Allow) C:\songan's ttt server - kopie\srcds.exe FirewallRules: [{A3195EE6-31BB-4692-B88C-0E8C843A9BF7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3y.exe FirewallRules: [{06EA1C1B-FFA2-492D-8A33-9B57E002C990}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3y.exe FirewallRules: [{E1EB2855-1798-4EDE-8B3B-82F5861378C5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3x.exe FirewallRules: [{FE4BB57F-B9C3-4B90-9532-3E31FAD1EC69}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3x.exe FirewallRules: [{557AFC36-E381-4CA4-AEE1-AC9E8DABCAF7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3.exe FirewallRules: [{31EE1A19-89CE-40CC-9182-EF6F2780E78D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3.exe FirewallRules: [{FC0B2104-7D49-442C-97B7-677F51721FFA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{03DEC87D-CCA7-47CD-9190-805E58AD02C6}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{0B154B0F-E8BF-4E10-9AFB-602ACE45A389}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe FirewallRules: [{EA882129-9F6E-47F3-B8A1-B714FAC38BB0}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe FirewallRules: [{BDB3192D-E7E9-413A-9396-70B3873A65C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{9C5C6319-4BD7-4958-AF85-0390C636FE26}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{0344D2C1-5B07-4B6F-9100-DC8397B20E52}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shovel Knight\ShovelKnight.exe FirewallRules: [{6060FB65-6E8E-42FF-B1B8-775DECDC7404}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shovel Knight\ShovelKnight.exe FirewallRules: [{14ABDB4B-012F-4764-A146-87C57D507349}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe FirewallRules: [{3ECB7973-9619-405E-A6BE-1388AE65C0B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe FirewallRules: [{E3578200-F99C-4118-8086-3D55D018DEBE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe FirewallRules: [{77A50C45-2191-4923-814A-6E2BA8B0A02E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe FirewallRules: [{D35C7CB8-288E-4C90-B301-D96FD6B4F1C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporebinEP1\SporeApp.exe FirewallRules: [{654C398B-5DF4-4B24-B2E4-377168A393CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporebinEP1\SporeApp.exe FirewallRules: [{355A24CE-660C-4E0D-B3CF-5F9A3A64C921}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\runme.exe FirewallRules: [{22118AC4-2C6C-4A21-98E3-22CFE6EF30C1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\runme.exe FirewallRules: [{F1B9229F-40C8-4BF7-8D09-07764066B3BF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe FirewallRules: [{2673C359-B53B-40E4-9129-0E366B225601}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe FirewallRules: [{19FCCC1D-B026-4BE5-9F5E-A60048284120}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe FirewallRules: [{2F8C6559-20EB-4C1C-A37B-B5B2985E543D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe FirewallRules: [{31DF9A60-1465-4A7A-B93D-7EFBCDCFFCF2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{3887276F-6885-4E22-9F4B-3ABC201D6449}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{D4C2095B-7F89-4922-B8C4-B8827F84A2DB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{D0268C2D-602B-4546-BA83-BB6BABE79EDF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{2CA630FB-839D-40DB-9F36-228B7F224361}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe FirewallRules: [{AF7CEDE2-2D7E-4353-8884-1C2491D82A4C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe FirewallRules: [UDP Query User{AB62C390-516F-4D0D-9FA3-691F9B6D52D2}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe FirewallRules: [TCP Query User{61338F15-C415-4289-88E5-E4D1456EF082}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe FirewallRules: [{AE67764D-BD85-405D-909A-B40D6A2D364B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe FirewallRules: [{A05353E0-15C5-4636-91E5-3EC3DB7A9298}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe FirewallRules: [{74FD4306-F4CE-4F02-AA0A-66FABFAF2526}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe FirewallRules: [{D8D25627-2D6B-416C-A1B7-F15DB81C4CC1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe FirewallRules: [UDP Query User{60F2F817-AD57-4421-9452-9459338C4CB0}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe FirewallRules: [TCP Query User{04AD78F5-1C42-4AC3-8B08-0F992D282CA5}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe FirewallRules: [UDP Query User{6484B4C8-1523-4FEA-896C-6D9D95068AA8}C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe] => (Allow) C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe FirewallRules: [TCP Query User{510AED7B-4C10-43DD-9E41-C64994BFEC9E}C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe] => (Allow) C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe FirewallRules: [{10B45A3C-510B-49D0-B8E9-18C5B443BB7F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{DC6B5AFF-687B-42F4-B773-5B4C844B8A0A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{937343C7-994B-47F9-A316-66587B212F11}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe FirewallRules: [{1A3EF871-27E4-4CBC-B74B-B2383F0DFFF9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe FirewallRules: [{E54F4129-E34D-4242-B28A-3934E7456BA7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{DA5F7BAC-034D-4514-AB1E-3A8F49EC98FC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{4CCB3275-446A-4A5E-984B-E661A5906CE1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{3B2F061E-9DEE-4A60-BB66-553D949A1CE8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{16766F7A-84A3-47D2-BB13-C739A79A6BC4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{F4AD3048-6EC2-4C89-9AE4-3079E222A515}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{4C19DB87-1819-4DEC-A423-C5D30DED153C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe FirewallRules: [{B76F0C57-6BE2-41BA-8FDC-D600A548733A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe FirewallRules: [UDP Query User{C7B0AA1C-B270-46B5-A6DD-E789B6CF0316}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe FirewallRules: [TCP Query User{434FF7C0-9231-4B8F-98BD-4272CB9EA40F}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe FirewallRules: [UDP Query User{4368F7BC-2A7C-4AF9-AB66-A7C6C67449E8}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe FirewallRules: [TCP Query User{CA39CCB2-445B-4394-977C-B740672B0350}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe FirewallRules: [{D5C94B11-2437-48C8-A43B-1EBADF3BE765}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe FirewallRules: [{A878638D-E967-4491-BF24-9D823CEE97A8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe FirewallRules: [{B04BA630-71E3-48BB-A53D-43E9B3AD9A5F}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{4E37412E-E309-4DA4-84C7-61826D930253}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe FirewallRules: [{BE7C4B8C-D22C-4D39-8769-D7D17B52C432}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe FirewallRules: [{81FA855D-D76B-4447-984C-FD3599D90623}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [{67C1EB95-DE28-4F2B-9058-7B3A2C72D823}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [UDP Query User{816344A6-B7AA-436A-BAF9-ED24DFB232A6}C:\gog games\arcanum\arcanum.exe] => (Block) C:\gog games\arcanum\arcanum.exe FirewallRules: [TCP Query User{FCADCA24-8865-4D9D-A358-492C0B930FD7}C:\gog games\arcanum\arcanum.exe] => (Block) C:\gog games\arcanum\arcanum.exe FirewallRules: [{CC9108CA-CAB2-488E-8173-A09E6DBEFB19}] => (Allow) C:\Program Files (x86)\7DaysToDie-Alpha\7DaysToDie.exe FirewallRules: [{6E596561-2567-4AA7-8292-2F13D08053FD}] => (Allow) C:\Program Files (x86)\7DaysToDie-Alpha\7DaysToDie.exe FirewallRules: [{E211D57C-F8D2-4000-8717-F6EB9BFED9C1}] => (Allow) C:\Program Files (x86)\7DaysToDie-Alpha\7DaysToDie.exe FirewallRules: [{89D923D0-52AD-45D3-AB79-2B2FCFA7EEC9}] => (Allow) C:\Program Files (x86)\7DaysToDie-Alpha\7DaysToDie.exe FirewallRules: [UDP Query User{20BC6940-EC8A-4D84-ADA8-0CAC1583C908}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{5B108050-331D-4078-91F7-333C2FD058F0}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [{F7029719-F975-4165-B9DE-4B50E21FBD96}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spelunky\Spelunky.exe FirewallRules: [{552360C1-3E4D-4478-B81A-743E57C60ADE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spelunky\Spelunky.exe FirewallRules: [UDP Query User{1AF00546-D969-4B95-BCE1-20AD60109548}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe FirewallRules: [TCP Query User{2DED59E3-BCD4-4AD1-A751-69C0D993C9C0}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe FirewallRules: [{E167F28F-3CDB-4E9C-BC93-54BA1A2C3C01}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{866386DB-549E-451B-8B08-324399D57293}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{84D5A424-B0E1-48B8-99F7-56DB8A7D831D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [{B320A94D-2C0A-40BC-A57E-B8FF09548745}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [{3D8FCAA0-AF8A-4080-B76E-91B00EEF2A12}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe FirewallRules: [{4A5D0F96-864C-488C-A3DE-31A996CDA638}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe FirewallRules: [UDP Query User{7A239781-B79A-4B27-92BB-D85A772CDE98}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe FirewallRules: [TCP Query User{7061FBA7-108A-4A04-A3F1-0C3A4259C982}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe FirewallRules: [UDP Query User{11A23F99-555C-444F-857D-496287B9A48F}G:\photoshop elements 7.0\adobephotoshopelementsmediaserver.exe] => (Allow) G:\photoshop elements 7.0\adobephotoshopelementsmediaserver.exe FirewallRules: [TCP Query User{BA0ECDB6-A448-4439-A0A6-374398724581}G:\photoshop elements 7.0\adobephotoshopelementsmediaserver.exe] => (Allow) G:\photoshop elements 7.0\adobephotoshopelementsmediaserver.exe FirewallRules: [UDP Query User{2AD03E61-6CB6-4DB2-A353-217D91DEBB80}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [TCP Query User{0A63AFDA-95CA-4F6C-8E66-D7A04EF5F6CA}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [UDP Query User{854A33A6-B57B-49A4-BC0B-B447864978E7}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe FirewallRules: [TCP Query User{3D45854F-3635-4D6A-ADF4-0EBEE2575081}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe FirewallRules: [UDP Query User{979C4E21-D9C4-49F4-BCE0-EF5DA3644EDE}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{2C72D711-F6FE-41A5-8E01-8BD6424A81C9}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [{F7667282-18D2-4EEC-845E-3B3BCA6702EA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [UDP Query User{DC7BF070-51A4-41A4-B1FB-F05B12A05E32}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe FirewallRules: [TCP Query User{B9B504D2-0BED-44C8-87A1-B03F9A25CB3D}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe FirewallRules: [{88C338FE-13BA-49E4-B938-296AEF29807B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{4EEC4502-D631-42C4-8990-017FBDE70B5A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{CFC7DE7C-9FD1-46FC-86B0-78C26A9B7775}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold\Stronghold.exe FirewallRules: [{47442B8F-1B8A-4BF4-98E7-5A4025AA9F33}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold\Stronghold.exe FirewallRules: [{8E386419-8F65-43C5-A842-65EC79A74C5E}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold 2\Stronghold2.exe FirewallRules: [{0FEB2ABB-96A2-4F9B-B5DF-352080B000A0}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold 2\Stronghold2.exe FirewallRules: [UDP Query User{A73EB24B-5760-406C-92F6-01680BFD0E17}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{ABC0EAEB-F6E3-42D6-A4AF-E4698720895E}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{615E09E1-58DF-4F2B-9001-EC72C28F1ED4}C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\system\splintercell3.exe] => (Allow) C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\system\splintercell3.exe FirewallRules: [TCP Query User{199F5DA8-537B-4802-A081-BCC0BDCA4D49}C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\system\splintercell3.exe] => (Allow) C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\system\splintercell3.exe FirewallRules: [{84A117B9-6229-4B07-AA4C-592C006DAF17}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Legends\StrongholdLegends.exe FirewallRules: [{F547011A-F4A2-4823-9514-BFBC0F04DF47}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Legends\StrongholdLegends.exe FirewallRules: [UDP Query User{1F14F8E7-EF0B-4C0D-A2DC-7D79E56FCD90}C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe] => (Allow) C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe FirewallRules: [TCP Query User{843B521A-F575-49BB-A5E6-A8BAF3F39FDB}C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe] => (Allow) C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe FirewallRules: [{0B44211B-1D40-4E7E-B060-6CA1F81528A3}] => (Allow) LPort=1900 FirewallRules: [{CE1660CA-ECA5-44DE-A94C-25D5ADC5A300}] => (Allow) LPort=2869 FirewallRules: [{E1FD84FD-A7D8-4832-9B25-FBFC9302E2EA}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{2060FED0-2274-4EAA-BF88-879831BB9D71}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE FirewallRules: [{35E64E04-DDCC-40A5-B7DF-DC924212030D}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [TCP Query User{7A28D840-1BC8-4A6B-8A79-EFF25E28477E}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{EDD83D34-D790-4F04-AF0B-12A09F8A5F6B}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{6C8D7433-1032-4924-92EE-E231B2C60069}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{080B0641-9913-418C-83AF-B418D6421F3E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{4A0EF7F6-2123-422C-9B03-E67434EC229A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Oddworld New n Tasty\NNT.exe FirewallRules: [{863BA61A-4FEF-4D22-B6F7-2A6A445CD55D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Oddworld New n Tasty\NNT.exe FirewallRules: [TCP Query User{EE59E25E-E681-4F6D-AF72-AD2A1F391D43}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{F7147E30-BE04-4702-BB59-3CF913696D06}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{7366368D-2C3F-4C0C-94C9-79291994E5EF}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{8A83C40E-4BAC-4B5E-A74D-221CCD63CF3D}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{B0603A95-9371-4DDE-873B-3E9B50060C5E}] => (Allow) C:\Program Files (x86)\EA Games\Battlefield 2\BF2.exe FirewallRules: [{0D170153-EA06-42AA-9A18-94CF56EC2C1D}] => (Allow) C:\Program Files (x86)\EA Games\Battlefield 2\BF2.exe FirewallRules: [TCP Query User{5F2D22DE-18CE-4B5B-A2A4-AE30C787FF0F}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe FirewallRules: [UDP Query User{042AC962-6FD7-4955-A24A-518DF58804BB}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe FirewallRules: [{82DD64BA-BE73-4A59-BC83-D0CBCAD11B33}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{44407D7A-EA04-4913-90A4-F6270C3E8934}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{D5E03025-EB0F-4A7C-BB33-A3F9DD115AE6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{D9D485A7-E593-4F69-8763-71B6B32FA889}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [TCP Query User{18EBDBB0-6F97-4DBD-9FE2-E95D002547EA}C:\program files (x86)\ea games\battlefield 2\bf2.exe] => (Allow) C:\program files (x86)\ea games\battlefield 2\bf2.exe FirewallRules: [UDP Query User{73446A00-A12F-4119-8470-7F8545100C5C}C:\program files (x86)\ea games\battlefield 2\bf2.exe] => (Allow) C:\program files (x86)\ea games\battlefield 2\bf2.exe FirewallRules: [{148BD9DE-CE7B-495B-808D-4493B12374BC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe FirewallRules: [{74E5C093-E8B3-43AF-B873-FF22E5D9C20D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe FirewallRules: [{83BA189A-2359-4DF2-9B85-4243C11527B5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{B3852A97-3C8C-4718-9B64-A8BDCA0A2E5C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{75D3D7EE-8634-44FC-9B6D-398DBD05BDDC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fistful of Frags\sdk\hl2.exe FirewallRules: [{55B707B7-0D91-4B83-BD64-3B43BC35E5C3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fistful of Frags\sdk\hl2.exe FirewallRules: [TCP Query User{3FA714E6-27A8-4C83-A83D-3F14708C7522}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe FirewallRules: [UDP Query User{4B650623-F185-4E8F-B32C-923681610894}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe FirewallRules: [{3FB0EED4-4D83-4864-8256-1112E438528A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 3 goty\FalloutLauncher.exe FirewallRules: [{5EBD8610-3469-4A9A-B763-93442B6B1E9B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 3 goty\FalloutLauncher.exe FirewallRules: [{10F8A69D-4A78-43DE-A010-A8D58C912584}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe FirewallRules: [{CCC81A88-F96B-482F-A763-63A8BC4FBABD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe FirewallRules: [{04A68A81-678E-4E08-A891-118BF8A82A13}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{5601EF96-3EE6-4AC2-8E5C-9B3C70F1E055}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{F900103E-5B80-4ECD-88B4-7F921E7982DA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe FirewallRules: [{03192198-3130-4974-96A8-59765F30ABE5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe FirewallRules: [{07E757A0-BEA6-4D39-BA47-1322E5A4F972}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [{AA00C280-76B2-4D38-A4EA-F40C474FE62D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [TCP Query User{80A3FF00-1CE5-40FA-BD74-CDF7B1FEE7A5}C:\program files (x86)\ti education\ti-nspire computer link\ti-nspire computer link.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire computer link\ti-nspire computer link.exe FirewallRules: [UDP Query User{A24F1D35-3B16-4FC8-AE35-EFD7D74302B5}C:\program files (x86)\ti education\ti-nspire computer link\ti-nspire computer link.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire computer link\ti-nspire computer link.exe FirewallRules: [TCP Query User{04AEA058-464E-45DC-9F12-93012201A387}C:\program files (x86)\ti education\ti-nspire computer link\jre\bin\java.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire computer link\jre\bin\java.exe FirewallRules: [UDP Query User{BE617A23-6191-4E1B-A1CE-EF5C38152015}C:\program files (x86)\ti education\ti-nspire computer link\jre\bin\java.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire computer link\jre\bin\java.exe FirewallRules: [TCP Query User{B5EF835B-497F-41DE-BC00-7BF39F3DBAB2}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe FirewallRules: [UDP Query User{87D57B25-B389-4873-99F1-F1F4B56DB10E}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe FirewallRules: [TCP Query User{009D5093-8B1A-47ED-B2D1-75DCD3A253AF}C:\users\andré\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\andré\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{8B7F0374-A4DB-4F25-96A9-11C334A778A5}C:\users\andré\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\andré\appdata\roaming\spotify\spotify.exe FirewallRules: [{68241CF8-3F67-4606-9CD6-9B44629D1FA3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{371DDF5E-863C-4B04-AA36-9BCA8957ABAF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{B3852398-F898-4F6F-A736-001671E9D853}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{2F46FAC5-39DA-48CB-87B7-2DB63DF9CC9B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{57EA8011-8988-497E-84D0-F9502DB2A1CA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{11C55929-3DB5-4FFF-8D23-A6A63911510C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{5A8CFE7B-899A-4490-BA84-3F58FA2E8F38}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{0464378F-CD97-4216-A966-760782823490}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [TCP Query User{35496E53-0B61-408F-8762-039BB5C1035C}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [UDP Query User{2E6E8688-E1C8-47E6-B2D9-7E594F859EA7}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [{9522C61C-0FA5-42CF-99A6-8796BC8ABBB3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe FirewallRules: [{E25BCE61-2553-4378-B9C8-32AA3DE4414B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe FirewallRules: [{FABC240F-274B-47AC-858F-438E14DB95F9}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe FirewallRules: [TCP Query User{6A11780A-C673-4C25-B63A-2AC4A906E120}C:\songan's ttt server - kopie\srcds.exe] => (Allow) C:\songan's ttt server - kopie\srcds.exe FirewallRules: [UDP Query User{FEBEFACE-4396-49C6-91E1-33AFCF378EB8}C:\songan's ttt server - kopie\srcds.exe] => (Allow) C:\songan's ttt server - kopie\srcds.exe FirewallRules: [{8E73AB31-C8AD-4F78-AEBF-565629D44666}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MGS_TPP\mgsvtpp.exe FirewallRules: [{2330A750-582C-4E3D-8E02-56F0FA5E1800}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MGS_TPP\mgsvtpp.exe FirewallRules: [{7A629A0A-1D85-462A-8131-C0F1A0FED8BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe FirewallRules: [{569AB28B-79DA-4152-98C7-8FC358FC16A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe FirewallRules: [{56C07A57-BFA5-470E-8B65-52E04CA6E40E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{BDCC194D-ABA9-4892-B891-FCC35B720DD7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{55449DDA-7F51-4C61-8861-B3C700B4A81F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{B2D89EFE-0FB9-4756-9144-21CFA0AA27BA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{44F22EFC-FB2D-4E4D-B1A1-3A9C31E2D3A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{4B96DCC9-61BA-4747-8A57-9B0DEC5D083A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{1274CD60-E8E4-469D-9A12-04443BFCBAF8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{F0065602-B604-471B-AF08-8447902B5DA3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe FirewallRules: [{262C47AA-404B-48BA-8D26-F495E5069386}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe FirewallRules: [{410F82CB-A332-4660-91D6-53EC5F42E57D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheCulling\TheCulling_Launcher.exe FirewallRules: [{AFFB53C2-13B6-4304-A294-3BB329BD7A32}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheCulling\TheCulling_Launcher.exe FirewallRules: [TCP Query User{5CC79050-2FF6-4A33-8DA8-E4C465A2A3DE}C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe FirewallRules: [UDP Query User{4765706F-B3BB-43A0-B242-0A13CE229922}C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe FirewallRules: [{637479C3-5E89-4FAC-8365-DDD65B257ED8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe FirewallRules: [{EC6C7D2A-4B98-43D4-A98D-A5F23E492F17}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe FirewallRules: [{874A6590-5815-43EC-B566-7CBEB1912029}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [TCP Query User{F6A32B85-6372-45E2-92B3-0AFC0691F1B7}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [UDP Query User{99098603-601D-4775-9C3F-BEC0C8D673D8}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [{5B9E721E-7C91-4AFB-8D54-F23B323D8D38}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe FirewallRules: [{3AF93217-33B9-474C-8F86-6DA2552DA48D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe FirewallRules: [{B0ACEF2B-4DBF-4D2D-81F2-89919DADDAE2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe FirewallRules: [{2DADFF23-7A32-40C7-97D3-74EBF26FC353}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe FirewallRules: [{D904EB1D-3CF6-4D18-ABAD-152EC199EABB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe FirewallRules: [{61D4255A-0725-4A20-86E9-A34E748B4F71}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe FirewallRules: [{9211B61F-6AB9-436E-AE60-FB5D52BFC6F2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe FirewallRules: [{34F5F4C6-599F-4D22-A403-1FEFEB04F774}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe FirewallRules: [{E43876E3-8A49-45C9-A1BE-FD30D5F51304}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe FirewallRules: [{7D629C6C-2852-4C13-AE7C-C6E7D0F14E6E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe FirewallRules: [{4E5CBD26-E8EA-4812-9703-902E1871A0D9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rust\Rust.exe FirewallRules: [{7040C603-3913-4BA6-BD1E-E937BD819C14}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rust\Rust.exe FirewallRules: [TCP Query User{4C1C0507-D001-4114-820D-F8D2A26F0901}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [UDP Query User{559A0FF3-0735-4B3A-A8DC-D372E4F2896F}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [{4B42444C-39EC-4DE6-93C4-F37658C012D4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hotline Miami 2\HotlineMiami2.exe FirewallRules: [{0EEDE53D-E7BD-4BFE-8190-8761E301FC43}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hotline Miami 2\HotlineMiami2.exe FirewallRules: [{22E36B34-93CD-4B4F-A5FB-5AFFD7F9217C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe FirewallRules: [{B9204EB4-20CE-4AA5-8A1A-9324E6806329}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe FirewallRules: [{58307D7D-485E-456D-8D40-11B231A2D5F2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cosmic DJ\CosmicDJ.exe FirewallRules: [{305A4E45-3FEB-4293-B381-B5077FD9A4ED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cosmic DJ\CosmicDJ.exe FirewallRules: [{8447CB76-1E1A-4652-8F66-88A1224E76FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [{82D905D9-6316-4F94-8EF1-DE72C857E929}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [{D11456BE-FE83-4E74-9375-143333BE80F0}] => (Allow) LPort=53000 FirewallRules: [{695517FD-A4F0-4CBB-A4C0-555AF58C193F}] => (Allow) LPort=52000 ==================== Wiederherstellungspunkte ========================= ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (05/10/2016 05:25:09 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: avscan.exe, Version: 15.0.16.276, Zeitstempel: 0x56c489d7 Name des fehlerhaften Moduls: AVSCPLR.DLL, Version: 15.0.16.280, Zeitstempel: 0x56c6e004 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000649b ID des fehlerhaften Prozesses: 0x790 Startzeit der fehlerhaften Anwendung: 0xavscan.exe0 Pfad der fehlerhaften Anwendung: avscan.exe1 Pfad des fehlerhaften Moduls: avscan.exe2 Berichtskennung: avscan.exe3 Vollständiger Name des fehlerhaften Pakets: avscan.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: avscan.exe5 Error: (05/10/2016 04:15:03 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm soffice.bin, Version 4.0.0.103 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 134 Startzeit: 01d1aac5e6629c16 Endzeit: 4294967295 Anwendungspfad: C:\Program Files (x86)\LibreOffice 4.0\program\soffice.bin Berichts-ID: 905d7871-16b9-11e6-bf73-b4b52fc7b10a Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (05/10/2016 03:54:16 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm wwahost.exe, Version 6.3.9600.17415 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1c18 Startzeit: 01d1aac2ba88ef09 Endzeit: 4294967295 Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe Berichts-ID: adf18511-16b6-11e6-bf73-b4b52fc7b10a Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App Error: (05/10/2016 03:32:05 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: HPConnectedRemoteService.exe, Version: 1.0.1206.0, Zeitstempel: 0x503e3c5d Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18264, Zeitstempel: 0x56e1bd71 Ausnahmecode: 0xe0434352 Fehleroffset: 0x0000000000008a5c ID des fehlerhaften Prozesses: 0x218c Startzeit der fehlerhaften Anwendung: 0xHPConnectedRemoteService.exe0 Pfad der fehlerhaften Anwendung: HPConnectedRemoteService.exe1 Pfad des fehlerhaften Moduls: HPConnectedRemoteService.exe2 Berichtskennung: HPConnectedRemoteService.exe3 Vollständiger Name des fehlerhaften Pakets: HPConnectedRemoteService.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: HPConnectedRemoteService.exe5 Error: (05/10/2016 03:32:03 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Anwendung: HPConnectedRemoteService.exe Frameworkversion: v4.0.30319 Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet. Ausnahmeinformationen: System.Management.ManagementException bei System.Management.ManagementException.ThrowWithExtendedInfo(System.Management.ManagementStatus) bei System.Management.SinkForEventQuery.Cancel() bei System.Management.ManagementEventWatcher.Stop() bei HP.Seeker.ProcessMonitor.StopProcessWatchers() bei HP.Seeker.ProcessKeeperService.StopProcesMonitors() bei HP.Seeker.HPSeekerSwitchboard.StartUserService() bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) bei System.Threading.ThreadHelper.ThreadStart() Error: (05/07/2016 12:48:42 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT) Description: There was an error with the Windows Location Provider database Error: (05/05/2016 07:39:07 PM) (Source: MsiInstaller) (EventID: 1002) (User: André-PC) Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList". Error: (05/05/2016 07:38:29 PM) (Source: MsiInstaller) (EventID: 1002) (User: André-PC) Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\3992CCA085027EB4A929D9DCAAB94321\SourceList". Error: (05/04/2016 06:39:46 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm wwahost.exe, Version 6.3.9600.17415 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1e8c Startzeit: 01d1a622d9d99477 Endzeit: 4294967295 Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe Berichts-ID: ce032141-1216-11e6-bf71-b4b52fc7b10a Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App Error: (05/01/2016 08:33:21 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm Steam.exe, Version 3.37.92.83 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 3b04 Startzeit: 01d1a3d7e264020b Endzeit: 5 Anwendungspfad: C:\Program Files (x86)\Steam\Steam.exe Berichts-ID: 2d26d980-0fcb-11e6-bf6f-b4b52fc7b10a Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Systemfehler: ============= Error: (05/10/2016 05:26:49 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT) Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001. Error: (05/10/2016 05:26:41 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT) Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001. Error: (05/10/2016 05:22:37 PM) (Source: DCOM) (EventID: 10010) (User: André-PC) Description: {D63B10C5-BB46-4990-A94F-E40B9D520160} Error: (05/10/2016 05:22:33 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT) Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001. Error: (05/10/2016 03:37:37 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT) Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001. Error: (05/10/2016 03:37:20 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT) Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001. Error: (05/10/2016 03:31:17 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT) Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001. Error: (05/10/2016 03:25:30 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Modules Installer" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 Error: (05/10/2016 03:24:52 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT) Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001. Error: (05/10/2016 03:24:00 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 CodeIntegrity: =================================== Date: 2013-08-19 13:11:11.339 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz Prozentuale Nutzung des RAM: 47% Installierter physikalischer RAM: 8147.35 MB Verfügbarer physikalischer RAM: 4298.78 MB Summe virtueller Speicher: 12499.35 MB Verfügbarer virtueller Speicher: 7635.67 MB ==================== Laufwerke ================================ Drive c: (OS) (Fixed) (Total:918.61 GB) (Free:93.94 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive d: (Recovery Image) (Fixed) (Total:10.98 GB) (Free:1.33 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive e: (NVCDV243) (CDROM) (Total:1.18 GB) (Free:0 GB) CDFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 9FE15288) Partition: GPT. ==================== Ende von Addition.txt ============================ |
10.05.2016, 17:29 | #5 |
| Windows 8: Für mich unbekannter Trojaner von Avira gefunden Und als letztes! Code:
ATTFilter 18:22:23.0948 0x1958 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12 18:22:23.0948 0x1958 UEFI system 18:22:46.0407 0x1958 ============================================================ 18:22:46.0407 0x1958 Current date / time: 2016/05/10 18:22:46.0407 18:22:46.0407 0x1958 SystemInfo: 18:22:46.0407 0x1958 18:22:46.0407 0x1958 OS Version: 6.3.9600 ServicePack: 0.0 18:22:46.0407 0x1958 Product type: Workstation 18:22:46.0407 0x1958 ComputerName: ANDRÉ-PC 18:22:46.0407 0x1958 UserName: André 18:22:46.0407 0x1958 Windows directory: C:\WINDOWS 18:22:46.0407 0x1958 System windows directory: C:\WINDOWS 18:22:46.0407 0x1958 Running under WOW64 18:22:46.0407 0x1958 Processor architecture: Intel x64 18:22:46.0407 0x1958 Number of processors: 8 18:22:46.0407 0x1958 Page size: 0x1000 18:22:46.0407 0x1958 Boot type: Normal boot 18:22:46.0407 0x1958 ============================================================ 18:22:49.0601 0x1958 KLMD registered as C:\WINDOWS\system32\drivers\17088877.sys 18:22:50.0435 0x1958 System UUID: {0A3C6F5D-85BC-54B7-180F-56313003A5C1} 18:22:50.0880 0x1958 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 18:22:50.0895 0x1958 ============================================================ 18:22:50.0895 0x1958 \Device\Harddisk0\DR0: 18:22:50.0896 0x1958 GPT partitions: 18:22:50.0896 0x1958 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {116A4521-4F0C-47A0-BAB7-03035BD7E94E}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1FF800 18:22:50.0896 0x1958 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {8FBE38ED-5EB6-4102-8512-FA11F86E44C3}, Name: EFI system partition, StartLBA 0x200000, BlocksNum 0xB4000 18:22:50.0896 0x1958 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {AF7B1549-4E36-459D-92EC-6749E38D1B4A}, Name: Microsoft reserved partition, StartLBA 0x2B4000, BlocksNum 0x40000 18:22:50.0896 0x1958 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {39BEA69E-C96C-4808-8D6C-17847E3EC2B7}, Name: Basic data partition, StartLBA 0x2F4000, BlocksNum 0x72D39000 18:22:50.0896 0x1958 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {ADD17A59-4D4F-4806-95FB-B3087D5473B3}, Name: , StartLBA 0x7302D000, BlocksNum 0xE1800 18:22:50.0896 0x1958 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {04759BE8-5639-41D4-BA22-3F49D34791E1}, Name: Basic data partition, StartLBA 0x7310E800, BlocksNum 0x15F8000 18:22:50.0896 0x1958 MBR partitions: 18:22:50.0896 0x1958 ============================================================ 18:22:50.0932 0x1958 C: <-> \Device\Harddisk0\DR0\Partition4 18:22:50.0969 0x1958 D: <-> \Device\Harddisk0\DR0\Partition6 18:22:50.0969 0x1958 ============================================================ 18:22:50.0969 0x1958 Initialize success 18:22:50.0969 0x1958 ============================================================ 18:23:15.0699 0x06c0 ============================================================ 18:23:15.0699 0x06c0 Scan started 18:23:15.0699 0x06c0 Mode: Manual; SigCheck; TDLFS; 18:23:15.0699 0x06c0 ============================================================ 18:23:15.0699 0x06c0 KSN ping started 18:23:18.0132 0x06c0 KSN ping finished: true 18:23:28.0669 0x06c0 ================ Scan system memory ======================== 18:23:28.0669 0x06c0 System memory - ok 18:23:28.0670 0x06c0 ================ Scan services ============================= 18:23:30.0670 0x06c0 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys 18:23:31.0671 0x06c0 1394ohci - ok 18:23:31.0710 0x06c0 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys 18:23:31.0718 0x06c0 3ware - ok 18:23:32.0005 0x06c0 [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys 18:23:32.0023 0x06c0 ACPI - ok 18:23:32.0036 0x06c0 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys 18:23:32.0043 0x06c0 acpiex - ok 18:23:32.0049 0x06c0 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys 18:23:32.0070 0x06c0 acpipagr - ok 18:23:32.0304 0x06c0 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys 18:23:32.0419 0x06c0 AcpiPmi - ok 18:23:32.0457 0x06c0 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys 18:23:32.0483 0x06c0 acpitime - ok 18:23:33.0329 0x06c0 [ 36114214BF8D7C464D1E92E4EB6B2DD3, 8E7CB266D4ABCDF332A3D4D341753811D51B72985E36F24A7E757DCA11A65A2A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 18:23:33.0357 0x06c0 AdobeARMservice - ok 18:23:34.0093 0x06c0 [ 28FFB14117CCEDD7D2F124596AA9B785, 8FC482C6444C904B5536979B3354597FD714634EC7372B464118C42AA9DCB58A ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 18:23:34.0100 0x06c0 AdobeFlashPlayerUpdateSvc - ok 18:23:34.0226 0x06c0 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS 18:23:34.0299 0x06c0 ADP80XX - ok 18:23:34.0358 0x06c0 [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll 18:23:34.0377 0x06c0 AeLookupSvc - ok 18:23:34.0472 0x06c0 [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD C:\WINDOWS\system32\drivers\afd.sys 18:23:34.0551 0x06c0 AFD - ok 18:23:34.0568 0x06c0 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys 18:23:34.0575 0x06c0 agp440 - ok 18:23:34.0608 0x06c0 [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys 18:23:34.0655 0x06c0 ahcache - ok 18:23:34.0699 0x06c0 [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\WINDOWS\System32\alg.exe 18:23:34.0777 0x06c0 ALG - ok 18:23:34.0835 0x06c0 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys 18:23:34.0909 0x06c0 AmdK8 - ok 18:23:34.0961 0x06c0 [ F2FF8C1B41B3784EDBD5C6D5397F403C, 104873700D2BDF4812DC48200B4609F46A63E7A50594A0599100EF1438863708 ] amdkmafd C:\WINDOWS\system32\drivers\amdkmafd.sys 18:23:34.0972 0x06c0 amdkmafd - ok 18:23:35.0300 0x06c0 [ 71F8D8B977ACC5973FA042BF906E709F, 8106C5F5C8E40344CCCDB912845786DF287BDF068D7A6EF9D26B00FA1754C1BC ] amdkmdag C:\WINDOWS\system32\DRIVERS\atikmdag.sys 18:23:35.0696 0x06c0 amdkmdag - detected UnsignedFile.Multi.Generic ( 1 ) 18:23:38.0171 0x06c0 Detect skipped due to KSN trusted 18:23:38.0173 0x06c0 amdkmdag - ok 18:23:38.0202 0x06c0 [ 4AA027F91A8093B1CDF453B5394F6715, E6D15E959637C102A34F73F66BFDC38436575A2FEFFC3976ACF399A472F126A5 ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys 18:23:38.0220 0x06c0 amdkmdap - detected UnsignedFile.Multi.Generic ( 1 ) 18:23:40.0539 0x06c0 Detect skipped due to KSN trusted 18:23:40.0539 0x06c0 amdkmdap - ok 18:23:40.0621 0x06c0 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys 18:23:40.0660 0x06c0 AmdPPM - ok 18:23:40.0885 0x06c0 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys 18:23:40.0892 0x06c0 amdsata - ok 18:23:41.0283 0x06c0 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys 18:23:41.0294 0x06c0 amdsbs - ok 18:23:41.0316 0x06c0 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys 18:23:41.0322 0x06c0 amdxata - ok 18:23:42.0562 0x06c0 [ 157DA3885AA4F03C80C10DAEB0949CAA, 69EA1C9F904FBDFE904A3BC52CB0E188AF18A93EA87A119E5E6234C6F5D4742E ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe 18:23:42.0580 0x06c0 AntiVirMailService - ok 18:23:42.0669 0x06c0 [ BD65021AB0EC790AECC503C394E61BA4, 51AD9C6F1192A3604902AE4F3B4B791DF1D58EA0B39B12AE4FA38F59E02F6D68 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 18:23:42.0710 0x06c0 AntiVirSchedulerService - ok 18:23:42.0760 0x06c0 [ BD65021AB0EC790AECC503C394E61BA4, 51AD9C6F1192A3604902AE4F3B4B791DF1D58EA0B39B12AE4FA38F59E02F6D68 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 18:23:42.0776 0x06c0 AntiVirService - ok 18:23:42.0900 0x06c0 [ CF586007CB1F9189CDF07D0D5A02C448, 7BA6E27A835A0851C12A7A115C24665631CC77D857DAF32D24BF2D2AF676FE30 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe 18:23:43.0395 0x06c0 AntiVirWebService - ok 18:23:43.0694 0x06c0 [ 9DCB42905F1EBF9CEC57EE5DF0BDA965, 4C888AAD0DDE01565FD7FBB6B70A500158CF2E4CECF9ADD4AFD302A993587269 ] AppHostSvc C:\WINDOWS\system32\inetsrv\apphostsvc.dll 18:23:43.0922 0x06c0 AppHostSvc - ok 18:23:44.0009 0x06c0 [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\WINDOWS\system32\drivers\appid.sys 18:23:44.0239 0x06c0 AppID - ok 18:23:44.0621 0x06c0 [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll 18:23:44.0663 0x06c0 AppIDSvc - ok 18:23:44.0773 0x06c0 [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\WINDOWS\System32\appinfo.dll 18:23:45.0397 0x06c0 Appinfo - ok 18:23:45.0820 0x06c0 [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 18:23:45.0826 0x06c0 Apple Mobile Device Service - ok 18:23:45.0912 0x06c0 [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll 18:23:45.0971 0x06c0 AppReadiness - ok 18:23:46.0233 0x06c0 [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll 18:23:46.0430 0x06c0 AppXSvc - ok 18:23:46.0465 0x06c0 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys 18:23:46.0472 0x06c0 arcsas - ok 18:23:46.0715 0x06c0 [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 18:23:46.0738 0x06c0 aspnet_state - ok 18:23:46.0757 0x06c0 [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 18:23:46.0798 0x06c0 AsyncMac - ok 18:23:46.0815 0x06c0 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys 18:23:46.0821 0x06c0 atapi - ok 18:23:46.0929 0x06c0 [ 788914C42AD8318F1DD7A565EAFFB049, AFB0E070AB9713156F31A68A956152CBC8294AC1814A2BCA07558AC1127B345E ] athrusb C:\WINDOWS\system32\DRIVERS\athrxusb.sys 18:23:46.0984 0x06c0 athrusb - ok 18:23:47.0001 0x06c0 [ AF6DD5993D46AF2492C19E1FF6D9A04C, 720F27791FF5D486AD07A447A4BC44D137AA245B91CE1D624E40B1DA78B6CACF ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWB6.sys 18:23:47.0018 0x06c0 AtiHDAudioService - detected UnsignedFile.Multi.Generic ( 1 ) 18:23:49.0333 0x06c0 Detect skipped due to KSN trusted 18:23:49.0333 0x06c0 AtiHDAudioService - ok 18:23:49.0559 0x06c0 [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll 18:23:49.0748 0x06c0 AudioEndpointBuilder - ok 18:23:49.0870 0x06c0 [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll 18:23:49.0891 0x06c0 Audiosrv - ok 18:23:50.0589 0x06c0 [ 5CF5E80616F74B769AABCF76FEA791D1, CA56643D41DB4E139FE85098DCD67187AAC126CE2414276364A97334E15F9F53 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys 18:23:50.0595 0x06c0 avgntflt - ok 18:23:50.0641 0x06c0 [ 8EF22CC03EFA1CB6810003C6A3B287D3, 352FE3194713D86BBD900A74AF033D5FE96A71389CC63DFC4821B43A55837206 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys 18:23:50.0653 0x06c0 avipbb - ok 18:23:51.0217 0x06c0 [ 8B86696A7030DDBD85B64621BD5B9C44, 9C22C8C5AC39A7138A669A6C4CA9753A6D2F21CFDFB8A1F1A34CB0AFC9DA9F0D ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe 18:23:51.0225 0x06c0 Avira.ServiceHost - ok 18:23:51.0250 0x06c0 [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys 18:23:51.0259 0x06c0 avkmgr - ok 18:23:51.0297 0x06c0 [ 899D89FDF015BBAF628076987D74C295, 7534A10F652FBE559431B9B1C6BC13874E8BC7438D7AFD7553F96811FD3E59BD ] avnetflt C:\WINDOWS\system32\DRIVERS\avnetflt.sys 18:23:51.0307 0x06c0 avnetflt - ok 18:23:51.0360 0x06c0 [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll 18:23:51.0381 0x06c0 AxInstSV - ok 18:23:51.0523 0x06c0 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys 18:23:51.0538 0x06c0 b06bdrv - ok 18:23:51.0558 0x06c0 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys 18:23:51.0605 0x06c0 BasicDisplay - ok 18:23:51.0615 0x06c0 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys 18:23:51.0703 0x06c0 BasicRender - ok 18:23:51.0728 0x06c0 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys 18:23:51.0732 0x06c0 bcmfn2 - ok 18:23:51.0802 0x06c0 [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC C:\WINDOWS\System32\bdesvc.dll 18:23:51.0853 0x06c0 BDESVC - ok 18:23:51.0900 0x06c0 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys 18:23:51.0949 0x06c0 Beep - ok 18:23:52.0008 0x068c Object required for P2P: [ CEA5F4F27CFC08E3A44D576811B35F50 ] amdxata 18:23:52.0169 0x06c0 [ CE4DEB0464915A50371D1FCDD22BE6D0, 8CFDC981605DE5ED22DC07E892108445BDAE84FCACFAF2EB5E4417E0757B623D ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe 18:23:52.0198 0x06c0 BEService - ok 18:23:52.0263 0x06c0 [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE C:\WINDOWS\System32\bfe.dll 18:23:52.0636 0x06c0 BFE - ok 18:23:53.0138 0x06c0 [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\WINDOWS\System32\qmgr.dll 18:23:53.0297 0x06c0 BITS - ok 18:23:53.0988 0x06c0 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 18:23:53.0998 0x06c0 Bonjour Service - ok 18:23:54.0110 0x06c0 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys 18:23:54.0131 0x06c0 bowser - ok 18:23:54.0237 0x06c0 [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll 18:23:54.0421 0x068c Object send P2P result: true 18:23:54.0421 0x068c Object required for P2P: [ 157DA3885AA4F03C80C10DAEB0949CAA ] AntiVirMailService 18:23:54.0921 0x06c0 BrokerInfrastructure - ok 18:23:55.0009 0x06c0 [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\WINDOWS\System32\browser.dll 18:23:55.0216 0x06c0 Browser - ok 18:23:55.0284 0x06c0 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys 18:23:55.0306 0x06c0 BthAvrcpTg - ok 18:23:55.0377 0x06c0 [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys 18:23:55.0666 0x06c0 BthHFEnum - ok 18:23:55.0716 0x06c0 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys 18:23:55.0724 0x06c0 bthhfhid - ok 18:23:55.0855 0x06c0 [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll 18:23:55.0908 0x06c0 BthHFSrv - ok 18:23:55.0931 0x06c0 [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys 18:23:55.0993 0x06c0 BTHMODEM - ok 18:23:56.0009 0x06c0 [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\WINDOWS\system32\bthserv.dll 18:23:56.0044 0x06c0 bthserv - ok 18:23:56.0059 0x06c0 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys 18:23:56.0088 0x06c0 cdfs - ok 18:23:56.0104 0x06c0 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys 18:23:56.0122 0x06c0 cdrom - ok 18:23:56.0140 0x06c0 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\WINDOWS\System32\certprop.dll 18:23:56.0178 0x06c0 CertPropSvc - ok 18:23:56.0206 0x06c0 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys 18:23:56.0213 0x06c0 circlass - ok 18:23:56.0249 0x06c0 [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys 18:23:56.0261 0x06c0 CLFS - ok 18:23:56.0303 0x06c0 [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys 18:23:56.0309 0x06c0 CLVirtualDrive - ok 18:23:56.0349 0x06c0 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys 18:23:56.0392 0x06c0 CmBatt - ok 18:23:56.0441 0x06c0 [ DD795DADD9366C13001E980B334C2ED4, 88B1A8B3D1A33CEDD42E0AB274E71A382C2FDA1176FE11021AFF686CB008A5D2 ] CNG C:\WINDOWS\system32\Drivers\cng.sys 18:23:56.0458 0x06c0 CNG - ok 18:23:56.0471 0x06c0 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys 18:23:56.0478 0x06c0 CompositeBus - ok 18:23:56.0480 0x06c0 COMSysApp - ok 18:23:56.0487 0x06c0 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys 18:23:56.0505 0x06c0 condrv - ok 18:23:56.0545 0x06c0 [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll 18:23:56.0566 0x06c0 CryptSvc - ok 18:23:56.0598 0x06c0 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys 18:23:56.0605 0x06c0 dam - ok 18:23:56.0689 0x06c0 [ E4220FD9C7F1579D9C5F9DFB00427841, 77740122A01A08F18CC82A4BB3F00EC59F29EE10779092F872572C264F6728D0 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 18:23:56.0721 0x06c0 DcomLaunch - ok 18:23:56.0822 0x06c0 [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\WINDOWS\System32\defragsvc.dll 18:23:56.0825 0x068c Object send P2P result: true 18:23:56.0864 0x06c0 defragsvc - ok 18:23:56.0911 0x06c0 [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll 18:23:58.0036 0x06c0 DeviceAssociationService - ok 18:23:58.0097 0x06c0 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll 18:23:58.0151 0x06c0 DeviceInstall - ok 18:23:58.0443 0x06c0 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys 18:23:58.0505 0x06c0 Dfsc - ok 18:23:58.0728 0x06c0 [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\WINDOWS\system32\dhcpcore.dll 18:23:58.0805 0x06c0 Dhcp - ok 18:23:59.0240 0x06c0 [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack C:\WINDOWS\system32\diagtrack.dll 18:23:59.0545 0x06c0 DiagTrack - ok 18:23:59.0777 0x06c0 [ 6B589D7870F836BEFC183897CCAB2856, 2D00DD081DDC3AC1A936AB7E58A0CB3DDB3F02F609B308F464C2719581848262 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe 18:23:59.0785 0x06c0 DigitalWave.Update.Service - ok 18:24:00.0129 0x06c0 [ 8B1E62881D5AC68E673CD94B136B34AC, A0C50F17041E43AC07B67A74F2C408820316201439F47CDEA37A4F5891CC0E6F ] disk C:\WINDOWS\system32\drivers\disk.sys 18:24:00.0137 0x06c0 disk - ok 18:24:00.0291 0x06c0 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys 18:24:00.0313 0x06c0 dmvsc - ok 18:24:00.0358 0x06c0 [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 18:24:00.0390 0x06c0 Dnscache - ok 18:24:00.0500 0x06c0 [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\WINDOWS\System32\dot3svc.dll 18:24:00.0571 0x06c0 dot3svc - ok 18:24:00.0642 0x06c0 [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\WINDOWS\system32\dps.dll 18:24:00.0665 0x06c0 DPS - ok 18:24:00.0715 0x06c0 [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 18:24:00.0720 0x06c0 drmkaud - ok 18:24:00.0759 0x06c0 [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll 18:24:00.0800 0x06c0 DsmSvc - ok 18:24:00.0970 0x06c0 [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys 18:24:01.0005 0x06c0 DXGKrnl - ok 18:24:01.0038 0x06c0 [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\WINDOWS\System32\eapsvc.dll 18:24:01.0184 0x06c0 Eaphost - ok 18:24:01.0186 0x06c0 EasyAntiCheat - ok 18:24:01.0504 0x06c0 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys 18:24:01.0909 0x06c0 ebdrv - ok 18:24:02.0000 0x06c0 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\WINDOWS\System32\lsass.exe 18:24:02.0007 0x06c0 EFS - ok 18:24:02.0024 0x06c0 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys 18:24:02.0031 0x06c0 EhStorClass - ok 18:24:02.0204 0x06c0 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys 18:24:02.0211 0x06c0 EhStorTcgDrv - ok 18:24:02.0234 0x06c0 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys 18:24:02.0256 0x06c0 ErrDev - ok 18:24:02.0811 0x06c0 [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\WINDOWS\system32\es.dll 18:24:03.0054 0x06c0 EventSystem - ok 18:24:03.0283 0x06c0 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys 18:24:03.0388 0x06c0 exfat - ok 18:24:03.0458 0x06c0 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys 18:24:03.0489 0x06c0 fastfat - ok 18:24:04.0124 0x06c0 [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\WINDOWS\system32\fxssvc.exe 18:24:04.0172 0x06c0 Fax - ok 18:24:04.0256 0x06c0 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys 18:24:04.0350 0x06c0 fdc - ok 18:24:04.0437 0x06c0 [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\WINDOWS\system32\fdPHost.dll 18:24:04.0509 0x06c0 fdPHost - ok 18:24:04.0551 0x06c0 [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\WINDOWS\system32\fdrespub.dll 18:24:04.0573 0x06c0 FDResPub - ok 18:24:04.0653 0x06c0 [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\WINDOWS\system32\fhsvc.dll 18:24:04.0676 0x06c0 fhsvc - ok 18:24:04.0720 0x06c0 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys 18:24:04.0727 0x06c0 FileInfo - ok 18:24:04.0767 0x06c0 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys 18:24:04.0885 0x06c0 Filetrace - ok 18:24:04.0925 0x06c0 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys 18:24:04.0951 0x06c0 flpydisk - ok 18:24:05.0016 0x06c0 [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 18:24:05.0028 0x06c0 FltMgr - ok 18:24:05.0217 0x06c0 [ 2F225BC85B84C04EA01BAB8D8DACFA83, 1F6E20C8F0FFD3FA60BDF556FB8392FE014E6519C3F314D1D22D394DB2A040CA ] FontCache C:\WINDOWS\system32\FntCache.dll 18:24:05.0272 0x06c0 FontCache - ok 18:24:05.0372 0x06c0 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 18:24:05.0377 0x06c0 FontCache3.0.0.0 - ok 18:24:05.0420 0x06c0 [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys 18:24:05.0426 0x06c0 FsDepends - ok 18:24:05.0445 0x06c0 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 18:24:05.0452 0x06c0 Fs_Rec - ok 18:24:05.0469 0x06c0 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys 18:24:05.0485 0x06c0 fvevol - ok 18:24:05.0490 0x06c0 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys 18:24:05.0515 0x06c0 FxPPM - ok 18:24:05.0551 0x06c0 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys 18:24:05.0558 0x06c0 gagp30kx - ok 18:24:05.0598 0x06c0 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 18:24:05.0602 0x06c0 GEARAspiWDM - ok 18:24:05.0644 0x06c0 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys 18:24:05.0667 0x06c0 gencounter - ok 18:24:05.0795 0x06c0 [ E6057C066C7FECB49D4A27CFC4558C8E, F9E9498D4E924E6169CFDAE7E893B6F26014E9C24B833AE23BBBF9D568CB4057 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe 18:24:05.0818 0x06c0 GfExperienceService - ok 18:24:05.0863 0x06c0 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys 18:24:05.0871 0x06c0 GPIOClx0101 - ok 18:24:05.0948 0x06c0 [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\WINDOWS\System32\gpsvc.dll 18:24:06.0691 0x06c0 gpsvc - ok 18:24:06.0718 0x06c0 [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys 18:24:06.0736 0x06c0 HdAudAddService - ok 18:24:06.0751 0x06c0 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys 18:24:07.0392 0x06c0 HDAudBus - ok 18:24:07.0434 0x06c0 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys 18:24:08.0145 0x06c0 HidBatt - ok 18:24:08.0343 0x06c0 [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys 18:24:08.0409 0x06c0 HidBth - ok 18:24:08.0576 0x06c0 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys 18:24:08.0591 0x06c0 hidi2c - ok 18:24:08.0628 0x06c0 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys 18:24:08.0791 0x06c0 HidIr - ok 18:24:08.0833 0x06c0 [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\WINDOWS\system32\hidserv.dll 18:24:08.0873 0x06c0 hidserv - ok 18:24:09.0369 0x06c0 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys 18:24:09.0433 0x06c0 HidUsb - ok 18:24:09.0522 0x06c0 [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\WINDOWS\system32\kmsvc.dll 18:24:09.0563 0x06c0 hkmsvc - ok 18:24:09.0592 0x06c0 [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll 18:24:09.0612 0x06c0 HomeGroupListener - ok 18:24:10.0196 0x06c0 [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll 18:24:10.0249 0x06c0 HomeGroupProvider - ok 18:24:10.0381 0x06c0 [ E2550FBBBA31E2D4F9757E0A533689F0, 0AE6B0D89E74E57F87A6431D005BFF4213AC4C98A74A7C796894FC2A8D42E0DD ] HPConnectedRemote c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe 18:24:10.0386 0x06c0 HPConnectedRemote - ok 18:24:10.0553 0x06c0 [ 7B7DE6B3DC30F3246958F42C67A6F7BB, 4B66B90CFEC2231B905B21DECC4EC7C6500E546F080A452EF67E724EDF37ADD9 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe 18:24:10.0575 0x06c0 hpqwmiex - ok 18:24:10.0592 0x06c0 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys 18:24:10.0599 0x06c0 HpSAMD - ok 18:24:10.0629 0x06c0 [ 2C884CBC1CC8804B771C845CD683BA84, 4BDCD012AB9D2ED0A2831BB01F77DB47B83565527C4964CA7BE6FC66917AC265 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe 18:24:10.0634 0x06c0 HPSupportSolutionsFrameworkService - ok 18:24:10.0767 0x06c0 [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys 18:24:10.0791 0x06c0 HTTP - ok 18:24:10.0829 0x06c0 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys 18:24:10.0835 0x06c0 hwpolicy - ok 18:24:10.0888 0x06c0 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys 18:24:10.0904 0x06c0 hyperkbd - ok 18:24:10.0948 0x06c0 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys 18:24:10.0991 0x06c0 HyperVideo - ok 18:24:11.0075 0x06c0 [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys 18:24:11.0142 0x06c0 i8042prt - ok 18:24:11.0191 0x06c0 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys 18:24:11.0196 0x06c0 iaLPSSi_GPIO - ok 18:24:11.0212 0x06c0 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys 18:24:11.0218 0x06c0 iaLPSSi_I2C - ok 18:24:11.0335 0x06c0 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys 18:24:11.0351 0x06c0 iaStorAV - ok 18:24:11.0370 0x06c0 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys 18:24:11.0678 0x06c0 iaStorV - ok 18:24:12.0065 0x06c0 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 18:24:12.0069 0x06c0 IDriverT - detected UnsignedFile.Multi.Generic ( 1 ) 18:24:14.0382 0x06c0 Detect skipped due to KSN trusted 18:24:14.0382 0x06c0 IDriverT - ok 18:24:14.0384 0x06c0 IEEtwCollectorService - ok 18:24:14.0502 0x06c0 [ 2530D33CE2F5F30D08A039EC33E91F17, DE1669A9F67C9CA3EEF6D0D0A56167318E4DB50965D87BF94A2795A21EBEE979 ] IKEEXT C:\WINDOWS\System32\ikeext.dll 18:24:14.0559 0x06c0 IKEEXT - ok 18:24:14.0620 0x06c0 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface c:\Program Files\Intel\iCLS Client\HeciServer.exe 18:24:14.0633 0x06c0 Intel(R) Capability Licensing Service Interface - ok 18:24:14.0682 0x06c0 [ 30E9FAC23E2537D82F2836CB81AEE186, 03E5072D43ECED70EF004D2E6E654B4CCCE059825CC3C641C0534E4C0BC0C7E8 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe 18:24:14.0687 0x06c0 Intel(R) ME Service - ok 18:24:14.0730 0x06c0 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys 18:24:14.0736 0x06c0 intelide - ok 18:24:14.0781 0x06c0 [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys 18:24:14.0787 0x06c0 intelpep - ok 18:24:14.0794 0x06c0 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys 18:24:14.0810 0x06c0 intelppm - ok 18:24:14.0826 0x06c0 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 18:24:14.0844 0x06c0 IpFilterDriver - ok 18:24:14.0892 0x06c0 [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll 18:24:14.0915 0x06c0 iphlpsvc - ok 18:24:14.0954 0x06c0 [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys 18:24:15.0001 0x06c0 IPMIDRV - ok 18:24:15.0006 0x06c0 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys 18:24:15.0024 0x06c0 IPNAT - ok 18:24:15.0084 0x06c0 [ F96B9EDC032E61EB87652896E92ED526, F9E3CD2FA2D963C56034A4F606869467FDC6647B916CF457249270E6C337A8A5 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 18:24:15.0098 0x06c0 iPod Service - ok 18:24:15.0132 0x06c0 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys 18:24:15.0546 0x06c0 IRENUM - ok 18:24:15.0592 0x06c0 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys 18:24:15.0853 0x06c0 isapnp - ok 18:24:15.0919 0x06c0 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys 18:24:16.0420 0x06c0 iScsiPrt - ok 18:24:16.0485 0x0ce4 Object required for P2P: [ 5CF5E80616F74B769AABCF76FEA791D1 ] avgntflt 18:24:16.0510 0x06c0 [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe 18:24:16.0515 0x06c0 jhi_service - ok 18:24:16.0524 0x06c0 [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys 18:24:16.0530 0x06c0 kbdclass - ok 18:24:16.0566 0x06c0 [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys 18:24:16.0675 0x06c0 kbdhid - ok 18:24:16.0841 0x06c0 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys 18:24:16.0892 0x06c0 kdnic - ok 18:24:16.0900 0x06c0 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\WINDOWS\system32\lsass.exe 18:24:16.0907 0x06c0 KeyIso - ok 18:24:17.0066 0x06c0 [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys 18:24:17.0073 0x06c0 KSecDD - ok 18:24:17.0112 0x06c0 [ A950AB512ED2BD847789FAAD3E967AFA, 005340965B30C5A14E4E081E2CDF7214D2C00BAF05C62DA9ED63EA3026E70C8A ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys 18:24:17.0120 0x06c0 KSecPkg - ok 18:24:17.0235 0x06c0 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys 18:24:17.0252 0x06c0 ksthunk - ok 18:24:17.0358 0x06c0 [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll 18:24:17.0371 0x06c0 KtmRm - ok 18:24:17.0970 0x06c0 [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\WINDOWS\system32\srvsvc.dll 18:24:18.0019 0x06c0 LanmanServer - ok 18:24:18.0122 0x06c0 [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll 18:24:18.0156 0x06c0 LanmanWorkstation - ok 18:24:18.0234 0x06c0 [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll 18:24:18.0580 0x06c0 lfsvc - ok 18:24:18.0726 0x06c0 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys 18:24:18.0760 0x06c0 lltdio - ok 18:24:18.0835 0x06c0 [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll 18:24:18.0847 0x06c0 lltdsvc - ok 18:24:18.0885 0x06c0 [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll 18:24:18.0894 0x0ce4 Object send P2P result: true 18:24:18.0894 0x0ce4 Object required for P2P: [ 8B86696A7030DDBD85B64621BD5B9C44 ] Avira.ServiceHost 18:24:18.0918 0x06c0 lmhosts - ok 18:24:18.0944 0x06c0 [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 18:24:18.0950 0x06c0 LMS - ok 18:24:18.0966 0x06c0 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys 18:24:18.0973 0x06c0 LSI_SAS - ok 18:24:18.0990 0x06c0 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys 18:24:18.0997 0x06c0 LSI_SAS2 - ok 18:24:19.0058 0x06c0 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys 18:24:19.0065 0x06c0 LSI_SAS3 - ok 18:24:19.0089 0x06c0 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys 18:24:19.0096 0x06c0 LSI_SSS - ok 18:24:19.0186 0x06c0 [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\WINDOWS\System32\lsm.dll 18:24:19.0326 0x06c0 LSM - ok 18:24:19.0359 0x06c0 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys 18:24:19.0402 0x06c0 luafv - ok 18:24:19.0435 0x06c0 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys 18:24:19.0441 0x06c0 megasas - ok 18:24:19.0530 0x06c0 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys 18:24:19.0563 0x06c0 megasr - ok 18:24:19.0614 0x06c0 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys 18:24:19.0618 0x06c0 MEIx64 - ok 18:24:19.0750 0x06c0 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\WINDOWS\system32\mmcss.dll 18:24:19.0781 0x06c0 MMCSS - ok 18:24:19.0790 0x06c0 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys 18:24:20.0120 0x06c0 Modem - ok 18:24:20.0316 0x06c0 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys 18:24:20.0586 0x06c0 monitor - ok 18:24:20.0641 0x06c0 [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys 18:24:20.0647 0x06c0 mouclass - ok 18:24:20.0665 0x06c0 [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys 18:24:20.0856 0x06c0 mouhid - ok 18:24:20.0937 0x06c0 [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys 18:24:20.0944 0x06c0 mountmgr - ok 18:24:21.0301 0x0ce4 Object send P2P result: true 18:24:21.0640 0x06c0 [ FC9A9C09B35A93F76A03D5E355FA862C, B7ED57B9D39D547BA2927FC5F02C2475BF131FDB8AD40FFDE72C966506756B56 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 18:24:21.0647 0x06c0 MozillaMaintenance - ok 18:24:21.0735 0x06c0 [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys 18:24:21.0840 0x06c0 mpsdrv - ok 18:24:22.0460 0x06c0 [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\WINDOWS\system32\mpssvc.dll 18:24:22.0556 0x06c0 MpsSvc - ok 18:24:22.0654 0x06c0 [ D2AC8F07995CE6CD18848C129435B481, 839B04116B49A757950E049150F6AADE41335914CC699ED73BE886BECAC39D36 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys 18:24:22.0726 0x06c0 MRxDAV - ok 18:24:22.0852 0x06c0 [ 5F2BB54E0223E46646789E90BB4CCD81, 44D5983512688D3C36D66C1D9EFFEED91A2CA5FDB3B106E313015082C72E344D ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 18:24:22.0993 0x06c0 mrxsmb - ok 18:24:23.0110 0x06c0 [ C83AF14432DF58324FBC2E80A5E42AB5, 63281C114CD9F4BDC80ED5DEE0578C0084DBE10D34DD2103F3BDEB2AF9AB757E ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys 18:24:23.0176 0x06c0 mrxsmb10 - ok 18:24:23.0228 0x06c0 [ 9EFBEC37E87DB6C9E791075987AAB413, 9533F54C494FBD8868A2A973EA956C22E3C1AD9FA79C4F6A2C43F2CAB14DB9D4 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys 18:24:23.0283 0x06c0 mrxsmb20 - ok 18:24:23.0308 0x06c0 [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys 18:24:23.0343 0x06c0 MsBridge - ok 18:24:23.0406 0x06c0 [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\WINDOWS\System32\msdtc.exe 18:24:23.0414 0x06c0 MSDTC - ok 18:24:23.0435 0x06c0 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 18:24:23.0459 0x06c0 Msfs - ok 18:24:23.0509 0x06c0 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys 18:24:23.0515 0x06c0 msgpiowin32 - ok 18:24:23.0524 0x06c0 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys 18:24:23.0561 0x06c0 mshidkmdf - ok 18:24:23.0580 0x06c0 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys 18:24:23.0596 0x06c0 mshidumdf - ok 18:24:23.0608 0x06c0 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys 18:24:23.0614 0x06c0 msisadrv - ok 18:24:23.0657 0x06c0 [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll 18:24:23.0682 0x06c0 MSiSCSI - ok 18:24:23.0684 0x06c0 msiserver - ok 18:24:23.0698 0x06c0 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 18:24:23.0706 0x06c0 MSKSSRV - ok 18:24:23.0720 0x06c0 [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys 18:24:23.0751 0x06c0 MsLldp - ok 18:24:23.0789 0x06c0 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 18:24:23.0796 0x06c0 MSPCLOCK - ok 18:24:23.0799 0x06c0 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 18:24:23.0850 0x06c0 MSPQM - ok 18:24:23.0872 0x06c0 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys 18:24:23.0884 0x06c0 MsRPC - ok 18:24:23.0889 0x06c0 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys 18:24:23.0895 0x06c0 mssmbios - ok 18:24:23.0945 0x06c0 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys 18:24:23.0967 0x06c0 MSTEE - ok 18:24:23.0977 0x06c0 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys 18:24:23.0997 0x06c0 MTConfig - ok 18:24:24.0012 0x06c0 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys 18:24:24.0019 0x06c0 Mup - ok 18:24:24.0068 0x06c0 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys 18:24:24.0075 0x06c0 mvumis - ok 18:24:24.0128 0x06c0 [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\WINDOWS\system32\qagentRT.dll 18:24:24.0154 0x06c0 napagent - ok 18:24:24.0205 0x06c0 [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys 18:24:24.0247 0x06c0 NativeWifiP - ok 18:24:24.0281 0x06c0 [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll 18:24:24.0314 0x06c0 NcaSvc - ok 18:24:24.0331 0x06c0 [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\WINDOWS\System32\ncbservice.dll 18:24:24.0365 0x06c0 NcbService - ok 18:24:24.0471 0x06c0 [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll 18:24:24.0516 0x06c0 NcdAutoSetup - ok 18:24:24.0571 0x06c0 [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys 18:24:24.0599 0x06c0 NDIS - ok 18:24:24.0604 0x06c0 [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys 18:24:24.0623 0x06c0 NdisCap - ok 18:24:24.0636 0x06c0 [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys 18:24:24.0651 0x06c0 NdisImPlatform - ok 18:24:24.0656 0x06c0 [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 18:24:24.0688 0x06c0 NdisTapi - ok 18:24:24.0731 0x06c0 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 18:24:24.0752 0x06c0 Ndisuio - ok 18:24:24.0766 0x06c0 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys 18:24:24.0790 0x06c0 NdisVirtualBus - ok 18:24:24.0806 0x06c0 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 18:24:24.0829 0x06c0 NdisWan - ok 18:24:24.0842 0x06c0 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys 18:24:24.0852 0x06c0 NdisWanLegacy - ok 18:24:24.0863 0x06c0 [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 18:24:24.0871 0x06c0 NDProxy - ok 18:24:24.0885 0x06c0 [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys 18:24:24.0903 0x06c0 Ndu - ok 18:24:24.0935 0x06c0 [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 18:24:24.0958 0x06c0 NetBIOS - ok 18:24:24.0977 0x06c0 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 18:24:25.0009 0x06c0 NetBT - ok 18:24:25.0026 0x06c0 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\WINDOWS\system32\lsass.exe 18:24:25.0032 0x06c0 Netlogon - ok 18:24:25.0084 0x06c0 [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\WINDOWS\System32\netman.dll 18:24:25.0098 0x06c0 Netman - ok 18:24:25.0144 0x06c0 [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\WINDOWS\System32\netprofmsvc.dll 18:24:25.0449 0x06c0 netprofm - ok 18:24:25.0528 0x06c0 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:24:26.0185 0x06c0 NetTcpPortSharing - ok 18:24:26.0229 0x06c0 [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\WINDOWS\System32\drivers\netvsc63.sys 18:24:26.0886 0x06c0 netvsc - ok 18:24:27.0167 0x06c0 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll 18:24:27.0205 0x06c0 NlaSvc - ok 18:24:27.0416 0x06c0 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 18:24:27.0464 0x06c0 Npfs - ok 18:24:27.0493 0x06c0 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys 18:24:27.0695 0x06c0 npsvctrig - ok 18:24:27.0756 0x06c0 [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\WINDOWS\system32\nsisvc.dll 18:24:27.0958 0x06c0 nsi - ok 18:24:28.0023 0x06c0 [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys 18:24:28.0244 0x06c0 nsiproxy - ok 18:24:28.0487 0x06c0 [ 9980B262DBE439AE6BDC91AA985F19EE, E998E4CAE9CD103ADA9CA3C737C4DAD017D056828BFA42A41C7B4E4E108FB13C ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 18:24:28.0582 0x06c0 Ntfs - ok 18:24:29.0023 0x06c0 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys 18:24:29.0052 0x06c0 Null - ok 18:24:29.0130 0x06c0 [ D812362E8AF615B521AD4DF19A93BD5A, B1F04122DFE9FCC3FC56BE327D86912D624C89F2EFB9684BE66FC22115D0E19F ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys 18:24:29.0137 0x06c0 NVHDA - ok 18:24:29.0840 0x06c0 [ 668E7BC286D8436FBCF08BF999FEF840, BD3DF96598F111B58CEDA9A35CD0504B6C197DD7BB5FBD318BC3273D954F643E ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys 18:24:30.0427 0x06c0 nvlddmkm - ok 18:24:31.0284 0x06c0 [ AF9BDCDDDDDDF7D99F821E1F96AA5C6A, 1FCF538F7B08BABD8AB8545C1868CA791F3641E69CB28D98209A17D03D836892 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe 18:24:31.0366 0x06c0 NvNetworkService - ok 18:24:31.0724 0x06c0 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys 18:24:31.0732 0x06c0 nvraid - ok 18:24:31.0823 0x06c0 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys 18:24:31.0831 0x06c0 nvstor - ok 18:24:32.0594 0x06c0 [ CE7D19D5865937045DBF7FB87675BCCC, 6B05319F7501C5481763D950652187DE1AFEA84A68A496D3D7D8F0D2D47532D2 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys 18:24:32.0599 0x06c0 NvStreamKms - ok 18:24:33.0206 0x06c0 [ C2E5FC52454CD0FB19426632A491C34D, 29462AE92824718C061C215BF4DC584D4BA7F0E18DD44E0F9162F93014E5B537 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe 18:24:33.0283 0x06c0 NvStreamNetworkSvc - ok 18:24:33.0529 0x06c0 [ D1837C396165D1B5A0811A3B39071F97, 9AB66A86F8B94874162C6E4EF1843AA34F8979324B391289B2F494B7BDAED3E2 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe 18:24:33.0578 0x06c0 NvStreamSvc - ok 18:24:33.0717 0x06c0 [ 3FA65FFED10B9191C6381A6D86D4C367, FB18958E169FD9CEAA204403A232E39C86E979798F664179DA823E8C4B4B8F50 ] nvsvc C:\WINDOWS\system32\nvvsvc.exe 18:24:33.0798 0x06c0 nvsvc - ok 18:24:33.0936 0x06c0 [ A994D884CC8042CC1929976B15FDD54B, BC3D9D982B609C444341E90070E84BD501281B63E65AA510897BEB2C3D360C62 ] NVVADARM C:\WINDOWS\system32\drivers\nvvadarm.sys 18:24:33.0941 0x06c0 NVVADARM - ok 18:24:33.0987 0x06c0 [ 0BAF8B3DF77EFF04CC0BEA5F2C3657F9, 8E7A542E20416835F31B8648B5724446A78609C0ACC26FCC20E885CF83BE9CB2 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys 18:24:33.0994 0x06c0 nvvad_WaveExtensible - ok 18:24:34.0014 0x06c0 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys 18:24:34.0023 0x06c0 nv_agp - ok 18:24:34.0212 0x06c0 [ A309633A4BA2DE3FC30468C3103E0BA5, 530C707A4FCD36A45E9D370D20105356C8019DE41EF1C1F1A728A523D5FBEE25 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe 18:24:34.0269 0x06c0 Origin Client Service - ok 18:24:34.0364 0x06c0 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll 18:24:34.0416 0x06c0 p2pimsvc - ok 18:24:34.0463 0x06c0 [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\WINDOWS\system32\p2psvc.dll 18:24:34.0498 0x06c0 p2psvc - ok 18:24:34.0525 0x06c0 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys 18:24:34.0532 0x06c0 Parport - ok 18:24:34.0539 0x06c0 [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys 18:24:34.0546 0x06c0 partmgr - ok 18:24:34.0561 0x06c0 [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll 18:24:34.0591 0x06c0 PcaSvc - ok 18:24:34.0633 0x06c0 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys 18:24:34.0643 0x06c0 pci - ok 18:24:34.0678 0x06c0 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys 18:24:34.0684 0x06c0 pciide - ok 18:24:34.0712 0x06c0 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys 18:24:34.0719 0x06c0 pcmcia - ok 18:24:34.0760 0x06c0 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys 18:24:35.0014 0x06c0 pcw - ok 18:24:35.0032 0x06c0 [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\WINDOWS\system32\drivers\pdc.sys 18:24:35.0039 0x06c0 pdc - ok 18:24:35.0154 0x06c0 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys 18:24:36.0557 0x06c0 PEAUTH - ok 18:24:37.0116 0x06c0 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe 18:24:37.0149 0x06c0 PerfHost - ok 18:24:37.0335 0x06c0 [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\WINDOWS\system32\pla.dll 18:24:37.0436 0x06c0 pla - ok 18:24:37.0481 0x06c0 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll 18:24:37.0490 0x06c0 PlugPlay - ok 18:24:37.0491 0x06c0 PnkBstrA - ok 18:24:37.0730 0x06c0 [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll 18:24:38.0016 0x06c0 PNRPAutoReg - ok 18:24:38.0128 0x06c0 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll 18:24:38.0139 0x06c0 PNRPsvc - ok 18:24:38.0246 0x06c0 [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll 18:24:38.0275 0x06c0 PolicyAgent - ok 18:24:38.0297 0x06c0 [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\WINDOWS\system32\umpo.dll 18:24:38.0338 0x06c0 Power - ok 18:24:38.0632 0x06c0 [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 18:24:38.0751 0x06c0 PptpMiniport - ok 18:24:39.0087 0x06c0 [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll 18:24:39.0190 0x06c0 PrintNotify - ok 18:24:39.0242 0x06c0 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys 18:24:39.0273 0x06c0 Processor - ok 18:24:39.0329 0x06c0 [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc C:\WINDOWS\system32\profsvc.dll 18:24:39.0361 0x06c0 ProfSvc - ok 18:24:39.0430 0x06c0 [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys 18:24:39.0462 0x06c0 Psched - ok 18:24:39.0502 0x06c0 [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\WINDOWS\system32\qwave.dll 18:24:39.0578 0x06c0 QWAVE - ok 18:24:39.0629 0x06c0 [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys 18:24:39.0648 0x06c0 QWAVEdrv - ok 18:24:39.0671 0x06c0 [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 18:24:39.0700 0x06c0 RasAcd - ok 18:24:39.0735 0x06c0 [ E8FFD8BE3C50E7A71C5FBB87BDD1128E, 3E3EB906CC9A1CCA09580DA9F94DD0E1162CABD343874B76718DC4F2E9069C4E ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys 18:24:39.0764 0x06c0 RasAgileVpn - ok 18:24:39.0801 0x06c0 [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\WINDOWS\System32\rasauto.dll 18:24:39.0821 0x06c0 RasAuto - ok 18:24:39.0885 0x06c0 [ 235624C147E3CB4C288D5D3D8E8D64A2, B3F182019DBAD9C761FE9F62EAED34AD5902B41A13A766D814FC3E2EA29D8D92 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 18:24:39.0978 0x06c0 Rasl2tp - ok 18:24:40.0022 0x06c0 [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\WINDOWS\System32\rasmans.dll 18:24:40.0336 0x06c0 RasMan - ok 18:24:40.0456 0x06c0 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 18:24:40.0513 0x06c0 RasPppoe - ok 18:24:40.0691 0x06c0 [ 41F631007A158FEBB67F0E2AD1601BBA, EB5EA7277F4178BC27E55BF850AEBCD84B6BED80B2383CFB29548824AAFED135 ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys 18:24:40.0703 0x06c0 RasSstp - ok 18:24:40.0731 0x06c0 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 18:24:40.0900 0x06c0 rdbss - ok 18:24:41.0019 0x06c0 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys 18:24:41.0170 0x06c0 rdpbus - ok 18:24:41.0315 0x06c0 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys 18:24:41.0590 0x06c0 RDPDR - ok 18:24:41.0745 0x06c0 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys 18:24:41.0750 0x06c0 RdpVideoMiniport - ok 18:24:41.0794 0x06c0 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys 18:24:41.0803 0x06c0 rdyboost - ok 18:24:42.0281 0x06c0 [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys 18:24:42.0306 0x06c0 ReFS - ok 18:24:42.0537 0x06c0 [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 18:24:42.0558 0x06c0 RemoteAccess - ok 18:24:42.0647 0x06c0 [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 18:24:42.0697 0x06c0 RemoteRegistry - ok 18:24:42.0775 0x06c0 [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll 18:24:42.0986 0x06c0 RpcEptMapper - ok 18:24:43.0081 0x06c0 [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\WINDOWS\system32\locator.exe 18:24:43.0113 0x06c0 RpcLocator - ok 18:24:43.0240 0x06c0 [ E4220FD9C7F1579D9C5F9DFB00427841, 77740122A01A08F18CC82A4BB3F00EC59F29EE10779092F872572C264F6728D0 ] RpcSs C:\WINDOWS\system32\rpcss.dll 18:24:43.0258 0x06c0 RpcSs - ok 18:24:43.0311 0x06c0 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys 18:24:43.0363 0x06c0 rspndr - ok 18:24:43.0422 0x06c0 [ 948D5E71CF9DB59961353A355EA45139, A23D012B07A92CC217C67C904CDFBA2BCCDCC2BD49B24FB694BD230D000F2B7B ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys 18:24:43.0439 0x06c0 RTL8168 - ok 18:24:43.0490 0x06c0 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys 18:24:43.0512 0x06c0 s3cap - ok 18:24:43.0559 0x06c0 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\WINDOWS\system32\lsass.exe 18:24:43.0566 0x06c0 SamSs - ok 18:24:43.0602 0x06c0 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys 18:24:43.0609 0x06c0 sbp2port - ok 18:24:43.0653 0x06c0 [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll 18:24:43.0674 0x06c0 SCardSvr - ok 18:24:43.0702 0x06c0 [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll 18:24:43.0727 0x06c0 ScDeviceEnum - ok 18:24:43.0893 0x06c0 [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys 18:24:43.0910 0x06c0 scfilter - ok 18:24:43.0966 0x06c0 [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule C:\WINDOWS\system32\schedsvc.dll 18:24:44.0035 0x06c0 Schedule - ok 18:24:44.0075 0x06c0 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll 18:24:44.0084 0x06c0 SCPolicySvc - ok 18:24:44.0130 0x06c0 [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys 18:24:44.0140 0x06c0 sdbus - ok 18:24:44.0197 0x06c0 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys 18:24:44.0203 0x06c0 sdstor - ok 18:24:44.0217 0x06c0 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys 18:24:44.0280 0x06c0 secdrv - ok 18:24:44.0298 0x06c0 [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon C:\WINDOWS\system32\seclogon.dll 18:24:44.0349 0x06c0 seclogon - ok 18:24:44.0361 0x06c0 [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\WINDOWS\System32\sens.dll 18:24:44.0387 0x06c0 SENS - ok 18:24:44.0401 0x06c0 [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll 18:24:44.0434 0x06c0 SensrSvc - ok 18:24:44.0454 0x06c0 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys 18:24:44.0460 0x06c0 SerCx - ok 18:24:44.0475 0x06c0 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys 18:24:44.0483 0x06c0 SerCx2 - ok 18:24:44.0497 0x06c0 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys 18:24:44.0506 0x06c0 Serenum - ok 18:24:44.0543 0x06c0 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys 18:24:44.0902 0x06c0 Serial - ok 18:24:44.0926 0x06c0 [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys 18:24:46.0222 0x06c0 sermouse - ok 18:24:46.0292 0x06c0 [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\WINDOWS\system32\sessenv.dll 18:24:47.0429 0x06c0 SessionEnv - ok 18:24:47.0446 0x06c0 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys 18:24:47.0619 0x06c0 sfloppy - ok 18:24:47.0695 0x06c0 [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 18:24:47.0724 0x06c0 SharedAccess - ok 18:24:48.0106 0x06c0 [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 18:24:48.0166 0x06c0 ShellHWDetection - ok 18:24:48.0248 0x06c0 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys 18:24:48.0254 0x06c0 SiSRaid2 - ok 18:24:48.0427 0x06c0 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys 18:24:48.0434 0x06c0 SiSRaid4 - ok 18:24:48.0712 0x06c0 [ 9A66A87BBC0EC4463042959B7C0D4AC1, 2E61DC50AD4A4D4782F3271BAD010137DA9A6AFC46C7568C709F68C7621DCD40 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 18:24:48.0722 0x06c0 SkypeUpdate - ok 18:24:48.0778 0x06c0 [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\WINDOWS\System32\smphost.dll 18:24:48.0798 0x06c0 smphost - ok 18:24:48.0943 0x06c0 [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe 18:24:48.0965 0x06c0 SNMPTRAP - ok 18:24:49.0049 0x06c0 [ B45AE0970B2D66CCE756DE6989E23EEC, 8393CF2DC4F65CD48D4D7B3C8C2D29E26728593B652D6CEAB65B50AEDA0884B7 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys 18:24:49.0063 0x06c0 spaceport - ok 18:24:49.0117 0x06c0 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys 18:24:49.0124 0x06c0 SpbCx - ok 18:24:49.0309 0x06c0 [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\WINDOWS\System32\spoolsv.exe 18:24:49.0409 0x06c0 Spooler - ok 18:24:50.0047 0x06c0 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe 18:24:50.0522 0x06c0 sppsvc - ok 18:24:50.0631 0x06c0 [ 8003E034E3EA0E29DA54215A770FC27C, 28AB1FDEA372D33540A26DAE413A10336409D33B91F51DC0AE144D451022A2A7 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys 18:24:50.0741 0x06c0 srv - ok 18:24:51.0032 0x06c0 [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys 18:24:51.0109 0x06c0 srv2 - ok 18:24:51.0181 0x06c0 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys 18:24:51.0803 0x06c0 srvnet - ok 18:24:51.0915 0x06c0 [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 18:24:52.0005 0x06c0 SSDPSRV - ok 18:24:52.0141 0x06c0 [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll 18:24:52.0310 0x06c0 SstpSvc - ok 18:24:52.0749 0x06c0 [ D67F951F6BA708812420195B8D0AB8B6, 6583DB22EB8AA5FF0134D2536C9A46BC0D7D8F8B2829D5719DD68968C22F5917 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe 18:24:52.0915 0x06c0 STacSV - detected UnsignedFile.Multi.Generic ( 1 ) 18:24:55.0230 0x06c0 Detect skipped due to KSN trusted 18:24:55.0230 0x06c0 STacSV - ok 18:24:55.0547 0x06c0 [ BE826A247D22F2FDF24B92AD40049F89, 06996ECCE5A694DEFDC99DB56F45DD0ABD9A2150581F1FD132FBBD863C474DE3 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe 18:24:55.0562 0x06c0 Steam Client Service - ok 18:24:56.0365 0x06c0 [ DBFF852134402B17BECC2356B126ECFE, B58B02E98B4B1AF245488EF4E839A763506A6EF5AD97442605B0AA38CA6A9987 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 18:24:56.0376 0x06c0 Stereo Service - ok 18:24:56.0440 0x06c0 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys 18:24:56.0446 0x06c0 stexstor - ok 18:24:56.0558 0x06c0 [ 71CB3BB20F08BB724769DAAAFD5AB26E, FC4B2BD03037EC07F4443BBE13A28859035F7229CA06D4E42AFB42ABF1A89F09 ] STHDA C:\WINDOWS\system32\DRIVERS\stwrt64.sys 18:24:56.0804 0x06c0 STHDA - ok 18:24:57.0056 0x06c0 [ 8F3C0CCF27CFFE89424F30E9FB3381AB, 74E54541B4A16DC97098428E1715A27557BAB97E05AF346F88958580199C1541 ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys 18:24:57.0088 0x06c0 StillCam - ok 18:24:57.0249 0x06c0 [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\WINDOWS\System32\wiaservc.dll 18:24:57.0292 0x06c0 stisvc - ok 18:24:57.0354 0x06c0 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys 18:24:57.0361 0x06c0 storahci - ok 18:24:57.0406 0x06c0 [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys 18:24:57.0412 0x06c0 storflt - ok 18:24:57.0437 0x06c0 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys 18:24:57.0444 0x06c0 stornvme - ok 18:24:57.0536 0x06c0 [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\WINDOWS\system32\storsvc.dll 18:24:57.0581 0x06c0 StorSvc - ok 18:24:57.0619 0x06c0 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys 18:24:57.0625 0x06c0 storvsc - ok 18:24:57.0679 0x06c0 [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\WINDOWS\system32\svsvc.dll 18:24:57.0773 0x06c0 svsvc - ok 18:24:57.0783 0x06c0 [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\WINDOWS\System32\drivers\swenum.sys 18:24:57.0789 0x06c0 swenum - ok 18:24:57.0837 0x06c0 [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\WINDOWS\System32\swprv.dll 18:24:57.0890 0x06c0 swprv - ok 18:24:58.0049 0x06c0 [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain C:\WINDOWS\system32\sysmain.dll 18:24:58.0150 0x06c0 SysMain - ok 18:24:58.0201 0x06c0 [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll 18:24:59.0219 0x06c0 SystemEventsBroker - ok 18:24:59.0636 0x06c0 [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll 18:24:59.0909 0x06c0 TabletInputService - ok 18:25:00.0017 0x06c0 [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 18:25:00.0097 0x06c0 TapiSrv - ok 18:25:00.0871 0x06c0 [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys 18:25:01.0014 0x06c0 Tcpip - ok 18:25:01.0263 0x06c0 [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys 18:25:01.0308 0x06c0 TCPIP6 - ok 18:25:01.0354 0x06c0 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys 18:25:01.0388 0x06c0 tcpipreg - ok 18:25:01.0432 0x06c0 [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys 18:25:01.0440 0x06c0 tdx - ok 18:25:01.0471 0x06c0 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys 18:25:01.0477 0x06c0 terminpt - ok 18:25:01.0529 0x06c0 [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\WINDOWS\System32\termsrv.dll 18:25:01.0578 0x06c0 TermService - ok 18:25:01.0595 0x06c0 [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\WINDOWS\system32\themeservice.dll 18:25:01.0612 0x06c0 Themes - ok 18:25:01.0652 0x06c0 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\WINDOWS\system32\mmcss.dll 18:25:01.0659 0x06c0 THREADORDER - ok 18:25:01.0688 0x06c0 [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll 18:25:01.0723 0x06c0 TimeBroker - ok 18:25:01.0741 0x06c0 [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM C:\WINDOWS\system32\drivers\tpm.sys 18:25:01.0749 0x06c0 TPM - ok 18:25:01.0764 0x06c0 [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\WINDOWS\System32\trkwks.dll 18:25:01.0773 0x06c0 TrkWks - ok 18:25:01.0850 0x06c0 [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe 18:25:01.0869 0x06c0 TrustedInstaller - ok 18:25:01.0878 0x06c0 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys 18:25:01.0893 0x06c0 TsUsbFlt - ok 18:25:01.0896 0x06c0 [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys 18:25:01.0926 0x06c0 TsUsbGD - ok 18:25:01.0947 0x06c0 [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys 18:25:01.0980 0x06c0 tunnel - ok 18:25:02.0024 0x06c0 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys 18:25:02.0031 0x06c0 uagp35 - ok 18:25:02.0040 0x06c0 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys 18:25:02.0047 0x06c0 UASPStor - ok 18:25:02.0141 0x06c0 [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys 18:25:02.0443 0x06c0 UCX01000 - ok 18:25:02.0488 0x06c0 [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys 18:25:03.0500 0x06c0 udfs - ok 18:25:03.0553 0x06c0 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys 18:25:03.0559 0x06c0 UEFI - ok 18:25:03.0606 0x06c0 [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe 18:25:03.0647 0x06c0 UI0Detect - ok 18:25:03.0661 0x06c0 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys 18:25:03.0667 0x06c0 uliagpkx - ok 18:25:03.0993 0x06c0 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys 18:25:04.0015 0x06c0 umbus - ok 18:25:04.0027 0x06c0 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys 18:25:04.0033 0x06c0 UmPass - ok 18:25:04.0257 0x06c0 [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\WINDOWS\System32\umrdp.dll 18:25:04.0295 0x06c0 UmRdpService - ok 18:25:04.0559 0x06c0 [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 18:25:04.0567 0x06c0 UNS - ok 18:25:05.0141 0x06c0 [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\WINDOWS\System32\upnphost.dll 18:25:05.0169 0x06c0 upnphost - ok 18:25:05.0272 0x06c0 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys 18:25:05.0302 0x06c0 USBAAPL64 - ok 18:25:05.0311 0x06c0 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys 18:25:05.0319 0x06c0 usbccgp - ok 18:25:05.0405 0x06c0 [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys 18:25:05.0583 0x06c0 usbcir - ok 18:25:06.0011 0x06c0 [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys 18:25:06.0018 0x06c0 usbehci - ok 18:25:06.0151 0x06c0 [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys 18:25:06.0166 0x06c0 usbhub - ok 18:25:06.0240 0x06c0 [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys 18:25:06.0255 0x06c0 USBHUB3 - ok 18:25:06.0351 0x06c0 [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys 18:25:06.0413 0x06c0 usbohci - ok 18:25:06.0434 0x06c0 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys 18:25:06.0537 0x06c0 usbprint - ok 18:25:06.0619 0x06c0 [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS 18:25:06.0627 0x06c0 USBSTOR - ok 18:25:06.0689 0x06c0 [ C44D96B1CDDE705B23F55AB423CCA73D, AB9842E90DD3D686E66BDBE043EB0068272B611D6F63C818EB9D1B6FE2FE23BD ] USBTINSP C:\WINDOWS\System32\drivers\tinspusb.sys 18:25:06.0733 0x06c0 USBTINSP - ok 18:25:06.0770 0x06c0 [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys 18:25:06.0793 0x06c0 usbuhci - ok 18:25:06.0880 0x06c0 [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys 18:25:06.0955 0x06c0 usbvideo - ok 18:25:06.0992 0x06c0 [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS 18:25:07.0003 0x06c0 USBXHCI - ok 18:25:07.0019 0x06c0 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\WINDOWS\system32\lsass.exe 18:25:07.0026 0x06c0 VaultSvc - ok 18:25:07.0061 0x06c0 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys 18:25:07.0067 0x06c0 vdrvroot - ok 18:25:07.0174 0x06c0 [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\WINDOWS\System32\vds.exe 18:25:07.0517 0x06c0 vds - ok 18:25:07.0739 0x06c0 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys 18:25:07.0747 0x06c0 VerifierExt - ok 18:25:08.0208 0x06c0 [ 34CAF69BF4166AB40BFF0ED068FF6F91, BF5DA4F85A2C537DD76A3271956EC5BDB9ABC495FAA9371037F608152BE2725D ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys 18:25:08.0224 0x06c0 vhdmp - ok 18:25:08.0347 0x06c0 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys 18:25:08.0353 0x06c0 viaide - ok 18:25:08.0981 0x06c0 [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys 18:25:08.0988 0x06c0 vmbus - ok 18:25:09.0044 0x06c0 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys 18:25:09.0052 0x06c0 VMBusHID - ok 18:25:09.0147 0x06c0 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll 18:25:09.0217 0x06c0 vmicguestinterface - ok 18:25:09.0647 0x06c0 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll 18:25:09.0660 0x06c0 vmicheartbeat - ok 18:25:09.0883 0x06c0 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll 18:25:09.0896 0x06c0 vmickvpexchange - ok 18:25:09.0968 0x06c0 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll 18:25:09.0981 0x06c0 vmicrdv - ok 18:25:10.0048 0x06c0 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll 18:25:10.0061 0x06c0 vmicshutdown - ok 18:25:10.0127 0x06c0 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll 18:25:10.0141 0x06c0 vmictimesync - ok 18:25:10.0276 0x06c0 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\WINDOWS\System32\ICSvc.dll 18:25:10.0289 0x06c0 vmicvss - ok 18:25:10.0319 0x06c0 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys 18:25:10.0325 0x06c0 volmgr - ok 18:25:10.0401 0x06c0 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys 18:25:10.0413 0x06c0 volmgrx - ok 18:25:10.0575 0x06c0 [ D537962695CAFEC1301F3EB7C8C3A1D2, 76FBEE866C4191E43B232B7ED34CB1FC1603C15F930EBBC5EFC6EA4B4500E1E8 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys 18:25:10.0587 0x06c0 volsnap - ok 18:25:10.0643 0x06c0 [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci C:\WINDOWS\System32\drivers\vpci.sys 18:25:10.0649 0x06c0 vpci - ok 18:25:10.0680 0x06c0 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys 18:25:10.0689 0x06c0 vsmraid - ok 18:25:10.0804 0x06c0 [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS C:\WINDOWS\system32\vssvc.exe 18:25:10.0865 0x06c0 VSS - ok 18:25:10.0909 0x06c0 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys 18:25:10.0920 0x06c0 VSTXRAID - ok 18:25:10.0956 0x06c0 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys 18:25:11.0007 0x06c0 vwifibus - ok 18:25:11.0046 0x06c0 [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\WINDOWS\system32\w32time.dll 18:25:11.0079 0x06c0 W32Time - ok 18:25:11.0159 0x06c0 [ 8E553C859C83784DEC08B10AFC3EAC92, 41D8DBA1500DBD3AC9783169ACF545805EF05069F12866238992A30794369254 ] w3logsvc C:\WINDOWS\system32\inetsrv\w3logsvc.dll 18:25:11.0185 0x06c0 w3logsvc - ok 18:25:11.0193 0x06c0 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys 18:25:11.0205 0x06c0 WacomPen - ok 18:25:11.0222 0x06c0 [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 18:25:11.0244 0x06c0 Wanarp - ok 18:25:11.0247 0x06c0 [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys 18:25:11.0254 0x06c0 Wanarpv6 - ok 18:25:11.0302 0x06c0 [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC, 2419AC815C95F2629E1832973501983D06F788728755605D42D6C8565C3CBBF1 ] WAS C:\WINDOWS\system32\inetsrv\iisw3adm.dll 18:25:11.0330 0x06c0 WAS - ok 18:25:11.0375 0x06c0 [ 139D842E5FB75A1E2F0212FBD7B0E457, F29F73B56865C5EBBE89B8F92AEFE2DB19E5C29A94D2E006A23243C23A41AE79 ] wbengine C:\WINDOWS\system32\wbengine.exe 18:25:11.0461 0x06c0 wbengine - ok 18:25:11.0507 0x06c0 [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll 18:25:11.0547 0x06c0 WbioSrvc - ok 18:25:11.0564 0x06c0 [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll 18:25:11.0577 0x06c0 Wcmsvc - ok 18:25:11.0590 0x06c0 [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll 18:25:11.0604 0x06c0 wcncsvc - ok 18:25:11.0610 0x06c0 [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll 18:25:11.0700 0x06c0 WcsPlugInService - ok 18:25:11.0736 0x06c0 [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys 18:25:11.0743 0x06c0 WdBoot - ok 18:25:11.0791 0x06c0 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys 18:25:11.0809 0x06c0 Wdf01000 - ok 18:25:11.0836 0x06c0 [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys 18:25:11.0846 0x06c0 WdFilter - ok 18:25:11.0861 0x06c0 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll 18:25:11.0870 0x06c0 WdiServiceHost - ok 18:25:11.0874 0x06c0 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll 18:25:11.0882 0x06c0 WdiSystemHost - ok 18:25:11.0895 0x06c0 [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys 18:25:11.0902 0x06c0 WdNisDrv - ok 18:25:11.0938 0x06c0 WdNisSvc - ok 18:25:11.0980 0x06c0 [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient C:\WINDOWS\System32\webclnt.dll 18:25:12.0040 0x06c0 WebClient - ok 18:25:12.0055 0x06c0 [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll 18:25:12.0066 0x06c0 Wecsvc - ok 18:25:12.0086 0x06c0 [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll 18:25:12.0110 0x06c0 WEPHOSTSVC - ok 18:25:12.0129 0x06c0 [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll 18:25:12.0162 0x06c0 wercplsupport - ok 18:25:12.0179 0x06c0 [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\WINDOWS\System32\WerSvc.dll 18:25:12.0200 0x06c0 WerSvc - ok 18:25:12.0235 0x06c0 [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys 18:25:12.0242 0x06c0 WFPLWFS - ok 18:25:12.0246 0x06c0 [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\WINDOWS\System32\wiarpc.dll 18:25:12.0275 0x06c0 WiaRpc - ok 18:25:12.0311 0x06c0 [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys 18:25:12.0317 0x06c0 WIMMount - ok 18:25:12.0318 0x06c0 WinDefend - ok 18:25:12.0392 0x06c0 [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll 18:25:12.0428 0x06c0 WinHttpAutoProxySvc - ok 18:25:12.0485 0x06c0 [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 18:25:12.0519 0x06c0 Winmgmt - ok 18:25:12.0599 0x06c0 [ 427873F889F2F508BE8BE982219CE578, CA8DCFB774BF0F747295A7A0CB46A6177DE12AD6BD58266182206C41A3C9001E ] WinRM C:\WINDOWS\system32\WsmSvc.dll 18:25:12.0713 0x06c0 WinRM - ok 18:25:12.0773 0x06c0 [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb C:\WINDOWS\System32\drivers\WinUSB.SYS 18:25:12.0816 0x06c0 WinUsb - ok 18:25:12.0850 0x06c0 [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll 18:25:12.0888 0x06c0 WlanSvc - ok 18:25:12.0935 0x06c0 [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll 18:25:12.0972 0x06c0 wlidsvc - ok 18:25:13.0014 0x06c0 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys 18:25:13.0021 0x06c0 WmiAcpi - ok 18:25:13.0045 0x06c0 [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe 18:25:13.0054 0x06c0 wmiApSrv - ok 18:25:13.0091 0x06c0 WMPNetworkSvc - ok 18:25:13.0100 0x06c0 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys 18:25:13.0109 0x06c0 Wof - ok 18:25:13.0173 0x06c0 [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll 18:25:13.0224 0x06c0 workfolderssvc - ok 18:25:13.0266 0x06c0 [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys 18:25:13.0273 0x06c0 wpcfltr - ok 18:25:13.0291 0x06c0 [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll 18:25:13.0306 0x06c0 WPCSvc - ok 18:25:13.0321 0x06c0 [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll 18:25:13.0338 0x06c0 WPDBusEnum - ok 18:25:13.0346 0x06c0 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys 18:25:13.0352 0x06c0 WpdUpFltr - ok 18:25:13.0388 0x06c0 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys 18:25:13.0396 0x06c0 ws2ifsl - ok 18:25:13.0421 0x06c0 [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc C:\WINDOWS\System32\wscsvc.dll 18:25:13.0435 0x06c0 wscsvc - ok 18:25:13.0454 0x06c0 [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys 18:25:13.0461 0x06c0 WSDPrintDevice - ok 18:25:13.0463 0x06c0 WSearch - ok 18:25:13.0546 0x06c0 [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\WINDOWS\System32\WSService.dll 18:25:13.0630 0x06c0 WSService - ok 18:25:13.0725 0x06c0 [ 020F47C655ED1F63BBA834AA53575D5C, 7E36BB83B937CEA8B5D1EAF1DF63D32D64CA8045DA377DF5237D2F4DC16574CC ] wuauserv C:\WINDOWS\system32\wuaueng.dll 18:25:13.0848 0x06c0 wuauserv - ok 18:25:13.0890 0x06c0 [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys 18:25:13.0904 0x06c0 WudfPf - ok 18:25:13.0919 0x06c0 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys 18:25:13.0928 0x06c0 WUDFRd - ok 18:25:13.0934 0x06c0 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys 18:25:13.0942 0x06c0 WUDFSensorLP - ok 18:25:13.0982 0x06c0 [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll 18:25:13.0990 0x06c0 wudfsvc - ok 18:25:13.0995 0x06c0 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys 18:25:14.0004 0x06c0 WUDFWpdFs - ok 18:25:14.0009 0x06c0 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys 18:25:14.0017 0x06c0 WUDFWpdMtp - ok 18:25:14.0064 0x06c0 [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll 18:25:14.0079 0x06c0 WwanSvc - ok 18:25:14.0094 0x06c0 [ A0F661902AFCAAD77CC2ED3894927A10, 0DCD860F7F4029EBFE1F409BA23CC8BAA55BC22084C81940FF170B665E4804BD ] xusb22 C:\WINDOWS\System32\drivers\xusb22.sys 18:25:14.0112 0x06c0 xusb22 - ok 18:25:14.0131 0x06c0 [ 18B6869E23937175144E6F1D3CB85FC2, CB04A3948951F2D7943DCDDD5A7894B50B1C1DC0F0629ECCA652F66E20D2015B ] ZDCNDIS6a64 C:\windows\system32\ZDCNDIS6a64.sys 18:25:14.0137 0x06c0 ZDCNDIS6a64 - ok 18:25:14.0140 0x06c0 ================ Scan global =============================== 18:25:14.0270 0x06c0 [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\WINDOWS\system32\basesrv.dll 18:25:14.0315 0x06c0 [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll 18:25:14.0355 0x06c0 [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll 18:25:14.0397 0x06c0 [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe 18:25:14.0402 0x06c0 [ Global ] - ok 18:25:14.0402 0x06c0 ================ Scan MBR ================================== 18:25:14.0410 0x06c0 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0 18:25:14.0493 0x06c0 \Device\Harddisk0\DR0 - ok 18:25:14.0493 0x06c0 ================ Scan VBR ================================== 18:25:14.0514 0x06c0 [ 81D10884DEA288B14839DF64225FE362 ] \Device\Harddisk0\DR0\Partition1 18:25:14.0570 0x06c0 \Device\Harddisk0\DR0\Partition1 - ok 18:25:14.0577 0x06c0 [ AE8E92C89E0B9F6B2309E85E1D6FBB80 ] \Device\Harddisk0\DR0\Partition2 18:25:14.0626 0x06c0 \Device\Harddisk0\DR0\Partition2 - ok 18:25:14.0632 0x06c0 [ F88D23DA637CE73862A3400B604B061B ] \Device\Harddisk0\DR0\Partition3 18:25:14.0633 0x06c0 \Device\Harddisk0\DR0\Partition3 - ok 18:25:14.0642 0x06c0 [ 1C0568145FD40C174A795AB95610A56F ] \Device\Harddisk0\DR0\Partition4 18:25:14.0734 0x06c0 \Device\Harddisk0\DR0\Partition4 - ok 18:25:14.0763 0x06c0 [ 569F17A39108C5852D740DEA65668D9C ] \Device\Harddisk0\DR0\Partition5 18:25:14.0764 0x06c0 \Device\Harddisk0\DR0\Partition5 - ok 18:25:14.0772 0x06c0 [ 0370475E55D6022E2AE80397CED8335B ] \Device\Harddisk0\DR0\Partition6 18:25:14.0773 0x06c0 \Device\Harddisk0\DR0\Partition6 - ok 18:25:14.0774 0x06c0 ================ Scan generic autorun ====================== 18:25:14.0800 0x06c0 [ 96A1D93D16F959C6F5A63E749A9F2EF7, 9EDD4EEC5C625ECF4A1C82318ED6B74404E63A3D43312B53E4F627D76D47658C ] C:\Program Files\IDT\WDM\beats64.exe 18:25:14.0805 0x06c0 BeatsOSDApp - detected UnsignedFile.Multi.Generic ( 1 ) 18:25:16.0352 0x1b50 Object required for P2P: [ 51B3AC0560848CD6D65AC2033E293113 ] MsLldp 18:25:17.0122 0x06c0 Detect skipped due to KSN trusted 18:25:17.0122 0x06c0 BeatsOSDApp - ok 18:25:17.0179 0x06c0 [ ED43758BF94B8A5221D69F1B7F63F13D, F6E7418823E45085F4D4F50DD25A55ED517C0A335C6C2F69A1139B30677D3DA9 ] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe 18:25:17.0194 0x06c0 XboxStat - ok 18:25:17.0270 0x06c0 [ 4A57AB2D5E3624D63E7F8854C79F3D8C, 2637E8933193F10BC8CD893EE0CCF7ABF7A7B32A2278EFE95D958FDAD3794696 ] C:\Program Files\IDT\WDM\sttray64.exe 18:25:17.0304 0x06c0 SysTrayApp - detected UnsignedFile.Multi.Generic ( 1 ) 18:25:18.0759 0x1b50 Object send P2P result: true 18:25:18.0763 0x1b50 Object required for P2P: [ 3FA65FFED10B9191C6381A6D86D4C367 ] nvsvc 18:25:19.0617 0x06c0 Detect skipped due to KSN trusted 18:25:19.0617 0x06c0 SysTrayApp - ok 18:25:19.0737 0x06c0 [ EEE565252F4585B2DD840C8CE871C6C0, AF1FBA9CBBA218F1C511282242A647AC3462D1D83FA9209F1FEBFBD39E68FC2F ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe 18:25:19.0786 0x06c0 NvBackend - ok 18:25:19.0810 0x06c0 [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\WINDOWS\system32\rundll32.exe 18:25:19.0857 0x06c0 ShadowPlay - ok 18:25:19.0886 0x06c0 [ CC9823AA6E3F6229CD6DA193551314A5, 76BCD2BCA391C2114BF9D28FA290D9B39D16379C410070E0E3A6376FDEE51CE1 ] C:\Program Files\iTunes\iTunesHelper.exe 18:25:19.0893 0x06c0 iTunesHelper - ok 18:25:20.0027 0x06c0 [ 724CB7A116F7E1A67009D751BCF86586, F0C4BE7451C5573AD584F5EF125C0702841E30D928909B5B3EA702831EF2FD9B ] c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe 18:25:20.0033 0x06c0 CLMLServer_For_P2G8 - ok 18:25:20.0051 0x06c0 [ B35B97FC934A9A7D02232094128CD636, 08F9E36F7DB86325986712210DF1B235DAC4F76FB599D2756E863A9FAFEBD57B ] c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe 18:25:20.0062 0x06c0 CLVirtualDrive - ok 18:25:20.0114 0x06c0 [ F316A9C0C8BBA9D2A98BE70EE0D8CA96, 20C83B6D1706DED7B645008CD29346A5FD14A4F67FCF17FED28E7A17F021E15B ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe 18:25:20.0130 0x06c0 avgnt - ok 18:25:20.0208 0x06c0 [ CE5C9977DA751DDC30952AC4DCBCA788, 295172C4681E9AC27121122CDD2BA6F2A62435917A083CC8490D584CA0164BE6 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe 18:25:20.0213 0x06c0 HP Software Update - ok 18:25:20.0344 0x06c0 [ 341ADA552AAC541FD34C262296C256EE, 32672460EDDD46550955508343904705D8F26E10F713E3CACDC84689567A9ECF ] C:\Program Files (x86)\Steam\steam.exe 18:25:20.0413 0x06c0 Steam - ok 18:25:20.0525 0x06c0 [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe 18:25:20.0573 0x06c0 HP Deskjet 3050A J611 series (NET) - ok 18:25:20.0916 0x06c0 [ 8E3A4D64A060C5CAA90F3B0C15A7DFE9, 62CEE1449AF368A5FA16DDF9690526965C32979564CF66BD8B3BB534110A910C ] C:\Users\André\AppData\Roaming\Spotify\SpotifyWebHelper.exe 18:25:20.0977 0x06c0 Spotify Web Helper - ok 18:25:21.0121 0x06c0 [ 96C06D6C65559D1B7D6C5A62288725EE, 61CCCA9248742414AAE8973DF121CE2E7EC1385D219E3F3D306EAA3A2989C28C ] C:\Users\André\AppData\Roaming\Spotify\Spotify.exe 18:25:21.0173 0x1b50 Object send P2P result: true 18:25:21.0181 0x1b50 Object required for P2P: [ BF8F54CA37E9C9D6582C31C5761F8C93 ] TsUsbFlt 18:25:21.0290 0x06c0 Spotify - ok 18:25:21.0319 0x06c0 Skype - ok 18:25:21.0482 0x06c0 [ 35C570B08308326298DB8298376226A8, 2932C15E6B8BC854C2648DBF66F14531A4CF672C5D84244C9310CA8EEE1C55BC ] C:\Program Files\CCleaner\CCleaner64.exe 18:25:21.0653 0x06c0 CCleaner Monitoring - ok 18:25:21.0719 0x06c0 [ BF8A25CE852A1F083367A8D014B36B6F, F8B40EF17912CB333384BB3E5546A62B3849F752929A893CB07B21C66AFE96F4 ] C:\Users\André\AppData\Roaming\faraday-1\faraday-73.exe 18:25:21.0745 0x06c0 faraday-84 - detected UnsignedFile.Multi.Generic ( 1 ) 18:25:23.0581 0x1b50 Object send P2P result: true 18:25:24.0187 0x06c0 faraday-84 ( UnsignedFile.Multi.Generic ) - warning 18:25:26.0009 0x06fc Object required for P2P: [ 341ADA552AAC541FD34C262296C256EE ] C:\Program Files (x86)\Steam\steam.exe 18:25:26.0531 0x06c0 Waiting for KSN requests completion. In queue: 5 18:25:27.0533 0x06c0 Waiting for KSN requests completion. In queue: 5 18:25:28.0417 0x06fc Object send P2P result: true 18:25:28.0417 0x06fc Object required for P2P: [ 8E3A4D64A060C5CAA90F3B0C15A7DFE9 ] C:\Users\André\AppData\Roaming\Spotify\SpotifyWebHelper.exe 18:25:28.0534 0x06c0 Waiting for KSN requests completion. In queue: 3 18:25:29.0534 0x06c0 Waiting for KSN requests completion. In queue: 3 18:25:30.0535 0x06c0 Waiting for KSN requests completion. In queue: 3 18:25:30.0840 0x06fc Object send P2P result: true 18:25:30.0840 0x06fc Object required for P2P: [ 96C06D6C65559D1B7D6C5A62288725EE ] C:\Users\André\AppData\Roaming\Spotify\Spotify.exe 18:25:31.0535 0x06c0 Waiting for KSN requests completion. In queue: 2 18:25:32.0535 0x06c0 Waiting for KSN requests completion. In queue: 2 18:25:33.0265 0x06fc Object send P2P result: true 18:25:33.0549 0x06c0 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.17.264 ), 0x41000 ( enabled : updated ) 18:25:33.0549 0x06c0 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated ) 18:25:33.0557 0x06c0 Win FW state via NFP2: enabled ( trusted ) 18:25:35.0903 0x06c0 ============================================================ 18:25:35.0903 0x06c0 Scan finished 18:25:35.0903 0x06c0 ============================================================ 18:25:35.0907 0x03d4 Detected object count: 1 18:25:35.0907 0x03d4 Actual detected object count: 1 18:26:50.0825 0x03d4 faraday-84 ( UnsignedFile.Multi.Generic ) - skipped by user 18:26:50.0825 0x03d4 faraday-84 ( UnsignedFile.Multi.Generic ) - User select action: Skip |
10.05.2016, 19:10 | #6 |
/// TB-Ausbilder | Windows 8: Für mich unbekannter Trojaner von Avira gefunden Servus, du bist mit einem Trojaner infiziert, der Online-Banking ausspioniert. Keine Online-Geschäfte mehr bitte! Servus, Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start CloseProcesses: HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\RunOnce: [faraday-84] => C:\Users\André\AppData\Roaming\faraday-1\faraday-73.exe [777216 2016-05-10] () HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Policies\Explorer: [DisallowRun] 1 C:\Users\André\AppData\Roaming\faraday-1 HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [faraday-84] => C:\Users\André\AppData\Roaming\faraday-1\faraday-73.exe [777216 2016-05-10] () C:\ProgramData\componet-66 C:\Users\André\AppData\Roaming\scsi2-13 C:\ProgramData\uum RemoveProxy: EmptyTemp: end Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2
Bitte poste mit deiner nächsten Antwort
|
10.05.2016, 19:44 | #7 |
| Windows 8: Für mich unbekannter Trojaner von Avira gefunden Hey, danke für deine Hilfe! Hier sind nun die Log Dateien! Ich habe jedoch noch eine Frage undzwar hast du geschrieben "Keine Online-Geschäfte mehr bitte!", das gilt jetzt aber nur während der Trojaner noch da ist? Danach ist alles wieder picobello oder? Ich bin leider sehr vorsichtig, wenn ich gewarnt werde! Fixlog Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:09-05-2016 durchgeführt von André (2016-05-10 20:28:44) Run:1 Gestartet von C:\Users\André\Desktop Geladene Profile: André (Verfügbare Profile: André) Start-Modus: Normal ============================================== fixlist Inhalt: ***************** start CloseProcesses: HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\RunOnce: [faraday-84] => C:\Users\André\AppData\Roaming\faraday-1\faraday-73.exe [777216 2016-05-10] () HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Policies\Explorer: [DisallowRun] 1 C:\Users\André\AppData\Roaming\faraday-1 HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [faraday-84] => C:\Users\André\AppData\Roaming\faraday-1\faraday-73.exe [777216 2016-05-10] () C:\ProgramData\componet-66 C:\Users\André\AppData\Roaming\scsi2-13 C:\ProgramData\uum RemoveProxy: EmptyTemp: end ***************** Prozess erfolgreich geschlossen. HKU\S-1-5-21-447048058-3512354665-2473454594-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\faraday-84 => Wert nicht gefunden. HKU\S-1-5-21-447048058-3512354665-2473454594-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisallowRun => Wert erfolgreich entfernt "C:\Users\André\AppData\Roaming\faraday-1" => nicht gefunden. HKU\S-1-5-21-447048058-3512354665-2473454594-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\RunOnce\\faraday-84 => Wert nicht gefunden. C:\ProgramData\componet-66 => erfolgreich verschoben C:\Users\André\AppData\Roaming\scsi2-13 => erfolgreich verschoben C:\ProgramData\uum => erfolgreich verschoben ========= RemoveProxy: ========= HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt HKU\S-1-5-21-447048058-3512354665-2473454594-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt HKU\S-1-5-21-447048058-3512354665-2473454594-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt ========= Ende von RemoveProxy: ========= EmptyTemp: => 1 GB temporäre Dateien entfernt. Das System musste neu gestartet werden. ==== Ende von Fixlog 20:29:08 ==== Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:09-05-2016 durchgeführt von André (Administrator) auf ANDRÉ-PC (10-05-2016 20:33:06) Gestartet von C:\Users\André\Desktop Geladene Profile: André (Verfügbare Profile: André) Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Bitsum LLC) C:\Program Files\ParkControl\ParkControl.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (NVIDIA Corporation) C:\Users\André\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Konami Digital Entertainment) C:\Program Files (x86)\Steam\SteamApps\common\MGS_TPP\mgsvtpp.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2013-11-20] (Hewlett-Packard ) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-11-20] (IDT, Inc.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2396096 2016-03-30] (NVIDIA Corporation) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.) HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink) HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [814608 2016-05-10] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-03-18] (Apple Inc.) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-03-30] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [FireStormStartUpAutoRun] => C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe [24278016 2015-03-11] (PC Partner Co.Ltd) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Spotify Web Helper] => C:\Users\André\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-04-26] (Spotify Ltd) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Spotify] => C:\Users\André\AppData\Roaming\Spotify\Spotify.exe [6890608 2016-04-26] (Spotify Ltd) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [51662464 2016-04-08] (Skype Technologies S.A.) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8813784 2016-03-11] (Piriform Ltd) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\MountPoints2: {4314a68d-f93b-11e3-bef5-b4b52fc7b10a} - "G:\setup.exe" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\MountPoints2: {8fad102a-54d2-11e2-be6d-806e6f6e6963} - "E:\ZToolBar.exe" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [132608 2014-11-21] (Microsoft Corporation) Startup: C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scsi2-6.lnk [2016-05-10] ShortcutTarget: scsi2-6.lnk -> C:\FRST\Quarantine\C\Users\André\AppData\Roaming\scsi2-13\scsi2-7.exe (SkinSharp Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{9A94A0F4-2D9B-45C3-9E0A-94ED23BCC2BF}: [DhcpNameServer] 192.168.0.1 192.168.0.2 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKLM -> {E9CF137E-FB25-49C6-A0D0-A0DE744D2C27} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKU\S-1-5-21-447048058-3512354665-2473454594-1001 -> DefaultScope {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout SearchScopes: HKU\S-1-5-21-447048058-3512354665-2473454594-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25] (HP) BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-11-07] (DVDVideoSoft Ltd.) BHO-x32: Kein Name -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> Keine Datei BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-19] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-19] (Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP) DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095} DPF: HKLM-x32 {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.203.0.cab DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} hxxps://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.96.0.cab Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies) FireFox: ======== FF ProfilePath: C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-16] () FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [Keine Datei] FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-16] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-16] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] () FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [Keine Datei] FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-07-18] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-07-18] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-19] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-19] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-03-08] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-03-08] (NVIDIA Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-447048058-3512354665-2473454594-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\André\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-05-03] (Adobe Systems Inc.) FF Extension: WEB.DE MailCheck - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\extensions\mailcheck@web.de [2016-03-18] FF Extension: FoxyProxy Standard - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\Extensions\foxyproxy@eric.h.jung [2016-02-18] FF Extension: ProxTube - Unblock YouTube - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\Extensions\ich@maltegoetz.de.xpi [2016-01-25] FF Extension: Game Debate PC System Requirement Tool - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\Extensions\jid1-E6k1NoroBGfTwA@jetpack.xpi [2016-04-28] FF Extension: Adblock Plus - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28] Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\André\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx <nicht gefunden> ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [970656 2016-05-10] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [467016 2016-05-10] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [467016 2016-05-10] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1435704 2016-05-10] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [272304 2016-03-30] (Avira Operations GmbH & Co. KG) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1860616 2016-04-04] () R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-03-23] (Digital Wave Ltd.) S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [243984 2016-03-22] (EasyAntiCheat Ltd) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-03-30] (NVIDIA Corporation) R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-18] (Hewlett-Packard Company) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert] R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-03-30] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-03-30] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-03-30] (NVIDIA Corporation) S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-26] (Electronic Arts) R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2015-03-26] () R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-11-20] (IDT, Inc.) [Datei ist nicht signiert] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2014-03-01] (Advanced Micro Devices, Inc.) S3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [13209088 2014-07-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert] S3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [626688 2014-07-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert] S3 athrusb; C:\Windows\system32\DRIVERS\athrxusb.sys [1075712 2008-07-29] (Atheros Communications, Inc.) S3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Advanced Micro Devices) [Datei ist nicht signiert] R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-03-15] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146712 2016-05-10] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-15] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-05-10] (Avira Operations GmbH & Co. KG) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-03-30] (NVIDIA Corporation) R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [47672 2016-03-08] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-03-21] (NVIDIA Corporation) S3 USBTINSP; C:\Windows\System32\drivers\tinspusb.sys [142848 2010-03-29] (Texas Instruments) U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [71680 2014-04-30] (Microsoft Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) S3 ZDCNDIS6a64; C:\windows\system32\ZDCNDIS6a64.sys [41280 2009-06-26] (Printing Communications Assoc., Inc. (PCAUSA)) S3 ZDCNDIS6a64; C:\windows\SysWOW64\ZDCNDIS6a64.sys [41280 2009-06-26] (Printing Communications Assoc., Inc. (PCAUSA)) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-05-10 20:30 - 2016-05-10 20:31 - 00000000 ____D C:\ProgramData\uum 2016-05-10 20:28 - 2016-05-10 20:29 - 00002586 _____ C:\Users\André\Desktop\Fixlog.txt 2016-05-10 18:38 - 2016-05-10 20:29 - 00000000 ____D C:\ProgramData\algae-0 2016-05-10 18:22 - 2016-05-10 18:32 - 00468044 _____ C:\TDSSKiller.3.1.0.9_10.05.2016_18.22.23_log.txt 2016-05-10 17:59 - 2016-05-10 17:59 - 00000560 _____ C:\TDSSKiller.3.1.0.9_10.05.2016_17.59.03_log.txt 2016-05-10 17:58 - 2016-05-10 17:58 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\André\Desktop\tdsskiller.exe 2016-05-10 17:56 - 2016-05-10 17:56 - 02381312 _____ (Farbar) C:\Users\André\Downloads\FRST64(1).exe 2016-05-10 17:42 - 2016-05-10 17:42 - 00000000 ____D C:\ProgramData\AVAST Software 2016-05-10 17:34 - 2016-05-10 17:34 - 05066104 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_online.exe 2016-05-10 17:34 - 2016-05-10 17:34 - 05066104 _____ (AVAST Software) C:\Users\André\Downloads\avast_free_antivirus_setup_online.exe 2016-05-10 16:50 - 2016-05-10 16:54 - 00083169 _____ C:\Users\André\Desktop\Addition.txt 2016-05-10 16:49 - 2016-05-10 20:34 - 00022099 _____ C:\Users\André\Desktop\FRST.txt 2016-05-10 16:38 - 2016-05-10 18:04 - 00082755 _____ C:\Users\André\Downloads\Addition.txt 2016-05-10 16:33 - 2016-05-10 18:04 - 00057627 _____ C:\Users\André\Downloads\FRST.txt 2016-05-10 16:32 - 2016-05-10 20:33 - 00000000 ____D C:\FRST 2016-05-10 16:31 - 2016-05-10 16:31 - 02381312 _____ (Farbar) C:\Users\André\Desktop\FRST64.exe 2016-05-10 16:14 - 2016-05-10 16:14 - 00000094 ____H C:\Users\André\Downloads\.~lock.Hurricanes.pptx# 2016-05-10 16:12 - 2016-05-10 16:12 - 00000094 ____H C:\Users\André\Downloads\.~lock.Chemie.pptx# 2016-05-10 15:07 - 2016-05-10 15:07 - 03640384 _____ C:\Users\André\Downloads\adwcleaner_5.116.exe 2016-05-10 14:38 - 2016-05-10 14:39 - 129662736 _____ (Microsoft Corporation) C:\Users\André\Downloads\msert.exe 2016-05-10 14:28 - 2016-05-10 14:28 - 00001116 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-05-10 14:20 - 2016-05-10 14:20 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-05-10 14:20 - 2016-05-10 14:20 - 00002069 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk 2016-05-10 14:17 - 2016-05-10 14:17 - 90330808 _____ (Adobe Systems Incorporated) C:\Users\André\Downloads\AcroRdrDC1501620039_de_DE.exe 2016-05-09 21:41 - 2016-05-09 21:41 - 04489175 _____ C:\Users\André\Downloads\Hurricanes .pptx 2016-05-09 15:51 - 2016-05-09 15:51 - 00212133 _____ C:\Users\André\Desktop\WhatsApp-Image-20160509 2016-05-09 15:50 - 2016-05-09 15:51 - 00212133 _____ C:\Users\André\Downloads\WhatsApp-Image-20160509 2016-05-08 14:07 - 2016-05-08 14:07 - 00000222 _____ C:\Users\André\Desktop\Cosmic DJ.url 2016-05-08 14:07 - 2016-05-08 14:07 - 00000000 ____D C:\Users\André\AppData\LocalLow\GL33k 2016-05-08 12:08 - 2016-05-10 20:30 - 00003050 _____ C:\WINDOWS\System32\Tasks\ParkControl 2016-05-07 23:22 - 2016-05-07 23:22 - 00466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll 2016-05-07 23:22 - 2016-05-07 23:22 - 00444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll 2016-05-07 23:22 - 2016-05-07 23:22 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll 2016-05-07 23:22 - 2016-05-07 23:22 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll 2016-05-07 23:22 - 2016-05-07 23:22 - 00000000 ____D C:\Program Files (x86)\OpenAL 2016-05-06 18:17 - 2016-05-06 18:17 - 00000222 _____ C:\Users\André\Desktop\Hotline Miami 2 Wrong Number.url 2016-05-06 18:17 - 2016-05-06 18:17 - 00000137 _____ C:\Users\André\Desktop\Hotline Miami.url 2016-05-05 02:23 - 2016-05-05 02:23 - 00000000 ____D C:\Users\André\Documents\Overwatch 2016-05-05 01:08 - 2016-05-05 01:08 - 00001114 _____ C:\Users\Public\Desktop\Overwatch.lnk 2016-05-05 01:08 - 2016-05-05 01:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch 2016-05-05 01:00 - 2016-05-10 14:14 - 00000000 ____D C:\Program Files (x86)\Overwatch 2016-05-02 20:13 - 2016-05-02 20:15 - 85367756 _____ C:\Users\André\Downloads\Why Do We Fall - Motivational Video.mp4 2016-05-02 19:19 - 2016-04-30 21:42 - 04483870 _____ C:\Users\André\Desktop\Hurricanes.pptx 2016-05-02 19:14 - 2016-05-02 19:15 - 00477426 _____ C:\Users\André\Downloads\Chemie.pptx 2016-05-02 18:46 - 2016-05-02 18:46 - 00169110 _____ C:\Users\André\Downloads\WhatsApp-Image-20160502 2016-05-02 18:10 - 2016-05-02 18:10 - 00194857 _____ C:\Users\André\Downloads\WhatsApp-Image-20160430 2016-04-30 14:56 - 2016-04-30 14:56 - 00001644 _____ C:\Users\André\Desktop\Neues Textdokument.txt 2016-04-30 12:56 - 2016-04-30 12:56 - 04448793 _____ C:\Users\André\Downloads\Hurricanes.pptx 2016-04-26 20:11 - 2016-04-26 20:11 - 00121060 _____ C:\Users\André\Downloads\Cgco6leh.jpeg 2016-04-25 16:48 - 2016-04-25 16:48 - 00146693 _____ C:\Users\André\Downloads\GlSILUQj.jpeg 2016-04-24 20:55 - 2016-04-24 20:57 - 00000000 ____D C:\Users\André\AppData\Roaming\MediaPurge 2016-04-24 20:55 - 2016-04-24 20:55 - 00001945 _____ C:\Users\André\Desktop\Mediapurge.lnk 2016-04-24 20:55 - 2016-04-24 20:55 - 00000000 ____D C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mediapurge 2016-04-24 20:55 - 2016-04-24 20:55 - 00000000 ____D C:\Program Files (x86)\Mediapurge 2016-04-24 20:54 - 2016-04-24 20:54 - 01475080 _____ C:\Users\André\Downloads\MediaPurge - CHIP-Installer.exe 2016-04-24 20:44 - 2016-04-24 20:44 - 00001259 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk 2016-04-22 22:15 - 2016-04-22 22:15 - 74885612 _____ C:\Users\André\Downloads\3DM-MGS5-v1.005-Crack_only.rar 2016-04-21 10:01 - 2016-04-23 14:37 - 00000000 ____D C:\driver_memscan 2016-04-16 14:22 - 2016-04-16 14:22 - 00000222 _____ C:\Users\André\Desktop\Call of Duty Black Ops II - Zombies.url 2016-04-16 14:18 - 2016-04-16 14:18 - 00000222 _____ C:\Users\André\Desktop\Call of Duty Black Ops II - Multiplayer.url 2016-04-16 13:56 - 2016-04-16 13:56 - 00000222 _____ C:\Users\André\Desktop\Call of Duty Black Ops II.url 2016-04-14 16:11 - 2016-04-14 16:11 - 00000836 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-04-14 16:11 - 2016-04-14 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2016-04-14 16:07 - 2016-04-14 16:07 - 05683392 _____ (Piriform Ltd) C:\Users\André\Downloads\ccsetup516_slim.exe 2016-04-13 18:45 - 2016-04-13 18:49 - 00000518 _____ C:\Users\André\Documents\Neues Textdokument.txt 2016-04-13 13:58 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-04-13 13:58 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-04-13 13:58 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-04-13 13:58 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-04-13 13:58 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-04-13 13:58 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-04-13 13:58 - 2016-03-31 01:43 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-04-13 13:58 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-04-13 13:58 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-04-13 13:58 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-04-13 13:58 - 2016-03-31 01:23 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-04-13 13:58 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-04-13 13:58 - 2016-02-02 20:16 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys 2016-04-13 13:57 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-04-13 13:57 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2016-04-13 13:57 - 2016-03-31 01:56 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2016-04-13 13:57 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2016-04-13 13:57 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2016-04-13 13:57 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-04-13 13:57 - 2016-03-31 01:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2016-04-13 13:57 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2016-04-13 13:57 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2016-04-13 13:57 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-04-13 13:57 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-04-13 13:57 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2016-04-13 13:57 - 2016-03-31 01:30 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2016-04-13 13:57 - 2016-03-31 01:27 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2016-04-13 13:57 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2016-04-13 13:57 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-04-13 13:57 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-04-13 13:57 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-04-13 13:57 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-04-13 13:57 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-04-13 13:57 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-04-13 13:57 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-04-13 13:56 - 2016-04-04 08:35 - 00046768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-04-13 13:56 - 2016-04-02 15:26 - 01386496 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-04-13 13:56 - 2016-04-02 15:26 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-04-13 13:56 - 2016-03-28 15:21 - 00698368 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-04-13 13:56 - 2016-03-28 15:21 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-04-13 13:56 - 2016-03-28 15:21 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-04-13 13:56 - 2016-03-28 15:21 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2016-04-13 13:56 - 2016-03-28 15:21 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-04-13 13:56 - 2016-03-16 01:00 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-04-13 13:56 - 2016-03-15 16:14 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-04-13 13:56 - 2016-03-11 16:48 - 00833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2016-04-13 13:56 - 2016-03-10 20:22 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2016-04-13 13:56 - 2016-03-10 20:21 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2016-04-13 13:56 - 2016-03-10 20:20 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2016-04-13 13:56 - 2016-03-10 19:44 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2016-04-13 13:56 - 2016-03-10 19:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2016-04-13 13:56 - 2016-03-10 19:03 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll 2016-04-13 13:56 - 2016-03-10 18:48 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll 2016-04-13 13:56 - 2016-03-03 18:47 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2016-04-13 13:56 - 2016-03-03 18:33 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2016-04-13 13:56 - 2016-03-03 03:39 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-04-13 13:56 - 2016-03-03 03:39 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-04-13 13:56 - 2016-02-09 03:31 - 22365472 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-04-13 13:56 - 2016-02-09 03:31 - 19794896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-04-13 13:56 - 2016-02-09 03:31 - 02757616 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-04-13 13:56 - 2016-02-09 03:31 - 02412576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-04-13 13:56 - 2016-02-09 03:31 - 00273264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2016-04-13 13:56 - 2016-02-08 22:55 - 02712576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2016-04-13 13:56 - 2016-02-08 22:15 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll 2016-04-13 13:56 - 2016-02-08 22:02 - 01197056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll 2016-04-13 13:56 - 2016-02-08 21:48 - 12879360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-04-13 13:56 - 2016-02-08 21:43 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2016-04-13 13:56 - 2016-02-08 21:40 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll 2016-04-13 13:56 - 2016-02-08 21:39 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll 2016-04-13 13:56 - 2016-02-08 21:37 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll 2016-04-13 13:56 - 2016-02-08 21:35 - 00954880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2016-04-13 13:56 - 2016-02-08 21:34 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2016-04-13 13:56 - 2016-02-08 21:33 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll 2016-04-13 13:56 - 2016-02-08 20:50 - 03120640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2016-04-13 13:56 - 2016-02-08 19:55 - 02592256 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll 2016-04-13 13:56 - 2016-02-08 19:33 - 01278464 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll 2016-04-13 13:56 - 2016-02-08 19:12 - 14466560 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-04-13 13:56 - 2016-02-08 19:02 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2016-04-13 13:56 - 2016-02-08 19:00 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll 2016-04-13 13:56 - 2016-02-08 18:58 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll 2016-04-13 13:56 - 2016-02-08 18:55 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll 2016-04-13 13:56 - 2016-02-08 18:53 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll 2016-04-13 13:56 - 2016-02-08 18:53 - 01348096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-04-13 13:56 - 2016-02-08 18:50 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2016-04-13 13:56 - 2016-02-08 18:50 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2016-04-13 13:56 - 2016-02-08 18:48 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2016-04-13 13:56 - 2016-02-08 18:47 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2016-04-13 13:56 - 2016-02-08 18:44 - 00955392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2016-04-13 13:56 - 2016-02-05 16:46 - 01455104 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe 2016-04-13 13:56 - 2016-02-03 17:14 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys 2016-04-13 13:56 - 2016-02-03 17:11 - 01673728 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll 2016-04-13 13:56 - 2016-02-02 19:51 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll 2016-04-13 13:56 - 2016-02-02 19:19 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll 2016-04-13 13:56 - 2016-02-02 19:15 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll 2016-04-13 13:56 - 2016-02-02 19:01 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll 2016-04-13 13:56 - 2016-02-02 18:51 - 02609152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll 2016-04-13 13:56 - 2016-02-02 18:48 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll 2016-04-13 13:56 - 2016-02-02 18:46 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll 2016-04-13 13:56 - 2016-02-02 18:41 - 02170880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2016-04-13 13:56 - 2016-02-02 18:39 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll 2016-04-13 13:56 - 2016-01-27 17:18 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2016-04-13 13:56 - 2016-01-26 21:15 - 00072024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys 2016-04-13 13:56 - 2016-01-21 21:35 - 00952928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2016-04-13 13:56 - 2016-01-21 20:42 - 00786152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2016-04-13 13:56 - 2016-01-21 00:40 - 00099672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys 2016-04-13 13:56 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2016-04-13 13:56 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2016-04-13 13:55 - 2016-03-29 16:05 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2016-04-13 13:55 - 2016-03-10 21:19 - 07452512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-04-13 13:55 - 2016-03-10 21:17 - 01663192 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-04-13 13:55 - 2016-03-10 21:17 - 01523216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-04-13 13:55 - 2016-03-10 21:17 - 01490128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2016-04-13 13:55 - 2016-03-10 21:17 - 01358960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2016-04-13 13:55 - 2016-03-10 21:17 - 01133752 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-04-13 13:55 - 2016-03-10 19:48 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-04-13 13:55 - 2016-03-10 19:43 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll 2016-04-13 13:55 - 2016-03-10 18:55 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll 2016-04-13 13:55 - 2016-03-10 18:42 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll 2016-04-13 13:55 - 2016-03-03 18:13 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll 2016-04-13 13:55 - 2016-02-07 01:05 - 00551256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2016-04-13 13:55 - 2016-02-07 00:41 - 00316760 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys 2016-04-13 13:55 - 2016-02-05 21:07 - 00378712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2016-04-13 13:55 - 2016-02-05 17:11 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2016-04-13 13:55 - 2016-02-05 17:11 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL 2016-04-13 13:55 - 2016-02-05 17:07 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL 2016-04-13 13:55 - 2016-02-05 17:02 - 01083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2016-04-13 13:55 - 2016-02-04 20:07 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpsapi.dll 2016-04-13 13:55 - 2016-02-04 19:35 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpsapi.dll 2016-04-13 13:55 - 2016-02-04 18:23 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll 2016-04-13 13:55 - 2016-02-04 18:22 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll 2016-04-13 13:55 - 2016-02-02 19:18 - 01574912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe 2016-04-13 13:55 - 2016-01-31 19:17 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe 2016-04-13 13:55 - 2016-01-22 07:22 - 02487296 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll 2016-04-13 13:55 - 2016-01-22 07:11 - 01482240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-05-10 20:32 - 2015-02-22 21:08 - 00753152 ___SH C:\Users\André\Downloads\Thumbs.db 2016-05-10 20:30 - 2016-03-18 22:35 - 00000000 ____D C:\ProgramData\NVIDIA 2016-05-10 20:30 - 2015-02-01 12:26 - 00601600 ___SH C:\Users\André\Desktop\Thumbs.db 2016-05-10 20:30 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-05-10 20:30 - 2013-02-02 18:30 - 00000000 ____D C:\Program Files (x86)\Steam 2016-05-10 20:28 - 2013-01-11 20:51 - 00000000 ____D C:\Users\André\AppData\LocalLow\Temp 2016-05-10 20:12 - 2013-01-03 15:41 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-05-10 19:42 - 2013-01-02 14:08 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-447048058-3512354665-2473454594-1001 2016-05-10 18:15 - 2016-03-19 15:32 - 00000000 ____D C:\Users\André\AppData\Local\CrashDumps 2016-05-10 18:15 - 2013-05-04 10:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2016-05-10 18:13 - 2013-05-07 16:01 - 00078208 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys 2016-05-10 18:13 - 2013-05-04 10:38 - 00146712 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys 2016-05-10 17:36 - 2014-09-24 19:06 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-05-10 17:23 - 2013-08-22 15:25 - 01048576 ___SH C:\WINDOWS\system32\config\BBI 2016-05-10 17:17 - 2013-01-03 16:09 - 00000000 ____D C:\Users\André\AppData\Roaming\Skype 2016-05-10 16:37 - 2015-03-13 21:29 - 00000000 ____D C:\Users\André\Downloads\Archives 2016-05-10 15:50 - 2013-02-18 14:36 - 00007667 _____ C:\Users\André\AppData\Local\resmon.resmoncfg 2016-05-10 15:43 - 2013-11-11 21:04 - 00000000 ____D C:\AdwCleaner 2016-05-10 15:33 - 2014-09-24 19:06 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-05-10 15:33 - 2014-01-06 18:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-05-10 14:28 - 2014-09-24 19:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-05-10 14:21 - 2014-12-29 11:31 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2016-05-10 14:20 - 2013-01-05 14:01 - 00000000 ____D C:\Program Files (x86)\Adobe 2016-05-10 14:20 - 2013-01-03 15:39 - 00000000 ____D C:\ProgramData\Adobe 2016-05-10 14:15 - 2015-02-06 20:43 - 00003930 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E60977FA-3A81-4898-8919-E45EAAFEA251} 2016-05-10 14:13 - 2015-07-29 16:33 - 00000000 ____D C:\Users\André\AppData\Local\Battle.net 2016-05-10 14:13 - 2015-07-29 16:33 - 00000000 ____D C:\Program Files (x86)\Battle.net 2016-05-09 21:53 - 2014-11-21 05:35 - 01980998 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-05-09 21:53 - 2014-11-21 04:45 - 00841326 _____ C:\WINDOWS\system32\perfh007.dat 2016-05-09 21:53 - 2014-11-21 04:45 - 00191558 _____ C:\WINDOWS\system32\perfc007.dat 2016-05-09 21:53 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf 2016-05-09 21:44 - 2013-06-19 16:13 - 00000000 ____D C:\Users\André\AppData\Roaming\TS3Client 2016-05-09 20:47 - 2014-01-13 17:25 - 00000000 ____D C:\Users\André\AppData\Local\DayZ 2016-05-08 20:22 - 2015-10-01 18:48 - 00000000 ____D C:\Users\André\AppData\Roaming\Spotify 2016-05-08 20:17 - 2015-10-09 13:23 - 00000000 ____D C:\Users\André\AppData\Local\Spotify 2016-05-08 19:54 - 2015-04-02 12:38 - 00000000 ____D C:\Users\André\Downloads\Wallpaper 2016-05-08 12:15 - 2015-01-30 20:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-05-07 23:23 - 2013-07-06 14:35 - 00000000 ____D C:\Users\André\Documents\My Games 2016-05-06 14:25 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-05-06 14:23 - 2015-08-30 19:09 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX 2016-05-06 14:23 - 2015-08-30 19:09 - 00000000 ___SD C:\WINDOWS\system32\GWX 2016-05-06 14:23 - 2015-02-03 19:00 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-05-05 00:43 - 2016-03-26 00:19 - 00000000 ____D C:\Program Files (x86)\Hearthstone 2016-05-04 21:02 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps 2016-05-04 21:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-05-02 20:31 - 2013-01-12 14:43 - 00000000 ____D C:\Users\André\AppData\Local\ElevatedDiagnostics 2016-04-29 21:41 - 2016-02-18 20:30 - 00000000 ____D C:\Users\André\Documents\CCleaner Reg Backups! 2016-04-29 07:31 - 2015-03-24 14:29 - 00000000 ____D C:\Users\André\Downloads\LUPO 2016-04-29 06:35 - 2013-01-11 20:49 - 00000000 ____D C:\Users\André\AppData\Roaming\DVDVideoSoft 2016-04-27 20:40 - 2014-08-16 14:13 - 00000000 ____D C:\ProgramData\Package Cache 2016-04-27 20:20 - 2013-09-06 14:40 - 00000000 ____D C:\Users\André\AppData\Roaming\OBS 2016-04-26 15:17 - 2016-02-17 15:39 - 00000000 ____D C:\Users\André\AppData\Local\TeamSpeak 3 Client 2016-04-26 13:01 - 2016-01-01 15:33 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-04-26 13:01 - 2013-01-03 16:09 - 00000000 ____D C:\ProgramData\Skype 2016-04-24 20:44 - 2016-03-25 15:57 - 00001416 _____ C:\Users\Public\Desktop\Free YouTube To MP3 Converter.lnk 2016-04-24 20:44 - 2013-08-18 13:28 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft 2016-04-24 20:44 - 2013-01-11 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2016-04-20 12:35 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache 2016-04-16 21:16 - 2013-01-03 15:41 - 00003766 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2016-04-14 16:20 - 2013-01-02 14:01 - 00000000 ____D C:\Users\André\AppData\Local\Packages 2016-04-14 16:18 - 2012-11-22 11:37 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-04-14 16:17 - 2013-01-18 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ 2016-04-14 16:17 - 2013-01-18 20:38 - 00000000 ____D C:\Program Files (x86)\THQ 2016-04-14 16:15 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files\Windows Sidebar 2016-04-14 16:15 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar 2016-04-14 16:12 - 2015-03-27 22:10 - 00000000 ____D C:\WINDOWS\Minidump 2016-04-14 14:43 - 2013-08-22 16:44 - 00405368 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-04-13 20:59 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData 2016-04-13 19:20 - 2013-08-15 12:24 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-04-13 19:17 - 2013-01-03 18:22 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-04-13 13:50 - 2016-01-13 13:43 - 00177488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-04-13 13:47 - 2016-03-09 15:30 - 01501488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-04-13 13:47 - 2016-03-09 15:30 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2016-04-13 13:46 - 2016-03-09 15:30 - 01737080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-09-14 19:20 - 2014-09-14 19:20 - 0000297 _____ () C:\Users\André\AppData\Roaming\BreakingPoint_Login.ini 2014-09-14 19:23 - 2014-09-14 19:23 - 0001370 _____ () C:\Users\André\AppData\Roaming\BreakingPoint_Options.ini 2014-02-15 10:22 - 2014-02-15 10:22 - 0000011 _____ () C:\Users\André\AppData\Roaming\Network Meter_Usage.ini 2013-08-21 13:54 - 2013-12-21 14:58 - 0000134 _____ () C:\Users\André\AppData\Roaming\Network Monitor II_Traffic.ini 2013-08-21 13:04 - 2013-08-21 13:04 - 0000725 _____ () C:\Users\André\AppData\Roaming\Ping Monitor_Settings.ini 2014-12-21 15:16 - 2014-12-21 15:16 - 0000000 _____ () C:\Users\André\AppData\Roaming\Stardockfences_debug_snapshot.dat 2014-06-19 18:50 - 2014-06-19 18:50 - 0000024 _____ () C:\Users\André\AppData\Roaming\temp.ini 2013-02-16 16:01 - 2013-02-19 18:05 - 0004608 _____ () C:\Users\André\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-03-13 21:16 - 2016-03-13 21:16 - 0007890 _____ () C:\Users\André\AppData\Local\recently-used.xbel 2013-02-18 14:36 - 2016-05-10 15:50 - 0007667 _____ () C:\Users\André\AppData\Local\resmon.resmoncfg 2013-11-25 18:04 - 2013-11-25 18:04 - 0000057 _____ () C:\ProgramData\Ament.ini 2013-01-02 14:02 - 2013-01-02 14:02 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\André\Arcanum4.dat C:\Users\André\Arcanum5.dat C:\Users\André\Arcanum6.dat Einige Dateien in TEMP: ==================== C:\Users\André\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-05-06 14:22 ==================== Ende von FRST.txt ============================ |
10.05.2016, 19:45 | #8 |
| Windows 8: Für mich unbekannter Trojaner von Avira gefunden Addition Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:09-05-2016 durchgeführt von André (2016-05-10 20:34:25) Gestartet von C:\Users\André\Desktop Windows 8.1 (X64) (2015-01-31 20:32:58) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-447048058-3512354665-2473454594-500 - Administrator - Enabled) André (S-1-5-21-447048058-3512354665-2473454594-1001 - Administrator - Enabled) => C:\Users\André Gast (S-1-5-21-447048058-3512354665-2473454594-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-447048058-3512354665-2473454594-1003 - Limited - Enabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20039 - Adobe Systems Incorporated) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated) Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version: - Ensemble Studios) Apple Application Support (32-Bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) Arma 3 (HKLM\...\Steam App 107410) (Version: - Bohemia Interactive) Assassin's Creed IV Black Flag (HKLM-x32\...\Steam App 242050) (Version: - Ubisoft Montreal) Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG) Avira Launcher (HKLM-x32\...\{3b87484e-d70b-4b4f-ad59-2ae89571e2cf}) (Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG) Avira Launcher (HKLM-x32\...\{74d1ef14-dd39-4749-b051-e183a1e27f5e}) (Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG) Avira Launcher (HKLM-x32\...\{ccdc9cfe-8ba7-4c6c-ac5f-b2d6cfa49efc}) (Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG) Avira Launcher (x32 Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG) Hidden Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield 2(TM) (HKLM-x32\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version: - ) Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Call of Duty: Black Ops II - Multiplayer (HKLM\...\Steam App 202990) (Version: - Treyarch) Call of Duty: Black Ops II - Zombies (HKLM\...\Steam App 212910) (Version: - ) Call of Duty: Black Ops II (HKLM\...\Steam App 202970) (Version: - Treyarch) Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform) Cosmic DJ (HKLM\...\Steam App 297110) (Version: - Gl33k) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.) CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.) CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.) CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4319 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DayZ (HKLM\...\Steam App 221100) (Version: - Bohemia Interactive) Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - Klei Entertainment) Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version: - Klei Entertainment) DVDVideoSoftTB DE Toolbar (HKLM-x32\...\DVDVideoSoftTB_DE Toolbar) (Version: 6.9.0.16 - DVDVideoSoftTB DE) Empire Earth II (HKLM-x32\...\{DF315348-721C-40B8-BAE2-58C6C7D935A2}) (Version: 1.02 - Sierra) Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version: - Bethesda Game Studios) Fistful of Frags (HKLM-x32\...\Steam App 265630) (Version: - Fistful of Frags Team) Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Garry) GD Hardware Scan (HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\GD Hardware Scan) (Version: 00.00.00.01 - Social Web Tech LTD) Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version: - Rockstar North) Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden Hotline Miami (HKLM\...\Steam App 219150) (Version: - Dennaton Games) Hotline Miami 2: Wrong Number (HKLM\...\Steam App 274170) (Version: - Dennaton Games) HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd) HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1206 - Hewlett-Packard) HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (HKLM\...\{61ADDE9C-3AE6-46FC-9127-DFFF637AED03}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Deskjet 3050A J611 series Hilfe (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard) HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.2.8.25 - Hewlett-Packard Company) HP Support Solutions Framework (HKLM-x32\...\{B1AD4FFB-DD17-43EC-8C30-B9E71EAD9132}) (Version: 12.2.8.17 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan) iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.) Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation) League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games ) League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden LibreOffice 4.0.0.3 (HKLM-x32\...\{8EA569F1-97AF-4C3E-A0CB-4846C2D35A81}) (Version: 4.0.0.3 - The Document Foundation) Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Mediapurge (HKLM-x32\...\Mediapurge) (Version: 5.74 - Peter Lorenz) METAL GEAR SOLID V: GROUND ZEROES (HKLM-x32\...\Steam App 311340) (Version: - Kojima Productions) METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM-x32\...\Steam App 287700) (Version: - Konami Digital Entertainment) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation) Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) Mozilla Firefox 46.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 de)) (Version: 46.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.2 - Notepad++ Team) NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 364.51 - NVIDIA Corporation) NVIDIA GeForce Experience 2.11.2.55 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.2.55 - NVIDIA Corporation) NVIDIA Grafiktreiber 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.51 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation) NVIDIA Miracast Virtueller Ton 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 364.51 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) Oblivion (HKLM-x32\...\{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}) (Version: 1.2.0416 - Bethesda Softworks) Oddworld: New 'n' Tasty (HKLM-x32\...\Steam App 314660) (Version: - Just Add Water (Developments), Ltd.) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation) Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.) Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC) ParkControl (HKLM-x32\...\ParkControl) (Version: 1.0.1.1 - Bitsum) Path of Exile (HKLM-x32\...\Steam App 238960) (Version: - Grinding Gear Games) PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.) Portal (HKLM-x32\...\Steam App 400) (Version: - Valve) Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve) Prezi (HKLM-x32\...\{63B8F931-2BF3-4D5D-9C28-E2EF88D83DFD}) (Version: 5.2.8 - Ihr Firmenname) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.) Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games) Rust (HKLM\...\Steam App 252490) (Version: - Facepunch Studios) Savant - Ascent (HKLM-x32\...\Steam App 259530) (Version: - DPad Studios) SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.11.2.55 - NVIDIA Corporation) Hidden Shovel Knight (HKLM-x32\...\Steam App 250760) (Version: - Yacht Club Games) Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.) Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.) Source SDK Base 2006 (HKLM-x32\...\Steam App 215) (Version: - Valve) Spelunky (HKLM-x32\...\Steam App 239350) (Version: - ) Splinter Cell Pandora Tomorrow (HKLM-x32\...\{084A9731-D05B-4ADA-B4A0-0ADD25FD7152}) (Version: 1.00.000 - ) Spore (HKLM-x32\...\Steam App 17390) (Version: - Maxis™) Spore: Creepy & Cute Parts Pack (HKLM-x32\...\Steam App 17440) (Version: - Maxis™) Spore: Galactic Adventures (HKLM-x32\...\Steam App 24720) (Version: - EA - Maxis) Spotify (HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Spotify) (Version: 1.0.28.87.g8f9312a4 - Spotify AB) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: 1.20.0000 - Firefly Studios) Stronghold 2 (HKLM-x32\...\{16D2C649-CBA8-44EE-B730-12584667D487}) (Version: 1.40.1000 - Firefly Studios) Stronghold Legends (HKLM-x32\...\{66A405D2-BA14-4594-BF36-B3B544F0754E}) (Version: 1.20.0000 - Firefly Studios) Studie zur Verbesserung von HP Deskjet 3050A J611 series Produkten (HKLM\...\{EF27865C-E636-47C4-8B35-CE8A88045681}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve) TeamSpeak 3 Client (HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH) Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic) The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version: - Nicalis, Inc.) The Culling (HKLM\...\Steam App 437220) (Version: - Xaviant) The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios) The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts) TI xHCI Filter Driver 1.0.0.4 (HKLM-x32\...\TI xHCI Filter Driver) (Version: 1.0.0.4 - Texas Instruments Inc.) TI-Nspire™ Computer Link (HKLM-x32\...\{6C5AC088-3136-4043-8985-8B0772A9580E}) (Version: 3.9.0.455 - Texas Instruments Inc.) Titan Quest (HKLM-x32\...\{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}) (Version: 1.00.0000 - Iron Lore) Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Steam App 359550) (Version: - Ubisoft Montreal) Tom Clancy's Splinter Cell (HKLM-x32\...\{A174402A-2EE6-4B86-A930-7BC85A9933BD}) (Version: 1.00.000 - ) Tom Clancy's Splinter Cell Chaos Theory (HKLM-x32\...\{888DD888-82BE-4D85-BCB2-2E042CD3E844}) (Version: 1.05.157 - Ubisoft) Tom Clancy's Splinter Cell Double Agent (HKLM-x32\...\{CAD1691A-FA24-4B95-9009-3257B8440ECC}) (Version: 1.00.0000 - Ubisoft) Torchlight (HKLM-x32\...\{4F64A46D-67F7-4497-AEA2-313D4305A5F6}) (Version: 1.0.0 - JoWooD) Total War: SHOGUN 2 (HKLM-x32\...\Steam App 34330) (Version: - The Creative Assembly) UE4 Prerequisites (x64) (HKLM-x32\...\{b46d36bc-2438-471e-abe8-1fbbd51754ee}) (Version: 1.0.10.0 - Epic Games, Inc.) UE4 Prerequisites (x64) (Version: 1.0.10.0 - Epic Games, Inc.) Hidden Unity Web Player (HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS) Uplay (HKLM-x32\...\Uplay) (Version: 13.0 - Ubisoft) VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN) Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.) Warface Launcher (Beta) (HKLM-x32\...\{28D1723C-31C4-4A83-9799-DFFB3739026D}) (Version: 1.0.0 - Crytek GmbH) WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 3.0.2.1739 - 1&1 Mail & Media GmbH) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) Windows Phone app for desktop (HKLM-x32\...\{19773614-FC22-4ACC-AAA3-E6BDA81ACF92}) (Version: 1.1.2726.0 - Microsoft Corporation) WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) Xfire (remove only) (HKLM-x32\...\Xfire) (Version: - ) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-447048058-3512354665-2473454594-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\André\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {07B1D83F-8BE6-4268-AC95-5B99EDED3305} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard) Task: {1134DC2D-A6A0-4857-8DFB-4E0F493CAD27} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-01-29] (Oracle Corporation) Task: {209E117D-060D-4095-8226-DA5E1595625F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-13] (Microsoft Corporation) Task: {2C070C45-DDCC-4C2E-AABF-5FE429D98BD1} - System32\Tasks\ParkControl => C:\Program Files\ParkControl\ParkControl.exe [2015-12-19] (Bitsum LLC) Task: {3580C528-E0CC-4735-86E3-63A0B8BCC508} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd) Task: {47FBDEF3-2941-4F4E-B108-6C180438BAE8} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard) Task: {49C98BDB-BD1D-44D9-96D6-A9FD5A0AA4AA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-04-06] (Hewlett-Packard) Task: {4F62D898-94B2-44CA-967B-B256E3AA2E0F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-03-07] (Hewlett-Packard) Task: {515A7EF6-E89A-4707-835F-F8036BCBB02A} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => C:\Windows\system32\GWX\GWXDetector.exe [2016-04-26] (Microsoft Corporation) Task: {6F39FF7F-B3BA-4B3A-A5AB-3A23DF5DAB64} - System32\Tasks\ScanToPCActivationApp.exe_{1848EEB4-045A-492D-97B5-A1ABDF8FFF51} => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2012-10-17] (Hewlett-Packard Co.) Task: {92B2AB27-9A52-4CB1-8134-B402BA47CF27} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {9D530CB6-040B-44AE-9475-D09A3FB7A7AC} - System32\Tasks\AdobeFlashPlayerUpdate => C:\windows\SysWOW64\FlashPlayerUpdateService.exe Task: {9DC3DA29-DD1B-43FF-AE81-EAAF2E7E2D03} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-16] (Adobe Systems Incorporated) Task: {A5222A0D-D798-4B9B-AB9E-7AE2C8386DCC} - System32\Tasks\{4E94E5CB-7B80-4D4F-9653-5B045DBB0562} => pcalua.exe -a "C:\Users\André\Desktop\Slender\Slender - The Eight Pages.exe" -d C:\Users\André\Desktop\Slender Task: {CE8DAAA5-D76A-4FA8-9C91-D49F86D10B9A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {D019B7C6-F960-47C3-90A7-9C8E4C03031F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company) Task: {D36339C6-3F6E-4807-AD00-0BB992F63485} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\windows\SysWOW64\FlashPlayerUpdateService.exe Task: {D506C41B-B7C3-473F-B43A-792AF9162E0D} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe Task: {D66487DC-8EB8-41B7-8AB1-DB26B7F97C86} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {FDD4D2D1-CB44-4FBA-B4E2-759CB8AA2E0C} - System32\Tasks\Game_Booster_Startup => C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\HP Deskjet 3050A J611 series.exe_{ADEB0F8D-477A-423E-88C7-3805843D3C4B}.job => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HP Deskjet 3050A J611 series.exeĖ-install -prfn HP Deskjet 3050A J611 series (Netzwerk) -ePCUrl hxxps:/h30495.www3.hp.com Task: C:\WINDOWS\Tasks\HPCustPartic.exe_{490607ED-986D-40BF-BE2C-16BB55AA064D}.job => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe Task: C:\WINDOWS\Tasks\ScanToPCActivationApp.exe_{E224E030-DCCD-4312-8F4E-8929E6A12B66}.job => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe Task: C:\WINDOWS\Tasks\Toolbox.exe_{69C0F34C-8CBD-4512-B13B-F24BE0CC5553}.job => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\Toolbox.exe Task: C:\WINDOWS\Tasks\XboxStatTask.job => C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2016-03-18 22:35 - 2016-03-08 08:27 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-03-18 23:56 - 2016-03-18 23:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-03-18 23:56 - 2016-03-18 23:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2016-03-18 22:37 - 2016-03-30 03:21 - 00366528 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll 2016-03-18 22:36 - 2016-03-30 03:21 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll 2016-04-01 13:38 - 2016-03-30 03:21 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll 2016-03-18 22:37 - 2016-03-30 03:22 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll 2013-01-03 19:54 - 2015-03-26 21:23 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe 2016-04-01 13:38 - 2016-03-30 03:21 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll 2016-04-01 13:38 - 2016-03-30 03:22 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll 2016-03-18 22:37 - 2016-03-30 03:22 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll 2016-04-01 13:38 - 2016-03-30 03:21 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll 2016-04-01 13:38 - 2016-03-30 03:20 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll 2016-04-01 13:38 - 2016-03-30 03:20 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll 2016-03-11 22:49 - 2016-03-11 22:49 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll 2014-11-23 10:58 - 2016-03-23 14:06 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll 2014-11-23 10:58 - 2016-03-23 14:06 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll 2014-11-23 10:58 - 2016-03-23 14:06 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll 2014-11-23 10:58 - 2016-03-23 14:06 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll 2014-11-23 10:58 - 2016-03-23 14:06 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll 2014-11-23 10:58 - 2016-03-23 14:06 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll 2016-03-18 22:36 - 2016-03-30 03:28 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2013-03-12 18:10 - 2016-04-29 22:10 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2015-01-23 16:20 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll 2014-05-23 14:15 - 2016-04-30 02:10 - 02549840 _____ () C:\Program Files (x86)\Steam\video.dll 2015-01-23 16:20 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2015-01-23 16:20 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2014-08-29 14:47 - 2016-02-09 01:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2014-08-29 14:47 - 2016-02-09 01:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2014-08-29 14:47 - 2016-02-09 01:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2014-08-29 14:47 - 2016-02-09 01:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2014-08-29 14:47 - 2016-02-09 01:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2013-02-02 18:37 - 2016-04-30 02:10 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2016-03-09 15:02 - 2016-02-18 00:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll 2013-02-02 18:37 - 2016-04-28 03:00 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2012-11-22 11:38 - 2012-07-18 10:50 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\André\Downloads\Wallpaper\wallhaven-156813.jpg DNS Servers: 192.168.0.1 - 192.168.0.2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: AMD External Events Utility => 2 MSCONFIG\Services: Apple Mobile Device => 2 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: Origin Client Service => 3 MSCONFIG\Services: WeGameClientService => 2 HKLM\...\StartupApproved\StartupFolder: => "Speedport W 101 WLAN Manager.lnk" HKLM\...\StartupApproved\StartupFolder: => "LOLRecorder.lnk" HKLM\...\StartupApproved\StartupFolder: => "simplicheck.lnk" HKLM\...\StartupApproved\Run: => "XboxStat" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "APSDaemon" HKLM\...\StartupApproved\Run32: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "BingDesktop" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKLM\...\StartupApproved\Run32: => "QuickTime Task" HKLM\...\StartupApproved\Run32: => "BF2Hub Client" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\StartupFolder: => "Xfire.lnk" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\StartupFolder: => "OpenOffice.org 3.4.1.lnk" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\StartupFolder: => "Steam.lnk" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "Akamai NetSession Interface" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "SUPERAntiSpyware" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "GUDelayStartup" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "Spotify Web Helper" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{2F81C9A0-7BBE-4D71-8051-29AB84EE6F7C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{9DE8F934-ADAD-4318-880A-BA8C00675792}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{525FF56F-BD8E-4FF1-AC06-78A70ED5832D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SavantAscent\Savant_Ascent.exe FirewallRules: [{40D1C4D5-5783-45CE-B50D-2EEC03C7C17A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SavantAscent\Savant_Ascent.exe FirewallRules: [UDP Query User{C90CE360-557C-4657-B704-20F529B34C8E}C:\songan's ttt server - kopie\srcds.exe] => (Allow) C:\songan's ttt server - kopie\srcds.exe FirewallRules: [TCP Query User{D4F0CF27-9B16-40CA-B125-178FA527F955}C:\songan's ttt server - kopie\srcds.exe] => (Allow) C:\songan's ttt server - kopie\srcds.exe FirewallRules: [{A3195EE6-31BB-4692-B88C-0E8C843A9BF7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3y.exe FirewallRules: [{06EA1C1B-FFA2-492D-8A33-9B57E002C990}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3y.exe FirewallRules: [{E1EB2855-1798-4EDE-8B3B-82F5861378C5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3x.exe FirewallRules: [{FE4BB57F-B9C3-4B90-9532-3E31FAD1EC69}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3x.exe FirewallRules: [{557AFC36-E381-4CA4-AEE1-AC9E8DABCAF7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3.exe FirewallRules: [{31EE1A19-89CE-40CC-9182-EF6F2780E78D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3.exe FirewallRules: [{FC0B2104-7D49-442C-97B7-677F51721FFA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{03DEC87D-CCA7-47CD-9190-805E58AD02C6}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{0B154B0F-E8BF-4E10-9AFB-602ACE45A389}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe FirewallRules: [{EA882129-9F6E-47F3-B8A1-B714FAC38BB0}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe FirewallRules: [{BDB3192D-E7E9-413A-9396-70B3873A65C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{9C5C6319-4BD7-4958-AF85-0390C636FE26}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{0344D2C1-5B07-4B6F-9100-DC8397B20E52}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shovel Knight\ShovelKnight.exe FirewallRules: [{6060FB65-6E8E-42FF-B1B8-775DECDC7404}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shovel Knight\ShovelKnight.exe FirewallRules: [{14ABDB4B-012F-4764-A146-87C57D507349}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe FirewallRules: [{3ECB7973-9619-405E-A6BE-1388AE65C0B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe FirewallRules: [{E3578200-F99C-4118-8086-3D55D018DEBE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe FirewallRules: [{77A50C45-2191-4923-814A-6E2BA8B0A02E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe FirewallRules: [{D35C7CB8-288E-4C90-B301-D96FD6B4F1C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporebinEP1\SporeApp.exe FirewallRules: [{654C398B-5DF4-4B24-B2E4-377168A393CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporebinEP1\SporeApp.exe FirewallRules: [{355A24CE-660C-4E0D-B3CF-5F9A3A64C921}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\runme.exe FirewallRules: [{22118AC4-2C6C-4A21-98E3-22CFE6EF30C1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\runme.exe FirewallRules: [{F1B9229F-40C8-4BF7-8D09-07764066B3BF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe FirewallRules: [{2673C359-B53B-40E4-9129-0E366B225601}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe FirewallRules: [{19FCCC1D-B026-4BE5-9F5E-A60048284120}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe FirewallRules: [{2F8C6559-20EB-4C1C-A37B-B5B2985E543D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe FirewallRules: [{31DF9A60-1465-4A7A-B93D-7EFBCDCFFCF2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{3887276F-6885-4E22-9F4B-3ABC201D6449}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{D4C2095B-7F89-4922-B8C4-B8827F84A2DB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{D0268C2D-602B-4546-BA83-BB6BABE79EDF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{2CA630FB-839D-40DB-9F36-228B7F224361}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe FirewallRules: [{AF7CEDE2-2D7E-4353-8884-1C2491D82A4C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe FirewallRules: [UDP Query User{AB62C390-516F-4D0D-9FA3-691F9B6D52D2}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe FirewallRules: [TCP Query User{61338F15-C415-4289-88E5-E4D1456EF082}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe FirewallRules: [{AE67764D-BD85-405D-909A-B40D6A2D364B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe FirewallRules: [{A05353E0-15C5-4636-91E5-3EC3DB7A9298}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe FirewallRules: [{74FD4306-F4CE-4F02-AA0A-66FABFAF2526}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe FirewallRules: [{D8D25627-2D6B-416C-A1B7-F15DB81C4CC1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe FirewallRules: [UDP Query User{60F2F817-AD57-4421-9452-9459338C4CB0}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe FirewallRules: [TCP Query User{04AD78F5-1C42-4AC3-8B08-0F992D282CA5}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe FirewallRules: [UDP Query User{6484B4C8-1523-4FEA-896C-6D9D95068AA8}C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe] => (Allow) C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe FirewallRules: [TCP Query User{510AED7B-4C10-43DD-9E41-C64994BFEC9E}C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe] => (Allow) C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe FirewallRules: [{10B45A3C-510B-49D0-B8E9-18C5B443BB7F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{DC6B5AFF-687B-42F4-B773-5B4C844B8A0A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{937343C7-994B-47F9-A316-66587B212F11}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe FirewallRules: [{1A3EF871-27E4-4CBC-B74B-B2383F0DFFF9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe FirewallRules: [{E54F4129-E34D-4242-B28A-3934E7456BA7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{DA5F7BAC-034D-4514-AB1E-3A8F49EC98FC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{4CCB3275-446A-4A5E-984B-E661A5906CE1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{3B2F061E-9DEE-4A60-BB66-553D949A1CE8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{16766F7A-84A3-47D2-BB13-C739A79A6BC4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{F4AD3048-6EC2-4C89-9AE4-3079E222A515}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{4C19DB87-1819-4DEC-A423-C5D30DED153C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe FirewallRules: [{B76F0C57-6BE2-41BA-8FDC-D600A548733A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe FirewallRules: [UDP Query User{C7B0AA1C-B270-46B5-A6DD-E789B6CF0316}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe FirewallRules: [TCP Query User{434FF7C0-9231-4B8F-98BD-4272CB9EA40F}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe FirewallRules: [UDP Query User{4368F7BC-2A7C-4AF9-AB66-A7C6C67449E8}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe FirewallRules: [TCP Query User{CA39CCB2-445B-4394-977C-B740672B0350}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe FirewallRules: [{D5C94B11-2437-48C8-A43B-1EBADF3BE765}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe FirewallRules: [{A878638D-E967-4491-BF24-9D823CEE97A8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe FirewallRules: [{B04BA630-71E3-48BB-A53D-43E9B3AD9A5F}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{4E37412E-E309-4DA4-84C7-61826D930253}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe FirewallRules: [{BE7C4B8C-D22C-4D39-8769-D7D17B52C432}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe FirewallRules: [{81FA855D-D76B-4447-984C-FD3599D90623}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [{67C1EB95-DE28-4F2B-9058-7B3A2C72D823}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [UDP Query User{816344A6-B7AA-436A-BAF9-ED24DFB232A6}C:\gog games\arcanum\arcanum.exe] => (Block) C:\gog games\arcanum\arcanum.exe FirewallRules: [TCP Query User{FCADCA24-8865-4D9D-A358-492C0B930FD7}C:\gog games\arcanum\arcanum.exe] => (Block) C:\gog games\arcanum\arcanum.exe FirewallRules: [{CC9108CA-CAB2-488E-8173-A09E6DBEFB19}] => (Allow) C:\Program Files (x86)\7DaysToDie-Alpha\7DaysToDie.exe FirewallRules: [{6E596561-2567-4AA7-8292-2F13D08053FD}] => (Allow) C:\Program Files (x86)\7DaysToDie-Alpha\7DaysToDie.exe FirewallRules: [{E211D57C-F8D2-4000-8717-F6EB9BFED9C1}] => (Allow) C:\Program Files (x86)\7DaysToDie-Alpha\7DaysToDie.exe FirewallRules: [{89D923D0-52AD-45D3-AB79-2B2FCFA7EEC9}] => (Allow) C:\Program Files (x86)\7DaysToDie-Alpha\7DaysToDie.exe FirewallRules: [UDP Query User{20BC6940-EC8A-4D84-ADA8-0CAC1583C908}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{5B108050-331D-4078-91F7-333C2FD058F0}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [{F7029719-F975-4165-B9DE-4B50E21FBD96}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spelunky\Spelunky.exe FirewallRules: [{552360C1-3E4D-4478-B81A-743E57C60ADE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spelunky\Spelunky.exe FirewallRules: [UDP Query User{1AF00546-D969-4B95-BCE1-20AD60109548}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe FirewallRules: [TCP Query User{2DED59E3-BCD4-4AD1-A751-69C0D993C9C0}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe FirewallRules: [{E167F28F-3CDB-4E9C-BC93-54BA1A2C3C01}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{866386DB-549E-451B-8B08-324399D57293}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{84D5A424-B0E1-48B8-99F7-56DB8A7D831D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [{B320A94D-2C0A-40BC-A57E-B8FF09548745}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [{3D8FCAA0-AF8A-4080-B76E-91B00EEF2A12}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe FirewallRules: [{4A5D0F96-864C-488C-A3DE-31A996CDA638}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe FirewallRules: [UDP Query User{7A239781-B79A-4B27-92BB-D85A772CDE98}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe FirewallRules: [TCP Query User{7061FBA7-108A-4A04-A3F1-0C3A4259C982}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe FirewallRules: [UDP Query User{11A23F99-555C-444F-857D-496287B9A48F}G:\photoshop elements 7.0\adobephotoshopelementsmediaserver.exe] => (Allow) G:\photoshop elements 7.0\adobephotoshopelementsmediaserver.exe FirewallRules: [TCP Query User{BA0ECDB6-A448-4439-A0A6-374398724581}G:\photoshop elements 7.0\adobephotoshopelementsmediaserver.exe] => (Allow) G:\photoshop elements 7.0\adobephotoshopelementsmediaserver.exe FirewallRules: [UDP Query User{2AD03E61-6CB6-4DB2-A353-217D91DEBB80}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [TCP Query User{0A63AFDA-95CA-4F6C-8E66-D7A04EF5F6CA}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [UDP Query User{854A33A6-B57B-49A4-BC0B-B447864978E7}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe FirewallRules: [TCP Query User{3D45854F-3635-4D6A-ADF4-0EBEE2575081}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe FirewallRules: [UDP Query User{979C4E21-D9C4-49F4-BCE0-EF5DA3644EDE}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{2C72D711-F6FE-41A5-8E01-8BD6424A81C9}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [{F7667282-18D2-4EEC-845E-3B3BCA6702EA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [UDP Query User{DC7BF070-51A4-41A4-B1FB-F05B12A05E32}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe FirewallRules: [TCP Query User{B9B504D2-0BED-44C8-87A1-B03F9A25CB3D}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe FirewallRules: [{88C338FE-13BA-49E4-B938-296AEF29807B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{4EEC4502-D631-42C4-8990-017FBDE70B5A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{CFC7DE7C-9FD1-46FC-86B0-78C26A9B7775}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold\Stronghold.exe FirewallRules: [{47442B8F-1B8A-4BF4-98E7-5A4025AA9F33}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold\Stronghold.exe FirewallRules: [{8E386419-8F65-43C5-A842-65EC79A74C5E}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold 2\Stronghold2.exe FirewallRules: [{0FEB2ABB-96A2-4F9B-B5DF-352080B000A0}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold 2\Stronghold2.exe FirewallRules: [UDP Query User{A73EB24B-5760-406C-92F6-01680BFD0E17}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{ABC0EAEB-F6E3-42D6-A4AF-E4698720895E}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{615E09E1-58DF-4F2B-9001-EC72C28F1ED4}C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\system\splintercell3.exe] => (Allow) C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\system\splintercell3.exe FirewallRules: [TCP Query User{199F5DA8-537B-4802-A081-BCC0BDCA4D49}C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\system\splintercell3.exe] => (Allow) C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\system\splintercell3.exe FirewallRules: [{84A117B9-6229-4B07-AA4C-592C006DAF17}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Legends\StrongholdLegends.exe FirewallRules: [{F547011A-F4A2-4823-9514-BFBC0F04DF47}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Legends\StrongholdLegends.exe FirewallRules: [UDP Query User{1F14F8E7-EF0B-4C0D-A2DC-7D79E56FCD90}C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe] => (Allow) C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe FirewallRules: [TCP Query User{843B521A-F575-49BB-A5E6-A8BAF3F39FDB}C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe] => (Allow) C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe FirewallRules: [{0B44211B-1D40-4E7E-B060-6CA1F81528A3}] => (Allow) LPort=1900 FirewallRules: [{CE1660CA-ECA5-44DE-A94C-25D5ADC5A300}] => (Allow) LPort=2869 FirewallRules: [{E1FD84FD-A7D8-4832-9B25-FBFC9302E2EA}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{2060FED0-2274-4EAA-BF88-879831BB9D71}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE FirewallRules: [{35E64E04-DDCC-40A5-B7DF-DC924212030D}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [TCP Query User{7A28D840-1BC8-4A6B-8A79-EFF25E28477E}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{EDD83D34-D790-4F04-AF0B-12A09F8A5F6B}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{6C8D7433-1032-4924-92EE-E231B2C60069}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{080B0641-9913-418C-83AF-B418D6421F3E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{4A0EF7F6-2123-422C-9B03-E67434EC229A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Oddworld New n Tasty\NNT.exe FirewallRules: [{863BA61A-4FEF-4D22-B6F7-2A6A445CD55D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Oddworld New n Tasty\NNT.exe FirewallRules: [TCP Query User{EE59E25E-E681-4F6D-AF72-AD2A1F391D43}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{F7147E30-BE04-4702-BB59-3CF913696D06}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{7366368D-2C3F-4C0C-94C9-79291994E5EF}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{8A83C40E-4BAC-4B5E-A74D-221CCD63CF3D}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{B0603A95-9371-4DDE-873B-3E9B50060C5E}] => (Allow) C:\Program Files (x86)\EA Games\Battlefield 2\BF2.exe FirewallRules: [{0D170153-EA06-42AA-9A18-94CF56EC2C1D}] => (Allow) C:\Program Files (x86)\EA Games\Battlefield 2\BF2.exe FirewallRules: [TCP Query User{5F2D22DE-18CE-4B5B-A2A4-AE30C787FF0F}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe FirewallRules: [UDP Query User{042AC962-6FD7-4955-A24A-518DF58804BB}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe FirewallRules: [{82DD64BA-BE73-4A59-BC83-D0CBCAD11B33}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{44407D7A-EA04-4913-90A4-F6270C3E8934}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{D5E03025-EB0F-4A7C-BB33-A3F9DD115AE6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{D9D485A7-E593-4F69-8763-71B6B32FA889}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [TCP Query User{18EBDBB0-6F97-4DBD-9FE2-E95D002547EA}C:\program files (x86)\ea games\battlefield 2\bf2.exe] => (Allow) C:\program files (x86)\ea games\battlefield 2\bf2.exe FirewallRules: [UDP Query User{73446A00-A12F-4119-8470-7F8545100C5C}C:\program files (x86)\ea games\battlefield 2\bf2.exe] => (Allow) C:\program files (x86)\ea games\battlefield 2\bf2.exe FirewallRules: [{148BD9DE-CE7B-495B-808D-4493B12374BC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe FirewallRules: [{74E5C093-E8B3-43AF-B873-FF22E5D9C20D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe FirewallRules: [{83BA189A-2359-4DF2-9B85-4243C11527B5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{B3852A97-3C8C-4718-9B64-A8BDCA0A2E5C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{75D3D7EE-8634-44FC-9B6D-398DBD05BDDC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fistful of Frags\sdk\hl2.exe FirewallRules: [{55B707B7-0D91-4B83-BD64-3B43BC35E5C3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fistful of Frags\sdk\hl2.exe FirewallRules: [TCP Query User{3FA714E6-27A8-4C83-A83D-3F14708C7522}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe FirewallRules: [UDP Query User{4B650623-F185-4E8F-B32C-923681610894}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe FirewallRules: [{3FB0EED4-4D83-4864-8256-1112E438528A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 3 goty\FalloutLauncher.exe FirewallRules: [{5EBD8610-3469-4A9A-B763-93442B6B1E9B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 3 goty\FalloutLauncher.exe FirewallRules: [{10F8A69D-4A78-43DE-A010-A8D58C912584}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe FirewallRules: [{CCC81A88-F96B-482F-A763-63A8BC4FBABD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe FirewallRules: [{04A68A81-678E-4E08-A891-118BF8A82A13}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{5601EF96-3EE6-4AC2-8E5C-9B3C70F1E055}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{F900103E-5B80-4ECD-88B4-7F921E7982DA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe FirewallRules: [{03192198-3130-4974-96A8-59765F30ABE5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe FirewallRules: [{07E757A0-BEA6-4D39-BA47-1322E5A4F972}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [{AA00C280-76B2-4D38-A4EA-F40C474FE62D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [TCP Query User{80A3FF00-1CE5-40FA-BD74-CDF7B1FEE7A5}C:\program files (x86)\ti education\ti-nspire computer link\ti-nspire computer link.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire computer link\ti-nspire computer link.exe FirewallRules: [UDP Query User{A24F1D35-3B16-4FC8-AE35-EFD7D74302B5}C:\program files (x86)\ti education\ti-nspire computer link\ti-nspire computer link.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire computer link\ti-nspire computer link.exe FirewallRules: [TCP Query User{04AEA058-464E-45DC-9F12-93012201A387}C:\program files (x86)\ti education\ti-nspire computer link\jre\bin\java.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire computer link\jre\bin\java.exe FirewallRules: [UDP Query User{BE617A23-6191-4E1B-A1CE-EF5C38152015}C:\program files (x86)\ti education\ti-nspire computer link\jre\bin\java.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire computer link\jre\bin\java.exe FirewallRules: [TCP Query User{B5EF835B-497F-41DE-BC00-7BF39F3DBAB2}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe FirewallRules: [UDP Query User{87D57B25-B389-4873-99F1-F1F4B56DB10E}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe FirewallRules: [TCP Query User{009D5093-8B1A-47ED-B2D1-75DCD3A253AF}C:\users\andré\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\andré\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{8B7F0374-A4DB-4F25-96A9-11C334A778A5}C:\users\andré\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\andré\appdata\roaming\spotify\spotify.exe FirewallRules: [{68241CF8-3F67-4606-9CD6-9B44629D1FA3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{371DDF5E-863C-4B04-AA36-9BCA8957ABAF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{B3852398-F898-4F6F-A736-001671E9D853}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{2F46FAC5-39DA-48CB-87B7-2DB63DF9CC9B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{57EA8011-8988-497E-84D0-F9502DB2A1CA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{11C55929-3DB5-4FFF-8D23-A6A63911510C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{5A8CFE7B-899A-4490-BA84-3F58FA2E8F38}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{0464378F-CD97-4216-A966-760782823490}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [TCP Query User{35496E53-0B61-408F-8762-039BB5C1035C}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [UDP Query User{2E6E8688-E1C8-47E6-B2D9-7E594F859EA7}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [{9522C61C-0FA5-42CF-99A6-8796BC8ABBB3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe FirewallRules: [{E25BCE61-2553-4378-B9C8-32AA3DE4414B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe FirewallRules: [{FABC240F-274B-47AC-858F-438E14DB95F9}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe FirewallRules: [TCP Query User{6A11780A-C673-4C25-B63A-2AC4A906E120}C:\songan's ttt server - kopie\srcds.exe] => (Allow) C:\songan's ttt server - kopie\srcds.exe FirewallRules: [UDP Query User{FEBEFACE-4396-49C6-91E1-33AFCF378EB8}C:\songan's ttt server - kopie\srcds.exe] => (Allow) C:\songan's ttt server - kopie\srcds.exe FirewallRules: [{8E73AB31-C8AD-4F78-AEBF-565629D44666}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MGS_TPP\mgsvtpp.exe FirewallRules: [{2330A750-582C-4E3D-8E02-56F0FA5E1800}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MGS_TPP\mgsvtpp.exe FirewallRules: [{7A629A0A-1D85-462A-8131-C0F1A0FED8BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe FirewallRules: [{569AB28B-79DA-4152-98C7-8FC358FC16A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe FirewallRules: [{56C07A57-BFA5-470E-8B65-52E04CA6E40E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{BDCC194D-ABA9-4892-B891-FCC35B720DD7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{55449DDA-7F51-4C61-8861-B3C700B4A81F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{B2D89EFE-0FB9-4756-9144-21CFA0AA27BA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{44F22EFC-FB2D-4E4D-B1A1-3A9C31E2D3A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{4B96DCC9-61BA-4747-8A57-9B0DEC5D083A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{1274CD60-E8E4-469D-9A12-04443BFCBAF8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{F0065602-B604-471B-AF08-8447902B5DA3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe FirewallRules: [{262C47AA-404B-48BA-8D26-F495E5069386}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe FirewallRules: [{410F82CB-A332-4660-91D6-53EC5F42E57D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheCulling\TheCulling_Launcher.exe FirewallRules: [{AFFB53C2-13B6-4304-A294-3BB329BD7A32}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheCulling\TheCulling_Launcher.exe FirewallRules: [TCP Query User{5CC79050-2FF6-4A33-8DA8-E4C465A2A3DE}C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe FirewallRules: [UDP Query User{4765706F-B3BB-43A0-B242-0A13CE229922}C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe FirewallRules: [{637479C3-5E89-4FAC-8365-DDD65B257ED8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe FirewallRules: [{EC6C7D2A-4B98-43D4-A98D-A5F23E492F17}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe FirewallRules: [{874A6590-5815-43EC-B566-7CBEB1912029}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [TCP Query User{F6A32B85-6372-45E2-92B3-0AFC0691F1B7}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [UDP Query User{99098603-601D-4775-9C3F-BEC0C8D673D8}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [{5B9E721E-7C91-4AFB-8D54-F23B323D8D38}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe FirewallRules: [{3AF93217-33B9-474C-8F86-6DA2552DA48D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe FirewallRules: [{B0ACEF2B-4DBF-4D2D-81F2-89919DADDAE2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe FirewallRules: [{2DADFF23-7A32-40C7-97D3-74EBF26FC353}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe FirewallRules: [{D904EB1D-3CF6-4D18-ABAD-152EC199EABB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe FirewallRules: [{61D4255A-0725-4A20-86E9-A34E748B4F71}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe FirewallRules: [{9211B61F-6AB9-436E-AE60-FB5D52BFC6F2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe FirewallRules: [{34F5F4C6-599F-4D22-A403-1FEFEB04F774}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe FirewallRules: [{E43876E3-8A49-45C9-A1BE-FD30D5F51304}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe FirewallRules: [{7D629C6C-2852-4C13-AE7C-C6E7D0F14E6E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe FirewallRules: [{4E5CBD26-E8EA-4812-9703-902E1871A0D9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rust\Rust.exe FirewallRules: [{7040C603-3913-4BA6-BD1E-E937BD819C14}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rust\Rust.exe FirewallRules: [TCP Query User{4C1C0507-D001-4114-820D-F8D2A26F0901}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [UDP Query User{559A0FF3-0735-4B3A-A8DC-D372E4F2896F}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [{4B42444C-39EC-4DE6-93C4-F37658C012D4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hotline Miami 2\HotlineMiami2.exe FirewallRules: [{0EEDE53D-E7BD-4BFE-8190-8761E301FC43}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hotline Miami 2\HotlineMiami2.exe FirewallRules: [{22E36B34-93CD-4B4F-A5FB-5AFFD7F9217C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe FirewallRules: [{B9204EB4-20CE-4AA5-8A1A-9324E6806329}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe FirewallRules: [{58307D7D-485E-456D-8D40-11B231A2D5F2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cosmic DJ\CosmicDJ.exe FirewallRules: [{305A4E45-3FEB-4293-B381-B5077FD9A4ED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cosmic DJ\CosmicDJ.exe FirewallRules: [{8447CB76-1E1A-4652-8F66-88A1224E76FD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [{82D905D9-6316-4F94-8EF1-DE72C857E929}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [{ADE8712D-097D-4CAB-B06D-30469C9D1E44}] => (Allow) LPort=53000 FirewallRules: [{129C15C6-B9F1-4A79-A073-88AA5E349D67}] => (Allow) LPort=52000 ==================== Wiederherstellungspunkte ========================= ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (05/10/2016 07:38:28 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: avscan.exe, Version: 15.0.17.264, Zeitstempel: 0x56f29038 Name des fehlerhaften Moduls: AVSCPLR.DLL, Version: 15.0.17.264, Zeitstempel: 0x56f28832 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000638b ID des fehlerhaften Prozesses: 0x78c Startzeit der fehlerhaften Anwendung: 0xavscan.exe0 Pfad der fehlerhaften Anwendung: avscan.exe1 Pfad des fehlerhaften Moduls: avscan.exe2 Berichtskennung: avscan.exe3 Vollständiger Name des fehlerhaften Pakets: avscan.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: avscan.exe5 Error: (05/10/2016 06:15:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: avcenter.exe, Version: 15.0.17.264, Zeitstempel: 0x56f28f71 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften Prozesses: 0x17a4 Startzeit der fehlerhaften Anwendung: 0xavcenter.exe0 Pfad der fehlerhaften Anwendung: avcenter.exe1 Pfad des fehlerhaften Moduls: avcenter.exe2 Berichtskennung: avcenter.exe3 Vollständiger Name des fehlerhaften Pakets: avcenter.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: avcenter.exe5 Error: (05/10/2016 05:25:09 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: avscan.exe, Version: 15.0.16.276, Zeitstempel: 0x56c489d7 Name des fehlerhaften Moduls: AVSCPLR.DLL, Version: 15.0.16.280, Zeitstempel: 0x56c6e004 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000649b ID des fehlerhaften Prozesses: 0x790 Startzeit der fehlerhaften Anwendung: 0xavscan.exe0 Pfad der fehlerhaften Anwendung: avscan.exe1 Pfad des fehlerhaften Moduls: avscan.exe2 Berichtskennung: avscan.exe3 Vollständiger Name des fehlerhaften Pakets: avscan.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: avscan.exe5 Error: (05/10/2016 04:15:03 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm soffice.bin, Version 4.0.0.103 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 134 Startzeit: 01d1aac5e6629c16 Endzeit: 4294967295 Anwendungspfad: C:\Program Files (x86)\LibreOffice 4.0\program\soffice.bin Berichts-ID: 905d7871-16b9-11e6-bf73-b4b52fc7b10a Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (05/10/2016 03:54:16 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm wwahost.exe, Version 6.3.9600.17415 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1c18 Startzeit: 01d1aac2ba88ef09 Endzeit: 4294967295 Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe Berichts-ID: adf18511-16b6-11e6-bf73-b4b52fc7b10a Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App Error: (05/10/2016 03:32:05 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: HPConnectedRemoteService.exe, Version: 1.0.1206.0, Zeitstempel: 0x503e3c5d Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18264, Zeitstempel: 0x56e1bd71 Ausnahmecode: 0xe0434352 Fehleroffset: 0x0000000000008a5c ID des fehlerhaften Prozesses: 0x218c Startzeit der fehlerhaften Anwendung: 0xHPConnectedRemoteService.exe0 Pfad der fehlerhaften Anwendung: HPConnectedRemoteService.exe1 Pfad des fehlerhaften Moduls: HPConnectedRemoteService.exe2 Berichtskennung: HPConnectedRemoteService.exe3 Vollständiger Name des fehlerhaften Pakets: HPConnectedRemoteService.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: HPConnectedRemoteService.exe5 Error: (05/10/2016 03:32:03 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Anwendung: HPConnectedRemoteService.exe Frameworkversion: v4.0.30319 Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet. Ausnahmeinformationen: System.Management.ManagementException bei System.Management.ManagementException.ThrowWithExtendedInfo(System.Management.ManagementStatus) bei System.Management.SinkForEventQuery.Cancel() bei System.Management.ManagementEventWatcher.Stop() bei HP.Seeker.ProcessMonitor.StopProcessWatchers() bei HP.Seeker.ProcessKeeperService.StopProcesMonitors() bei HP.Seeker.HPSeekerSwitchboard.StartUserService() bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) bei System.Threading.ThreadHelper.ThreadStart() Error: (05/07/2016 12:48:42 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT) Description: There was an error with the Windows Location Provider database Error: (05/05/2016 07:39:07 PM) (Source: MsiInstaller) (EventID: 1002) (User: André-PC) Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList". Error: (05/05/2016 07:38:29 PM) (Source: MsiInstaller) (EventID: 1002) (User: André-PC) Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\3992CCA085027EB4A929D9DCAAB94321\SourceList". Systemfehler: ============= Error: (05/10/2016 08:32:55 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT) Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001. Error: (05/10/2016 08:32:54 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT) Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001. Error: (05/10/2016 08:29:15 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 Error: (05/10/2016 08:28:51 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT) Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001. Error: (05/10/2016 08:28:51 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT) Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001. Error: (05/10/2016 08:28:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts. Error: (05/10/2016 08:28:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "HP Connected Remote Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts. Error: (05/10/2016 08:28:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (05/10/2016 08:28:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Intel(R) ME Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (05/10/2016 08:28:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "HP Support Solutions Framework Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. CodeIntegrity: =================================== Date: 2013-08-19 13:11:11.339 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz Prozentuale Nutzung des RAM: 37% Installierter physikalischer RAM: 8147.35 MB Verfügbarer physikalischer RAM: 5101.02 MB Summe virtueller Speicher: 12499.35 MB Verfügbarer virtueller Speicher: 8801.29 MB ==================== Laufwerke ================================ Drive c: (OS) (Fixed) (Total:918.61 GB) (Free:95.47 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive d: (Recovery Image) (Fixed) (Total:10.98 GB) (Free:1.33 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive e: (NVCDV243) (CDROM) (Total:1.18 GB) (Free:0 GB) CDFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 9FE15288) Partition: GPT. ==================== Ende von Addition.txt ============================ |
11.05.2016, 16:10 | #9 |
/// TB-Ausbilder | Windows 8: Für mich unbekannter Trojaner von Avira gefunden Servus, ja, das gilt nur während der Bereinigung. Du hast AdwCleaner ausgeführt? Logdatei bitte dazu posten. Wieso erwähnst du das nicht? Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start CloseProcesses: HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\MountPoints2: {4314a68d-f93b-11e3-bef5-b4b52fc7b10a} - "G:\setup.exe" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\MountPoints2: {8fad102a-54d2-11e2-be6d-806e6f6e6963} - "E:\ZToolBar.exe" Startup: C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scsi2-6.lnk [2016-05-10] C\Users\André\AppData\Roaming\scsi2-13 C:\ProgramData\algae-0 C:\ProgramData\uum C:\Users\André\Downloads\* CHIP-Installer.exe C:\Users\André\Arcanum4.dat C:\Users\André\Arcanum5.dat C:\Users\André\Arcanum6.dat EmptyTemp: end Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2
Bitte poste mit deiner nächsten Antwort
|
11.05.2016, 16:33 | #10 |
| Windows 8: Für mich unbekannter Trojaner von Avira gefunden Hey! Hier sind die Logs! Und natürlich kann ich dir die ADWCleaner Logs poste, nur weiß ich nicht wo diese sind bzw. abgespeichert werden! Des weiteren habe ich TDSSKiller nochmal laufen gelassen und er hat 2 weitere "Auffäligkeiten" gefunden. Der TDSSKiller Log ist jedoch zu groß. Soll ich diesen dann als Anhang senden oder ist das nicht nötig? FRST-Fix Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:09-05-2016 durchgeführt von André (2016-05-11 17:15:19) Run:2 Gestartet von C:\Users\André\Desktop Geladene Profile: André (Verfügbare Profile: André) Start-Modus: Normal ============================================== fixlist Inhalt: ***************** start CloseProcesses: HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\MountPoints2: {4314a68d-f93b-11e3-bef5-b4b52fc7b10a} - "G:\setup.exe" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\MountPoints2: {8fad102a-54d2-11e2-be6d-806e6f6e6963} - "E:\ZToolBar.exe" Startup: C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scsi2-6.lnk [2016-05-10] C\Users\André\AppData\Roaming\scsi2-13 C:\ProgramData\algae-0 C:\ProgramData\uum C:\Users\André\Downloads\* CHIP-Installer.exe C:\Users\André\Arcanum4.dat C:\Users\André\Arcanum5.dat C:\Users\André\Arcanum6.dat EmptyTemp: end ***************** Prozess erfolgreich geschlossen. "HKU\S-1-5-21-447048058-3512354665-2473454594-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4314a68d-f93b-11e3-bef5-b4b52fc7b10a}" => Schlüssel erfolgreich entfernt HKCR\CLSID\{4314a68d-f93b-11e3-bef5-b4b52fc7b10a} => Schlüssel nicht gefunden. "HKU\S-1-5-21-447048058-3512354665-2473454594-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8fad102a-54d2-11e2-be6d-806e6f6e6963}" => Schlüssel erfolgreich entfernt HKCR\CLSID\{8fad102a-54d2-11e2-be6d-806e6f6e6963} => Schlüssel nicht gefunden. C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scsi2-6.lnk => nicht gefunden. C\Users\André\AppData\Roaming\scsi2-13 => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden. "C:\ProgramData\algae-0" => nicht gefunden. C:\ProgramData\uum => erfolgreich verschoben =========== "C:\Users\André\Downloads\* CHIP-Installer.exe" ========== C:\Users\André\Downloads\MediaPurge - CHIP-Installer.exe => erfolgreich verschoben ========= Ende -> "C:\Users\André\Downloads\* CHIP-Installer.exe" ======== C:\Users\André\Arcanum4.dat => erfolgreich verschoben C:\Users\André\Arcanum5.dat => erfolgreich verschoben C:\Users\André\Arcanum6.dat => erfolgreich verschoben EmptyTemp: => 373.1 MB temporäre Dateien entfernt. Das System musste neu gestartet werden. ==== Ende von Fixlog 17:15:30 ==== Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:09-05-2016 durchgeführt von André (Administrator) auf ANDRÉ-PC (11-05-2016 17:20:22) Gestartet von C:\Users\André\Desktop Geladene Profile: André (Verfügbare Profile: André) Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Bitsum LLC) C:\Program Files\ParkControl\ParkControl.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) C:\Users\André\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe () C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Konami Digital Entertainment) C:\Program Files (x86)\Steam\SteamApps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2013-11-20] (Hewlett-Packard ) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-11-20] (IDT, Inc.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2396096 2016-03-30] (NVIDIA Corporation) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.) HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink) HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [814608 2016-05-10] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-03-18] (Apple Inc.) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-03-30] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [FireStormStartUpAutoRun] => C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe [24278016 2015-03-11] (PC Partner Co.Ltd) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Spotify Web Helper] => C:\Users\André\AppData\Roaming\Spotify \SpotifyWebHelper.exe [1525360 2016-04-26] (Spotify Ltd) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Spotify] => C:\Users\André\AppData\Roaming\Spotify\Spotify.exe [6890608 2016- 04-26] (Spotify Ltd) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [51662464 2016-04-08] (Skype Technologies S.A.) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8813784 2016-03-11] (Piriform Ltd) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [lvecl-3] => C:\ProgramData\lvecl-74\lvecl-04.exe [916320 2016-05-11] () HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\RunOnce: [lvecl-9] => C:\Users\André\AppData\Roaming\lvecl-7\lvecl-7.exe [775680 2016-05-11] () HKU\S-1-5-21-447048058-3512354665-2473454594-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [132608 2014-11- 21] (Microsoft Corporation) Startup: C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pfmea-2.lnk [2016-05-11] ShortcutTarget: pfmea-2.lnk -> C:\Users\André\AppData\Roaming\pfmea-5\pfmea-09.exe (Keine Datei) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{9A94A0F4-2D9B-45C3-9E0A-94ED23BCC2BF}: [DhcpNameServer] 192.168.0.1 192.168.0.2 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F %2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKLM -> {E9CF137E-FB25-49C6-A0D0-A0DE744D2C27} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb- 21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKU\S-1-5-21-447048058-3512354665-2473454594-1001 -> DefaultScope {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout SearchScopes: HKU\S-1-5-21-447048058-3512354665-2473454594-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework \Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25] (HP) BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin \IEDownloadMenuAndBtns64.dll [2014-11-07] (DVDVideoSoft Ltd.) BHO-x32: Kein Name -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> Keine Datei BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-19] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-19] (Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework \Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP) DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095} DPF: HKLM-x32 {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.203.0.cab DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} hxxps://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.96.0.cab Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies) FireFox: ======== FF ProfilePath: C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-16] () FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [Keine Datei] FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-16] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-16] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] () FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [Keine Datei] FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-07-18] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT \npIntelWebAPIUpdater.dll [2012-07-18] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-19] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-19] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-03-08] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-03-08] (NVIDIA Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-447048058-3512354665-2473454594-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\André\AppData\LocalLow \Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-05-03] (Adobe Systems Inc.) FF Extension: WEB.DE MailCheck - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\extensions \mailcheck@web.de [2016-03-18] FF Extension: FoxyProxy Standard - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\Extensions \foxyproxy@eric.h.jung [2016-02-18] FF Extension: ProxTube - Unblock YouTube - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default- 1438960782100\Extensions\ich@maltegoetz.de.xpi [2016-01-25] FF Extension: Game Debate PC System Requirement Tool - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default- 1438960782100\Extensions\jid1-E6k1NoroBGfTwA@jetpack.xpi [2016-04-28] FF Extension: Adblock Plus - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\Extensions\{d10d0bf8- f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28] Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\André\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj \amazon-icon-2.crx <nicht gefunden> ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [970656 2016-05-10] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [467016 2016-05-10] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [467016 2016-05-10] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1435704 2016-05-10] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [272304 2016-03-30] (Avira Operations GmbH & Co. KG) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1860616 2016-04-04] () R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-03-23] (Digital Wave Ltd.) S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [243984 2016-03-22] (EasyAntiCheat Ltd) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-03-30] (NVIDIA Corporation) R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-18] (Hewlett-Packard Company) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert] R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07 -18] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-03-30] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-03-30] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-03-30] (NVIDIA Corporation) S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-26] (Electronic Arts) R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2015-03-26] () R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-11-20] (IDT, Inc.) [Datei ist nicht signiert] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2014-03-01] (Advanced Micro Devices, Inc.) S3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [13209088 2014-07-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert] S3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [626688 2014-07-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert] S3 athrusb; C:\Windows\system32\DRIVERS\athrxusb.sys [1075712 2008-07-29] (Atheros Communications, Inc.) S3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Advanced Micro Devices) [Datei ist nicht signiert] R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-03-15] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146712 2016-05-10] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-15] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-05-10] (Avira Operations GmbH & Co. KG) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-03-30] (NVIDIA Corporation) R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [47672 2016-03-08] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-03-21] (NVIDIA Corporation) S3 USBTINSP; C:\Windows\System32\drivers\tinspusb.sys [142848 2010-03-29] (Texas Instruments) U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [71680 2014-04-30] (Microsoft Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) S3 ZDCNDIS6a64; C:\windows\system32\ZDCNDIS6a64.sys [41280 2009-06-26] (Printing Communications Assoc., Inc. (PCAUSA)) S3 ZDCNDIS6a64; C:\windows\SysWOW64\ZDCNDIS6a64.sys [41280 2009-06-26] (Printing Communications Assoc., Inc. (PCAUSA)) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-05-11 17:17 - 2016-05-11 17:17 - 00000000 ____D C:\ProgramData\uum 2016-05-11 15:05 - 2016-05-11 15:05 - 00000000 ____D C:\Users\André\AppData\Roaming\lvecl-7 2016-05-11 15:03 - 2016-05-11 15:03 - 00000000 ____D C:\ProgramData\lvecl-74 2016-05-11 11:25 - 2016-05-11 11:25 - 00000000 ____D C:\ProgramData\kelvin-2 2016-05-11 11:01 - 2016-05-11 11:01 - 130070296 _____ (Microsoft Corporation) C:\Users\André\Downloads\msert(1).exe 2016-05-11 10:54 - 2016-05-11 11:11 - 00120270 _____ C:\Users\André\Desktop\TDSSKILELR.txt 2016-05-11 10:52 - 2016-05-11 10:52 - 00000000 _____ C:\Users\André\Desktop\adsada.txt 2016-05-11 10:49 - 2016-05-11 11:10 - 00240630 _____ C:\TDSSKiller.3.1.0.9_11.05.2016_10.49.39_log.txt 2016-05-10 20:28 - 2016-05-11 17:15 - 00002420 _____ C:\Users\André\Desktop\Fixlog.txt 2016-05-10 18:22 - 2016-05-10 18:32 - 00468044 _____ C:\TDSSKiller.3.1.0.9_10.05.2016_18.22.23_log.txt 2016-05-10 17:59 - 2016-05-10 17:59 - 00000560 _____ C:\TDSSKiller.3.1.0.9_10.05.2016_17.59.03_log.txt 2016-05-10 17:58 - 2016-05-10 17:58 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\André\Desktop\tdsskiller.exe 2016-05-10 17:56 - 2016-05-10 17:56 - 02381312 _____ (Farbar) C:\Users\André\Downloads\FRST64(1).exe 2016-05-10 17:42 - 2016-05-10 17:42 - 00000000 ____D C:\ProgramData\AVAST Software 2016-05-10 17:34 - 2016-05-10 17:34 - 05066104 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_online.exe 2016-05-10 17:34 - 2016-05-10 17:34 - 05066104 _____ (AVAST Software) C:\Users\André\Downloads\avast_free_antivirus_setup_online.exe 2016-05-10 16:50 - 2016-05-10 20:35 - 00080371 _____ C:\Users\André\Desktop\Addition.txt 2016-05-10 16:49 - 2016-05-11 17:20 - 00022237 _____ C:\Users\André\Desktop\FRST.txt 2016-05-10 16:38 - 2016-05-11 15:00 - 00080908 _____ C:\Users\André\Downloads\Addition.txt 2016-05-10 16:33 - 2016-05-11 15:00 - 00054665 _____ C:\Users\André\Downloads\FRST.txt 2016-05-10 16:32 - 2016-05-11 17:20 - 00000000 ____D C:\FRST 2016-05-10 16:31 - 2016-05-10 16:31 - 02381312 _____ (Farbar) C:\Users\André\Desktop\FRST64.exe 2016-05-10 16:14 - 2016-05-10 16:14 - 00000094 ____H C:\Users\André\Downloads\.~lock.Hurricanes.pptx# 2016-05-10 16:12 - 2016-05-10 16:12 - 00000094 ____H C:\Users\André\Downloads\.~lock.Chemie.pptx# 2016-05-10 15:07 - 2016-05-10 15:07 - 03640384 _____ C:\Users\André\Downloads\adwcleaner_5.116.exe 2016-05-10 14:38 - 2016-05-10 14:39 - 129662736 _____ (Microsoft Corporation) C:\Users\André\Downloads\msert.exe 2016-05-10 14:28 - 2016-05-10 14:28 - 00001116 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-05-10 14:20 - 2016-05-10 14:20 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-05-10 14:20 - 2016-05-10 14:20 - 00002069 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk 2016-05-10 14:17 - 2016-05-10 14:17 - 90330808 _____ (Adobe Systems Incorporated) C:\Users\André\Downloads\AcroRdrDC1501620039_de_DE.exe 2016-05-09 21:41 - 2016-05-09 21:41 - 04489175 _____ C:\Users\André\Downloads\Hurricanes .pptx 2016-05-09 15:51 - 2016-05-09 15:51 - 00212133 _____ C:\Users\André\Desktop\WhatsApp-Image-20160509 2016-05-09 15:50 - 2016-05-09 15:51 - 00212133 _____ C:\Users\André\Downloads\WhatsApp-Image-20160509 2016-05-08 14:07 - 2016-05-08 14:07 - 00000222 _____ C:\Users\André\Desktop\Cosmic DJ.url 2016-05-08 14:07 - 2016-05-08 14:07 - 00000000 ____D C:\Users\André\AppData\LocalLow\GL33k 2016-05-08 12:08 - 2016-05-11 17:17 - 00003050 _____ C:\WINDOWS\System32\Tasks\ParkControl 2016-05-07 23:22 - 2016-05-07 23:22 - 00466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll 2016-05-07 23:22 - 2016-05-07 23:22 - 00444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll 2016-05-07 23:22 - 2016-05-07 23:22 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll 2016-05-07 23:22 - 2016-05-07 23:22 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll 2016-05-07 23:22 - 2016-05-07 23:22 - 00000000 ____D C:\Program Files (x86)\OpenAL 2016-05-06 18:17 - 2016-05-06 18:17 - 00000222 _____ C:\Users\André\Desktop\Hotline Miami 2 Wrong Number.url 2016-05-06 18:17 - 2016-05-06 18:17 - 00000137 _____ C:\Users\André\Desktop\Hotline Miami.url 2016-05-05 02:23 - 2016-05-05 02:23 - 00000000 ____D C:\Users\André\Documents\Overwatch 2016-05-05 01:08 - 2016-05-05 01:08 - 00001114 _____ C:\Users\Public\Desktop\Overwatch.lnk 2016-05-05 01:08 - 2016-05-05 01:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch 2016-05-05 01:00 - 2016-05-10 14:14 - 00000000 ____D C:\Program Files (x86)\Overwatch 2016-05-02 20:13 - 2016-05-02 20:15 - 85367756 _____ C:\Users\André\Downloads\Why Do We Fall - Motivational Video.mp4 2016-05-02 19:19 - 2016-04-30 21:42 - 04483870 _____ C:\Users\André\Desktop\Hurricanes.pptx 2016-05-02 19:14 - 2016-05-02 19:15 - 00477426 _____ C:\Users\André\Downloads\Chemie.pptx 2016-05-02 18:46 - 2016-05-02 18:46 - 00169110 _____ C:\Users\André\Downloads\WhatsApp-Image-20160502 2016-05-02 18:10 - 2016-05-02 18:10 - 00194857 _____ C:\Users\André\Downloads\WhatsApp-Image-20160430 2016-04-30 14:56 - 2016-04-30 14:56 - 00001644 _____ C:\Users\André\Desktop\Neues Textdokument.txt 2016-04-30 12:56 - 2016-04-30 12:56 - 04448793 _____ C:\Users\André\Downloads\Hurricanes.pptx 2016-04-26 20:11 - 2016-04-26 20:11 - 00121060 _____ C:\Users\André\Downloads\Cgco6leh.jpeg 2016-04-25 16:48 - 2016-04-25 16:48 - 00146693 _____ C:\Users\André\Downloads\GlSILUQj.jpeg 2016-04-24 20:55 - 2016-04-24 20:57 - 00000000 ____D C:\Users\André\AppData\Roaming\MediaPurge 2016-04-24 20:55 - 2016-04-24 20:55 - 00001945 _____ C:\Users\André\Desktop\Mediapurge.lnk 2016-04-24 20:55 - 2016-04-24 20:55 - 00000000 ____D C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mediapurge 2016-04-24 20:55 - 2016-04-24 20:55 - 00000000 ____D C:\Program Files (x86)\Mediapurge 2016-04-24 20:44 - 2016-04-24 20:44 - 00001259 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk 2016-04-21 10:01 - 2016-04-23 14:37 - 00000000 ____D C:\driver_memscan 2016-04-16 14:22 - 2016-04-16 14:22 - 00000222 _____ C:\Users\André\Desktop\Call of Duty Black Ops II - Zombies.url 2016-04-16 14:18 - 2016-04-16 14:18 - 00000222 _____ C:\Users\André\Desktop\Call of Duty Black Ops II - Multiplayer.url 2016-04-16 13:56 - 2016-04-16 13:56 - 00000222 _____ C:\Users\André\Desktop\Call of Duty Black Ops II.url 2016-04-14 16:11 - 2016-04-14 16:11 - 00000836 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-04-14 16:11 - 2016-04-14 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2016-04-14 16:07 - 2016-04-14 16:07 - 05683392 _____ (Piriform Ltd) C:\Users\André\Downloads\ccsetup516_slim.exe 2016-04-13 18:45 - 2016-04-13 18:49 - 00000518 _____ C:\Users\André\Documents\Neues Textdokument.txt 2016-04-13 13:58 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-04-13 13:58 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-04-13 13:58 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-04-13 13:58 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-04-13 13:58 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-04-13 13:58 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-04-13 13:58 - 2016-03-31 01:43 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-04-13 13:58 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-04-13 13:58 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-04-13 13:58 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-04-13 13:58 - 2016-03-31 01:23 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-04-13 13:58 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-04-13 13:58 - 2016-02-02 20:16 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys 2016-04-13 13:57 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-04-13 13:57 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2016-04-13 13:57 - 2016-03-31 01:56 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2016-04-13 13:57 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2016-04-13 13:57 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2016-04-13 13:57 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-04-13 13:57 - 2016-03-31 01:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2016-04-13 13:57 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2016-04-13 13:57 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2016-04-13 13:57 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-04-13 13:57 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-04-13 13:57 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2016-04-13 13:57 - 2016-03-31 01:30 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2016-04-13 13:57 - 2016-03-31 01:27 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2016-04-13 13:57 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2016-04-13 13:57 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-04-13 13:57 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-04-13 13:57 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-04-13 13:57 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-04-13 13:57 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-04-13 13:57 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-04-13 13:57 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-04-13 13:56 - 2016-04-04 08:35 - 00046768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-04-13 13:56 - 2016-04-02 15:26 - 01386496 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-04-13 13:56 - 2016-04-02 15:26 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-04-13 13:56 - 2016-03-28 15:21 - 00698368 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-04-13 13:56 - 2016-03-28 15:21 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-04-13 13:56 - 2016-03-28 15:21 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-04-13 13:56 - 2016-03-28 15:21 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2016-04-13 13:56 - 2016-03-28 15:21 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-04-13 13:56 - 2016-03-16 01:00 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-04-13 13:56 - 2016-03-15 16:14 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-04-13 13:56 - 2016-03-11 16:48 - 00833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2016-04-13 13:56 - 2016-03-10 20:22 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2016-04-13 13:56 - 2016-03-10 20:21 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2016-04-13 13:56 - 2016-03-10 20:20 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2016-04-13 13:56 - 2016-03-10 19:44 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2016-04-13 13:56 - 2016-03-10 19:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2016-04-13 13:56 - 2016-03-10 19:03 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll 2016-04-13 13:56 - 2016-03-10 18:48 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll 2016-04-13 13:56 - 2016-03-03 18:47 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2016-04-13 13:56 - 2016-03-03 18:33 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2016-04-13 13:56 - 2016-03-03 03:39 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-04-13 13:56 - 2016-03-03 03:39 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-04-13 13:56 - 2016-02-09 03:31 - 22365472 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-04-13 13:56 - 2016-02-09 03:31 - 19794896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-04-13 13:56 - 2016-02-09 03:31 - 02757616 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-04-13 13:56 - 2016-02-09 03:31 - 02412576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-04-13 13:56 - 2016-02-09 03:31 - 00273264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2016-04-13 13:56 - 2016-02-08 22:55 - 02712576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2016-04-13 13:56 - 2016-02-08 22:15 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll 2016-04-13 13:56 - 2016-02-08 22:02 - 01197056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll 2016-04-13 13:56 - 2016-02-08 21:48 - 12879360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-04-13 13:56 - 2016-02-08 21:43 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2016-04-13 13:56 - 2016-02-08 21:40 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll 2016-04-13 13:56 - 2016-02-08 21:39 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll 2016-04-13 13:56 - 2016-02-08 21:37 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll 2016-04-13 13:56 - 2016-02-08 21:35 - 00954880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2016-04-13 13:56 - 2016-02-08 21:34 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2016-04-13 13:56 - 2016-02-08 21:33 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll 2016-04-13 13:56 - 2016-02-08 20:50 - 03120640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2016-04-13 13:56 - 2016-02-08 19:55 - 02592256 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll 2016-04-13 13:56 - 2016-02-08 19:33 - 01278464 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll 2016-04-13 13:56 - 2016-02-08 19:12 - 14466560 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-04-13 13:56 - 2016-02-08 19:02 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2016-04-13 13:56 - 2016-02-08 19:00 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll 2016-04-13 13:56 - 2016-02-08 18:58 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll 2016-04-13 13:56 - 2016-02-08 18:55 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll 2016-04-13 13:56 - 2016-02-08 18:53 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll 2016-04-13 13:56 - 2016-02-08 18:53 - 01348096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-04-13 13:56 - 2016-02-08 18:50 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2016-04-13 13:56 - 2016-02-08 18:50 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2016-04-13 13:56 - 2016-02-08 18:48 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2016-04-13 13:56 - 2016-02-08 18:47 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2016-04-13 13:56 - 2016-02-08 18:44 - 00955392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2016-04-13 13:56 - 2016-02-05 16:46 - 01455104 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe 2016-04-13 13:56 - 2016-02-03 17:14 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys 2016-04-13 13:56 - 2016-02-03 17:11 - 01673728 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll 2016-04-13 13:56 - 2016-02-02 19:51 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll 2016-04-13 13:56 - 2016-02-02 19:19 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll 2016-04-13 13:56 - 2016-02-02 19:15 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll 2016-04-13 13:56 - 2016-02-02 19:01 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll 2016-04-13 13:56 - 2016-02-02 18:51 - 02609152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll 2016-04-13 13:56 - 2016-02-02 18:48 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll 2016-04-13 13:56 - 2016-02-02 18:46 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll 2016-04-13 13:56 - 2016-02-02 18:41 - 02170880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2016-04-13 13:56 - 2016-02-02 18:39 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll 2016-04-13 13:56 - 2016-01-27 17:18 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2016-04-13 13:56 - 2016-01-26 21:15 - 00072024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys 2016-04-13 13:56 - 2016-01-21 21:35 - 00952928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2016-04-13 13:56 - 2016-01-21 20:42 - 00786152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2016-04-13 13:56 - 2016-01-21 00:40 - 00099672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys 2016-04-13 13:56 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2016-04-13 13:56 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2016-04-13 13:55 - 2016-03-29 16:05 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2016-04-13 13:55 - 2016-03-10 21:19 - 07452512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-04-13 13:55 - 2016-03-10 21:17 - 01663192 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-04-13 13:55 - 2016-03-10 21:17 - 01523216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-04-13 13:55 - 2016-03-10 21:17 - 01490128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2016-04-13 13:55 - 2016-03-10 21:17 - 01358960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2016-04-13 13:55 - 2016-03-10 21:17 - 01133752 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-04-13 13:55 - 2016-03-10 19:48 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-04-13 13:55 - 2016-03-10 19:43 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll 2016-04-13 13:55 - 2016-03-10 18:55 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll 2016-04-13 13:55 - 2016-03-10 18:42 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll 2016-04-13 13:55 - 2016-03-03 18:13 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll 2016-04-13 13:55 - 2016-02-07 01:05 - 00551256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2016-04-13 13:55 - 2016-02-07 00:41 - 00316760 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys 2016-04-13 13:55 - 2016-02-05 21:07 - 00378712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2016-04-13 13:55 - 2016-02-05 17:11 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2016-04-13 13:55 - 2016-02-05 17:11 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL 2016-04-13 13:55 - 2016-02-05 17:07 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL 2016-04-13 13:55 - 2016-02-05 17:02 - 01083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2016-04-13 13:55 - 2016-02-04 20:07 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpsapi.dll 2016-04-13 13:55 - 2016-02-04 19:35 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpsapi.dll 2016-04-13 13:55 - 2016-02-04 18:23 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll 2016-04-13 13:55 - 2016-02-04 18:22 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll 2016-04-13 13:55 - 2016-02-02 19:18 - 01574912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe 2016-04-13 13:55 - 2016-01-31 19:17 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe 2016-04-13 13:55 - 2016-01-22 07:22 - 02487296 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll 2016-04-13 13:55 - 2016-01-22 07:11 - 01482240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-05-11 17:19 - 2015-02-22 21:08 - 00753152 ___SH C:\Users\André\Downloads\Thumbs.db 2016-05-11 17:17 - 2015-02-01 12:26 - 00601600 ___SH C:\Users\André\Desktop\Thumbs.db 2016-05-11 17:17 - 2013-02-02 18:30 - 00000000 ____D C:\Program Files (x86)\Steam 2016-05-11 17:16 - 2016-03-18 22:35 - 00000000 ____D C:\ProgramData\NVIDIA 2016-05-11 17:16 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-05-11 17:15 - 2015-01-31 22:04 - 00000000 ____D C:\Users\André 2016-05-11 17:12 - 2013-01-03 15:41 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-05-11 16:00 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-05-11 14:55 - 2015-03-13 21:29 - 00000000 ____D C:\Users\André\Downloads\Archives 2016-05-11 14:51 - 2015-02-06 20:43 - 00003930 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E60977FA-3A81-4898-8919- E45EAAFEA251} 2016-05-11 10:58 - 2013-01-02 14:08 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-447048058- 3512354665-2473454594-1001 2016-05-10 21:20 - 2015-07-29 16:33 - 00000000 ____D C:\Users\André\AppData\Local\Battle.net 2016-05-10 20:59 - 2015-07-29 16:33 - 00000000 ____D C:\Program Files (x86)\Battle.net 2016-05-10 20:28 - 2013-01-11 20:51 - 00000000 ____D C:\Users\André\AppData\LocalLow\Temp 2016-05-10 18:15 - 2016-03-19 15:32 - 00000000 ____D C:\Users\André\AppData\Local\CrashDumps 2016-05-10 18:15 - 2013-05-04 10:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2016-05-10 18:13 - 2013-05-07 16:01 - 00078208 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys 2016-05-10 18:13 - 2013-05-04 10:38 - 00146712 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys 2016-05-10 17:36 - 2014-09-24 19:06 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-05-10 17:23 - 2013-08-22 15:25 - 01048576 ___SH C:\WINDOWS\system32\config\BBI 2016-05-10 17:17 - 2013-01-03 16:09 - 00000000 ____D C:\Users\André\AppData\Roaming\Skype 2016-05-10 15:50 - 2013-02-18 14:36 - 00007667 _____ C:\Users\André\AppData\Local\resmon.resmoncfg 2016-05-10 15:43 - 2013-11-11 21:04 - 00000000 ____D C:\AdwCleaner 2016-05-10 15:33 - 2014-09-24 19:06 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-05-10 15:33 - 2014-01-06 18:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-05-10 14:28 - 2014-09-24 19:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-05-10 14:21 - 2014-12-29 11:31 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2016-05-10 14:20 - 2013-01-05 14:01 - 00000000 ____D C:\Program Files (x86)\Adobe 2016-05-10 14:20 - 2013-01-03 15:39 - 00000000 ____D C:\ProgramData\Adobe 2016-05-09 21:53 - 2014-11-21 05:35 - 01980998 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-05-09 21:53 - 2014-11-21 04:45 - 00841326 _____ C:\WINDOWS\system32\perfh007.dat 2016-05-09 21:53 - 2014-11-21 04:45 - 00191558 _____ C:\WINDOWS\system32\perfc007.dat 2016-05-09 21:53 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf 2016-05-09 21:44 - 2013-06-19 16:13 - 00000000 ____D C:\Users\André\AppData\Roaming\TS3Client 2016-05-09 20:47 - 2014-01-13 17:25 - 00000000 ____D C:\Users\André\AppData\Local\DayZ 2016-05-08 20:22 - 2015-10-01 18:48 - 00000000 ____D C:\Users\André\AppData\Roaming\Spotify 2016-05-08 20:17 - 2015-10-09 13:23 - 00000000 ____D C:\Users\André\AppData\Local\Spotify 2016-05-08 19:54 - 2015-04-02 12:38 - 00000000 ____D C:\Users\André\Downloads\Wallpaper 2016-05-08 12:15 - 2015-01-30 20:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-05-07 23:23 - 2013-07-06 14:35 - 00000000 ____D C:\Users\André\Documents\My Games 2016-05-06 14:23 - 2015-08-30 19:09 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX 2016-05-06 14:23 - 2015-08-30 19:09 - 00000000 ___SD C:\WINDOWS\system32\GWX 2016-05-06 14:23 - 2015-02-03 19:00 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-05-05 00:43 - 2016-03-26 00:19 - 00000000 ____D C:\Program Files (x86)\Hearthstone 2016-05-04 21:02 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps 2016-05-04 21:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-05-02 20:31 - 2013-01-12 14:43 - 00000000 ____D C:\Users\André\AppData\Local\ElevatedDiagnostics 2016-04-29 21:41 - 2016-02-18 20:30 - 00000000 ____D C:\Users\André\Documents\CCleaner Reg Backups! 2016-04-29 07:31 - 2015-03-24 14:29 - 00000000 ____D C:\Users\André\Downloads\LUPO 2016-04-29 06:35 - 2013-01-11 20:49 - 00000000 ____D C:\Users\André\AppData\Roaming\DVDVideoSoft 2016-04-27 20:40 - 2014-08-16 14:13 - 00000000 ____D C:\ProgramData\Package Cache 2016-04-27 20:20 - 2013-09-06 14:40 - 00000000 ____D C:\Users\André\AppData\Roaming\OBS 2016-04-26 15:17 - 2016-02-17 15:39 - 00000000 ____D C:\Users\André\AppData\Local\TeamSpeak 3 Client 2016-04-26 13:01 - 2016-01-01 15:33 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-04-26 13:01 - 2013-01-03 16:09 - 00000000 ____D C:\ProgramData\Skype 2016-04-24 20:44 - 2016-03-25 15:57 - 00001416 _____ C:\Users\Public\Desktop\Free YouTube To MP3 Converter.lnk 2016-04-24 20:44 - 2013-08-18 13:28 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft 2016-04-24 20:44 - 2013-01-11 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2016-04-20 12:35 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache 2016-04-16 21:16 - 2013-01-03 15:41 - 00003766 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2016-04-14 16:20 - 2013-01-02 14:01 - 00000000 ____D C:\Users\André\AppData\Local\Packages 2016-04-14 16:18 - 2012-11-22 11:37 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-04-14 16:17 - 2013-01-18 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ 2016-04-14 16:17 - 2013-01-18 20:38 - 00000000 ____D C:\Program Files (x86)\THQ 2016-04-14 16:15 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files\Windows Sidebar 2016-04-14 16:15 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar 2016-04-14 16:12 - 2015-03-27 22:10 - 00000000 ____D C:\WINDOWS\Minidump 2016-04-14 14:43 - 2013-08-22 16:44 - 00405368 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-04-13 20:59 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData 2016-04-13 19:20 - 2013-08-15 12:24 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-04-13 19:17 - 2013-01-03 18:22 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-04-13 13:50 - 2016-01-13 13:43 - 00177488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-04-13 13:47 - 2016-03-09 15:30 - 01501488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-04-13 13:47 - 2016-03-09 15:30 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2016-04-13 13:46 - 2016-03-09 15:30 - 01737080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-09-14 19:20 - 2014-09-14 19:20 - 0000297 _____ () C:\Users\André\AppData\Roaming\BreakingPoint_Login.ini 2014-09-14 19:23 - 2014-09-14 19:23 - 0001370 _____ () C:\Users\André\AppData\Roaming\BreakingPoint_Options.ini 2014-02-15 10:22 - 2014-02-15 10:22 - 0000011 _____ () C:\Users\André\AppData\Roaming\Network Meter_Usage.ini 2013-08-21 13:54 - 2013-12-21 14:58 - 0000134 _____ () C:\Users\André\AppData\Roaming\Network Monitor II_Traffic.ini 2013-08-21 13:04 - 2013-08-21 13:04 - 0000725 _____ () C:\Users\André\AppData\Roaming\Ping Monitor_Settings.ini 2014-12-21 15:16 - 2014-12-21 15:16 - 0000000 _____ () C:\Users\André\AppData\Roaming\Stardockfences_debug_snapshot.dat 2014-06-19 18:50 - 2014-06-19 18:50 - 0000024 _____ () C:\Users\André\AppData\Roaming\temp.ini 2013-02-16 16:01 - 2013-02-19 18:05 - 0004608 _____ () C:\Users\André\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-03-13 21:16 - 2016-03-13 21:16 - 0007890 _____ () C:\Users\André\AppData\Local\recently-used.xbel 2013-02-18 14:36 - 2016-05-10 15:50 - 0007667 _____ () C:\Users\André\AppData\Local\resmon.resmoncfg 2013-11-25 18:04 - 2013-11-25 18:04 - 0000057 _____ () C:\ProgramData\Ament.ini 2013-01-02 14:02 - 2013-01-02 14:02 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc Einige Dateien in TEMP: ==================== C:\Users\André\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-05-10 21:06 ==================== Ende von FRST.txt ============================ Geändert von Chronos5896 (11.05.2016 um 16:37 Uhr) Grund: Korrektur |
11.05.2016, 16:35 | #11 |
| Windows 8: Für mich unbekannter Trojaner von Avira gefunden Addition Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:09-05-2016 durchgeführt von André (2016-05-11 17:23:00) Gestartet von C:\Users\André\Desktop Windows 8.1 (X64) (2015-01-31 20:32:58) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-447048058-3512354665-2473454594-500 - Administrator - Enabled) André (S-1-5-21-447048058-3512354665-2473454594-1001 - Administrator - Enabled) => C:\Users\André Gast (S-1-5-21-447048058-3512354665-2473454594-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-447048058-3512354665-2473454594-1003 - Limited - Enabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20039 - Adobe Systems Incorporated) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated) Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version: - Ensemble Studios) Apple Application Support (32-Bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) Arma 3 (HKLM\...\Steam App 107410) (Version: - Bohemia Interactive) Assassin's Creed IV Black Flag (HKLM-x32\...\Steam App 242050) (Version: - Ubisoft Montreal) Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG) Avira Launcher (HKLM-x32\...\{3b87484e-d70b-4b4f-ad59-2ae89571e2cf}) (Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG) Avira Launcher (HKLM-x32\...\{74d1ef14-dd39-4749-b051-e183a1e27f5e}) (Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG) Avira Launcher (HKLM-x32\...\{ccdc9cfe-8ba7-4c6c-ac5f-b2d6cfa49efc}) (Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG) Avira Launcher (x32 Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG) Hidden Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield 2(TM) (HKLM-x32\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version: - ) Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Call of Duty: Black Ops II - Multiplayer (HKLM\...\Steam App 202990) (Version: - Treyarch) Call of Duty: Black Ops II - Zombies (HKLM\...\Steam App 212910) (Version: - ) Call of Duty: Black Ops II (HKLM\...\Steam App 202970) (Version: - Treyarch) Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform) Cosmic DJ (HKLM\...\Steam App 297110) (Version: - Gl33k) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.) CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.) CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.) CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4319 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DayZ (HKLM\...\Steam App 221100) (Version: - Bohemia Interactive) Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - Klei Entertainment) Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version: - Klei Entertainment) DVDVideoSoftTB DE Toolbar (HKLM-x32\...\DVDVideoSoftTB_DE Toolbar) (Version: 6.9.0.16 - DVDVideoSoftTB DE) Empire Earth II (HKLM-x32\...\{DF315348-721C-40B8-BAE2-58C6C7D935A2}) (Version: 1.02 - Sierra) Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version: - Bethesda Game Studios) Fistful of Frags (HKLM-x32\...\Steam App 265630) (Version: - Fistful of Frags Team) Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Garry) GD Hardware Scan (HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\GD Hardware Scan) (Version: 00.00.00.01 - Social Web Tech LTD) Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version: - Rockstar North) Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden Hotline Miami (HKLM\...\Steam App 219150) (Version: - Dennaton Games) Hotline Miami 2: Wrong Number (HKLM\...\Steam App 274170) (Version: - Dennaton Games) HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd) HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1206 - Hewlett-Packard) HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (HKLM\...\{61ADDE9C-3AE6-46FC-9127-DFFF637AED03}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Deskjet 3050A J611 series Hilfe (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard) HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.2.8.25 - Hewlett-Packard Company) HP Support Solutions Framework (HKLM-x32\...\{B1AD4FFB-DD17-43EC-8C30-B9E71EAD9132}) (Version: 12.2.8.17 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan) iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.) Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation) League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games ) League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden LibreOffice 4.0.0.3 (HKLM-x32\...\{8EA569F1-97AF-4C3E-A0CB-4846C2D35A81}) (Version: 4.0.0.3 - The Document Foundation) Mediapurge (HKLM-x32\...\Mediapurge) (Version: 5.74 - Peter Lorenz) METAL GEAR SOLID V: GROUND ZEROES (HKLM-x32\...\Steam App 311340) (Version: - Kojima Productions) METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM-x32\...\Steam App 287700) (Version: - Konami Digital Entertainment) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation) Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) Mozilla Firefox 46.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 de)) (Version: 46.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.2 - Notepad++ Team) NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 364.51 - NVIDIA Corporation) NVIDIA GeForce Experience 2.11.2.55 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.2.55 - NVIDIA Corporation) NVIDIA Grafiktreiber 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.51 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation) NVIDIA Miracast Virtueller Ton 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 364.51 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) Oblivion (HKLM-x32\...\{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}) (Version: 1.2.0416 - Bethesda Softworks) Oddworld: New 'n' Tasty (HKLM-x32\...\Steam App 314660) (Version: - Just Add Water (Developments), Ltd.) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation) Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.) Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC) ParkControl (HKLM-x32\...\ParkControl) (Version: 1.0.1.1 - Bitsum) Path of Exile (HKLM-x32\...\Steam App 238960) (Version: - Grinding Gear Games) PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.) Portal (HKLM-x32\...\Steam App 400) (Version: - Valve) Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve) Prezi (HKLM-x32\...\{63B8F931-2BF3-4D5D-9C28-E2EF88D83DFD}) (Version: 5.2.8 - Ihr Firmenname) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.) Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games) Rust (HKLM\...\Steam App 252490) (Version: - Facepunch Studios) Savant - Ascent (HKLM-x32\...\Steam App 259530) (Version: - DPad Studios) SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.11.2.55 - NVIDIA Corporation) Hidden Shovel Knight (HKLM-x32\...\Steam App 250760) (Version: - Yacht Club Games) Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.) Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.) Source SDK Base 2006 (HKLM-x32\...\Steam App 215) (Version: - Valve) Spelunky (HKLM-x32\...\Steam App 239350) (Version: - ) Splinter Cell Pandora Tomorrow (HKLM-x32\...\{084A9731-D05B-4ADA-B4A0-0ADD25FD7152}) (Version: 1.00.000 - ) Spore (HKLM-x32\...\Steam App 17390) (Version: - Maxis™) Spore: Creepy & Cute Parts Pack (HKLM-x32\...\Steam App 17440) (Version: - Maxis™) Spore: Galactic Adventures (HKLM-x32\...\Steam App 24720) (Version: - EA - Maxis) Spotify (HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Spotify) (Version: 1.0.28.87.g8f9312a4 - Spotify AB) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: 1.20.0000 - Firefly Studios) Stronghold 2 (HKLM-x32\...\{16D2C649-CBA8-44EE-B730-12584667D487}) (Version: 1.40.1000 - Firefly Studios) Stronghold Legends (HKLM-x32\...\{66A405D2-BA14-4594-BF36-B3B544F0754E}) (Version: 1.20.0000 - Firefly Studios) Studie zur Verbesserung von HP Deskjet 3050A J611 series Produkten (HKLM\...\{EF27865C-E636-47C4-8B35-CE8A88045681}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve) TeamSpeak 3 Client (HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH) Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic) The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version: - Nicalis, Inc.) The Culling (HKLM\...\Steam App 437220) (Version: - Xaviant) The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios) The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts) TI xHCI Filter Driver 1.0.0.4 (HKLM-x32\...\TI xHCI Filter Driver) (Version: 1.0.0.4 - Texas Instruments Inc.) TI-Nspire™ Computer Link (HKLM-x32\...\{6C5AC088-3136-4043-8985-8B0772A9580E}) (Version: 3.9.0.455 - Texas Instruments Inc.) Titan Quest (HKLM-x32\...\{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}) (Version: 1.00.0000 - Iron Lore) Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Steam App 359550) (Version: - Ubisoft Montreal) Tom Clancy's Splinter Cell (HKLM-x32\...\{A174402A-2EE6-4B86-A930-7BC85A9933BD}) (Version: 1.00.000 - ) Tom Clancy's Splinter Cell Chaos Theory (HKLM-x32\...\{888DD888-82BE-4D85-BCB2-2E042CD3E844}) (Version: 1.05.157 - Ubisoft) Tom Clancy's Splinter Cell Double Agent (HKLM-x32\...\{CAD1691A-FA24-4B95-9009-3257B8440ECC}) (Version: 1.00.0000 - Ubisoft) Torchlight (HKLM-x32\...\{4F64A46D-67F7-4497-AEA2-313D4305A5F6}) (Version: 1.0.0 - JoWooD) Total War: SHOGUN 2 (HKLM-x32\...\Steam App 34330) (Version: - The Creative Assembly) UE4 Prerequisites (x64) (HKLM-x32\...\{b46d36bc-2438-471e-abe8-1fbbd51754ee}) (Version: 1.0.10.0 - Epic Games, Inc.) UE4 Prerequisites (x64) (Version: 1.0.10.0 - Epic Games, Inc.) Hidden Unity Web Player (HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS) Uplay (HKLM-x32\...\Uplay) (Version: 13.0 - Ubisoft) VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN) Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.) Warface Launcher (Beta) (HKLM-x32\...\{28D1723C-31C4-4A83-9799-DFFB3739026D}) (Version: 1.0.0 - Crytek GmbH) WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 3.0.2.1739 - 1&1 Mail & Media GmbH) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) Windows Phone app for desktop (HKLM-x32\...\{19773614-FC22-4ACC-AAA3-E6BDA81ACF92}) (Version: 1.1.2726.0 - Microsoft Corporation) WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) Xfire (remove only) (HKLM-x32\...\Xfire) (Version: - ) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-447048058-3512354665-2473454594-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\André\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {07B1D83F-8BE6-4268-AC95-5B99EDED3305} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard) Task: {1134DC2D-A6A0-4857-8DFB-4E0F493CAD27} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-01-29] (Oracle Corporation) Task: {209E117D-060D-4095-8226-DA5E1595625F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-13] (Microsoft Corporation) Task: {3580C528-E0CC-4735-86E3-63A0B8BCC508} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd) Task: {47FBDEF3-2941-4F4E-B108-6C180438BAE8} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard) Task: {49C98BDB-BD1D-44D9-96D6-A9FD5A0AA4AA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-04-06] (Hewlett-Packard) Task: {4F62D898-94B2-44CA-967B-B256E3AA2E0F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-03-07] (Hewlett-Packard) Task: {515A7EF6-E89A-4707-835F-F8036BCBB02A} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => C:\Windows\system32\GWX\GWXDetector.exe [2016-04-26] (Microsoft Corporation) Task: {6F39FF7F-B3BA-4B3A-A5AB-3A23DF5DAB64} - System32\Tasks\ScanToPCActivationApp.exe_{1848EEB4-045A-492D-97B5-A1ABDF8FFF51} => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2012-10-17] (Hewlett-Packard Co.) Task: {92B2AB27-9A52-4CB1-8134-B402BA47CF27} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {9D530CB6-040B-44AE-9475-D09A3FB7A7AC} - System32\Tasks\AdobeFlashPlayerUpdate => C:\windows\SysWOW64\FlashPlayerUpdateService.exe Task: {9DC3DA29-DD1B-43FF-AE81-EAAF2E7E2D03} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-16] (Adobe Systems Incorporated) Task: {A5222A0D-D798-4B9B-AB9E-7AE2C8386DCC} - System32\Tasks\{4E94E5CB-7B80-4D4F-9653-5B045DBB0562} => pcalua.exe -a "C:\Users\André\Desktop\Slender\Slender - The Eight Pages.exe" -d C:\Users\André\Desktop\Slender Task: {C1A2FCF6-99E3-4AE2-9EA2-48A2DE8E20AC} - System32\Tasks\ParkControl => C:\Program Files\ParkControl\ParkControl.exe [2015-12-19] (Bitsum LLC) Task: {CE8DAAA5-D76A-4FA8-9C91-D49F86D10B9A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {D019B7C6-F960-47C3-90A7-9C8E4C03031F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company) Task: {D36339C6-3F6E-4807-AD00-0BB992F63485} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\windows\SysWOW64\FlashPlayerUpdateService.exe Task: {D506C41B-B7C3-473F-B43A-792AF9162E0D} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe Task: {D66487DC-8EB8-41B7-8AB1-DB26B7F97C86} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {FDD4D2D1-CB44-4FBA-B4E2-759CB8AA2E0C} - System32\Tasks\Game_Booster_Startup => C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\HP Deskjet 3050A J611 series.exe_{ADEB0F8D-477A-423E-88C7-3805843D3C4B}.job => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HP Deskjet 3050A J611 series.exeĖ-install -prfn HP Deskjet 3050A J611 series (Netzwerk) -ePCUrl hxxps:/h30495.www3.hp.com Task: C:\WINDOWS\Tasks\HPCustPartic.exe_{490607ED-986D-40BF-BE2C-16BB55AA064D}.job => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe Task: C:\WINDOWS\Tasks\ScanToPCActivationApp.exe_{E224E030-DCCD-4312-8F4E-8929E6A12B66}.job => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe Task: C:\WINDOWS\Tasks\Toolbox.exe_{69C0F34C-8CBD-4512-B13B-F24BE0CC5553}.job => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\Toolbox.exe Task: C:\WINDOWS\Tasks\XboxStatTask.job => C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2016-03-18 22:35 - 2016-03-08 08:27 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2012-07-30 15:30 - 2012-07-30 15:30 - 00453744 ____N () C:\Program Files (x86)\Hewlett-Packard\Recovery\Protect.dll 2016-03-18 23:56 - 2016-03-18 23:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-03-18 23:56 - 2016-03-18 23:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2016-03-18 22:37 - 2016-03-30 03:21 - 00366528 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll 2016-03-18 22:36 - 2016-03-30 03:21 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll 2016-04-01 13:38 - 2016-03-30 03:21 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll 2016-03-18 22:37 - 2016-03-30 03:22 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll 2013-01-03 19:54 - 2015-03-26 21:23 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe 2016-04-01 13:38 - 2016-03-30 03:21 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll 2016-04-01 13:38 - 2016-03-30 03:22 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll 2016-03-18 22:37 - 2016-03-30 03:22 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll 2016-04-01 13:38 - 2016-03-30 03:21 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll 2016-04-01 13:38 - 2016-03-30 03:20 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll 2016-04-01 13:38 - 2016-03-30 03:20 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll 2014-12-10 19:08 - 2016-04-26 12:38 - 00120912 _____ () C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe 2016-03-11 22:49 - 2016-03-11 22:49 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll 2014-11-23 10:58 - 2016-03-23 14:06 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll 2014-11-23 10:58 - 2016-03-23 14:06 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll 2014-11-23 10:58 - 2016-03-23 14:06 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll 2014-11-23 10:58 - 2016-03-23 14:06 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll 2014-11-23 10:58 - 2016-03-23 14:06 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll 2014-11-23 10:58 - 2016-03-23 14:06 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll 2016-03-18 22:36 - 2016-03-30 03:28 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2013-03-12 18:10 - 2016-04-29 22:10 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2015-01-23 16:20 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll 2014-05-23 14:15 - 2016-04-30 02:10 - 02549840 _____ () C:\Program Files (x86)\Steam\video.dll 2015-01-23 16:20 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2015-01-23 16:20 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2014-08-29 14:47 - 2016-02-09 01:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2014-08-29 14:47 - 2016-02-09 01:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2014-08-29 14:47 - 2016-02-09 01:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2014-08-29 14:47 - 2016-02-09 01:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2014-08-29 14:47 - 2016-02-09 01:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2013-02-02 18:37 - 2016-04-30 02:10 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2016-03-09 15:02 - 2016-02-18 00:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll 2013-02-02 18:37 - 2016-04-28 03:00 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2012-11-22 11:38 - 2012-07-18 10:50 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\André\Downloads\Wallpaper\wallhaven-156813.jpg DNS Servers: 192.168.0.1 - 192.168.0.2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: AMD External Events Utility => 2 MSCONFIG\Services: Apple Mobile Device => 2 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: Origin Client Service => 3 MSCONFIG\Services: WeGameClientService => 2 HKLM\...\StartupApproved\StartupFolder: => "Speedport W 101 WLAN Manager.lnk" HKLM\...\StartupApproved\StartupFolder: => "LOLRecorder.lnk" HKLM\...\StartupApproved\StartupFolder: => "simplicheck.lnk" HKLM\...\StartupApproved\Run: => "XboxStat" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "APSDaemon" HKLM\...\StartupApproved\Run32: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "BingDesktop" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKLM\...\StartupApproved\Run32: => "QuickTime Task" HKLM\...\StartupApproved\Run32: => "BF2Hub Client" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\StartupFolder: => "Xfire.lnk" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\StartupFolder: => "OpenOffice.org 3.4.1.lnk" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\StartupFolder: => "Steam.lnk" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "Akamai NetSession Interface" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "SUPERAntiSpyware" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "GUDelayStartup" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "Spotify Web Helper" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{2F81C9A0-7BBE-4D71-8051-29AB84EE6F7C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{9DE8F934-ADAD-4318-880A-BA8C00675792}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{525FF56F-BD8E-4FF1-AC06-78A70ED5832D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SavantAscent\Savant_Ascent.exe FirewallRules: [{40D1C4D5-5783-45CE-B50D-2EEC03C7C17A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SavantAscent\Savant_Ascent.exe FirewallRules: [UDP Query User{C90CE360-557C-4657-B704-20F529B34C8E}C:\songan's ttt server - kopie\srcds.exe] => (Allow) C:\songan's ttt server - kopie\srcds.exe FirewallRules: [TCP Query User{D4F0CF27-9B16-40CA-B125-178FA527F955}C:\songan's ttt server - kopie\srcds.exe] => (Allow) C:\songan's ttt server - kopie\srcds.exe FirewallRules: [{A3195EE6-31BB-4692-B88C-0E8C843A9BF7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3y.exe FirewallRules: [{06EA1C1B-FFA2-492D-8A33-9B57E002C990}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3y.exe FirewallRules: [{E1EB2855-1798-4EDE-8B3B-82F5861378C5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3x.exe FirewallRules: [{FE4BB57F-B9C3-4B90-9532-3E31FAD1EC69}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3x.exe FirewallRules: [{557AFC36-E381-4CA4-AEE1-AC9E8DABCAF7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3.exe FirewallRules: [{31EE1A19-89CE-40CC-9182-EF6F2780E78D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3.exe FirewallRules: [{FC0B2104-7D49-442C-97B7-677F51721FFA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{03DEC87D-CCA7-47CD-9190-805E58AD02C6}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{0B154B0F-E8BF-4E10-9AFB-602ACE45A389}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe FirewallRules: [{EA882129-9F6E-47F3-B8A1-B714FAC38BB0}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe FirewallRules: [{BDB3192D-E7E9-413A-9396-70B3873A65C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{9C5C6319-4BD7-4958-AF85-0390C636FE26}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{0344D2C1-5B07-4B6F-9100-DC8397B20E52}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shovel Knight\ShovelKnight.exe FirewallRules: [{6060FB65-6E8E-42FF-B1B8-775DECDC7404}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shovel Knight\ShovelKnight.exe FirewallRules: [{14ABDB4B-012F-4764-A146-87C57D507349}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe FirewallRules: [{3ECB7973-9619-405E-A6BE-1388AE65C0B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe FirewallRules: [{E3578200-F99C-4118-8086-3D55D018DEBE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe FirewallRules: [{77A50C45-2191-4923-814A-6E2BA8B0A02E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe FirewallRules: [{D35C7CB8-288E-4C90-B301-D96FD6B4F1C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporebinEP1\SporeApp.exe FirewallRules: [{654C398B-5DF4-4B24-B2E4-377168A393CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporebinEP1\SporeApp.exe FirewallRules: [{355A24CE-660C-4E0D-B3CF-5F9A3A64C921}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\runme.exe FirewallRules: [{22118AC4-2C6C-4A21-98E3-22CFE6EF30C1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\runme.exe FirewallRules: [{F1B9229F-40C8-4BF7-8D09-07764066B3BF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe FirewallRules: [{2673C359-B53B-40E4-9129-0E366B225601}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe FirewallRules: [{19FCCC1D-B026-4BE5-9F5E-A60048284120}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe FirewallRules: [{2F8C6559-20EB-4C1C-A37B-B5B2985E543D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe FirewallRules: [{31DF9A60-1465-4A7A-B93D-7EFBCDCFFCF2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{3887276F-6885-4E22-9F4B-3ABC201D6449}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{D4C2095B-7F89-4922-B8C4-B8827F84A2DB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{D0268C2D-602B-4546-BA83-BB6BABE79EDF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{2CA630FB-839D-40DB-9F36-228B7F224361}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe FirewallRules: [{AF7CEDE2-2D7E-4353-8884-1C2491D82A4C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe FirewallRules: [UDP Query User{AB62C390-516F-4D0D-9FA3-691F9B6D52D2}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe FirewallRules: [TCP Query User{61338F15-C415-4289-88E5-E4D1456EF082}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe FirewallRules: [{AE67764D-BD85-405D-909A-B40D6A2D364B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe FirewallRules: [{A05353E0-15C5-4636-91E5-3EC3DB7A9298}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe FirewallRules: [{74FD4306-F4CE-4F02-AA0A-66FABFAF2526}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe FirewallRules: [{D8D25627-2D6B-416C-A1B7-F15DB81C4CC1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe FirewallRules: [UDP Query User{60F2F817-AD57-4421-9452-9459338C4CB0}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe FirewallRules: [TCP Query User{04AD78F5-1C42-4AC3-8B08-0F992D282CA5}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe FirewallRules: [UDP Query User{6484B4C8-1523-4FEA-896C-6D9D95068AA8}C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe] => (Allow) C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe FirewallRules: [TCP Query User{510AED7B-4C10-43DD-9E41-C64994BFEC9E}C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe] => (Allow) C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe FirewallRules: [{10B45A3C-510B-49D0-B8E9-18C5B443BB7F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{DC6B5AFF-687B-42F4-B773-5B4C844B8A0A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{937343C7-994B-47F9-A316-66587B212F11}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe FirewallRules: [{1A3EF871-27E4-4CBC-B74B-B2383F0DFFF9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe FirewallRules: [{E54F4129-E34D-4242-B28A-3934E7456BA7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{DA5F7BAC-034D-4514-AB1E-3A8F49EC98FC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{4CCB3275-446A-4A5E-984B-E661A5906CE1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{3B2F061E-9DEE-4A60-BB66-553D949A1CE8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{16766F7A-84A3-47D2-BB13-C739A79A6BC4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{F4AD3048-6EC2-4C89-9AE4-3079E222A515}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{4C19DB87-1819-4DEC-A423-C5D30DED153C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe FirewallRules: [{B76F0C57-6BE2-41BA-8FDC-D600A548733A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe FirewallRules: [UDP Query User{C7B0AA1C-B270-46B5-A6DD-E789B6CF0316}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe FirewallRules: [TCP Query User{434FF7C0-9231-4B8F-98BD-4272CB9EA40F}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe FirewallRules: [UDP Query User{4368F7BC-2A7C-4AF9-AB66-A7C6C67449E8}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe FirewallRules: [TCP Query User{CA39CCB2-445B-4394-977C-B740672B0350}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe FirewallRules: [{D5C94B11-2437-48C8-A43B-1EBADF3BE765}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe FirewallRules: [{A878638D-E967-4491-BF24-9D823CEE97A8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe FirewallRules: [{B04BA630-71E3-48BB-A53D-43E9B3AD9A5F}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{4E37412E-E309-4DA4-84C7-61826D930253}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe FirewallRules: [{BE7C4B8C-D22C-4D39-8769-D7D17B52C432}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe FirewallRules: [{81FA855D-D76B-4447-984C-FD3599D90623}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [{67C1EB95-DE28-4F2B-9058-7B3A2C72D823}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [UDP Query User{816344A6-B7AA-436A-BAF9-ED24DFB232A6}C:\gog games\arcanum\arcanum.exe] => (Block) C:\gog games\arcanum\arcanum.exe FirewallRules: [TCP Query User{FCADCA24-8865-4D9D-A358-492C0B930FD7}C:\gog games\arcanum\arcanum.exe] => (Block) C:\gog games\arcanum\arcanum.exe FirewallRules: [{CC9108CA-CAB2-488E-8173-A09E6DBEFB19}] => (Allow) C:\Program Files (x86)\7DaysToDie-Alpha\7DaysToDie.exe FirewallRules: [{6E596561-2567-4AA7-8292-2F13D08053FD}] => (Allow) C:\Program Files (x86)\7DaysToDie-Alpha\7DaysToDie.exe FirewallRules: [{E211D57C-F8D2-4000-8717-F6EB9BFED9C1}] => (Allow) C:\Program Files (x86)\7DaysToDie-Alpha\7DaysToDie.exe FirewallRules: [{89D923D0-52AD-45D3-AB79-2B2FCFA7EEC9}] => (Allow) C:\Program Files (x86)\7DaysToDie-Alpha\7DaysToDie.exe FirewallRules: [UDP Query User{20BC6940-EC8A-4D84-ADA8-0CAC1583C908}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{5B108050-331D-4078-91F7-333C2FD058F0}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [{F7029719-F975-4165-B9DE-4B50E21FBD96}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spelunky\Spelunky.exe FirewallRules: [{552360C1-3E4D-4478-B81A-743E57C60ADE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spelunky\Spelunky.exe FirewallRules: [UDP Query User{1AF00546-D969-4B95-BCE1-20AD60109548}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe FirewallRules: [TCP Query User{2DED59E3-BCD4-4AD1-A751-69C0D993C9C0}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe FirewallRules: [{E167F28F-3CDB-4E9C-BC93-54BA1A2C3C01}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{866386DB-549E-451B-8B08-324399D57293}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{84D5A424-B0E1-48B8-99F7-56DB8A7D831D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [{B320A94D-2C0A-40BC-A57E-B8FF09548745}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [{3D8FCAA0-AF8A-4080-B76E-91B00EEF2A12}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe FirewallRules: [{4A5D0F96-864C-488C-A3DE-31A996CDA638}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe FirewallRules: [UDP Query User{7A239781-B79A-4B27-92BB-D85A772CDE98}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe FirewallRules: [TCP Query User{7061FBA7-108A-4A04-A3F1-0C3A4259C982}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe FirewallRules: [UDP Query User{11A23F99-555C-444F-857D-496287B9A48F}G:\photoshop elements 7.0\adobephotoshopelementsmediaserver.exe] => (Allow) G:\photoshop elements 7.0\adobephotoshopelementsmediaserver.exe FirewallRules: [TCP Query User{BA0ECDB6-A448-4439-A0A6-374398724581}G:\photoshop elements 7.0\adobephotoshopelementsmediaserver.exe] => (Allow) G:\photoshop elements 7.0\adobephotoshopelementsmediaserver.exe FirewallRules: [UDP Query User{2AD03E61-6CB6-4DB2-A353-217D91DEBB80}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [TCP Query User{0A63AFDA-95CA-4F6C-8E66-D7A04EF5F6CA}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [UDP Query User{854A33A6-B57B-49A4-BC0B-B447864978E7}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe FirewallRules: [TCP Query User{3D45854F-3635-4D6A-ADF4-0EBEE2575081}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe FirewallRules: [UDP Query User{979C4E21-D9C4-49F4-BCE0-EF5DA3644EDE}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{2C72D711-F6FE-41A5-8E01-8BD6424A81C9}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [{F7667282-18D2-4EEC-845E-3B3BCA6702EA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [UDP Query User{DC7BF070-51A4-41A4-B1FB-F05B12A05E32}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe FirewallRules: [TCP Query User{B9B504D2-0BED-44C8-87A1-B03F9A25CB3D}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe FirewallRules: [{88C338FE-13BA-49E4-B938-296AEF29807B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{4EEC4502-D631-42C4-8990-017FBDE70B5A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{CFC7DE7C-9FD1-46FC-86B0-78C26A9B7775}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold\Stronghold.exe FirewallRules: [{47442B8F-1B8A-4BF4-98E7-5A4025AA9F33}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold\Stronghold.exe FirewallRules: [{8E386419-8F65-43C5-A842-65EC79A74C5E}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold 2\Stronghold2.exe FirewallRules: [{0FEB2ABB-96A2-4F9B-B5DF-352080B000A0}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold 2\Stronghold2.exe FirewallRules: [UDP Query User{A73EB24B-5760-406C-92F6-01680BFD0E17}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{ABC0EAEB-F6E3-42D6-A4AF-E4698720895E}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{615E09E1-58DF-4F2B-9001-EC72C28F1ED4}C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\system\splintercell3.exe] => (Allow) C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\system\splintercell3.exe FirewallRules: [TCP Query User{199F5DA8-537B-4802-A081-BCC0BDCA4D49}C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\system\splintercell3.exe] => (Allow) C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\system\splintercell3.exe FirewallRules: [{84A117B9-6229-4B07-AA4C-592C006DAF17}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Legends\StrongholdLegends.exe FirewallRules: [{F547011A-F4A2-4823-9514-BFBC0F04DF47}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Legends\StrongholdLegends.exe FirewallRules: [UDP Query User{1F14F8E7-EF0B-4C0D-A2DC-7D79E56FCD90}C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe] => (Allow) C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe FirewallRules: [TCP Query User{843B521A-F575-49BB-A5E6-A8BAF3F39FDB}C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe] => (Allow) C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe FirewallRules: [{0B44211B-1D40-4E7E-B060-6CA1F81528A3}] => (Allow) LPort=1900 FirewallRules: [{CE1660CA-ECA5-44DE-A94C-25D5ADC5A300}] => (Allow) LPort=2869 FirewallRules: [{E1FD84FD-A7D8-4832-9B25-FBFC9302E2EA}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{2060FED0-2274-4EAA-BF88-879831BB9D71}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE FirewallRules: [{35E64E04-DDCC-40A5-B7DF-DC924212030D}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [TCP Query User{7A28D840-1BC8-4A6B-8A79-EFF25E28477E}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{EDD83D34-D790-4F04-AF0B-12A09F8A5F6B}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{6C8D7433-1032-4924-92EE-E231B2C60069}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{080B0641-9913-418C-83AF-B418D6421F3E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{4A0EF7F6-2123-422C-9B03-E67434EC229A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Oddworld New n Tasty\NNT.exe FirewallRules: [{863BA61A-4FEF-4D22-B6F7-2A6A445CD55D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Oddworld New n Tasty\NNT.exe FirewallRules: [TCP Query User{EE59E25E-E681-4F6D-AF72-AD2A1F391D43}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{F7147E30-BE04-4702-BB59-3CF913696D06}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{7366368D-2C3F-4C0C-94C9-79291994E5EF}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{8A83C40E-4BAC-4B5E-A74D-221CCD63CF3D}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{B0603A95-9371-4DDE-873B-3E9B50060C5E}] => (Allow) C:\Program Files (x86)\EA Games\Battlefield 2\BF2.exe FirewallRules: [{0D170153-EA06-42AA-9A18-94CF56EC2C1D}] => (Allow) C:\Program Files (x86)\EA Games\Battlefield 2\BF2.exe FirewallRules: [TCP Query User{5F2D22DE-18CE-4B5B-A2A4-AE30C787FF0F}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe FirewallRules: [UDP Query User{042AC962-6FD7-4955-A24A-518DF58804BB}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe FirewallRules: [{82DD64BA-BE73-4A59-BC83-D0CBCAD11B33}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{44407D7A-EA04-4913-90A4-F6270C3E8934}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{D5E03025-EB0F-4A7C-BB33-A3F9DD115AE6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{D9D485A7-E593-4F69-8763-71B6B32FA889}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [TCP Query User{18EBDBB0-6F97-4DBD-9FE2-E95D002547EA}C:\program files (x86)\ea games\battlefield 2\bf2.exe] => (Allow) C:\program files (x86)\ea games\battlefield 2\bf2.exe FirewallRules: [UDP Query User{73446A00-A12F-4119-8470-7F8545100C5C}C:\program files (x86)\ea games\battlefield 2\bf2.exe] => (Allow) C:\program files (x86)\ea games\battlefield 2\bf2.exe FirewallRules: [{148BD9DE-CE7B-495B-808D-4493B12374BC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe FirewallRules: [{74E5C093-E8B3-43AF-B873-FF22E5D9C20D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe FirewallRules: [{83BA189A-2359-4DF2-9B85-4243C11527B5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{B3852A97-3C8C-4718-9B64-A8BDCA0A2E5C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{75D3D7EE-8634-44FC-9B6D-398DBD05BDDC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fistful of Frags\sdk\hl2.exe FirewallRules: [{55B707B7-0D91-4B83-BD64-3B43BC35E5C3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fistful of Frags\sdk\hl2.exe FirewallRules: [TCP Query User{3FA714E6-27A8-4C83-A83D-3F14708C7522}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe FirewallRules: [UDP Query User{4B650623-F185-4E8F-B32C-923681610894}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe FirewallRules: [{3FB0EED4-4D83-4864-8256-1112E438528A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 3 goty\FalloutLauncher.exe FirewallRules: [{5EBD8610-3469-4A9A-B763-93442B6B1E9B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 3 goty\FalloutLauncher.exe FirewallRules: [{10F8A69D-4A78-43DE-A010-A8D58C912584}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe FirewallRules: [{CCC81A88-F96B-482F-A763-63A8BC4FBABD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe FirewallRules: [{04A68A81-678E-4E08-A891-118BF8A82A13}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{5601EF96-3EE6-4AC2-8E5C-9B3C70F1E055}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{F900103E-5B80-4ECD-88B4-7F921E7982DA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe FirewallRules: [{03192198-3130-4974-96A8-59765F30ABE5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe FirewallRules: [{07E757A0-BEA6-4D39-BA47-1322E5A4F972}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [{AA00C280-76B2-4D38-A4EA-F40C474FE62D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [TCP Query User{80A3FF00-1CE5-40FA-BD74-CDF7B1FEE7A5}C:\program files (x86)\ti education\ti-nspire computer link\ti-nspire computer link.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire computer link\ti-nspire computer link.exe FirewallRules: [UDP Query User{A24F1D35-3B16-4FC8-AE35-EFD7D74302B5}C:\program files (x86)\ti education\ti-nspire computer link\ti-nspire computer link.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire computer link\ti-nspire computer link.exe FirewallRules: [TCP Query User{04AEA058-464E-45DC-9F12-93012201A387}C:\program files (x86)\ti education\ti-nspire computer link\jre\bin\java.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire computer link\jre\bin\java.exe FirewallRules: [UDP Query User{BE617A23-6191-4E1B-A1CE-EF5C38152015}C:\program files (x86)\ti education\ti-nspire computer link\jre\bin\java.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire computer link\jre\bin\java.exe FirewallRules: [TCP Query User{B5EF835B-497F-41DE-BC00-7BF39F3DBAB2}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe FirewallRules: [UDP Query User{87D57B25-B389-4873-99F1-F1F4B56DB10E}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe FirewallRules: [TCP Query User{009D5093-8B1A-47ED-B2D1-75DCD3A253AF}C:\users\andré\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\andré\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{8B7F0374-A4DB-4F25-96A9-11C334A778A5}C:\users\andré\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\andré\appdata\roaming\spotify\spotify.exe FirewallRules: [{68241CF8-3F67-4606-9CD6-9B44629D1FA3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{371DDF5E-863C-4B04-AA36-9BCA8957ABAF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{B3852398-F898-4F6F-A736-001671E9D853}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{2F46FAC5-39DA-48CB-87B7-2DB63DF9CC9B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{57EA8011-8988-497E-84D0-F9502DB2A1CA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{11C55929-3DB5-4FFF-8D23-A6A63911510C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{5A8CFE7B-899A-4490-BA84-3F58FA2E8F38}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{0464378F-CD97-4216-A966-760782823490}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [TCP Query User{35496E53-0B61-408F-8762-039BB5C1035C}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [UDP Query User{2E6E8688-E1C8-47E6-B2D9-7E594F859EA7}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [{9522C61C-0FA5-42CF-99A6-8796BC8ABBB3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe FirewallRules: [{E25BCE61-2553-4378-B9C8-32AA3DE4414B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe FirewallRules: [{FABC240F-274B-47AC-858F-438E14DB95F9}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe FirewallRules: [TCP Query User{6A11780A-C673-4C25-B63A-2AC4A906E120}C:\songan's ttt server - kopie\srcds.exe] => (Allow) C:\songan's ttt server - kopie\srcds.exe FirewallRules: [UDP Query User{FEBEFACE-4396-49C6-91E1-33AFCF378EB8}C:\songan's ttt server - kopie\srcds.exe] => (Allow) C:\songan's ttt server - kopie\srcds.exe FirewallRules: [{8E73AB31-C8AD-4F78-AEBF-565629D44666}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MGS_TPP\mgsvtpp.exe FirewallRules: [{2330A750-582C-4E3D-8E02-56F0FA5E1800}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MGS_TPP\mgsvtpp.exe FirewallRules: [{7A629A0A-1D85-462A-8131-C0F1A0FED8BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe FirewallRules: [{569AB28B-79DA-4152-98C7-8FC358FC16A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe FirewallRules: [{56C07A57-BFA5-470E-8B65-52E04CA6E40E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{BDCC194D-ABA9-4892-B891-FCC35B720DD7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{55449DDA-7F51-4C61-8861-B3C700B4A81F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{B2D89EFE-0FB9-4756-9144-21CFA0AA27BA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{44F22EFC-FB2D-4E4D-B1A1-3A9C31E2D3A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{4B96DCC9-61BA-4747-8A57-9B0DEC5D083A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{1274CD60-E8E4-469D-9A12-04443BFCBAF8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{F0065602-B604-471B-AF08-8447902B5DA3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe FirewallRules: [{262C47AA-404B-48BA-8D26-F495E5069386}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe FirewallRules: [{410F82CB-A332-4660-91D6-53EC5F42E57D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheCulling\TheCulling_Launcher.exe FirewallRules: [{AFFB53C2-13B6-4304-A294-3BB329BD7A32}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheCulling\TheCulling_Launcher.exe FirewallRules: [TCP Query User{5CC79050-2FF6-4A33-8DA8-E4C465A2A3DE}C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe FirewallRules: [UDP Query User{4765706F-B3BB-43A0-B242-0A13CE229922}C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe FirewallRules: [{637479C3-5E89-4FAC-8365-DDD65B257ED8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe FirewallRules: [{EC6C7D2A-4B98-43D4-A98D-A5F23E492F17}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe FirewallRules: [{874A6590-5815-43EC-B566-7CBEB1912029}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [TCP Query User{F6A32B85-6372-45E2-92B3-0AFC0691F1B7}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [UDP Query User{99098603-601D-4775-9C3F-BEC0C8D673D8}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [{5B9E721E-7C91-4AFB-8D54-F23B323D8D38}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe FirewallRules: [{3AF93217-33B9-474C-8F86-6DA2552DA48D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe FirewallRules: [{B0ACEF2B-4DBF-4D2D-81F2-89919DADDAE2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe FirewallRules: [{2DADFF23-7A32-40C7-97D3-74EBF26FC353}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe FirewallRules: [{D904EB1D-3CF6-4D18-ABAD-152EC199EABB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe FirewallRules: [{61D4255A-0725-4A20-86E9-A34E748B4F71}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe FirewallRules: [{9211B61F-6AB9-436E-AE60-FB5D52BFC6F2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe FirewallRules: [{34F5F4C6-599F-4D22-A403-1FEFEB04F774}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe FirewallRules: [{E43876E3-8A49-45C9-A1BE-FD30D5F51304}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe FirewallRules: [{7D629C6C-2852-4C13-AE7C-C6E7D0F14E6E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe FirewallRules: [{4E5CBD26-E8EA-4812-9703-902E1871A0D9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rust\Rust.exe FirewallRules: [{7040C603-3913-4BA6-BD1E-E937BD819C14}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rust\Rust.exe FirewallRules: [TCP Query User{4C1C0507-D001-4114-820D-F8D2A26F0901}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [UDP Query User{559A0FF3-0735-4B3A-A8DC-D372E4F2896F}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [{4B42444C-39EC-4DE6-93C4-F37658C012D4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hotline Miami 2\HotlineMiami2.exe FirewallRules: [{0EEDE53D-E7BD-4BFE-8190-8761E301FC43}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hotline Miami 2\HotlineMiami2.exe FirewallRules: [{22E36B34-93CD-4B4F-A5FB-5AFFD7F9217C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe FirewallRules: [{B9204EB4-20CE-4AA5-8A1A-9324E6806329}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe FirewallRules: [{58307D7D-485E-456D-8D40-11B231A2D5F2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cosmic DJ\CosmicDJ.exe FirewallRules: [{305A4E45-3FEB-4293-B381-B5077FD9A4ED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cosmic DJ\CosmicDJ.exe FirewallRules: [{9CF03B3A-02D5-46EC-847C-B86C6D0FD8C8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [{832A744E-84A5-4E7D-96D3-870816E7DCF5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [{4960FF1E-13FB-4F4A-8842-D66DD000EB40}] => (Allow) LPort=53000 FirewallRules: [{C4B68FC8-AB08-477B-A699-8C1096FB3B7C}] => (Allow) LPort=52000 ==================== Wiederherstellungspunkte ========================= ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (05/11/2016 02:59:18 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm FRST64(1).exe, Version 9.5.2016.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1c74 Startzeit: 01d1ab84b3f55f5e Endzeit: 4294967295 Anwendungspfad: C:\Users\André\Downloads\FRST64(1).exe Berichts-ID: 21af9b2c-1778-11e6-bf76-b4b52fc7b10a Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (05/10/2016 07:38:28 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: avscan.exe, Version: 15.0.17.264, Zeitstempel: 0x56f29038 Name des fehlerhaften Moduls: AVSCPLR.DLL, Version: 15.0.17.264, Zeitstempel: 0x56f28832 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000638b ID des fehlerhaften Prozesses: 0x78c Startzeit der fehlerhaften Anwendung: 0xavscan.exe0 Pfad der fehlerhaften Anwendung: avscan.exe1 Pfad des fehlerhaften Moduls: avscan.exe2 Berichtskennung: avscan.exe3 Vollständiger Name des fehlerhaften Pakets: avscan.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: avscan.exe5 Error: (05/10/2016 06:15:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: avcenter.exe, Version: 15.0.17.264, Zeitstempel: 0x56f28f71 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften Prozesses: 0x17a4 Startzeit der fehlerhaften Anwendung: 0xavcenter.exe0 Pfad der fehlerhaften Anwendung: avcenter.exe1 Pfad des fehlerhaften Moduls: avcenter.exe2 Berichtskennung: avcenter.exe3 Vollständiger Name des fehlerhaften Pakets: avcenter.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: avcenter.exe5 Error: (05/10/2016 05:25:09 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: avscan.exe, Version: 15.0.16.276, Zeitstempel: 0x56c489d7 Name des fehlerhaften Moduls: AVSCPLR.DLL, Version: 15.0.16.280, Zeitstempel: 0x56c6e004 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000649b ID des fehlerhaften Prozesses: 0x790 Startzeit der fehlerhaften Anwendung: 0xavscan.exe0 Pfad der fehlerhaften Anwendung: avscan.exe1 Pfad des fehlerhaften Moduls: avscan.exe2 Berichtskennung: avscan.exe3 Vollständiger Name des fehlerhaften Pakets: avscan.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: avscan.exe5 Error: (05/10/2016 04:15:03 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm soffice.bin, Version 4.0.0.103 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 134 Startzeit: 01d1aac5e6629c16 Endzeit: 4294967295 Anwendungspfad: C:\Program Files (x86)\LibreOffice 4.0\program\soffice.bin Berichts-ID: 905d7871-16b9-11e6-bf73-b4b52fc7b10a Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (05/10/2016 03:54:16 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm wwahost.exe, Version 6.3.9600.17415 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1c18 Startzeit: 01d1aac2ba88ef09 Endzeit: 4294967295 Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe Berichts-ID: adf18511-16b6-11e6-bf73-b4b52fc7b10a Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App Error: (05/10/2016 03:32:05 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: HPConnectedRemoteService.exe, Version: 1.0.1206.0, Zeitstempel: 0x503e3c5d Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18264, Zeitstempel: 0x56e1bd71 Ausnahmecode: 0xe0434352 Fehleroffset: 0x0000000000008a5c ID des fehlerhaften Prozesses: 0x218c Startzeit der fehlerhaften Anwendung: 0xHPConnectedRemoteService.exe0 Pfad der fehlerhaften Anwendung: HPConnectedRemoteService.exe1 Pfad des fehlerhaften Moduls: HPConnectedRemoteService.exe2 Berichtskennung: HPConnectedRemoteService.exe3 Vollständiger Name des fehlerhaften Pakets: HPConnectedRemoteService.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: HPConnectedRemoteService.exe5 Error: (05/10/2016 03:32:03 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Anwendung: HPConnectedRemoteService.exe Frameworkversion: v4.0.30319 Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet. Ausnahmeinformationen: System.Management.ManagementException bei System.Management.ManagementException.ThrowWithExtendedInfo(System.Management.ManagementStatus) bei System.Management.SinkForEventQuery.Cancel() bei System.Management.ManagementEventWatcher.Stop() bei HP.Seeker.ProcessMonitor.StopProcessWatchers() bei HP.Seeker.ProcessKeeperService.StopProcesMonitors() bei HP.Seeker.HPSeekerSwitchboard.StartUserService() bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) bei System.Threading.ThreadHelper.ThreadStart() Error: (05/07/2016 12:48:42 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT) Description: There was an error with the Windows Location Provider database Error: (05/05/2016 07:39:07 PM) (Source: MsiInstaller) (EventID: 1002) (User: André-PC) Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList". Systemfehler: ============= Error: (05/11/2016 05:19:30 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT) Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001. Error: (05/11/2016 05:19:22 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT) Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001. Error: (05/11/2016 05:15:49 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT) Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001. Error: (05/11/2016 05:15:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts. Error: (05/11/2016 05:15:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (05/11/2016 05:15:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Audio Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (05/11/2016 05:15:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Druckwarteschlange" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts. Error: (05/11/2016 05:15:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Apple Mobile Device Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error: (05/11/2016 05:15:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Digital Wave Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (05/11/2016 05:15:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "NVIDIA GeForce Experience Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. CodeIntegrity: =================================== Date: 2013-08-19 13:11:11.339 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz Prozentuale Nutzung des RAM: 36% Installierter physikalischer RAM: 8147.35 MB Verfügbarer physikalischer RAM: 5156.43 MB Summe virtueller Speicher: 12499.35 MB Verfügbarer virtueller Speicher: 9244.32 MB ==================== Laufwerke ================================ Drive c: (OS) (Fixed) (Total:918.61 GB) (Free:90.93 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive d: (Recovery Image) (Fixed) (Total:10.98 GB) (Free:1.33 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive e: (NVCDV243) (CDROM) (Total:1.18 GB) (Free:0 GB) CDFS Drive g: () (Removable) (Total:1.86 GB) (Free:0.32 GB) FAT32 ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 9FE15288) Partition: GPT. ======================================================== Disk: 1 (Size: 1.9 GB) (Disk ID: 000A4BAE) Partition 1: (Active) - (Size=1.9 GB) - (Type=0C) ==================== Ende von Addition.txt ============================ |
11.05.2016, 16:55 | #12 |
/// TB-Ausbilder | Windows 8: Für mich unbekannter Trojaner von Avira gefunden Servus, ja, füge die Logdatei von TDSS-Killer als Anhang mit. Die Logdatei von FRST ist zeilenweise total verschoben, hast du da was verändert? So ist die Logdatei ganz schlecht lesbar. |
11.05.2016, 17:01 | #13 |
| Windows 8: Für mich unbekannter Trojaner von Avira gefunden Huch? Ja gut dann mache ich noch einen Durchlauf mit FRST! FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:09-05-2016 durchgeführt von André (Administrator) auf ANDRÉ-PC (11-05-2016 17:57:20) Gestartet von C:\Users\André\Desktop Geladene Profile: André (Verfügbare Profile: André) Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Bitsum LLC) C:\Program Files\ParkControl\ParkControl.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe () C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Konami Digital Entertainment) C:\Program Files (x86)\Steam\SteamApps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2013-11-20] (Hewlett-Packard ) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-11-20] (IDT, Inc.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2396096 2016-03-30] (NVIDIA Corporation) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.) HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink) HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [814608 2016-05-10] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-03-18] (Apple Inc.) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-03-30] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [FireStormStartUpAutoRun] => C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe [24278016 2015-03-11] (PC Partner Co.Ltd) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Spotify Web Helper] => C:\Users\André\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-04-26] (Spotify Ltd) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Spotify] => C:\Users\André\AppData\Roaming\Spotify\Spotify.exe [6890608 2016-04-26] (Spotify Ltd) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [51662464 2016-04-08] (Skype Technologies S.A.) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8813784 2016-03-11] (Piriform Ltd) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [lvecl-3] => C:\ProgramData\lvecl-74\lvecl-04.exe [916320 2016-05-11] () HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\RunOnce: [lvecl-9] => C:\Users\André\AppData\Roaming\lvecl-7\lvecl-7.exe [775680 2016-05-11] () HKU\S-1-5-21-447048058-3512354665-2473454594-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [132608 2014-11-21] (Microsoft Corporation) Startup: C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pfmea-2.lnk [2016-05-11] ShortcutTarget: pfmea-2.lnk -> C:\Users\André\AppData\Roaming\pfmea-5\pfmea-09.exe (Keine Datei) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{9A94A0F4-2D9B-45C3-9E0A-94ED23BCC2BF}: [DhcpNameServer] 192.168.0.1 192.168.0.2 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKLM -> {E9CF137E-FB25-49C6-A0D0-A0DE744D2C27} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKU\S-1-5-21-447048058-3512354665-2473454594-1001 -> DefaultScope {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout SearchScopes: HKU\S-1-5-21-447048058-3512354665-2473454594-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25] (HP) BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-11-07] (DVDVideoSoft Ltd.) BHO-x32: Kein Name -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> Keine Datei BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-19] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-19] (Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP) DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095} DPF: HKLM-x32 {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.203.0.cab DPF: HKLM-x32 {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} hxxps://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.96.0.cab Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies) FireFox: ======== FF ProfilePath: C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-16] () FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [Keine Datei] FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-16] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-16] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] () FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [Keine Datei] FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-07-18] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-07-18] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-19] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-19] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-03-08] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-03-08] (NVIDIA Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-447048058-3512354665-2473454594-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\André\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-05-03] (Adobe Systems Inc.) FF Extension: WEB.DE MailCheck - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\extensions\mailcheck@web.de [2016-03-18] FF Extension: FoxyProxy Standard - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\Extensions\foxyproxy@eric.h.jung [2016-02-18] FF Extension: ProxTube - Unblock YouTube - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\Extensions\ich@maltegoetz.de.xpi [2016-01-25] FF Extension: Game Debate PC System Requirement Tool - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\Extensions\jid1-E6k1NoroBGfTwA@jetpack.xpi [2016-04-28] FF Extension: Adblock Plus - C:\Users\André\AppData\Roaming\Mozilla\Firefox\Profiles\x7nutf5z.default-1438960782100\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28] Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\André\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx <nicht gefunden> ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [970656 2016-05-10] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [467016 2016-05-10] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [467016 2016-05-10] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1435704 2016-05-10] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [272304 2016-03-30] (Avira Operations GmbH & Co. KG) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1860616 2016-04-04] () R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-03-23] (Digital Wave Ltd.) S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [243984 2016-03-22] (EasyAntiCheat Ltd) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-03-30] (NVIDIA Corporation) R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-18] (Hewlett-Packard Company) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert] R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-03-30] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-03-30] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-03-30] (NVIDIA Corporation) S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-26] (Electronic Arts) R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2015-03-26] () R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-11-20] (IDT, Inc.) [Datei ist nicht signiert] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2014-03-01] (Advanced Micro Devices, Inc.) S3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [13209088 2014-07-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert] S3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [626688 2014-07-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert] S3 athrusb; C:\Windows\system32\DRIVERS\athrxusb.sys [1075712 2008-07-29] (Atheros Communications, Inc.) S3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Advanced Micro Devices) [Datei ist nicht signiert] R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-03-15] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146712 2016-05-10] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-15] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-05-10] (Avira Operations GmbH & Co. KG) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-03-30] (NVIDIA Corporation) R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [47672 2016-03-08] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-03-21] (NVIDIA Corporation) S3 USBTINSP; C:\Windows\System32\drivers\tinspusb.sys [142848 2010-03-29] (Texas Instruments) U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [71680 2014-04-30] (Microsoft Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) S3 ZDCNDIS6a64; C:\windows\system32\ZDCNDIS6a64.sys [41280 2009-06-26] (Printing Communications Assoc., Inc. (PCAUSA)) S3 ZDCNDIS6a64; C:\windows\SysWOW64\ZDCNDIS6a64.sys [41280 2009-06-26] (Printing Communications Assoc., Inc. (PCAUSA)) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-05-11 17:17 - 2016-05-11 17:38 - 00000000 ____D C:\ProgramData\uum 2016-05-11 15:05 - 2016-05-11 15:05 - 00000000 ____D C:\Users\André\AppData\Roaming\lvecl-7 2016-05-11 15:03 - 2016-05-11 15:03 - 00000000 ____D C:\ProgramData\lvecl-74 2016-05-11 11:25 - 2016-05-11 11:25 - 00000000 ____D C:\ProgramData\kelvin-2 2016-05-11 11:01 - 2016-05-11 11:01 - 130070296 _____ (Microsoft Corporation) C:\Users\André\Downloads\msert(1).exe 2016-05-11 10:54 - 2016-05-11 11:11 - 00120270 _____ C:\Users\André\Desktop\TDSSKILELR.txt 2016-05-11 10:52 - 2016-05-11 10:52 - 00000000 _____ C:\Users\André\Desktop\adsada.txt 2016-05-11 10:49 - 2016-05-11 11:10 - 00240630 _____ C:\TDSSKiller.3.1.0.9_11.05.2016_10.49.39_log.txt 2016-05-10 20:28 - 2016-05-11 17:15 - 00002420 _____ C:\Users\André\Desktop\Fixlog.txt 2016-05-10 18:22 - 2016-05-10 18:32 - 00468044 _____ C:\TDSSKiller.3.1.0.9_10.05.2016_18.22.23_log.txt 2016-05-10 17:59 - 2016-05-10 17:59 - 00000560 _____ C:\TDSSKiller.3.1.0.9_10.05.2016_17.59.03_log.txt 2016-05-10 17:58 - 2016-05-10 17:58 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\André\Desktop\tdsskiller.exe 2016-05-10 17:56 - 2016-05-10 17:56 - 02381312 _____ (Farbar) C:\Users\André\Downloads\FRST64(1).exe 2016-05-10 17:42 - 2016-05-10 17:42 - 00000000 ____D C:\ProgramData\AVAST Software 2016-05-10 17:34 - 2016-05-10 17:34 - 05066104 _____ (AVAST Software) C:\Users\Public\Desktop\avast_free_antivirus_setup_online.exe 2016-05-10 17:34 - 2016-05-10 17:34 - 05066104 _____ (AVAST Software) C:\Users\André\Downloads\avast_free_antivirus_setup_online.exe 2016-05-10 16:50 - 2016-05-11 17:25 - 00081019 _____ C:\Users\André\Desktop\Addition.txt 2016-05-10 16:49 - 2016-05-11 17:57 - 00022143 _____ C:\Users\André\Desktop\FRST.txt 2016-05-10 16:38 - 2016-05-11 15:00 - 00080908 _____ C:\Users\André\Downloads\Addition.txt 2016-05-10 16:33 - 2016-05-11 15:00 - 00054665 _____ C:\Users\André\Downloads\FRST.txt 2016-05-10 16:32 - 2016-05-11 17:57 - 00000000 ____D C:\FRST 2016-05-10 16:31 - 2016-05-10 16:31 - 02381312 _____ (Farbar) C:\Users\André\Desktop\FRST64.exe 2016-05-10 16:14 - 2016-05-10 16:14 - 00000094 ____H C:\Users\André\Downloads\.~lock.Hurricanes.pptx# 2016-05-10 16:12 - 2016-05-10 16:12 - 00000094 ____H C:\Users\André\Downloads\.~lock.Chemie.pptx# 2016-05-10 15:07 - 2016-05-10 15:07 - 03640384 _____ C:\Users\André\Downloads\adwcleaner_5.116.exe 2016-05-10 14:38 - 2016-05-10 14:39 - 129662736 _____ (Microsoft Corporation) C:\Users\André\Downloads\msert.exe 2016-05-10 14:28 - 2016-05-10 14:28 - 00001116 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-05-10 14:20 - 2016-05-10 14:20 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-05-10 14:20 - 2016-05-10 14:20 - 00002069 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk 2016-05-10 14:17 - 2016-05-10 14:17 - 90330808 _____ (Adobe Systems Incorporated) C:\Users\André\Downloads\AcroRdrDC1501620039_de_DE.exe 2016-05-09 21:41 - 2016-05-09 21:41 - 04489175 _____ C:\Users\André\Downloads\Hurricanes .pptx 2016-05-09 15:51 - 2016-05-09 15:51 - 00212133 _____ C:\Users\André\Desktop\WhatsApp-Image-20160509 2016-05-09 15:50 - 2016-05-09 15:51 - 00212133 _____ C:\Users\André\Downloads\WhatsApp-Image-20160509 2016-05-08 14:07 - 2016-05-08 14:07 - 00000222 _____ C:\Users\André\Desktop\Cosmic DJ.url 2016-05-08 14:07 - 2016-05-08 14:07 - 00000000 ____D C:\Users\André\AppData\LocalLow\GL33k 2016-05-08 12:08 - 2016-05-11 17:17 - 00003050 _____ C:\WINDOWS\System32\Tasks\ParkControl 2016-05-07 23:22 - 2016-05-07 23:22 - 00466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll 2016-05-07 23:22 - 2016-05-07 23:22 - 00444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll 2016-05-07 23:22 - 2016-05-07 23:22 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll 2016-05-07 23:22 - 2016-05-07 23:22 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll 2016-05-07 23:22 - 2016-05-07 23:22 - 00000000 ____D C:\Program Files (x86)\OpenAL 2016-05-06 18:17 - 2016-05-06 18:17 - 00000222 _____ C:\Users\André\Desktop\Hotline Miami 2 Wrong Number.url 2016-05-06 18:17 - 2016-05-06 18:17 - 00000137 _____ C:\Users\André\Desktop\Hotline Miami.url 2016-05-05 02:23 - 2016-05-05 02:23 - 00000000 ____D C:\Users\André\Documents\Overwatch 2016-05-05 01:08 - 2016-05-05 01:08 - 00001114 _____ C:\Users\Public\Desktop\Overwatch.lnk 2016-05-05 01:08 - 2016-05-05 01:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch 2016-05-05 01:00 - 2016-05-10 14:14 - 00000000 ____D C:\Program Files (x86)\Overwatch 2016-05-02 20:13 - 2016-05-02 20:15 - 85367756 _____ C:\Users\André\Downloads\Why Do We Fall - Motivational Video.mp4 2016-05-02 19:19 - 2016-04-30 21:42 - 04483870 _____ C:\Users\André\Desktop\Hurricanes.pptx 2016-05-02 19:14 - 2016-05-02 19:15 - 00477426 _____ C:\Users\André\Downloads\Chemie.pptx 2016-05-02 18:46 - 2016-05-02 18:46 - 00169110 _____ C:\Users\André\Downloads\WhatsApp-Image-20160502 2016-05-02 18:10 - 2016-05-02 18:10 - 00194857 _____ C:\Users\André\Downloads\WhatsApp-Image-20160430 2016-04-30 14:56 - 2016-04-30 14:56 - 00001644 _____ C:\Users\André\Desktop\Neues Textdokument.txt 2016-04-30 12:56 - 2016-04-30 12:56 - 04448793 _____ C:\Users\André\Downloads\Hurricanes.pptx 2016-04-26 20:11 - 2016-04-26 20:11 - 00121060 _____ C:\Users\André\Downloads\Cgco6leh.jpeg 2016-04-25 16:48 - 2016-04-25 16:48 - 00146693 _____ C:\Users\André\Downloads\GlSILUQj.jpeg 2016-04-24 20:55 - 2016-04-24 20:57 - 00000000 ____D C:\Users\André\AppData\Roaming\MediaPurge 2016-04-24 20:55 - 2016-04-24 20:55 - 00001945 _____ C:\Users\André\Desktop\Mediapurge.lnk 2016-04-24 20:55 - 2016-04-24 20:55 - 00000000 ____D C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mediapurge 2016-04-24 20:55 - 2016-04-24 20:55 - 00000000 ____D C:\Program Files (x86)\Mediapurge 2016-04-24 20:44 - 2016-04-24 20:44 - 00001259 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk 2016-04-21 10:01 - 2016-04-23 14:37 - 00000000 ____D C:\driver_memscan 2016-04-16 14:22 - 2016-04-16 14:22 - 00000222 _____ C:\Users\André\Desktop\Call of Duty Black Ops II - Zombies.url 2016-04-16 14:18 - 2016-04-16 14:18 - 00000222 _____ C:\Users\André\Desktop\Call of Duty Black Ops II - Multiplayer.url 2016-04-16 13:56 - 2016-04-16 13:56 - 00000222 _____ C:\Users\André\Desktop\Call of Duty Black Ops II.url 2016-04-14 16:11 - 2016-04-14 16:11 - 00000836 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-04-14 16:11 - 2016-04-14 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2016-04-14 16:07 - 2016-04-14 16:07 - 05683392 _____ (Piriform Ltd) C:\Users\André\Downloads\ccsetup516_slim.exe 2016-04-13 18:45 - 2016-04-13 18:49 - 00000518 _____ C:\Users\André\Documents\Neues Textdokument.txt 2016-04-13 13:58 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-04-13 13:58 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-04-13 13:58 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-04-13 13:58 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-04-13 13:58 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-04-13 13:58 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-04-13 13:58 - 2016-03-31 01:43 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-04-13 13:58 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-04-13 13:58 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-04-13 13:58 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-04-13 13:58 - 2016-03-31 01:23 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-04-13 13:58 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-04-13 13:58 - 2016-02-02 20:16 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys 2016-04-13 13:57 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-04-13 13:57 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2016-04-13 13:57 - 2016-03-31 01:56 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2016-04-13 13:57 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2016-04-13 13:57 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2016-04-13 13:57 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-04-13 13:57 - 2016-03-31 01:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2016-04-13 13:57 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2016-04-13 13:57 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2016-04-13 13:57 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-04-13 13:57 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-04-13 13:57 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2016-04-13 13:57 - 2016-03-31 01:30 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2016-04-13 13:57 - 2016-03-31 01:27 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2016-04-13 13:57 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2016-04-13 13:57 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-04-13 13:57 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-04-13 13:57 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-04-13 13:57 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-04-13 13:57 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-04-13 13:57 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-04-13 13:57 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-04-13 13:56 - 2016-04-04 08:35 - 00046768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2016-04-13 13:56 - 2016-04-02 15:26 - 01386496 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-04-13 13:56 - 2016-04-02 15:26 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-04-13 13:56 - 2016-03-28 15:21 - 00698368 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-04-13 13:56 - 2016-03-28 15:21 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-04-13 13:56 - 2016-03-28 15:21 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-04-13 13:56 - 2016-03-28 15:21 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2016-04-13 13:56 - 2016-03-28 15:21 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2016-04-13 13:56 - 2016-03-16 01:00 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-04-13 13:56 - 2016-03-15 16:14 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-04-13 13:56 - 2016-03-11 16:48 - 00833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2016-04-13 13:56 - 2016-03-10 20:22 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2016-04-13 13:56 - 2016-03-10 20:21 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2016-04-13 13:56 - 2016-03-10 20:20 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2016-04-13 13:56 - 2016-03-10 19:44 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2016-04-13 13:56 - 2016-03-10 19:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2016-04-13 13:56 - 2016-03-10 19:03 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll 2016-04-13 13:56 - 2016-03-10 18:48 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll 2016-04-13 13:56 - 2016-03-03 18:47 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2016-04-13 13:56 - 2016-03-03 18:33 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2016-04-13 13:56 - 2016-03-03 03:39 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-04-13 13:56 - 2016-03-03 03:39 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-04-13 13:56 - 2016-02-09 03:31 - 22365472 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-04-13 13:56 - 2016-02-09 03:31 - 19794896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-04-13 13:56 - 2016-02-09 03:31 - 02757616 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-04-13 13:56 - 2016-02-09 03:31 - 02412576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-04-13 13:56 - 2016-02-09 03:31 - 00273264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2016-04-13 13:56 - 2016-02-08 22:55 - 02712576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2016-04-13 13:56 - 2016-02-08 22:15 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll 2016-04-13 13:56 - 2016-02-08 22:02 - 01197056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll 2016-04-13 13:56 - 2016-02-08 21:48 - 12879360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-04-13 13:56 - 2016-02-08 21:43 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2016-04-13 13:56 - 2016-02-08 21:40 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll 2016-04-13 13:56 - 2016-02-08 21:39 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll 2016-04-13 13:56 - 2016-02-08 21:37 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll 2016-04-13 13:56 - 2016-02-08 21:35 - 00954880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll 2016-04-13 13:56 - 2016-02-08 21:34 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2016-04-13 13:56 - 2016-02-08 21:33 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll 2016-04-13 13:56 - 2016-02-08 20:50 - 03120640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2016-04-13 13:56 - 2016-02-08 19:55 - 02592256 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll 2016-04-13 13:56 - 2016-02-08 19:33 - 01278464 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll 2016-04-13 13:56 - 2016-02-08 19:12 - 14466560 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-04-13 13:56 - 2016-02-08 19:02 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2016-04-13 13:56 - 2016-02-08 19:00 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll 2016-04-13 13:56 - 2016-02-08 18:58 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll 2016-04-13 13:56 - 2016-02-08 18:55 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll 2016-04-13 13:56 - 2016-02-08 18:53 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll 2016-04-13 13:56 - 2016-02-08 18:53 - 01348096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-04-13 13:56 - 2016-02-08 18:50 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2016-04-13 13:56 - 2016-02-08 18:50 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2016-04-13 13:56 - 2016-02-08 18:48 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2016-04-13 13:56 - 2016-02-08 18:47 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2016-04-13 13:56 - 2016-02-08 18:44 - 00955392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2016-04-13 13:56 - 2016-02-05 16:46 - 01455104 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe 2016-04-13 13:56 - 2016-02-03 17:14 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys 2016-04-13 13:56 - 2016-02-03 17:11 - 01673728 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll 2016-04-13 13:56 - 2016-02-02 19:51 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll 2016-04-13 13:56 - 2016-02-02 19:19 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll 2016-04-13 13:56 - 2016-02-02 19:15 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll 2016-04-13 13:56 - 2016-02-02 19:01 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll 2016-04-13 13:56 - 2016-02-02 18:51 - 02609152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll 2016-04-13 13:56 - 2016-02-02 18:48 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll 2016-04-13 13:56 - 2016-02-02 18:46 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll 2016-04-13 13:56 - 2016-02-02 18:41 - 02170880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll 2016-04-13 13:56 - 2016-02-02 18:39 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll 2016-04-13 13:56 - 2016-01-27 17:18 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2016-04-13 13:56 - 2016-01-26 21:15 - 00072024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys 2016-04-13 13:56 - 2016-01-21 21:35 - 00952928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2016-04-13 13:56 - 2016-01-21 20:42 - 00786152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2016-04-13 13:56 - 2016-01-21 00:40 - 00099672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys 2016-04-13 13:56 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2016-04-13 13:56 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2016-04-13 13:55 - 2016-03-29 16:05 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2016-04-13 13:55 - 2016-03-10 21:19 - 07452512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-04-13 13:55 - 2016-03-10 21:17 - 01663192 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-04-13 13:55 - 2016-03-10 21:17 - 01523216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-04-13 13:55 - 2016-03-10 21:17 - 01490128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2016-04-13 13:55 - 2016-03-10 21:17 - 01358960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2016-04-13 13:55 - 2016-03-10 21:17 - 01133752 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-04-13 13:55 - 2016-03-10 19:48 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-04-13 13:55 - 2016-03-10 19:43 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll 2016-04-13 13:55 - 2016-03-10 18:55 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll 2016-04-13 13:55 - 2016-03-10 18:42 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll 2016-04-13 13:55 - 2016-03-03 18:13 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll 2016-04-13 13:55 - 2016-02-07 01:05 - 00551256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2016-04-13 13:55 - 2016-02-07 00:41 - 00316760 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys 2016-04-13 13:55 - 2016-02-05 21:07 - 00378712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2016-04-13 13:55 - 2016-02-05 17:11 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2016-04-13 13:55 - 2016-02-05 17:11 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL 2016-04-13 13:55 - 2016-02-05 17:07 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL 2016-04-13 13:55 - 2016-02-05 17:02 - 01083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2016-04-13 13:55 - 2016-02-04 20:07 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpsapi.dll 2016-04-13 13:55 - 2016-02-04 19:35 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpsapi.dll 2016-04-13 13:55 - 2016-02-04 18:23 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll 2016-04-13 13:55 - 2016-02-04 18:22 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll 2016-04-13 13:55 - 2016-02-02 19:18 - 01574912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe 2016-04-13 13:55 - 2016-01-31 19:17 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe 2016-04-13 13:55 - 2016-01-22 07:22 - 02487296 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll 2016-04-13 13:55 - 2016-01-22 07:11 - 01482240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-05-11 17:22 - 2013-01-02 14:08 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-447048058-3512354665-2473454594-1001 2016-05-11 17:19 - 2015-02-22 21:08 - 00753152 ___SH C:\Users\André\Downloads\Thumbs.db 2016-05-11 17:17 - 2015-02-01 12:26 - 00601600 ___SH C:\Users\André\Desktop\Thumbs.db 2016-05-11 17:17 - 2013-02-02 18:30 - 00000000 ____D C:\Program Files (x86)\Steam 2016-05-11 17:16 - 2016-03-18 22:35 - 00000000 ____D C:\ProgramData\NVIDIA 2016-05-11 17:16 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-05-11 17:15 - 2015-01-31 22:04 - 00000000 ____D C:\Users\André 2016-05-11 17:12 - 2013-01-03 15:41 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-05-11 16:00 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-05-11 14:55 - 2015-03-13 21:29 - 00000000 ____D C:\Users\André\Downloads\Archives 2016-05-11 14:51 - 2015-02-06 20:43 - 00003930 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E60977FA-3A81-4898-8919-E45EAAFEA251} 2016-05-10 21:20 - 2015-07-29 16:33 - 00000000 ____D C:\Users\André\AppData\Local\Battle.net 2016-05-10 20:59 - 2015-07-29 16:33 - 00000000 ____D C:\Program Files (x86)\Battle.net 2016-05-10 20:28 - 2013-01-11 20:51 - 00000000 ____D C:\Users\André\AppData\LocalLow\Temp 2016-05-10 18:15 - 2016-03-19 15:32 - 00000000 ____D C:\Users\André\AppData\Local\CrashDumps 2016-05-10 18:15 - 2013-05-04 10:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2016-05-10 18:13 - 2013-05-07 16:01 - 00078208 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys 2016-05-10 18:13 - 2013-05-04 10:38 - 00146712 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys 2016-05-10 17:36 - 2014-09-24 19:06 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-05-10 17:23 - 2013-08-22 15:25 - 01048576 ___SH C:\WINDOWS\system32\config\BBI 2016-05-10 17:17 - 2013-01-03 16:09 - 00000000 ____D C:\Users\André\AppData\Roaming\Skype 2016-05-10 15:50 - 2013-02-18 14:36 - 00007667 _____ C:\Users\André\AppData\Local\resmon.resmoncfg 2016-05-10 15:43 - 2013-11-11 21:04 - 00000000 ____D C:\AdwCleaner 2016-05-10 15:33 - 2014-09-24 19:06 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-05-10 15:33 - 2014-01-06 18:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-05-10 14:28 - 2014-09-24 19:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-05-10 14:21 - 2014-12-29 11:31 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2016-05-10 14:20 - 2013-01-05 14:01 - 00000000 ____D C:\Program Files (x86)\Adobe 2016-05-10 14:20 - 2013-01-03 15:39 - 00000000 ____D C:\ProgramData\Adobe 2016-05-09 21:53 - 2014-11-21 05:35 - 01980998 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-05-09 21:53 - 2014-11-21 04:45 - 00841326 _____ C:\WINDOWS\system32\perfh007.dat 2016-05-09 21:53 - 2014-11-21 04:45 - 00191558 _____ C:\WINDOWS\system32\perfc007.dat 2016-05-09 21:53 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf 2016-05-09 21:44 - 2013-06-19 16:13 - 00000000 ____D C:\Users\André\AppData\Roaming\TS3Client 2016-05-09 20:47 - 2014-01-13 17:25 - 00000000 ____D C:\Users\André\AppData\Local\DayZ 2016-05-08 20:22 - 2015-10-01 18:48 - 00000000 ____D C:\Users\André\AppData\Roaming\Spotify 2016-05-08 20:17 - 2015-10-09 13:23 - 00000000 ____D C:\Users\André\AppData\Local\Spotify 2016-05-08 19:54 - 2015-04-02 12:38 - 00000000 ____D C:\Users\André\Downloads\Wallpaper 2016-05-08 12:15 - 2015-01-30 20:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-05-07 23:23 - 2013-07-06 14:35 - 00000000 ____D C:\Users\André\Documents\My Games 2016-05-06 14:23 - 2015-08-30 19:09 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX 2016-05-06 14:23 - 2015-08-30 19:09 - 00000000 ___SD C:\WINDOWS\system32\GWX 2016-05-06 14:23 - 2015-02-03 19:00 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-05-05 00:43 - 2016-03-26 00:19 - 00000000 ____D C:\Program Files (x86)\Hearthstone 2016-05-04 21:02 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps 2016-05-04 21:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-05-02 20:31 - 2013-01-12 14:43 - 00000000 ____D C:\Users\André\AppData\Local\ElevatedDiagnostics 2016-04-29 21:41 - 2016-02-18 20:30 - 00000000 ____D C:\Users\André\Documents\CCleaner Reg Backups! 2016-04-29 07:31 - 2015-03-24 14:29 - 00000000 ____D C:\Users\André\Downloads\LUPO 2016-04-29 06:35 - 2013-01-11 20:49 - 00000000 ____D C:\Users\André\AppData\Roaming\DVDVideoSoft 2016-04-27 20:40 - 2014-08-16 14:13 - 00000000 ____D C:\ProgramData\Package Cache 2016-04-27 20:20 - 2013-09-06 14:40 - 00000000 ____D C:\Users\André\AppData\Roaming\OBS 2016-04-26 15:17 - 2016-02-17 15:39 - 00000000 ____D C:\Users\André\AppData\Local\TeamSpeak 3 Client 2016-04-26 13:01 - 2016-01-01 15:33 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-04-26 13:01 - 2013-01-03 16:09 - 00000000 ____D C:\ProgramData\Skype 2016-04-24 20:44 - 2016-03-25 15:57 - 00001416 _____ C:\Users\Public\Desktop\Free YouTube To MP3 Converter.lnk 2016-04-24 20:44 - 2013-08-18 13:28 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft 2016-04-24 20:44 - 2013-01-11 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2016-04-20 12:35 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache 2016-04-16 21:16 - 2013-01-03 15:41 - 00003766 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2016-04-14 16:20 - 2013-01-02 14:01 - 00000000 ____D C:\Users\André\AppData\Local\Packages 2016-04-14 16:18 - 2012-11-22 11:37 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-04-14 16:17 - 2013-01-18 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ 2016-04-14 16:17 - 2013-01-18 20:38 - 00000000 ____D C:\Program Files (x86)\THQ 2016-04-14 16:15 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files\Windows Sidebar 2016-04-14 16:15 - 2013-08-22 17:36 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar 2016-04-14 16:12 - 2015-03-27 22:10 - 00000000 ____D C:\WINDOWS\Minidump 2016-04-14 14:43 - 2013-08-22 16:44 - 00405368 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-04-13 20:59 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData 2016-04-13 19:20 - 2013-08-15 12:24 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-04-13 19:17 - 2013-01-03 18:22 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-04-13 13:50 - 2016-01-13 13:43 - 00177488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-04-13 13:47 - 2016-03-09 15:30 - 01501488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-04-13 13:47 - 2016-03-09 15:30 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2016-04-13 13:46 - 2016-03-09 15:30 - 01737080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-09-14 19:20 - 2014-09-14 19:20 - 0000297 _____ () C:\Users\André\AppData\Roaming\BreakingPoint_Login.ini 2014-09-14 19:23 - 2014-09-14 19:23 - 0001370 _____ () C:\Users\André\AppData\Roaming\BreakingPoint_Options.ini 2014-02-15 10:22 - 2014-02-15 10:22 - 0000011 _____ () C:\Users\André\AppData\Roaming\Network Meter_Usage.ini 2013-08-21 13:54 - 2013-12-21 14:58 - 0000134 _____ () C:\Users\André\AppData\Roaming\Network Monitor II_Traffic.ini 2013-08-21 13:04 - 2013-08-21 13:04 - 0000725 _____ () C:\Users\André\AppData\Roaming\Ping Monitor_Settings.ini 2014-12-21 15:16 - 2014-12-21 15:16 - 0000000 _____ () C:\Users\André\AppData\Roaming\Stardockfences_debug_snapshot.dat 2014-06-19 18:50 - 2014-06-19 18:50 - 0000024 _____ () C:\Users\André\AppData\Roaming\temp.ini 2013-02-16 16:01 - 2013-02-19 18:05 - 0004608 _____ () C:\Users\André\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-03-13 21:16 - 2016-03-13 21:16 - 0007890 _____ () C:\Users\André\AppData\Local\recently-used.xbel 2013-02-18 14:36 - 2016-05-10 15:50 - 0007667 _____ () C:\Users\André\AppData\Local\resmon.resmoncfg 2013-11-25 18:04 - 2013-11-25 18:04 - 0000057 _____ () C:\ProgramData\Ament.ini 2013-01-02 14:02 - 2013-01-02 14:02 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc Einige Dateien in TEMP: ==================== C:\Users\André\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-05-10 21:06 ==================== Ende von FRST.txt ============================ |
11.05.2016, 17:07 | #14 |
/// TB-Ausbilder | Windows 8: Für mich unbekannter Trojaner von Avira gefunden Servus, du hast dich heute wieder neu mit der Schadsoftware infiziert... keine Ahnung was du machst, aber so werden wir nicht fertig. Am besten alles einstellen und nur bereinigen, sonst ist das uferlos. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start CloseProcesses: HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Run: [lvecl-3] => C:\ProgramData\lvecl-74\lvecl-04.exe [916320 2016-05-11] () HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\RunOnce: [lvecl-9] => C:\Users\André\AppData\Roaming\lvecl-7\lvecl-7.exe [775680 2016-05-11] () C:\ProgramData\lvecl-74 C:\Users\André\AppData\Roaming\lvecl-7 Startup: C:\Users\André\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pfmea-2.lnk [2016-05-11] ShortcutTarget: pfmea-2.lnk -> C:\Users\André\AppData\Roaming\pfmea-5\pfmea-09.exe (Keine Datei) C:\Users\André\AppData\Roaming\pfmea-5 C:\ProgramData\kelvin-2 C:\ProgramData\uum Reboot: end Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2
Bitte poste mit deiner nächsten Antwort
|
11.05.2016, 17:08 | #15 |
| Windows 8: Für mich unbekannter Trojaner von Avira gefunden Die TDSSKiller Datei ist selbst als Anhang zu groß und habe sie deshalb gezippt! Addition Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:09-05-2016 durchgeführt von André (2016-05-11 17:57:40) Gestartet von C:\Users\André\Desktop Windows 8.1 (X64) (2015-01-31 20:32:58) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-447048058-3512354665-2473454594-500 - Administrator - Enabled) André (S-1-5-21-447048058-3512354665-2473454594-1001 - Administrator - Enabled) => C:\Users\André Gast (S-1-5-21-447048058-3512354665-2473454594-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-447048058-3512354665-2473454594-1003 - Limited - Enabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20039 - Adobe Systems Incorporated) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated) Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version: - Ensemble Studios) Apple Application Support (32-Bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) Arma 3 (HKLM\...\Steam App 107410) (Version: - Bohemia Interactive) Assassin's Creed IV Black Flag (HKLM-x32\...\Steam App 242050) (Version: - Ubisoft Montreal) Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG) Avira Launcher (HKLM-x32\...\{3b87484e-d70b-4b4f-ad59-2ae89571e2cf}) (Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG) Avira Launcher (HKLM-x32\...\{74d1ef14-dd39-4749-b051-e183a1e27f5e}) (Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG) Avira Launcher (HKLM-x32\...\{ccdc9cfe-8ba7-4c6c-ac5f-b2d6cfa49efc}) (Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG) Avira Launcher (x32 Version: 1.1.58.35540 - Avira Operations GmbH & Co. KG) Hidden Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield 2(TM) (HKLM-x32\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version: - ) Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Call of Duty: Black Ops II - Multiplayer (HKLM\...\Steam App 202990) (Version: - Treyarch) Call of Duty: Black Ops II - Zombies (HKLM\...\Steam App 212910) (Version: - ) Call of Duty: Black Ops II (HKLM\...\Steam App 202970) (Version: - Treyarch) Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform) Cosmic DJ (HKLM\...\Steam App 297110) (Version: - Gl33k) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.) CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.) CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.) CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4319 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DayZ (HKLM\...\Steam App 221100) (Version: - Bohemia Interactive) Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - Klei Entertainment) Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version: - Klei Entertainment) DVDVideoSoftTB DE Toolbar (HKLM-x32\...\DVDVideoSoftTB_DE Toolbar) (Version: 6.9.0.16 - DVDVideoSoftTB DE) Empire Earth II (HKLM-x32\...\{DF315348-721C-40B8-BAE2-58C6C7D935A2}) (Version: 1.02 - Sierra) Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version: - Bethesda Game Studios) Fistful of Frags (HKLM-x32\...\Steam App 265630) (Version: - Fistful of Frags Team) Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Garry) GD Hardware Scan (HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\GD Hardware Scan) (Version: 00.00.00.01 - Social Web Tech LTD) Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version: - Rockstar North) Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden Hotline Miami (HKLM\...\Steam App 219150) (Version: - Dennaton Games) Hotline Miami 2: Wrong Number (HKLM\...\Steam App 274170) (Version: - Dennaton Games) HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd) HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1206 - Hewlett-Packard) HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (HKLM\...\{61ADDE9C-3AE6-46FC-9127-DFFF637AED03}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Deskjet 3050A J611 series Hilfe (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard) HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.2.8.25 - Hewlett-Packard Company) HP Support Solutions Framework (HKLM-x32\...\{B1AD4FFB-DD17-43EC-8C30-B9E71EAD9132}) (Version: 12.2.8.17 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6418.0 - IDT) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan) iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.) Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation) League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games ) League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden LibreOffice 4.0.0.3 (HKLM-x32\...\{8EA569F1-97AF-4C3E-A0CB-4846C2D35A81}) (Version: 4.0.0.3 - The Document Foundation) Mediapurge (HKLM-x32\...\Mediapurge) (Version: 5.74 - Peter Lorenz) METAL GEAR SOLID V: GROUND ZEROES (HKLM-x32\...\Steam App 311340) (Version: - Kojima Productions) METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM-x32\...\Steam App 287700) (Version: - Konami Digital Entertainment) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation) Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) Mozilla Firefox 46.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 de)) (Version: 46.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.2 - Notepad++ Team) NVIDIA 3D Vision Controller-Treiber 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 364.51 - NVIDIA Corporation) NVIDIA GeForce Experience 2.11.2.55 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.2.55 - NVIDIA Corporation) NVIDIA Grafiktreiber 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.51 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation) NVIDIA Miracast Virtueller Ton 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 364.51 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) Oblivion (HKLM-x32\...\{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}) (Version: 1.2.0416 - Bethesda Softworks) Oddworld: New 'n' Tasty (HKLM-x32\...\Steam App 314660) (Version: - Just Add Water (Developments), Ltd.) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation) Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.) Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC) ParkControl (HKLM-x32\...\ParkControl) (Version: 1.0.1.1 - Bitsum) Path of Exile (HKLM-x32\...\Steam App 238960) (Version: - Grinding Gear Games) PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.) Portal (HKLM-x32\...\Steam App 400) (Version: - Valve) Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve) Prezi (HKLM-x32\...\{63B8F931-2BF3-4D5D-9C28-E2EF88D83DFD}) (Version: 5.2.8 - Ihr Firmenname) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.) Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games) Rust (HKLM\...\Steam App 252490) (Version: - Facepunch Studios) Savant - Ascent (HKLM-x32\...\Steam App 259530) (Version: - DPad Studios) SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.11.2.55 - NVIDIA Corporation) Hidden Shovel Knight (HKLM-x32\...\Steam App 250760) (Version: - Yacht Club Games) Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.) Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.) Source SDK Base 2006 (HKLM-x32\...\Steam App 215) (Version: - Valve) Spelunky (HKLM-x32\...\Steam App 239350) (Version: - ) Splinter Cell Pandora Tomorrow (HKLM-x32\...\{084A9731-D05B-4ADA-B4A0-0ADD25FD7152}) (Version: 1.00.000 - ) Spore (HKLM-x32\...\Steam App 17390) (Version: - Maxis™) Spore: Creepy & Cute Parts Pack (HKLM-x32\...\Steam App 17440) (Version: - Maxis™) Spore: Galactic Adventures (HKLM-x32\...\Steam App 24720) (Version: - EA - Maxis) Spotify (HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\Spotify) (Version: 1.0.28.87.g8f9312a4 - Spotify AB) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: 1.20.0000 - Firefly Studios) Stronghold 2 (HKLM-x32\...\{16D2C649-CBA8-44EE-B730-12584667D487}) (Version: 1.40.1000 - Firefly Studios) Stronghold Legends (HKLM-x32\...\{66A405D2-BA14-4594-BF36-B3B544F0754E}) (Version: 1.20.0000 - Firefly Studios) Studie zur Verbesserung von HP Deskjet 3050A J611 series Produkten (HKLM\...\{EF27865C-E636-47C4-8B35-CE8A88045681}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve) TeamSpeak 3 Client (HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH) Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic) The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version: - Nicalis, Inc.) The Culling (HKLM\...\Steam App 437220) (Version: - Xaviant) The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios) The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts) TI xHCI Filter Driver 1.0.0.4 (HKLM-x32\...\TI xHCI Filter Driver) (Version: 1.0.0.4 - Texas Instruments Inc.) TI-Nspire™ Computer Link (HKLM-x32\...\{6C5AC088-3136-4043-8985-8B0772A9580E}) (Version: 3.9.0.455 - Texas Instruments Inc.) Titan Quest (HKLM-x32\...\{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}) (Version: 1.00.0000 - Iron Lore) Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Steam App 359550) (Version: - Ubisoft Montreal) Tom Clancy's Splinter Cell (HKLM-x32\...\{A174402A-2EE6-4B86-A930-7BC85A9933BD}) (Version: 1.00.000 - ) Tom Clancy's Splinter Cell Chaos Theory (HKLM-x32\...\{888DD888-82BE-4D85-BCB2-2E042CD3E844}) (Version: 1.05.157 - Ubisoft) Tom Clancy's Splinter Cell Double Agent (HKLM-x32\...\{CAD1691A-FA24-4B95-9009-3257B8440ECC}) (Version: 1.00.0000 - Ubisoft) Torchlight (HKLM-x32\...\{4F64A46D-67F7-4497-AEA2-313D4305A5F6}) (Version: 1.0.0 - JoWooD) Total War: SHOGUN 2 (HKLM-x32\...\Steam App 34330) (Version: - The Creative Assembly) UE4 Prerequisites (x64) (HKLM-x32\...\{b46d36bc-2438-471e-abe8-1fbbd51754ee}) (Version: 1.0.10.0 - Epic Games, Inc.) UE4 Prerequisites (x64) (Version: 1.0.10.0 - Epic Games, Inc.) Hidden Unity Web Player (HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS) Uplay (HKLM-x32\...\Uplay) (Version: 13.0 - Ubisoft) VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN) Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.) Warface Launcher (Beta) (HKLM-x32\...\{28D1723C-31C4-4A83-9799-DFFB3739026D}) (Version: 1.0.0 - Crytek GmbH) WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 3.0.2.1739 - 1&1 Mail & Media GmbH) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) Windows Phone app for desktop (HKLM-x32\...\{19773614-FC22-4ACC-AAA3-E6BDA81ACF92}) (Version: 1.1.2726.0 - Microsoft Corporation) WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) Xfire (remove only) (HKLM-x32\...\Xfire) (Version: - ) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-447048058-3512354665-2473454594-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\André\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {07B1D83F-8BE6-4268-AC95-5B99EDED3305} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard) Task: {1134DC2D-A6A0-4857-8DFB-4E0F493CAD27} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-01-29] (Oracle Corporation) Task: {209E117D-060D-4095-8226-DA5E1595625F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-13] (Microsoft Corporation) Task: {3580C528-E0CC-4735-86E3-63A0B8BCC508} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd) Task: {47FBDEF3-2941-4F4E-B108-6C180438BAE8} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard) Task: {49C98BDB-BD1D-44D9-96D6-A9FD5A0AA4AA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-04-06] (Hewlett-Packard) Task: {4F62D898-94B2-44CA-967B-B256E3AA2E0F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-03-07] (Hewlett-Packard) Task: {515A7EF6-E89A-4707-835F-F8036BCBB02A} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => C:\Windows\system32\GWX\GWXDetector.exe [2016-04-26] (Microsoft Corporation) Task: {6F39FF7F-B3BA-4B3A-A5AB-3A23DF5DAB64} - System32\Tasks\ScanToPCActivationApp.exe_{1848EEB4-045A-492D-97B5-A1ABDF8FFF51} => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2012-10-17] (Hewlett-Packard Co.) Task: {92B2AB27-9A52-4CB1-8134-B402BA47CF27} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {9D530CB6-040B-44AE-9475-D09A3FB7A7AC} - System32\Tasks\AdobeFlashPlayerUpdate => C:\windows\SysWOW64\FlashPlayerUpdateService.exe Task: {9DC3DA29-DD1B-43FF-AE81-EAAF2E7E2D03} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-16] (Adobe Systems Incorporated) Task: {A5222A0D-D798-4B9B-AB9E-7AE2C8386DCC} - System32\Tasks\{4E94E5CB-7B80-4D4F-9653-5B045DBB0562} => pcalua.exe -a "C:\Users\André\Desktop\Slender\Slender - The Eight Pages.exe" -d C:\Users\André\Desktop\Slender Task: {C1A2FCF6-99E3-4AE2-9EA2-48A2DE8E20AC} - System32\Tasks\ParkControl => C:\Program Files\ParkControl\ParkControl.exe [2015-12-19] (Bitsum LLC) Task: {CE8DAAA5-D76A-4FA8-9C91-D49F86D10B9A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {D019B7C6-F960-47C3-90A7-9C8E4C03031F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company) Task: {D36339C6-3F6E-4807-AD00-0BB992F63485} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\windows\SysWOW64\FlashPlayerUpdateService.exe Task: {D506C41B-B7C3-473F-B43A-792AF9162E0D} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe Task: {D66487DC-8EB8-41B7-8AB1-DB26B7F97C86} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {FDD4D2D1-CB44-4FBA-B4E2-759CB8AA2E0C} - System32\Tasks\Game_Booster_Startup => C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\HP Deskjet 3050A J611 series.exe_{ADEB0F8D-477A-423E-88C7-3805843D3C4B}.job => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HP Deskjet 3050A J611 series.exeĖ-install -prfn HP Deskjet 3050A J611 series (Netzwerk) -ePCUrl hxxps:/h30495.www3.hp.com Task: C:\WINDOWS\Tasks\HPCustPartic.exe_{490607ED-986D-40BF-BE2C-16BB55AA064D}.job => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe Task: C:\WINDOWS\Tasks\ScanToPCActivationApp.exe_{E224E030-DCCD-4312-8F4E-8929E6A12B66}.job => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe Task: C:\WINDOWS\Tasks\Toolbox.exe_{69C0F34C-8CBD-4512-B13B-F24BE0CC5553}.job => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\Toolbox.exe Task: C:\WINDOWS\Tasks\XboxStatTask.job => C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2016-03-18 22:35 - 2016-03-08 08:27 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-03-18 23:56 - 2016-03-18 23:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-03-18 23:56 - 2016-03-18 23:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2016-03-18 22:37 - 2016-03-30 03:21 - 00366528 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll 2016-03-18 22:36 - 2016-03-30 03:21 - 00288192 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll 2016-04-01 13:38 - 2016-03-30 03:21 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll 2016-03-18 22:37 - 2016-03-30 03:22 - 03611584 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll 2013-01-03 19:54 - 2015-03-26 21:23 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe 2016-04-01 13:38 - 2016-03-30 03:21 - 02665920 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll 2016-04-01 13:38 - 2016-03-30 03:22 - 01840576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll 2016-03-18 22:37 - 2016-03-30 03:22 - 00207296 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll 2016-04-01 13:38 - 2016-03-30 03:21 - 01988544 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll 2016-04-01 13:38 - 2016-03-30 03:20 - 00034240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll 2016-04-01 13:38 - 2016-03-30 03:20 - 00920000 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll 2014-12-10 19:08 - 2016-04-26 12:38 - 00120912 _____ () C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe 2016-03-11 22:49 - 2016-03-11 22:49 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll 2014-11-23 10:58 - 2016-03-23 14:06 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll 2014-11-23 10:58 - 2016-03-23 14:06 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll 2014-11-23 10:58 - 2016-03-23 14:06 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll 2014-11-23 10:58 - 2016-03-23 14:06 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll 2014-11-23 10:58 - 2016-03-23 14:06 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll 2014-11-23 10:58 - 2016-03-23 14:06 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll 2016-03-18 22:36 - 2016-03-30 03:28 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2013-03-12 18:10 - 2016-04-29 22:10 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2015-01-23 16:20 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll 2014-05-23 14:15 - 2016-04-30 02:10 - 02549840 _____ () C:\Program Files (x86)\Steam\video.dll 2015-01-23 16:20 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2015-01-23 16:20 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2014-08-29 14:47 - 2016-02-09 01:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2014-08-29 14:47 - 2016-02-09 01:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2014-08-29 14:47 - 2016-02-09 01:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2014-08-29 14:47 - 2016-02-09 01:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2014-08-29 14:47 - 2016-02-09 01:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2013-02-02 18:37 - 2016-04-30 02:10 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2016-03-09 15:02 - 2016-02-18 00:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll 2013-02-02 18:37 - 2016-04-28 03:00 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2012-11-22 11:38 - 2012-07-18 10:50 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2015-01-23 16:20 - 2015-09-25 01:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-447048058-3512354665-2473454594-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\André\Downloads\Wallpaper\wallhaven-156813.jpg DNS Servers: 192.168.0.1 - 192.168.0.2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: AMD External Events Utility => 2 MSCONFIG\Services: Apple Mobile Device => 2 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: Origin Client Service => 3 MSCONFIG\Services: WeGameClientService => 2 HKLM\...\StartupApproved\StartupFolder: => "Speedport W 101 WLAN Manager.lnk" HKLM\...\StartupApproved\StartupFolder: => "LOLRecorder.lnk" HKLM\...\StartupApproved\StartupFolder: => "simplicheck.lnk" HKLM\...\StartupApproved\Run: => "XboxStat" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "APSDaemon" HKLM\...\StartupApproved\Run32: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "BingDesktop" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKLM\...\StartupApproved\Run32: => "QuickTime Task" HKLM\...\StartupApproved\Run32: => "BF2Hub Client" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\StartupFolder: => "Xfire.lnk" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\StartupFolder: => "OpenOffice.org 3.4.1.lnk" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\StartupFolder: => "Steam.lnk" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "Akamai NetSession Interface" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "SUPERAntiSpyware" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "GUDelayStartup" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "Spotify" HKU\S-1-5-21-447048058-3512354665-2473454594-1001\...\StartupApproved\Run: => "Spotify Web Helper" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{2F81C9A0-7BBE-4D71-8051-29AB84EE6F7C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{9DE8F934-ADAD-4318-880A-BA8C00675792}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{525FF56F-BD8E-4FF1-AC06-78A70ED5832D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SavantAscent\Savant_Ascent.exe FirewallRules: [{40D1C4D5-5783-45CE-B50D-2EEC03C7C17A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SavantAscent\Savant_Ascent.exe FirewallRules: [UDP Query User{C90CE360-557C-4657-B704-20F529B34C8E}C:\songan's ttt server - kopie\srcds.exe] => (Allow) C:\songan's ttt server - kopie\srcds.exe FirewallRules: [TCP Query User{D4F0CF27-9B16-40CA-B125-178FA527F955}C:\songan's ttt server - kopie\srcds.exe] => (Allow) C:\songan's ttt server - kopie\srcds.exe FirewallRules: [{A3195EE6-31BB-4692-B88C-0E8C843A9BF7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3y.exe FirewallRules: [{06EA1C1B-FFA2-492D-8A33-9B57E002C990}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3y.exe FirewallRules: [{E1EB2855-1798-4EDE-8B3B-82F5861378C5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3x.exe FirewallRules: [{FE4BB57F-B9C3-4B90-9532-3E31FAD1EC69}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3x.exe FirewallRules: [{557AFC36-E381-4CA4-AEE1-AC9E8DABCAF7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3.exe FirewallRules: [{31EE1A19-89CE-40CC-9182-EF6F2780E78D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Age Of Empires 3\bin\age3.exe FirewallRules: [{FC0B2104-7D49-442C-97B7-677F51721FFA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{03DEC87D-CCA7-47CD-9190-805E58AD02C6}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{0B154B0F-E8BF-4E10-9AFB-602ACE45A389}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe FirewallRules: [{EA882129-9F6E-47F3-B8A1-B714FAC38BB0}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 2 Ultimate Collection\Fun with Pets\SP9\TSBin\Sims2EP9.exe FirewallRules: [{BDB3192D-E7E9-413A-9396-70B3873A65C9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{9C5C6319-4BD7-4958-AF85-0390C636FE26}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{0344D2C1-5B07-4B6F-9100-DC8397B20E52}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shovel Knight\ShovelKnight.exe FirewallRules: [{6060FB65-6E8E-42FF-B1B8-775DECDC7404}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Shovel Knight\ShovelKnight.exe FirewallRules: [{14ABDB4B-012F-4764-A146-87C57D507349}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe FirewallRules: [{3ECB7973-9619-405E-A6BE-1388AE65C0B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe FirewallRules: [{E3578200-F99C-4118-8086-3D55D018DEBE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe FirewallRules: [{77A50C45-2191-4923-814A-6E2BA8B0A02E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe FirewallRules: [{D35C7CB8-288E-4C90-B301-D96FD6B4F1C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporebinEP1\SporeApp.exe FirewallRules: [{654C398B-5DF4-4B24-B2E4-377168A393CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporebinEP1\SporeApp.exe FirewallRules: [{355A24CE-660C-4E0D-B3CF-5F9A3A64C921}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\runme.exe FirewallRules: [{22118AC4-2C6C-4A21-98E3-22CFE6EF30C1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\runme.exe FirewallRules: [{F1B9229F-40C8-4BF7-8D09-07764066B3BF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe FirewallRules: [{2673C359-B53B-40E4-9129-0E366B225601}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spore\SporeBin\SporeApp.exe FirewallRules: [{19FCCC1D-B026-4BE5-9F5E-A60048284120}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe FirewallRules: [{2F8C6559-20EB-4C1C-A37B-B5B2985E543D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe FirewallRules: [{31DF9A60-1465-4A7A-B93D-7EFBCDCFFCF2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{3887276F-6885-4E22-9F4B-3ABC201D6449}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{D4C2095B-7F89-4922-B8C4-B8827F84A2DB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{D0268C2D-602B-4546-BA83-BB6BABE79EDF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{2CA630FB-839D-40DB-9F36-228B7F224361}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe FirewallRules: [{AF7CEDE2-2D7E-4353-8884-1C2491D82A4C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe FirewallRules: [UDP Query User{AB62C390-516F-4D0D-9FA3-691F9B6D52D2}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe FirewallRules: [TCP Query User{61338F15-C415-4289-88E5-E4D1456EF082}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe FirewallRules: [{AE67764D-BD85-405D-909A-B40D6A2D364B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe FirewallRules: [{A05353E0-15C5-4636-91E5-3EC3DB7A9298}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe FirewallRules: [{74FD4306-F4CE-4F02-AA0A-66FABFAF2526}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe FirewallRules: [{D8D25627-2D6B-416C-A1B7-F15DB81C4CC1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe FirewallRules: [UDP Query User{60F2F817-AD57-4421-9452-9459338C4CB0}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe FirewallRules: [TCP Query User{04AD78F5-1C42-4AC3-8B08-0F992D282CA5}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe FirewallRules: [UDP Query User{6484B4C8-1523-4FEA-896C-6D9D95068AA8}C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe] => (Allow) C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe FirewallRules: [TCP Query User{510AED7B-4C10-43DD-9E41-C64994BFEC9E}C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe] => (Allow) C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe FirewallRules: [{10B45A3C-510B-49D0-B8E9-18C5B443BB7F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{DC6B5AFF-687B-42F4-B773-5B4C844B8A0A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{937343C7-994B-47F9-A316-66587B212F11}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe FirewallRules: [{1A3EF871-27E4-4CBC-B74B-B2383F0DFFF9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe FirewallRules: [{E54F4129-E34D-4242-B28A-3934E7456BA7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{DA5F7BAC-034D-4514-AB1E-3A8F49EC98FC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{4CCB3275-446A-4A5E-984B-E661A5906CE1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{3B2F061E-9DEE-4A60-BB66-553D949A1CE8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{16766F7A-84A3-47D2-BB13-C739A79A6BC4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{F4AD3048-6EC2-4C89-9AE4-3079E222A515}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{4C19DB87-1819-4DEC-A423-C5D30DED153C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe FirewallRules: [{B76F0C57-6BE2-41BA-8FDC-D600A548733A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe FirewallRules: [UDP Query User{C7B0AA1C-B270-46B5-A6DD-E789B6CF0316}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe FirewallRules: [TCP Query User{434FF7C0-9231-4B8F-98BD-4272CB9EA40F}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe FirewallRules: [UDP Query User{4368F7BC-2A7C-4AF9-AB66-A7C6C67449E8}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe FirewallRules: [TCP Query User{CA39CCB2-445B-4394-977C-B740672B0350}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe FirewallRules: [{D5C94B11-2437-48C8-A43B-1EBADF3BE765}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe FirewallRules: [{A878638D-E967-4491-BF24-9D823CEE97A8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe FirewallRules: [{B04BA630-71E3-48BB-A53D-43E9B3AD9A5F}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{4E37412E-E309-4DA4-84C7-61826D930253}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe FirewallRules: [{BE7C4B8C-D22C-4D39-8769-D7D17B52C432}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe FirewallRules: [{81FA855D-D76B-4447-984C-FD3599D90623}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [{67C1EB95-DE28-4F2B-9058-7B3A2C72D823}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [UDP Query User{816344A6-B7AA-436A-BAF9-ED24DFB232A6}C:\gog games\arcanum\arcanum.exe] => (Block) C:\gog games\arcanum\arcanum.exe FirewallRules: [TCP Query User{FCADCA24-8865-4D9D-A358-492C0B930FD7}C:\gog games\arcanum\arcanum.exe] => (Block) C:\gog games\arcanum\arcanum.exe FirewallRules: [{CC9108CA-CAB2-488E-8173-A09E6DBEFB19}] => (Allow) C:\Program Files (x86)\7DaysToDie-Alpha\7DaysToDie.exe FirewallRules: [{6E596561-2567-4AA7-8292-2F13D08053FD}] => (Allow) C:\Program Files (x86)\7DaysToDie-Alpha\7DaysToDie.exe FirewallRules: [{E211D57C-F8D2-4000-8717-F6EB9BFED9C1}] => (Allow) C:\Program Files (x86)\7DaysToDie-Alpha\7DaysToDie.exe FirewallRules: [{89D923D0-52AD-45D3-AB79-2B2FCFA7EEC9}] => (Allow) C:\Program Files (x86)\7DaysToDie-Alpha\7DaysToDie.exe FirewallRules: [UDP Query User{20BC6940-EC8A-4D84-ADA8-0CAC1583C908}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{5B108050-331D-4078-91F7-333C2FD058F0}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [{F7029719-F975-4165-B9DE-4B50E21FBD96}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spelunky\Spelunky.exe FirewallRules: [{552360C1-3E4D-4478-B81A-743E57C60ADE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spelunky\Spelunky.exe FirewallRules: [UDP Query User{1AF00546-D969-4B95-BCE1-20AD60109548}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe FirewallRules: [TCP Query User{2DED59E3-BCD4-4AD1-A751-69C0D993C9C0}C:\program files (x86)\guild wars 2\gw2.exe] => (Allow) C:\program files (x86)\guild wars 2\gw2.exe FirewallRules: [{E167F28F-3CDB-4E9C-BC93-54BA1A2C3C01}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{866386DB-549E-451B-8B08-324399D57293}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe FirewallRules: [{84D5A424-B0E1-48B8-99F7-56DB8A7D831D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [{B320A94D-2C0A-40BC-A57E-B8FF09548745}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [{3D8FCAA0-AF8A-4080-B76E-91B00EEF2A12}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe FirewallRules: [{4A5D0F96-864C-488C-A3DE-31A996CDA638}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe FirewallRules: [UDP Query User{7A239781-B79A-4B27-92BB-D85A772CDE98}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe FirewallRules: [TCP Query User{7061FBA7-108A-4A04-A3F1-0C3A4259C982}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe FirewallRules: [UDP Query User{11A23F99-555C-444F-857D-496287B9A48F}G:\photoshop elements 7.0\adobephotoshopelementsmediaserver.exe] => (Allow) G:\photoshop elements 7.0\adobephotoshopelementsmediaserver.exe FirewallRules: [TCP Query User{BA0ECDB6-A448-4439-A0A6-374398724581}G:\photoshop elements 7.0\adobephotoshopelementsmediaserver.exe] => (Allow) G:\photoshop elements 7.0\adobephotoshopelementsmediaserver.exe FirewallRules: [UDP Query User{2AD03E61-6CB6-4DB2-A353-217D91DEBB80}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [TCP Query User{0A63AFDA-95CA-4F6C-8E66-D7A04EF5F6CA}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [UDP Query User{854A33A6-B57B-49A4-BC0B-B447864978E7}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe FirewallRules: [TCP Query User{3D45854F-3635-4D6A-ADF4-0EBEE2575081}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe FirewallRules: [UDP Query User{979C4E21-D9C4-49F4-BCE0-EF5DA3644EDE}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{2C72D711-F6FE-41A5-8E01-8BD6424A81C9}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [{F7667282-18D2-4EEC-845E-3B3BCA6702EA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [UDP Query User{DC7BF070-51A4-41A4-B1FB-F05B12A05E32}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe FirewallRules: [TCP Query User{B9B504D2-0BED-44C8-87A1-B03F9A25CB3D}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe FirewallRules: [{88C338FE-13BA-49E4-B938-296AEF29807B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{4EEC4502-D631-42C4-8990-017FBDE70B5A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{CFC7DE7C-9FD1-46FC-86B0-78C26A9B7775}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold\Stronghold.exe FirewallRules: [{47442B8F-1B8A-4BF4-98E7-5A4025AA9F33}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold\Stronghold.exe FirewallRules: [{8E386419-8F65-43C5-A842-65EC79A74C5E}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold 2\Stronghold2.exe FirewallRules: [{0FEB2ABB-96A2-4F9B-B5DF-352080B000A0}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold 2\Stronghold2.exe FirewallRules: [UDP Query User{A73EB24B-5760-406C-92F6-01680BFD0E17}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{ABC0EAEB-F6E3-42D6-A4AF-E4698720895E}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{615E09E1-58DF-4F2B-9001-EC72C28F1ED4}C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\system\splintercell3.exe] => (Allow) C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\system\splintercell3.exe FirewallRules: [TCP Query User{199F5DA8-537B-4802-A081-BCC0BDCA4D49}C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\system\splintercell3.exe] => (Allow) C:\program files (x86)\ubisoft\tom clancy's splinter cell chaos theory\system\splintercell3.exe FirewallRules: [{84A117B9-6229-4B07-AA4C-592C006DAF17}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Legends\StrongholdLegends.exe FirewallRules: [{F547011A-F4A2-4823-9514-BFBC0F04DF47}] => (Allow) C:\Program Files (x86)\Firefly Studios\Stronghold Legends\StrongholdLegends.exe FirewallRules: [UDP Query User{1F14F8E7-EF0B-4C0D-A2DC-7D79E56FCD90}C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe] => (Allow) C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe FirewallRules: [TCP Query User{843B521A-F575-49BB-A5E6-A8BAF3F39FDB}C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe] => (Allow) C:\program files (x86)\ubisoft\splinter cell pandora tomorrow\pandora.exe FirewallRules: [{0B44211B-1D40-4E7E-B060-6CA1F81528A3}] => (Allow) LPort=1900 FirewallRules: [{CE1660CA-ECA5-44DE-A94C-25D5ADC5A300}] => (Allow) LPort=2869 FirewallRules: [{E1FD84FD-A7D8-4832-9B25-FBFC9302E2EA}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{2060FED0-2274-4EAA-BF88-879831BB9D71}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE FirewallRules: [{35E64E04-DDCC-40A5-B7DF-DC924212030D}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [TCP Query User{7A28D840-1BC8-4A6B-8A79-EFF25E28477E}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{EDD83D34-D790-4F04-AF0B-12A09F8A5F6B}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{6C8D7433-1032-4924-92EE-E231B2C60069}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{080B0641-9913-418C-83AF-B418D6421F3E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{4A0EF7F6-2123-422C-9B03-E67434EC229A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Oddworld New n Tasty\NNT.exe FirewallRules: [{863BA61A-4FEF-4D22-B6F7-2A6A445CD55D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Oddworld New n Tasty\NNT.exe FirewallRules: [TCP Query User{EE59E25E-E681-4F6D-AF72-AD2A1F391D43}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{F7147E30-BE04-4702-BB59-3CF913696D06}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{7366368D-2C3F-4C0C-94C9-79291994E5EF}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{8A83C40E-4BAC-4B5E-A74D-221CCD63CF3D}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{B0603A95-9371-4DDE-873B-3E9B50060C5E}] => (Allow) C:\Program Files (x86)\EA Games\Battlefield 2\BF2.exe FirewallRules: [{0D170153-EA06-42AA-9A18-94CF56EC2C1D}] => (Allow) C:\Program Files (x86)\EA Games\Battlefield 2\BF2.exe FirewallRules: [TCP Query User{5F2D22DE-18CE-4B5B-A2A4-AE30C787FF0F}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe FirewallRules: [UDP Query User{042AC962-6FD7-4955-A24A-518DF58804BB}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe FirewallRules: [{82DD64BA-BE73-4A59-BC83-D0CBCAD11B33}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{44407D7A-EA04-4913-90A4-F6270C3E8934}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{D5E03025-EB0F-4A7C-BB33-A3F9DD115AE6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{D9D485A7-E593-4F69-8763-71B6B32FA889}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [TCP Query User{18EBDBB0-6F97-4DBD-9FE2-E95D002547EA}C:\program files (x86)\ea games\battlefield 2\bf2.exe] => (Allow) C:\program files (x86)\ea games\battlefield 2\bf2.exe FirewallRules: [UDP Query User{73446A00-A12F-4119-8470-7F8545100C5C}C:\program files (x86)\ea games\battlefield 2\bf2.exe] => (Allow) C:\program files (x86)\ea games\battlefield 2\bf2.exe FirewallRules: [{148BD9DE-CE7B-495B-808D-4493B12374BC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe FirewallRules: [{74E5C093-E8B3-43AF-B873-FF22E5D9C20D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Total War SHOGUN 2\Shogun2.exe FirewallRules: [{83BA189A-2359-4DF2-9B85-4243C11527B5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{B3852A97-3C8C-4718-9B64-A8BDCA0A2E5C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{75D3D7EE-8634-44FC-9B6D-398DBD05BDDC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fistful of Frags\sdk\hl2.exe FirewallRules: [{55B707B7-0D91-4B83-BD64-3B43BC35E5C3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fistful of Frags\sdk\hl2.exe FirewallRules: [TCP Query User{3FA714E6-27A8-4C83-A83D-3F14708C7522}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe FirewallRules: [UDP Query User{4B650623-F185-4E8F-B32C-923681610894}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe FirewallRules: [{3FB0EED4-4D83-4864-8256-1112E438528A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 3 goty\FalloutLauncher.exe FirewallRules: [{5EBD8610-3469-4A9A-B763-93442B6B1E9B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 3 goty\FalloutLauncher.exe FirewallRules: [{10F8A69D-4A78-43DE-A010-A8D58C912584}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe FirewallRules: [{CCC81A88-F96B-482F-A763-63A8BC4FBABD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Metal Gear Solid Ground Zeroes\MgsGroundZeroes.exe FirewallRules: [{04A68A81-678E-4E08-A891-118BF8A82A13}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{5601EF96-3EE6-4AC2-8E5C-9B3C70F1E055}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{F900103E-5B80-4ECD-88B4-7F921E7982DA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe FirewallRules: [{03192198-3130-4974-96A8-59765F30ABE5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe FirewallRules: [{07E757A0-BEA6-4D39-BA47-1322E5A4F972}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [{AA00C280-76B2-4D38-A4EA-F40C474FE62D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [TCP Query User{80A3FF00-1CE5-40FA-BD74-CDF7B1FEE7A5}C:\program files (x86)\ti education\ti-nspire computer link\ti-nspire computer link.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire computer link\ti-nspire computer link.exe FirewallRules: [UDP Query User{A24F1D35-3B16-4FC8-AE35-EFD7D74302B5}C:\program files (x86)\ti education\ti-nspire computer link\ti-nspire computer link.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire computer link\ti-nspire computer link.exe FirewallRules: [TCP Query User{04AEA058-464E-45DC-9F12-93012201A387}C:\program files (x86)\ti education\ti-nspire computer link\jre\bin\java.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire computer link\jre\bin\java.exe FirewallRules: [UDP Query User{BE617A23-6191-4E1B-A1CE-EF5C38152015}C:\program files (x86)\ti education\ti-nspire computer link\jre\bin\java.exe] => (Allow) C:\program files (x86)\ti education\ti-nspire computer link\jre\bin\java.exe FirewallRules: [TCP Query User{B5EF835B-497F-41DE-BC00-7BF39F3DBAB2}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe FirewallRules: [UDP Query User{87D57B25-B389-4873-99F1-F1F4B56DB10E}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe FirewallRules: [TCP Query User{009D5093-8B1A-47ED-B2D1-75DCD3A253AF}C:\users\andré\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\andré\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{8B7F0374-A4DB-4F25-96A9-11C334A778A5}C:\users\andré\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\andré\appdata\roaming\spotify\spotify.exe FirewallRules: [{68241CF8-3F67-4606-9CD6-9B44629D1FA3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{371DDF5E-863C-4B04-AA36-9BCA8957ABAF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{B3852398-F898-4F6F-A736-001671E9D853}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{2F46FAC5-39DA-48CB-87B7-2DB63DF9CC9B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{57EA8011-8988-497E-84D0-F9502DB2A1CA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{11C55929-3DB5-4FFF-8D23-A6A63911510C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{5A8CFE7B-899A-4490-BA84-3F58FA2E8F38}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{0464378F-CD97-4216-A966-760782823490}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [TCP Query User{35496E53-0B61-408F-8762-039BB5C1035C}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [UDP Query User{2E6E8688-E1C8-47E6-B2D9-7E594F859EA7}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [{9522C61C-0FA5-42CF-99A6-8796BC8ABBB3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe FirewallRules: [{E25BCE61-2553-4378-B9C8-32AA3DE4414B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe FirewallRules: [{FABC240F-274B-47AC-858F-438E14DB95F9}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe FirewallRules: [TCP Query User{6A11780A-C673-4C25-B63A-2AC4A906E120}C:\songan's ttt server - kopie\srcds.exe] => (Allow) C:\songan's ttt server - kopie\srcds.exe FirewallRules: [UDP Query User{FEBEFACE-4396-49C6-91E1-33AFCF378EB8}C:\songan's ttt server - kopie\srcds.exe] => (Allow) C:\songan's ttt server - kopie\srcds.exe FirewallRules: [{8E73AB31-C8AD-4F78-AEBF-565629D44666}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MGS_TPP\mgsvtpp.exe FirewallRules: [{2330A750-582C-4E3D-8E02-56F0FA5E1800}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MGS_TPP\mgsvtpp.exe FirewallRules: [{7A629A0A-1D85-462A-8131-C0F1A0FED8BB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe FirewallRules: [{569AB28B-79DA-4152-98C7-8FC358FC16A2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe FirewallRules: [{56C07A57-BFA5-470E-8B65-52E04CA6E40E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{BDCC194D-ABA9-4892-B891-FCC35B720DD7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{55449DDA-7F51-4C61-8861-B3C700B4A81F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{B2D89EFE-0FB9-4756-9144-21CFA0AA27BA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{44F22EFC-FB2D-4E4D-B1A1-3A9C31E2D3A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{4B96DCC9-61BA-4747-8A57-9B0DEC5D083A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{1274CD60-E8E4-469D-9A12-04443BFCBAF8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{F0065602-B604-471B-AF08-8447902B5DA3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe FirewallRules: [{262C47AA-404B-48BA-8D26-F495E5069386}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe FirewallRules: [{410F82CB-A332-4660-91D6-53EC5F42E57D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheCulling\TheCulling_Launcher.exe FirewallRules: [{AFFB53C2-13B6-4304-A294-3BB329BD7A32}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TheCulling\TheCulling_Launcher.exe FirewallRules: [TCP Query User{5CC79050-2FF6-4A33-8DA8-E4C465A2A3DE}C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe FirewallRules: [UDP Query User{4765706F-B3BB-43A0-B242-0A13CE229922}C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\theculling\victory\binaries\win64\victory.exe FirewallRules: [{637479C3-5E89-4FAC-8365-DDD65B257ED8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe FirewallRules: [{EC6C7D2A-4B98-43D4-A98D-A5F23E492F17}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe FirewallRules: [{874A6590-5815-43EC-B566-7CBEB1912029}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [TCP Query User{F6A32B85-6372-45E2-92B3-0AFC0691F1B7}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [UDP Query User{99098603-601D-4775-9C3F-BEC0C8D673D8}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [{5B9E721E-7C91-4AFB-8D54-F23B323D8D38}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe FirewallRules: [{3AF93217-33B9-474C-8F86-6DA2552DA48D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe FirewallRules: [{B0ACEF2B-4DBF-4D2D-81F2-89919DADDAE2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe FirewallRules: [{2DADFF23-7A32-40C7-97D3-74EBF26FC353}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe FirewallRules: [{D904EB1D-3CF6-4D18-ABAD-152EC199EABB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe FirewallRules: [{61D4255A-0725-4A20-86E9-A34E748B4F71}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe FirewallRules: [{9211B61F-6AB9-436E-AE60-FB5D52BFC6F2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe FirewallRules: [{34F5F4C6-599F-4D22-A403-1FEFEB04F774}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe FirewallRules: [{E43876E3-8A49-45C9-A1BE-FD30D5F51304}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe FirewallRules: [{7D629C6C-2852-4C13-AE7C-C6E7D0F14E6E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe FirewallRules: [{4E5CBD26-E8EA-4812-9703-902E1871A0D9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rust\Rust.exe FirewallRules: [{7040C603-3913-4BA6-BD1E-E937BD819C14}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rust\Rust.exe FirewallRules: [TCP Query User{4C1C0507-D001-4114-820D-F8D2A26F0901}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [UDP Query User{559A0FF3-0735-4B3A-A8DC-D372E4F2896F}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [{4B42444C-39EC-4DE6-93C4-F37658C012D4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hotline Miami 2\HotlineMiami2.exe FirewallRules: [{0EEDE53D-E7BD-4BFE-8190-8761E301FC43}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hotline Miami 2\HotlineMiami2.exe FirewallRules: [{22E36B34-93CD-4B4F-A5FB-5AFFD7F9217C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe FirewallRules: [{B9204EB4-20CE-4AA5-8A1A-9324E6806329}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\hotline_miami\HotlineMiami.exe FirewallRules: [{58307D7D-485E-456D-8D40-11B231A2D5F2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cosmic DJ\CosmicDJ.exe FirewallRules: [{305A4E45-3FEB-4293-B381-B5077FD9A4ED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Cosmic DJ\CosmicDJ.exe FirewallRules: [{9CF03B3A-02D5-46EC-847C-B86C6D0FD8C8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [{832A744E-84A5-4E7D-96D3-870816E7DCF5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Don't Starve Together\bin\dontstarve_steam.exe FirewallRules: [{4960FF1E-13FB-4F4A-8842-D66DD000EB40}] => (Allow) LPort=53000 FirewallRules: [{C4B68FC8-AB08-477B-A699-8C1096FB3B7C}] => (Allow) LPort=52000 ==================== Wiederherstellungspunkte ========================= ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (05/11/2016 02:59:18 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm FRST64(1).exe, Version 9.5.2016.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1c74 Startzeit: 01d1ab84b3f55f5e Endzeit: 4294967295 Anwendungspfad: C:\Users\André\Downloads\FRST64(1).exe Berichts-ID: 21af9b2c-1778-11e6-bf76-b4b52fc7b10a Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (05/10/2016 07:38:28 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: avscan.exe, Version: 15.0.17.264, Zeitstempel: 0x56f29038 Name des fehlerhaften Moduls: AVSCPLR.DLL, Version: 15.0.17.264, Zeitstempel: 0x56f28832 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000638b ID des fehlerhaften Prozesses: 0x78c Startzeit der fehlerhaften Anwendung: 0xavscan.exe0 Pfad der fehlerhaften Anwendung: avscan.exe1 Pfad des fehlerhaften Moduls: avscan.exe2 Berichtskennung: avscan.exe3 Vollständiger Name des fehlerhaften Pakets: avscan.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: avscan.exe5 Error: (05/10/2016 06:15:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: avcenter.exe, Version: 15.0.17.264, Zeitstempel: 0x56f28f71 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften Prozesses: 0x17a4 Startzeit der fehlerhaften Anwendung: 0xavcenter.exe0 Pfad der fehlerhaften Anwendung: avcenter.exe1 Pfad des fehlerhaften Moduls: avcenter.exe2 Berichtskennung: avcenter.exe3 Vollständiger Name des fehlerhaften Pakets: avcenter.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: avcenter.exe5 Error: (05/10/2016 05:25:09 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: avscan.exe, Version: 15.0.16.276, Zeitstempel: 0x56c489d7 Name des fehlerhaften Moduls: AVSCPLR.DLL, Version: 15.0.16.280, Zeitstempel: 0x56c6e004 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000649b ID des fehlerhaften Prozesses: 0x790 Startzeit der fehlerhaften Anwendung: 0xavscan.exe0 Pfad der fehlerhaften Anwendung: avscan.exe1 Pfad des fehlerhaften Moduls: avscan.exe2 Berichtskennung: avscan.exe3 Vollständiger Name des fehlerhaften Pakets: avscan.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: avscan.exe5 Error: (05/10/2016 04:15:03 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm soffice.bin, Version 4.0.0.103 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 134 Startzeit: 01d1aac5e6629c16 Endzeit: 4294967295 Anwendungspfad: C:\Program Files (x86)\LibreOffice 4.0\program\soffice.bin Berichts-ID: 905d7871-16b9-11e6-bf73-b4b52fc7b10a Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (05/10/2016 03:54:16 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm wwahost.exe, Version 6.3.9600.17415 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1c18 Startzeit: 01d1aac2ba88ef09 Endzeit: 4294967295 Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe Berichts-ID: adf18511-16b6-11e6-bf73-b4b52fc7b10a Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App Error: (05/10/2016 03:32:05 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: HPConnectedRemoteService.exe, Version: 1.0.1206.0, Zeitstempel: 0x503e3c5d Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18264, Zeitstempel: 0x56e1bd71 Ausnahmecode: 0xe0434352 Fehleroffset: 0x0000000000008a5c ID des fehlerhaften Prozesses: 0x218c Startzeit der fehlerhaften Anwendung: 0xHPConnectedRemoteService.exe0 Pfad der fehlerhaften Anwendung: HPConnectedRemoteService.exe1 Pfad des fehlerhaften Moduls: HPConnectedRemoteService.exe2 Berichtskennung: HPConnectedRemoteService.exe3 Vollständiger Name des fehlerhaften Pakets: HPConnectedRemoteService.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: HPConnectedRemoteService.exe5 Error: (05/10/2016 03:32:03 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Anwendung: HPConnectedRemoteService.exe Frameworkversion: v4.0.30319 Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet. Ausnahmeinformationen: System.Management.ManagementException bei System.Management.ManagementException.ThrowWithExtendedInfo(System.Management.ManagementStatus) bei System.Management.SinkForEventQuery.Cancel() bei System.Management.ManagementEventWatcher.Stop() bei HP.Seeker.ProcessMonitor.StopProcessWatchers() bei HP.Seeker.ProcessKeeperService.StopProcesMonitors() bei HP.Seeker.HPSeekerSwitchboard.StartUserService() bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object) bei System.Threading.ThreadHelper.ThreadStart() Error: (05/07/2016 12:48:42 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT) Description: There was an error with the Windows Location Provider database Error: (05/05/2016 07:39:07 PM) (Source: MsiInstaller) (EventID: 1002) (User: André-PC) Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList". Systemfehler: ============= Error: (05/11/2016 05:19:30 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT) Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001. Error: (05/11/2016 05:19:22 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT) Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001. Error: (05/11/2016 05:15:49 PM) (Source: Schannel) (EventID: 4102) (User: NT-AUTORITÄT) Description: Schwerwiegender Fehler beim Zugriff auf den privaten Schlüssel der Anmeldeinformationen Server für SSL. Der vom kryptografischen Modul zurückgegebene Fehlercode lautet 0x8009030d. Der interne Fehlerstatus ist 10001. Error: (05/11/2016 05:15:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts. Error: (05/11/2016 05:15:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (05/11/2016 05:15:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Audio Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (05/11/2016 05:15:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Druckwarteschlange" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts. Error: (05/11/2016 05:15:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Apple Mobile Device Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error: (05/11/2016 05:15:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Digital Wave Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (05/11/2016 05:15:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "NVIDIA GeForce Experience Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. CodeIntegrity: =================================== Date: 2013-08-19 13:11:11.339 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Glary Utilities 3\ProcObsrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz Prozentuale Nutzung des RAM: 37% Installierter physikalischer RAM: 8147.35 MB Verfügbarer physikalischer RAM: 5076.24 MB Summe virtueller Speicher: 12499.35 MB Verfügbarer virtueller Speicher: 8689.27 MB ==================== Laufwerke ================================ Drive c: (OS) (Fixed) (Total:918.61 GB) (Free:91.64 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive d: (Recovery Image) (Fixed) (Total:10.98 GB) (Free:1.33 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive e: (NVCDV243) (CDROM) (Total:1.18 GB) (Free:0 GB) CDFS Drive g: () (Removable) (Total:1.86 GB) (Free:0.32 GB) FAT32 ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 9FE15288) Partition: GPT. ======================================================== Disk: 1 (Size: 1.9 GB) (Disk ID: 000A4BAE) Partition 1: (Active) - (Size=1.9 GB) - (Type=0C) ==================== Ende von Addition.txt ============================ |
Themen zu Windows 8: Für mich unbekannter Trojaner von Avira gefunden |
.dll, adobe, antivir, avira, ccsetup, defender, desktop, dnsapi.dll, explorer, firefox, flash player, installation, mozilla, mp3, problem, prozesse, registry, rojaner gefunden, rundll, scan, services.exe, software, svchost.exe, system, teamspeak, trojaner, trojaner 'tr/crypt.epack.gen', virus, windows |