| |
| |||||||
Log-Analyse und Auswertung: Win7, Pop-up Probleme bei ChromeWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
18.09.2016, 18:41
| #1 |
 |  Win7, Pop-up Probleme bei Chrome Seit einiger Zeit passiert es, dass Weiterleitungen auf Websites nicht hervorgehoben werden und es öffnen sich Pop-ups im neuen Tab, egal wo ich klicke. Nach Schließung der neu geöffneten Tabs funktioniert alles wieder normal. Aktuell nutze ich Firefox als Alternative, wobei dort bislang keine Probleme aufgetreten sind. Logs von FRST64, TDSSKiller und AdwCleaner sind vorhanden, kann ich allerdings aufgrund ihrer Größe nicht alle gleichzeitig posten. Auch habe ich es auch mit der Software Malwarebytes-Anti-Rootkit versucht. Das Problem besteht weiterhin. FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 17-09-2016
durchgeführt von Philip (Administrator) auf PHILIP-PC (18-09-2016 18:23:52)
Gestartet von C:\Users\Philip\Downloads
Geladene Profile: Philip (Verfügbare Profile: Philip)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
() C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
(A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_162.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_162.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1860120 2016-01-12] (NVIDIA Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-08-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [830064 2016-09-06] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-08-22] (Razer Inc.)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-4121084442-288992259-759938091-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8722136 2016-06-01] (Piriform Ltd)
HKU\S-1-5-21-4121084442-288992259-759938091-1000\...\Run: [Chromium] => c:\users\philip\appdata\local\chromium\application\chrome.exe [1068544 2016-03-18] (The Chromium Authors)
HKU\S-1-5-21-4121084442-288992259-759938091-1000\...\MountPoints2: {95d9ec57-4cfd-11e5-b1dc-806e6f6e6963} - D:\LaunchU3.exe -a
HKU\S-1-5-21-4121084442-288992259-759938091-1000\...\MountPoints2: {b8943bd8-7869-11e6-b641-d05099767378} - D:\LaunchU3.exe -a
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{87A8199B-4AD4-4FD9-A2C6-CA68A6A8E5BF}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{B72FD6E1-AAB7-4E1B-AD18-2B2FFB6718F6}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{CBF9AD99-F54B-44A9-A1EC-3046EAC462C3}: [DhcpNameServer] 192.168.2.1 192.168.2.1
ManualProxies:
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-4121084442-288992259-759938091-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4121084442-288992259-759938091-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_71\bin\ssv.dll [2016-01-21] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-21] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Arc\Plugins\ArcPluginIE.dll [2016-06-15] (Perfect World Entertainment Inc)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
FireFox:
========
FF ProfilePath: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\YdSozOTI.default
FF Homepage: Google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-18] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-21] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-18] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-10-28] (DivX, LLC)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Arc\Plugins\npArcPluginFF.dll [2016-06-15] (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-12] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
FF Extension: (Avira Browser Safety) - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\YdSozOTI.default\Extensions\abs@avira.com [2016-09-17]
FF Extension: (Firefox Hotfix) - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\YdSozOTI.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-17]
FF Extension: (BetterTTV) - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\YdSozOTI.default\Extensions\firefox@betterttv.net.xpi [2016-09-17]
FF Extension: (Adblock Plus) - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\YdSozOTI.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-09-17]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-02-19]
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.de/
CHR StartupUrls: Default -> "hxxp://google.de/"
CHR Profile: C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default [2016-09-18]
CHR Extension: (Google Präsentationen) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-11]
CHR Extension: (BetterTTV) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2016-09-11]
CHR Extension: (Google Docs) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-11]
CHR Extension: (Google Drive) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-11]
CHR Extension: (YouTube) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-11]
CHR Extension: (Adblock Plus) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-09-13]
CHR Extension: (Google Tabellen) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-11]
CHR Extension: (Google Docs Offline) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-11]
CHR Extension: (Mists of Pandaria) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgekjpcoanfekfacmkppcjkdlnpmnlac [2016-09-11]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-11]
CHR Extension: (Google Mail) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-11]
CHR Extension: (Chrome Media Router) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-14]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2159320 2016-08-22] (Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [989696 2016-09-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [470600 2016-09-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [470600 2016-09-06] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1454720 2016-09-06] (Avira Operations GmbH & Co. KG)
S3 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [88024 2016-06-15] (Perfect World Entertainment Inc)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [324304 2016-08-19] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1404936 2016-08-02] ()
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [249104 2016-06-28] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2868736 2015-06-11] (Deutsche Telekom AG) [Datei ist nicht signiert]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3520872 2015-09-22] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-08-30] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2016-03-27] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187824 2016-07-20] ()
R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [18432 2016-06-25] () [Datei ist nicht signiert]
R2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4255232 2016-02-15] (A-Volute) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [171752 2016-07-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [145984 2016-07-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-04-04] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
S3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [32768 2014-05-23] (Windows (R) Win 7 DDK provider)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-05-07] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [136312 2016-06-27] (Razer, Inc.)
R3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [40640 2016-02-15] (Windows (R) Win 7 DDK provider)
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 VBAudioVACMME; system32\DRIVERS\vbaudio_cable64_win7.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-09-18 18:23 - 2016-09-18 18:24 - 00019821 _____ C:\Users\Philip\Downloads\FRST.txt
2016-09-18 18:04 - 2016-09-18 18:04 - 00007089 _____ C:\Users\Philip\Desktop\AdwCleaner[C0].txt
2016-09-18 17:55 - 2016-09-18 18:01 - 00000000 ____D C:\AdwCleaner
2016-09-18 17:54 - 2016-09-18 17:55 - 03861056 _____ C:\Users\Philip\Downloads\AdwCleaner_6.020.exe
2016-09-18 17:10 - 2016-09-18 18:23 - 00000000 ____D C:\FRST
2016-09-18 17:06 - 2016-09-18 17:07 - 02399232 _____ (Farbar) C:\Users\Philip\Downloads\FRST64.exe
2016-09-18 16:39 - 2016-09-18 16:39 - 00003288 ____N C:\bootsqm.dat
2016-09-18 16:09 - 2016-09-18 17:01 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-09-18 16:09 - 2016-09-18 16:42 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-09-18 16:09 - 2016-09-18 16:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-18 16:08 - 2016-09-18 16:42 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-09-18 16:07 - 2016-09-18 16:08 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Philip\Downloads\mbar-1.09.3.1001.exe
2016-09-18 16:07 - 2016-09-18 16:08 - 00000000 ____D C:\Users\Philip\Desktop\Malwarebytes
2016-09-18 14:06 - 2016-09-18 14:06 - 00000000 ____D C:\Users\Philip\AppData\Local\Macromedia
2016-09-18 13:53 - 2016-09-18 17:48 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-09-18 13:53 - 2016-09-18 13:53 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-09-18 13:53 - 2016-09-18 13:53 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-18 13:53 - 2016-09-18 13:53 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-09-18 13:53 - 2016-09-18 13:53 - 00000000 ____D C:\Windows\system32\Macromed
2016-09-17 20:16 - 2016-09-17 20:24 - 00000000 ____D C:\Users\Philip\AppData\Local\Mozilla
2016-09-17 20:16 - 2016-09-17 20:16 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-09-17 20:16 - 2016-09-17 20:16 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-09-17 20:16 - 2016-09-17 20:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-17 20:15 - 2016-09-17 20:15 - 00242296 _____ C:\Users\Philip\Downloads\Firefox Setup Stub 48.0.2.exe
2016-09-17 05:10 - 2016-09-17 05:10 - 00001138 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-09-15 23:26 - 2016-09-15 23:26 - 00000674 _____ C:\Users\Philip\Desktop\Star Defender 4.lnk
2016-09-15 23:26 - 2016-09-15 23:26 - 00000000 ____D C:\Users\Philip\AppData\Roaming\Awem
2016-09-15 23:26 - 2016-09-15 23:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameTop.com
2016-09-15 23:25 - 2016-09-15 23:26 - 00000000 ____D C:\Users\Philip\Desktop\Star Defender 4
2016-09-15 23:24 - 2016-09-15 23:25 - 13088376 _____ (GameTop Pte. Ltd. ) C:\Users\Philip\Downloads\Star-Defender4.exe
2016-09-15 11:02 - 2016-05-07 00:50 - 00044144 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpmgrk.sys
2016-09-14 09:22 - 2016-09-02 17:35 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-09-14 09:22 - 2016-09-02 17:21 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-09-14 09:22 - 2016-09-01 21:26 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-09-14 09:22 - 2016-09-01 20:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-09-14 09:22 - 2016-09-01 05:18 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-09-14 09:22 - 2016-09-01 05:08 - 20312064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-09-14 09:22 - 2016-09-01 04:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-09-14 09:22 - 2016-09-01 04:46 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-09-14 09:22 - 2016-09-01 04:46 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-09-14 09:22 - 2016-09-01 04:46 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-09-14 09:22 - 2016-09-01 04:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-09-14 09:22 - 2016-09-01 04:34 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-09-14 09:22 - 2016-09-01 04:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-09-14 09:22 - 2016-09-01 04:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-09-14 09:22 - 2016-09-01 04:26 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-09-14 09:22 - 2016-09-01 04:24 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-09-14 09:22 - 2016-09-01 04:24 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-09-14 09:22 - 2016-09-01 04:23 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-09-14 09:22 - 2016-09-01 04:08 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-09-14 09:22 - 2016-09-01 03:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-09-14 09:22 - 2016-09-01 03:57 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-09-14 09:22 - 2016-09-01 03:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-09-14 09:22 - 2016-09-01 03:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-09-14 09:22 - 2016-09-01 03:48 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-09-14 09:22 - 2016-09-01 03:45 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-09-14 09:22 - 2016-09-01 03:34 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-09-14 09:22 - 2016-09-01 03:30 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-09-14 09:22 - 2016-09-01 03:29 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-09-14 09:22 - 2016-09-01 03:29 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-09-14 09:22 - 2016-09-01 03:27 - 13808128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-09-14 09:22 - 2016-09-01 03:24 - 04607488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-09-14 09:22 - 2016-09-01 02:45 - 25770496 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-09-14 09:22 - 2016-09-01 02:43 - 02445824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-09-14 09:22 - 2016-09-01 02:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-09-14 09:22 - 2016-09-01 02:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-09-14 09:22 - 2016-09-01 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-09-14 09:22 - 2016-09-01 02:38 - 01316352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-09-14 09:22 - 2016-09-01 02:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-09-14 09:22 - 2016-09-01 02:24 - 02894336 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-09-14 09:22 - 2016-09-01 02:24 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-09-14 09:22 - 2016-09-01 02:24 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-09-14 09:22 - 2016-09-01 02:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-09-14 09:22 - 2016-09-01 02:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-09-14 09:22 - 2016-09-01 02:16 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-09-14 09:22 - 2016-09-01 02:15 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-09-14 09:22 - 2016-09-01 02:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-09-14 09:22 - 2016-09-01 02:11 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-09-14 09:22 - 2016-09-01 02:11 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-09-14 09:22 - 2016-09-01 02:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-09-14 09:22 - 2016-09-01 02:10 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-09-14 09:22 - 2016-09-01 02:06 - 06047232 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-09-14 09:22 - 2016-09-01 02:03 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-09-14 09:22 - 2016-09-01 01:59 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-09-14 09:22 - 2016-09-01 01:51 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-09-14 09:22 - 2016-09-01 01:50 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-09-14 09:22 - 2016-09-01 01:47 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-09-14 09:22 - 2016-09-01 01:46 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-09-14 09:22 - 2016-09-01 01:44 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-09-14 09:22 - 2016-09-01 01:42 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-09-14 09:22 - 2016-09-01 01:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-09-14 09:22 - 2016-09-01 01:29 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-09-14 09:22 - 2016-09-01 01:28 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-09-14 09:22 - 2016-09-01 01:27 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-09-14 09:22 - 2016-09-01 01:26 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-09-14 09:22 - 2016-09-01 01:15 - 15411712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-09-14 09:22 - 2016-09-01 01:10 - 02921472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-09-14 09:22 - 2016-09-01 00:58 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-09-14 09:22 - 2016-09-01 00:47 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-09-14 09:22 - 2016-08-12 18:26 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-09-14 09:22 - 2016-08-12 18:26 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-09-14 09:22 - 2016-08-12 18:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-09-14 09:21 - 2016-09-02 17:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-09-14 09:21 - 2016-09-02 17:35 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-09-14 09:21 - 2016-09-02 17:35 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-09-14 09:21 - 2016-09-02 17:35 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-09-14 09:21 - 2016-09-02 17:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:21 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-09-14 09:21 - 2016-09-02 17:18 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:02 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-09-14 09:21 - 2016-09-02 17:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-09-14 09:21 - 2016-09-02 17:02 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-09-14 09:21 - 2016-09-02 17:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-09-14 09:21 - 2016-09-02 16:58 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-09-14 09:21 - 2016-09-02 16:57 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-09-14 09:21 - 2016-09-02 16:55 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-09-14 09:21 - 2016-09-02 16:54 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-09-14 09:21 - 2016-09-02 16:54 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-09-14 09:21 - 2016-09-02 16:53 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-09-14 09:21 - 2016-09-02 16:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-09-14 09:21 - 2016-09-02 16:53 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-09-14 09:21 - 2016-09-02 16:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-09-14 09:21 - 2016-09-02 16:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-09-14 09:21 - 2016-09-02 16:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-09-14 09:21 - 2016-09-02 16:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-09-14 09:21 - 2016-09-02 16:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-09-14 09:21 - 2016-09-02 16:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 16:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 16:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 16:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-09-14 09:21 - 2016-08-16 19:36 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-09-14 09:21 - 2016-08-16 04:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-09-14 09:21 - 2016-08-16 04:35 - 03218432 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-09-14 09:21 - 2016-08-06 17:31 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-09-14 09:21 - 2016-08-06 17:15 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-09-14 09:21 - 2016-07-07 17:36 - 01896168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-09-14 09:21 - 2016-07-07 17:36 - 00377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-09-14 09:21 - 2016-07-07 17:36 - 00287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2016-09-14 09:21 - 2016-07-07 17:08 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2016-09-14 09:21 - 2016-07-01 17:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-09-14 09:21 - 2016-07-01 17:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-09-14 09:21 - 2016-07-01 17:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-09-14 09:21 - 2016-07-01 17:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-09-14 09:21 - 2016-06-06 18:50 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-09-14 09:21 - 2016-06-06 18:50 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-09-14 09:21 - 2016-06-06 18:50 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-09-14 09:21 - 2016-06-06 18:50 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-09-14 09:21 - 2016-06-06 17:23 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-09-14 09:21 - 2016-06-06 17:23 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-09-14 09:21 - 2016-06-06 17:23 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-09-14 09:21 - 2016-06-06 17:23 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-09-13 20:02 - 2016-09-13 20:02 - 30533688 _____ C:\Users\Philip\Downloads\vlc-2.2.4-win32 (1).exe
2016-09-11 23:56 - 2016-09-17 02:09 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-11 23:56 - 2016-09-17 02:09 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-11 23:56 - 2016-09-12 00:14 - 00000000 ____D C:\Users\Philip\AppData\Local\chromium
2016-09-11 23:55 - 2016-09-18 18:06 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-11 23:55 - 2016-09-18 18:02 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-11 23:55 - 2016-09-12 00:01 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-09-11 23:55 - 2016-09-12 00:00 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-09-11 23:54 - 2016-09-18 18:01 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-09-11 15:29 - 2016-09-11 15:29 - 00000000 ____D C:\Users\Philip\AppData\Local\Real
2016-09-11 15:28 - 2016-09-11 15:28 - 00000000 ____D C:\Users\Philip\AppData\Roaming\RealNetworks
2016-09-11 15:28 - 2016-09-11 15:28 - 00000000 ____D C:\ProgramData\RealNetworks
2016-09-11 15:27 - 2016-09-11 15:29 - 00000000 ____D C:\ProgramData\Real
2016-09-11 15:26 - 2016-09-11 15:29 - 00000000 ____D C:\Users\Philip\AppData\Roaming\Real
2016-09-03 12:42 - 2016-01-12 06:40 - 00112032 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-09-03 12:41 - 2015-12-18 08:11 - 00047760 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-09-03 12:41 - 2015-12-18 08:10 - 00090768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-09-02 15:58 - 2016-09-12 18:25 - 00000000 ____D C:\Program Files (x86)\Winamp
2016-09-02 15:39 - 2016-09-02 15:39 - 00000000 ____D C:\Program Files\VB
2016-09-01 13:14 - 2016-09-01 13:14 - 00000000 ____D C:\ProgramData\Webitar Production Inc
2016-08-29 14:34 - 2016-08-29 21:21 - 00000000 ____D C:\Program Files (x86)\ClipboardManager
2016-08-29 14:34 - 2016-08-29 14:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClipboardManager
2016-08-29 12:52 - 2016-08-29 12:52 - 00000000 ____D C:\ProgramData\UniqueId
2016-08-29 12:50 - 2016-09-03 09:55 - 00000000 ____D C:\ProgramData\WinZip
2016-08-27 09:24 - 2015-09-16 08:07 - 00127432 _____ (BigNox Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2016-08-27 09:23 - 2015-09-16 05:29 - 00253384 _____ (BigNox Corporation) C:\Windows\system32\Drivers\XQHDrv.sys
2016-08-27 08:57 - 2016-08-27 08:57 - 00000000 __SHD C:\found.000
2016-08-24 23:03 - 2016-09-01 21:16 - 00000000 ____D C:\Program Files\Unity
2016-08-23 12:28 - 2016-08-28 22:28 - 00000000 ____D C:\Users\Philip\AppData\Roaming\TeamViewer
2016-08-23 11:40 - 2016-08-23 11:40 - 00000000 ____H C:\Users\Philip\Documents\Default.rdp
2016-08-22 21:29 - 2016-08-22 21:29 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2016-08-20 21:29 - 2016-08-30 16:04 - 00000000 ____D C:\Users\Philip\BrawlhallaReplays
2016-08-20 20:57 - 2016-08-20 20:57 - 00000000 ____D C:\Users\Philip\AppData\Roaming\BrawlhallaAir
2016-08-20 20:29 - 2016-08-20 20:29 - 00000222 _____ C:\Users\Philip\Desktop\Brawlhalla.url
2016-08-20 16:04 - 2016-08-20 16:05 - 00000171 _____ C:\Users\Philip\Desktop\Uranium Download Link - Lösch Link.txt
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-09-18 18:23 - 2016-06-12 11:47 - 00000000 _____ C:\Windows\system32\RzSurroundVADAudioDeviceManager_log.txt
2016-09-18 18:10 - 2009-07-14 06:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-18 18:10 - 2009-07-14 06:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-18 18:02 - 2015-08-28 06:23 - 00000000 ____D C:\ProgramData\NVIDIA
2016-09-18 18:02 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-18 18:01 - 2015-08-27 22:56 - 00000997 _____ C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-09-18 17:12 - 2015-09-07 23:46 - 00000000 ____D C:\Users\Philip\Desktop\Tor Browser
2016-09-18 16:29 - 2015-08-29 14:58 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-18 16:28 - 2015-12-25 09:26 - 00000000 ____D C:\Windows\Minidump
2016-09-18 13:58 - 2015-09-04 11:52 - 00000000 ____D C:\Users\Philip\AppData\Local\Adobe
2016-09-18 13:53 - 2016-04-16 21:07 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-09-17 20:16 - 2015-12-14 19:26 - 00000000 ____D C:\Users\Philip\AppData\Roaming\Mozilla
2016-09-17 05:10 - 2016-06-09 19:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-09-16 18:39 - 2015-08-27 23:38 - 00000000 ____D C:\Program Files (x86)\Steam
2016-09-15 23:09 - 2015-08-28 21:42 - 00000000 ____D C:\Users\Philip\AppData\Local\osu!
2016-09-15 22:07 - 2015-08-28 23:01 - 00000000 ____D C:\Users\Philip\AppData\Roaming\TS3Client
2016-09-14 23:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-09-14 22:49 - 2011-04-12 09:43 - 00661538 _____ C:\Windows\system32\perfh007.dat
2016-09-14 22:49 - 2011-04-12 09:43 - 00141550 _____ C:\Windows\system32\perfc007.dat
2016-09-14 22:49 - 2009-07-14 07:13 - 01528932 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-14 22:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-09-14 22:43 - 2009-07-14 06:45 - 00337704 _____ C:\Windows\system32\FNTCACHE.DAT
2016-09-14 22:41 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker
2016-09-14 22:41 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-09-14 20:36 - 2015-08-28 16:34 - 00000000 ____D C:\Windows\system32\MRT
2016-09-14 20:31 - 2015-08-28 16:34 - 144199024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-09-13 20:08 - 2015-09-17 20:39 - 00000000 ____D C:\Users\Philip\AppData\Roaming\vlc
2016-09-12 18:25 - 2016-07-20 15:09 - 00000000 ____D C:\Users\Philip\AppData\Local\Nox
2016-09-12 18:25 - 2015-08-27 22:55 - 00000000 ____D C:\Users\Philip
2016-09-11 23:56 - 2015-08-27 23:03 - 00000000 ____D C:\Program Files (x86)\Google
2016-09-11 23:51 - 2016-06-09 15:33 - 00002794 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-09-11 23:49 - 2016-07-10 10:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2016-09-11 23:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2016-09-06 00:08 - 2016-07-20 15:12 - 00000000 ____D C:\Users\Philip\.android
2016-09-06 00:08 - 2016-07-20 15:11 - 00000000 ____D C:\Users\Philip\vmlogs
2016-09-04 21:04 - 2015-08-30 17:35 - 00000726 _____ C:\Users\Philip\Desktop\Neues Textdokument.txt
2016-09-03 12:42 - 2015-08-28 06:25 - 00000000 ____D C:\Users\Philip\AppData\Local\NVIDIA
2016-09-03 12:42 - 2015-08-28 06:17 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-09-01 13:37 - 2015-11-23 20:39 - 00000000 ____D C:\Users\Philip\Documents\PCSX2
2016-09-01 13:15 - 2016-02-05 21:36 - 00001267 _____ C:\Users\Public\Desktop\Play Euro Truck Simulator 2 Multiplayer.lnk
2016-09-01 13:15 - 2015-11-30 21:59 - 00001177 _____ C:\Users\Public\Desktop\Dragon's Prophet.lnk
2016-08-30 11:54 - 2015-08-28 06:25 - 00000000 ____D C:\ProgramData\Origin
2016-08-30 11:54 - 2015-08-27 22:55 - 00000000 ____D C:\Users\Philip\AppData\Local\VirtualStore
2016-08-30 11:08 - 2015-08-28 06:24 - 00000000 ____D C:\Program Files (x86)\Origin
2016-08-29 12:47 - 2015-11-23 20:45 - 00000000 ____D C:\Users\Philip\AppData\Local\Nico Mak Computing
2016-08-27 09:23 - 2016-07-20 19:04 - 00000000 ____D C:\Users\Philip\Desktop\Nox
2016-08-27 09:23 - 2016-07-20 15:10 - 00000000 ____D C:\Program Files\DIFX
2016-08-25 21:20 - 2016-06-16 11:31 - 00001491 _____ C:\Users\Philip\Desktop\Keys.txt
2016-08-25 16:13 - 2016-03-12 13:24 - 00002166 _____ C:\Users\Philip\Desktop\Discord.lnk
2016-08-25 16:13 - 2016-03-12 13:24 - 00000000 ____D C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2016-08-25 16:13 - 2016-03-12 13:24 - 00000000 ____D C:\Users\Philip\AppData\Roaming\discord
2016-08-25 16:13 - 2016-03-12 13:23 - 00000000 ____D C:\Users\Philip\AppData\Local\Discord
2016-08-20 18:34 - 2016-08-12 22:30 - 00000000 ____D C:\Users\Philip\Desktop\Pokemon Uranium
2016-08-19 18:14 - 2016-01-26 23:08 - 00000000 ____D C:\Users\Philip\Desktop\Sammelstelle
2016-08-19 13:02 - 2015-09-04 11:54 - 00004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-08-31 02:43 - 2016-07-05 20:41 - 0007631 _____ () C:\Users\Philip\AppData\Local\Resmon.ResmonCfg
2016-07-24 19:04 - 2016-07-24 19:04 - 0000016 _____ () C:\ProgramData\mntemp
Einige Dateien in TEMP:
====================
C:\Users\Philip\AppData\Local\Temp\avgnt.exe
C:\Users\Philip\AppData\Local\Temp\libeay32.dll
C:\Users\Philip\AppData\Local\Temp\msvcr120.dll
C:\Users\Philip\AppData\Local\Temp\SpotifyUninstall.exe
C:\Users\Philip\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-09-15 00:06
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-09-2016
durchgeführt von Philip (18-09-2016 18:24:27)
Gestartet von C:\Users\Philip\Downloads
Windows 7 Professional Service Pack 1 (X64) (2015-08-27 20:55:07)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4121084442-288992259-759938091-500 - Administrator - Disabled)
Gast (S-1-5-21-4121084442-288992259-759938091-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4121084442-288992259-759938091-1002 - Limited - Enabled)
Philip (S-1-5-21-4121084442-288992259-759938091-1000 - Administrator - Enabled) => C:\Users\Philip
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7 Days to Die (HKLM\...\Steam App 251570) (Version: - The Fun Pimps)
7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-4121084442-288992259-759938091-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version: - Studio Wildcard)
Arma 3 (HKLM\...\Steam App 107410) (Version: - Bohemia Interactive)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
Assassin's Creed® III (HKLM-x32\...\Steam App 208480) (Version: - Ubisoft Montreal)
Aura Kingdom (HKLM-x32\...\Steam App 268420) (Version: - X-Legend)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.20.59 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{6052a753-acc6-4c02-b5a8-70962ff8e0a4}) (Version: 1.2.69.16114 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{82dc2ab6-088f-4e0a-8e27-bb829481d3bc}) (Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version: - 2K Australia)
Brawlhalla (HKLM\...\Steam App 291550) (Version: - Blue Mammoth Games)
Call of Duty: Black Ops III (HKLM-x32\...\Steam App 311210) (Version: - Treyarch)
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
Chatango Message Catcher (HKLM-x32\...\Chatango) (Version: - )
Cossacks: Back to War (HKLM\...\Steam App 4850) (Version: - GSC Game World)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Crystals of Time (HKLM\...\Steam App 306410) (Version: - RVL Games)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Deponia: The Complete Journey (HKLM\...\Steam App 292910) (Version: - Daedalic Entertainment)
Discord (HKU\S-1-5-21-4121084442-288992259-759938091-1000\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.1.2 - DivX, LLC)
Echo of Soul (HKLM\...\Steam App 290140) (Version: - Nvius)
Epic Games Launcher (HKLM-x32\...\{C34FBCF4-5365-4136-A434-C4E086C9E649}) (Version: 1.1.55.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
Fairy Fencer F (HKLM\...\Steam App 347830) (Version: - Idea Factory)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Ghost in the Shell Stand Alone Complex First Assault Online (HKLM\...\Steam App 369200) (Version: - Neople)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Java 8 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LibreOffice 5.0.2.2 (HKLM-x32\...\{71508AE2-346A-4E56-AE95-DBB8DE692258}) (Version: 5.0.2.2 - The Document Foundation)
Life is Feudal: Your Own (HKLM\...\Steam App 290080) (Version: - Bitbox Ltd.)
Life Is Strange™ (HKLM\...\Steam App 319630) (Version: - DONTNOD Entertainment)
METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM-x32\...\Steam App 287700) (Version: - Konami Digital Entertainment)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
mIRC (HKLM-x32\...\mIRC) (Version: 7.43 - mIRC Co. Ltd.)
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
NARUTO SHIPPUDEN: Ultimate Ninja STORM 3 Full Burst (HKLM-x32\...\Steam App 234670) (Version: - CyberConnect 2)
NARUTO SHIPPUDEN: Ultimate Ninja STORM Revolution (HKLM-x32\...\Steam App 272510) (Version: - CyberConnect2 Co., Ltd.)
Netzmanager (Version: 1.201 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.82 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.82 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{15eb2f2d-51e3-4d74-861d-6ecb8d67a749}) (Version: latest - ppy Pty Ltd)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version: - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.19 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.822 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Riders of Icarus (HKLM\...\Steam App 442080) (Version: - WeMade)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games)
S4 League (HKLM-x32\...\S4 League) (Version: - )
Saints Row: The Third (HKLM\...\Steam App 55230) (Version: - Volition)
Sanctum 2 (HKLM-x32\...\Steam App 210770) (Version: - Coffee Stain Studios)
Sauerbraten (HKLM-x32\...\Sauerbraten) (Version: - )
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Star Defender 4 (HKLM-x32\...\Star Defender 4_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Star Wars: The Force Unleashed II (HKLM-x32\...\Steam App 32500) (Version: - Aspyr Studios)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Tom Clancy's Splinter Cell Blacklist (HKLM-x32\...\Steam App 235600) (Version: - Ubisoft Toronto)
Trove (HKLM-x32\...\Steam App 304050) (Version: - Trion Worlds)
Uplay (HKLM-x32\...\Uplay) (Version: 7.4 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Warface (HKLM\...\Steam App 291480) (Version: - Crytek)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {17937C0B-6587-49B8-95E5-06B766B0A4AB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-01] (Piriform Ltd)
Task: {36CB3D2D-3938-4F3B-8935-151A98F0DB6C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-18] (Adobe Systems Incorporated)
Task: {3D164FAE-063E-4F36-BCDC-F1288127F200} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-11] (Google Inc.)
Task: {71C82F22-CFFF-4034-BF7F-5DC785375BE7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {90EA9818-4ACA-429F-BBF7-6BBF28724254} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-11] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Philip\Desktop\Sauerbraten.lnk -> C:\Program Files (x86)\Sauerbraten\sauerbraten.bat ()
ShortcutWithArgument: C:\Users\Philip\Desktop\Tor Browser\Start Tor Browser.lnk -> C:\Users\Philip\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation) -> "hxxp://tech-connect.biz/?ssid=1472728486&a=1003691&src=sh&uuid=46654931-58a0-45d4-b7d5-736f7c21b767,1472728445683"
ShortcutWithArgument: C:\Users\Public\Desktop\Dragon's Prophet.lnk -> C:\Program Files (x86)\Dragon's Prophet\launcher.exe () -> "hxxp://tech-connect.biz/?ssid=1472728486&a=1003691&src=sh&uuid=46654931-58a0-45d4-b7d5-736f7c21b767,1472728445683"
ShortcutWithArgument: C:\Users\Public\Desktop\Play Euro Truck Simulator 2 Multiplayer.lnk -> C:\Program Files (x86)\Euro Truck Simulator 2 Multiplayer\launcher.exe (ETS2MP Team) -> "hxxp://tech-connect.biz/?ssid=1472728486&a=1003691&src=sh&uuid=46654931-58a0-45d4-b7d5-736f7c21b767,1472728445683"
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-08-28 06:23 - 2015-08-07 02:44 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-09-03 12:42 - 2016-01-12 06:43 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-03-27 21:19 - 2016-03-27 21:19 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2016-07-20 02:10 - 2016-07-20 02:11 - 00187824 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-07-24 19:54 - 2016-06-25 08:52 - 00018432 _____ () C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
2016-06-01 20:15 - 2016-06-01 20:15 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-08-28 06:23 - 2016-01-12 06:43 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-08-29 10:09 - 2016-08-29 10:09 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2016-09-17 02:09 - 2016-09-14 02:38 - 01806152 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libglesv2.dll
2016-09-17 02:09 - 2016-09-14 02:38 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libegl.dll
2016-09-18 13:53 - 2016-09-18 13:53 - 19588800 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2016-09-14 22:43 - 00002024 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com
Da befinden sich 4 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4121084442-288992259-759938091-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Synchronizer => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Philip\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Chatango => C:\Program Files (x86)\Chatango\Chatango.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Philip\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Philip\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{1FDFD353-DB95-424E-BD39-D1B3F3C51093}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{EB1882BA-AB47-469E-949C-AEA85B50E1EC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{38812632-1CDF-4714-8530-F439F89DDB46}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{63AD4D90-F7DC-4FA9-B7C0-BEA545F5A186}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{64830CE0-6278-4023-AEC0-F5EFBB732124}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{F1017A8C-F000-42D2-8EDD-7CAA17A0E423}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3AF8D9A9-EFD5-4DD4-9F0A-0EC07DFC3DB9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{46457780-E5CA-4021-81D8-9287C19C5A04}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CBF8DA71-277A-49E4-B044-2B3511972661}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DF69578B-EE38-4362-98ED-C6E57CCE0D4F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2804E1B8-3FAC-4A2B-B4E3-05FEEE6EF4C3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{51898237-2680-4E2C-A0B0-6D4A3D70FE3B}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [{FD622B8D-728F-4EA8-B985-8BEA5F6F4E49}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [{6FBFC44D-53A6-48C7-9273-A8944C5960E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{2EDB23A8-30E1-431D-B323-AED07DD0A273}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{1F384DCF-16EC-4C43-BF98-512BF4740D5C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{46BA1C88-D8EC-45B6-BE35-83FE48EA5C73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{4D58504E-0BAC-423F-9B18-EFB06AD6657F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{46CD2CD8-5B0A-467B-BDA4-027588DB02DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{0C40983F-0AB3-41A9-8468-EBF5974975CC}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{08EF928C-C2AB-44CF-9E01-BD0988077B03}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{4AEF111F-6B98-48DB-850D-53422EEB844E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9E22EF4C-B998-4318-8762-574D04631EC2}] => (Block) %ProgramFiles%\TeamSpeak 3 Client\ts3client_win64.exe
FirewallRules: [{5222AA72-1D7A-4693-B7B1-674D18335852}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{B56660D6-446F-4862-8A3B-332287DF6902}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{092834C5-AD37-4F0B-8B3D-FBC6AA774FE1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{9BB8FAE7-2375-4518-9C6F-C558C67C3CE3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{13149D2F-96E1-4CD5-A5E0-927928D8A963}] => (Block) %USERPROFILE%\Desktop\Tor Browser\Browser\firefox.exe
FirewallRules: [{297DD556-E9E7-4290-8E42-C04DF04F4475}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{64D432DC-CE90-445C-9F9A-50A98E57F6A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{058B55BF-C53C-4AF2-9246-53E3D0FEE76C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst\NS3FB_launcher.exe
FirewallRules: [{A86D820E-1BDC-4A18-9059-8FAAFBE83A4E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst\NS3FB_launcher.exe
FirewallRules: [{B1034079-DB64-45D0-BFD3-BF2A41389460}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{9923AE53-9398-40EB-8A3A-75E51699DAA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{DA6066D9-65B4-42B7-BAE8-63F79ACD1F01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{29F175BC-0902-4EC2-A1FD-411F189F42EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [TCP Query User{F7BC919B-983C-4E8E-9C6A-949EC462DE45}C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{1EFC927B-F015-4BC9-93B0-BFC28B1D7D63}C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{0271708C-CD43-4261-A31B-B8C62DB47864}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sanctum2\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{C1C6486E-85DD-472A-99D6-DDC0DF7C15B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sanctum2\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{3C917DBB-0F72-464C-B9F8-E6DA706F84FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed 3\AC3SP.exe
FirewallRules: [{DDB64B8D-F563-4579-A742-95ED72FA8935}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed 3\AC3SP.exe
FirewallRules: [{37448111-DE2F-4381-ADA9-A3C3E0FE94CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Splinter Cell Blacklist\Blacklist_Launcher.exe
FirewallRules: [{6650B79B-5444-4516-9181-D67BEC1F8133}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Splinter Cell Blacklist\Blacklist_Launcher.exe
FirewallRules: [{39BB52BF-5799-4359-9966-001972D2A099}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{FACD69A7-E1AB-456E-B123-1CB0394A1023}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{CDFD58E3-EA29-4455-93A2-5E33F23CC069}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{FD73FD7A-7ADF-4229-AA9D-648046E83090}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{BBB45A82-8728-42EF-853F-0D7A628A8EAF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\gu.exe
FirewallRules: [{08DD4417-CBC0-4147-AE09-867CEB793A62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\gu.exe
FirewallRules: [{B74D0C64-41C0-4484-8582-49D074DD0AEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{16748C60-8A6B-45B5-86F6-38F16737F739}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{9DD8C337-D365-4CF0-AFFB-C4A2D7B09E22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{0C043B48-6B70-4585-BC04-88402EEBDC07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{FD66B1C9-ACF9-43A6-A1CB-D402D4E121B1}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{155C090C-9933-4F3C-8151-A711569DA30A}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{0F27AAE6-8B32-4C12-8CF2-50B0AB0F81D4}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [{38432C91-9C82-4C56-888C-B425FBC8F2C3}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [TCP Query User{C1D7AB77-B398-4A75-B4FE-4DABDB899AF1}C:\program files (x86)\dragon's prophet\launcher.exe] => (Allow) C:\program files (x86)\dragon's prophet\launcher.exe
FirewallRules: [UDP Query User{B2338360-B006-4876-9CB7-0CB0DBEEF69E}C:\program files (x86)\dragon's prophet\launcher.exe] => (Allow) C:\program files (x86)\dragon's prophet\launcher.exe
FirewallRules: [TCP Query User{C30A60F7-8B0A-4733-A506-7C546EAF2724}C:\program files (x86)\dragon's prophet\dp_x64.exe] => (Allow) C:\program files (x86)\dragon's prophet\dp_x64.exe
FirewallRules: [UDP Query User{664D32F4-272A-4F04-A7DC-4B93127850DB}C:\program files (x86)\dragon's prophet\dp_x64.exe] => (Allow) C:\program files (x86)\dragon's prophet\dp_x64.exe
FirewallRules: [{3CB58306-E6E1-42B9-A54A-DE9C14C6AC0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{B5DF0070-13D1-4C98-BAB8-72430B1821A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [TCP Query User{E253C01D-20E4-4D4A-BC5C-212021361F87}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [UDP Query User{49EB3DC4-487B-4DDE-B452-448324977598}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [{0E26DC39-AA1A-4500-87A2-ED5B4D22E708}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{D53BEEEA-43F3-48E1-A4AF-D1F0CD71EC72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{959C5A7F-4650-4053-A8B0-87D638BA8F54}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{D63A9C68-F8B5-47A2-9B95-4879F8415371}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{53C5812B-C3B7-4CB1-84C7-4F3FDA8FA81C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Wars The Force Unleashed 2\SWTFU2.exe
FirewallRules: [{C6175968-2326-45AD-A00F-607E73116DAD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Wars The Force Unleashed 2\SWTFU2.exe
FirewallRules: [TCP Query User{D480B061-EEEF-42AF-971B-215F96C61BD0}C:\users\philip\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\philip\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{43E0CD6F-D012-48B9-A872-878C21E7A1A5}C:\users\philip\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\philip\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{E53283B4-9283-4232-B698-060DEE66535B}C:\users\philip\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\philip\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{7BE66241-3457-43F4-A115-882A0C49251C}C:\users\philip\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\philip\appdata\local\akamai\netsession_win.exe
FirewallRules: [{B10BE1A0-7233-4C30-91C2-E0509FDC1176}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{DC052E56-F66F-41E5-96B3-4FAB3CE27F0D}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [TCP Query User{B849702B-6943-4A9C-BBB5-89AE278B77E2}C:\program files (x86)\dragon's prophet\launcher.exe] => (Allow) C:\program files (x86)\dragon's prophet\launcher.exe
FirewallRules: [UDP Query User{69831827-B222-4171-BC3B-02D35102C8EC}C:\program files (x86)\dragon's prophet\launcher.exe] => (Allow) C:\program files (x86)\dragon's prophet\launcher.exe
FirewallRules: [TCP Query User{1A960530-0255-4529-B6A2-38E0917F52CA}C:\users\philip\desktop\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\philip\desktop\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{EC653305-BA56-400C-B826-7FCEB205BE33}C:\users\philip\desktop\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\philip\desktop\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{D153DA44-AED3-4FAA-9315-6D2EF6A729F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aura Kingdom\Launcher.exe
FirewallRules: [{548D119A-4A78-46B7-B551-FEDA664C1088}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aura Kingdom\Launcher.exe
FirewallRules: [{60463A6F-5D8D-40AE-AB6F-7CEDF778E310}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aura Kingdom\game.bin
FirewallRules: [{5617CE86-9C74-406F-9499-A774F4A163B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aura Kingdom\game.bin
FirewallRules: [{24BBD3EB-E6C2-4DDC-9068-8D25BF7A1D32}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Echo of Soul\EOSLauncher.exe
FirewallRules: [{771B3473-B565-4DC3-885F-D6CD9188206A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Echo of Soul\EOSLauncher.exe
FirewallRules: [{50DA3916-B928-432C-B67A-B84349C6C46D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deponia The Complete Journey\deponia.exe
FirewallRules: [{330C87CD-47EA-42DB-8394-FEE2D096EA1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deponia The Complete Journey\deponia.exe
FirewallRules: [{6E22B5BC-3D25-4D42-84C5-891917FA340B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deponia The Complete Journey\VisionaireConfigurationTool.exe
FirewallRules: [{8F16713B-7AAC-4830-BD6B-A4788CE7A1DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deponia The Complete Journey\VisionaireConfigurationTool.exe
FirewallRules: [{275D274B-16F8-4150-B82E-7AFE3044FAD1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed 3\AC3MP.exe
FirewallRules: [{A2D58140-8FEB-4BBD-8BDB-7588E797DEA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed 3\AC3MP.exe
FirewallRules: [{45BB9186-2699-45CD-893B-BB8B497B99BF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3ECB58C9-691E-4ED5-8949-A659391D4404}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A3BD4008-8F17-4064-85CF-9B433A0BFD8F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{8456E756-099A-4791-B073-7FA5C0E59B51}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{1083B8C8-BA93-4ED9-999F-907AB98F6BD0}C:\program files\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\javaw.exe
FirewallRules: [UDP Query User{7B9FE7AE-AF7F-485E-B477-4BE13DCCBFA6}C:\program files\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\javaw.exe
FirewallRules: [TCP Query User{14E6410F-0C62-45D2-974E-CAF229AD3A34}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{992FB12E-5132-4BA9-9672-2ED7B6BA9428}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{7F696382-6BD1-4439-9B72-70D42C6FA7DB}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{1EA5DAC5-2AE0-4AFB-AC1D-4352614E92E3}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{490E1FF4-50D6-48EB-A25C-6131B40C2FCD}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{1D4AFD8B-1441-4F08-B70D-38F34DEA94B0}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{2D26D25F-83CF-4ABF-86E9-3BB04347ECE5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{384CA9E3-4DBE-4AD0-8639-143B377827E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{D0488983-66B6-4052-8FD5-885078CE26DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{73F7A57C-62BE-4569-BDEF-D4B5E46E60C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{92E7FB37-47B0-4C9C-8583-CC434B80C6C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{7DA7C2AA-14FE-4E89-930B-F906B8E2C1E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{EC3B2F4E-2379-4A33-B9AC-68CB7D30A0BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crystals of Time\Crystals of Time.exe
FirewallRules: [{D0364108-4134-4818-AD56-EB33BFECBF1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crystals of Time\Crystals of Time.exe
FirewallRules: [{ABF69EF0-EA0F-48F9-95E3-CA5FD2BCF4EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{12EBA18D-8AF1-495F-83B0-E1072534BC3B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{CF5BFCA0-4ED9-42D4-AE16-5D4A6BE2A046}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\csbtw.exe
FirewallRules: [{07064308-7E0B-41DD-AB98-C950E310A56F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\csbtw.exe
FirewallRules: [{DECFF5AE-B59B-48DE-8613-5BC637392645}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\HView.exe
FirewallRules: [{37C5E968-1654-4C8E-935F-2002AA2245F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\HView.exe
FirewallRules: [{83DC5781-9982-4BEA-B624-0DF580E58F40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\ScenarioEditor.exe
FirewallRules: [{031FCDBF-22BE-4297-B1C3-AADA265DD723}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\ScenarioEditor.exe
FirewallRules: [{C466B301-2373-43C3-9F4C-AD41D5AA2C72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\cshlp.exe
FirewallRules: [{5A647387-1AB8-4065-83FD-86DE2D39C366}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\cshlp.exe
FirewallRules: [{89F930C7-3F59-447A-A61C-F1D2550372E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{F9DADF7D-D962-4B4D-8FA2-F3FAE02FCD7B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{35B3915F-333E-4210-8A38-C4751C09081A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life is Feudal Your Own\yo_cm_client.exe
FirewallRules: [{8566A02C-FDA3-4DF9-BFE6-1E40FE8F1316}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life is Feudal Your Own\yo_cm_client.exe
FirewallRules: [{4E26DFBA-5D32-44C7-9503-908DFB9B2452}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\firstassault\Shipping\GAME.exe
FirewallRules: [{C18243DE-0AD3-44F0-BCBD-B80D4B9EDFDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\firstassault\Shipping\GAME.exe
FirewallRules: [TCP Query User{983BBAE4-F68D-4BA5-9F8B-8CE8C1812CF5}C:\program files (x86)\neverwinter_de\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\neverwinter_de\neverwinter\live\gameclient.exe
FirewallRules: [UDP Query User{BB650065-1A41-4BC7-9A34-AEF38B6606BF}C:\program files (x86)\neverwinter_de\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\neverwinter_de\neverwinter\live\gameclient.exe
FirewallRules: [{91073044-DCE5-4622-94C9-879C23F017C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fairy Fencer F\FairyFencer.exe
FirewallRules: [{3F50690D-B5D0-47A1-87F0-DE5F9D958D64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fairy Fencer F\FairyFencer.exe
FirewallRules: [{FC7A729A-4D3F-4172-9FBC-169726F4B1F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{745B987A-736A-4076-B434-F10404F0E4C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{B6C5C0F6-EEBF-41B3-97FE-2EE05006020F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{A860739D-2D99-4BA3-BA4B-E5DBD8544850}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{08EAD17A-C8F1-4798-A830-8E96DED99B15}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{A2034420-0281-43F9-A373-E20EA192FE90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{3F2B3038-57C9-4C89-B394-CBAC2D7709BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{B1A3DE32-7C31-48DA-85F3-E1153DE3E4FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{A412A5A9-FE31-4045-8598-450A4325A235}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{F0193371-06B8-439D-B2AA-58D14957F260}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{3112B373-708E-4763-9F4C-4D7422967D24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\dmcr.exe
FirewallRules: [{8E4B95C5-455D-4A89-8EA6-FD285B99AAA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\dmcr.exe
FirewallRules: [{5C94A499-E44D-4961-BB6D-F53EE7A611AA}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{E64FAC19-35FF-4FB6-8F40-EBB3CECFA021}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{C1672358-8461-4805-98F2-9B47F3D3EEDD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Riders of Icarus\Bin32\nxsteam.exe
FirewallRules: [{5B5B245A-374E-4BC9-842D-3829224875E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Riders of Icarus\Bin32\nxsteam.exe
FirewallRules: [TCP Query User{0CD3041E-3DDF-4082-A029-032908831161}C:\program files (x86)\steam\steamapps\common\riders of icarus\bin32\launcher32.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\riders of icarus\bin32\launcher32.exe
FirewallRules: [UDP Query User{75178641-3017-4414-89F6-0E84755E082D}C:\program files (x86)\steam\steamapps\common\riders of icarus\bin32\launcher32.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\riders of icarus\bin32\launcher32.exe
FirewallRules: [TCP Query User{98EDC6B9-9EB7-4501-91A7-C6EDEAB94CDA}C:\program files (x86)\steam\steamapps\common\riders of icarus\bin64\launcher.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\riders of icarus\bin64\launcher.exe
FirewallRules: [UDP Query User{A1E979F8-9097-4AF7-9459-2745D215331C}C:\program files (x86)\steam\steamapps\common\riders of icarus\bin64\launcher.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\riders of icarus\bin64\launcher.exe
FirewallRules: [{D15278CA-DD5B-44F8-8F7C-417279107A0F}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{F5B10DF9-9E2B-4BD5-81E3-F5E363FA0F35}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{6DC1F1E3-40D0-40BA-B83E-19A0C04582FB}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
FirewallRules: [{90FFB6C1-7126-4290-ACCD-C6E8343AE034}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
FirewallRules: [TCP Query User{C62204E2-9099-4D79-B9F9-E3DF89B59840}C:\users\philip\desktop\cheat engine\cheat engine 6.5.1\cheatengine-x86_64.exe] => (Block) C:\users\philip\desktop\cheat engine\cheat engine 6.5.1\cheatengine-x86_64.exe
FirewallRules: [UDP Query User{0E9975A0-C91F-499D-9649-8F1F5FB767CB}C:\users\philip\desktop\cheat engine\cheat engine 6.5.1\cheatengine-x86_64.exe] => (Block) C:\users\philip\desktop\cheat engine\cheat engine 6.5.1\cheatengine-x86_64.exe
FirewallRules: [{426A4A15-26C8-4B35-B493-166ED8E4BA53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{67D0D46A-7DCF-42CD-A98F-CFBEAA151E2D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{866B115F-E66B-4337-9E59-795F7F879025}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{A82EC7E6-7F53-4ECE-AE00-67E4F3E93679}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [TCP Query User{06B197DA-27F1-4DBE-AA3E-2A5467988AD8}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{DFFD2C83-1261-4E38-93BB-7BD961EB25FE}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{2755F3AD-8713-47E9-8BED-16F68E1D9E8D}] => (Allow) C:\Users\Philip\Desktop\Nox\Nox\bin\Nox.exe
FirewallRules: [{A499D3CE-6802-4E52-96EB-7614D9258704}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\firstassault\Shipping\nxsteam.exe
FirewallRules: [{072F56F3-75D6-4E61-B80D-9FF2F02803AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\firstassault\Shipping\nxsteam.exe
FirewallRules: [{A5B1ABAD-C66B-427D-9C90-1071ACE66497}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{83A374FA-0895-43B2-9BA6-4703B54C9FFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [TCP Query User{13487E11-94CA-474E-9DBE-325B2E0B7ED4}C:\users\philip\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\philip\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{DC589DCA-5085-4450-9E40-5EE7AE571125}C:\users\philip\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\philip\appdata\roaming\spotify\spotify.exe
FirewallRules: [{3B22D71D-6120-487A-BE78-2AED19395886}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{C75FC7E7-B01F-49F2-8EAB-A422AA918652}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{D4CC247C-F13A-4A99-BECA-6957B4CC9DCF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{6480F938-5D6F-4D3B-9D20-FE23D914DF77}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{2D4E94A4-6A57-4294-8812-F43626BCC733}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BE0F92E8-52D2-425F-B4DF-8FDE7E9C4250}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B2B7E2E3-4656-4616-A75A-E259214BF05D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Wiederherstellungspunkte =========================
18-09-2016 16:26:29 Malwarebytes Anti-Rootkit Restore Point
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/18/2016 06:03:11 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Users\Philip\AppData\Local\chromium\Application\chrome.exe".
Die abhängige Assemblierung "51.0.2683.0,language="*",type="win32",version="51.0.2683.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (09/18/2016 06:03:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (09/18/2016 04:41:00 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Users\Philip\AppData\Local\chromium\Application\chrome.exe".
Die abhängige Assemblierung "51.0.2683.0,language="*",type="win32",version="51.0.2683.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (09/18/2016 04:40:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (09/18/2016 04:29:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (09/14/2016 10:44:36 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Users\Philip\AppData\Local\chromium\Application\chrome.exe".
Die abhängige Assemblierung "51.0.2683.0,language="*",type="win32",version="51.0.2683.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (09/14/2016 10:44:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (09/12/2016 12:11:55 AM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!
Error: (09/12/2016 12:11:33 AM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!
Error: (09/12/2016 12:10:54 AM) (Source: Avira Antivirus) (EventID: 4117) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!
Systemfehler:
=============
Error: (09/18/2016 06:03:07 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (09/18/2016 06:01:30 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (09/18/2016 06:01:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/18/2016 06:01:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/18/2016 06:00:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/18/2016 06:00:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "RzSurroundVADStreamingService" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/18/2016 06:00:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "RemoteMouseService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/18/2016 06:00:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Razer Game Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/18/2016 06:00:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/18/2016 06:00:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3-4160 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 42%
Installierter physikalischer RAM: 8143.27 MB
Verfügbarer physikalischer RAM: 4652.28 MB
Summe virtueller Speicher: 16284.71 MB
Verfügbarer virtueller Speicher: 12015.1 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:1862.79 GB) (Free:1032.94 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
19.09.2016, 09:51
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Win7, Pop-up Probleme bei ChromeZitat:
 Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
19.09.2016, 15:40
| #3 |
| | Win7, Pop-up Probleme bei Chrome AdwCleaner[C0]
__________________Code:
ATTFilter # AdwCleaner v6.020 - Bericht erstellt am 18/09/2016 um 18:01:23
# Aktualisiert am 14/09/2016 von ToolsLib
# Datenbank : 2016-09-17.1 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X64)
# Benutzername : Philip - PHILIP-PC
# Gestartet von : C:\Users\Philip\Downloads\AdwCleaner_6.020.exe
# Modus: Löschen
# Unterstützung : https://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner gelöscht: C:\Users\Philip\AppData\Local\DriverToolkit
[-] Ordner gelöscht: C:\Users\Philip\AppData\Local\PackageAware
[-] Ordner gelöscht: C:\Users\Philip\AppData\LocalLow\Browser-Security
[-] Ordner gelöscht: C:\Users\Philip\AppData\Roaming\Browser-Security
[-] Ordner gelöscht: C:\Program Files\ByteFence
[-] Ordner gelöscht: C:\Program Files (x86)\DriverToolkit
***** [ Dateien ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
[-] Verknüpfung desinfiziert: C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[-] Verknüpfung desinfiziert: C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
[-] Verknüpfung desinfiziert: C:\Users\Philip\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[-] Verknüpfung desinfiziert: C:\Users\Philip\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{E6E66045-E911-4C01-961D-42487CE12089}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E6E66045-E911-4C01-961D-42487CE12089}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E6E66045-E911-4C01-961D-42487CE12089}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E6E66045-E911-4C01-961D-42487CE12089}
[-] Schlüssel gelöscht: HKU\S-1-5-21-4121084442-288992259-759938091-1000\Software\DriverToolkit
[-] Schlüssel gelöscht: HKU\S-1-5-21-4121084442-288992259-759938091-1000\Software\PRODUCTSETUP
[-] Schlüssel gelöscht: HKU\S-1-5-21-4121084442-288992259-759938091-1000\Software\SecuredDownload
[-] Schlüssel gelöscht: HKU\S-1-5-21-4121084442-288992259-759938091-1000\Software\csastats
[-] Schlüssel gelöscht: HKU\S-1-5-21-4121084442-288992259-759938091-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\DriverToolkit
[-] Schlüssel gelöscht: HKU\S-1-5-21-4121084442-288992259-759938091-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\PRODUCTSETUP
[-] Schlüssel gelöscht: HKU\S-1-5-21-4121084442-288992259-759938091-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\SecuredDownload
[-] Schlüssel gelöscht: HKU\S-1-5-21-4121084442-288992259-759938091-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\csastats
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\DriverToolkit
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\PRODUCTSETUP
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\SecuredDownload
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\csastats
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Browser-Security
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\DriverToolkit
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\PRODUCTSETUP
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\SecuredDownload
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\csastats
[-] Daten wiederhergestellt: HKU\S-1-5-21-4121084442-288992259-759938091-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt: HKU\S-1-5-21-4121084442-288992259-759938091-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Schlüssel gelöscht: HKU\S-1-5-21-4121084442-288992259-759938091-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Daten wiederhergestellt: HKU\S-1-5-21-4121084442-288992259-759938091-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Schlüssel gelöscht: HKU\S-1-5-21-4121084442-288992259-759938091-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Daten wiederhergestellt: HKU\S-1-5-21-4121084442-288992259-759938091-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Daten wiederhergestellt: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Daten wiederhergestellt: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}
[-] Wert gelöscht: HKU\S-1-5-21-4121084442-288992259-759938091-1000\Software\Microsoft\Windows\CurrentVersion\Run [safe_urls768]
[-] Wert gelöscht: HKU\S-1-5-21-4121084442-288992259-759938091-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Run [safe_urls768]
[#] Wert mit Neustart gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [safe_urls768]
[#] Wert mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Run [safe_urls768]
***** [ Browser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [7332 Bytes] - [18/09/2016 18:01:23]
C:\AdwCleaner\AdwCleaner[S0].txt - [8519 Bytes] - [18/09/2016 17:56:43]
C:\AdwCleaner\AdwCleaner[S1].txt - [8592 Bytes] - [18/09/2016 17:59:43]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [7551 Bytes] ##########
Code:
ATTFilter 18:39:31.0117 0x11cc TDSS rootkit removing tool 3.1.0.11 Aug 5 2016 12:13:31
18:39:31.0117 0x11cc UEFI system
18:39:36.0366 0x11cc ============================================================
18:39:36.0366 0x11cc Current date / time: 2016/09/18 18:39:36.0366
18:39:36.0366 0x11cc SystemInfo:
18:39:36.0366 0x11cc
18:39:36.0366 0x11cc OS Version: 6.1.7601 ServicePack: 1.0
18:39:36.0366 0x11cc Product type: Workstation
18:39:36.0366 0x11cc ComputerName: PHILIP-PC
18:39:36.0366 0x11cc UserName: Philip
18:39:36.0366 0x11cc Windows directory: C:\Windows
18:39:36.0366 0x11cc System windows directory: C:\Windows
18:39:36.0366 0x11cc Running under WOW64
18:39:36.0366 0x11cc Processor architecture: Intel x64
18:39:36.0366 0x11cc Number of processors: 4
18:39:36.0366 0x11cc Page size: 0x1000
18:39:36.0366 0x11cc Boot type: Normal boot
18:39:36.0366 0x11cc CodeIntegrityOptions = 0x00000001
18:39:36.0366 0x11cc ============================================================
18:39:38.0081 0x11cc KLMD registered as C:\Windows\system32\drivers\19412894.sys
18:39:38.0081 0x11cc KLMD ARK init status: drvProperties = 0x7FF00, osBuild = 7601.23539, osProperties = 0x1
18:39:38.0429 0x11cc System UUID: {A80C7592-4EF2-A18A-3F52-0592F103574E}
18:39:39.0056 0x11cc Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:39:39.0066 0x11cc ============================================================
18:39:39.0066 0x11cc \Device\Harddisk0\DR0:
18:39:39.0066 0x11cc GPT partitions:
18:39:39.0067 0x11cc \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {4B4086E6-7604-4920-9D79-2B3370FE82AC}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
18:39:39.0067 0x11cc \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {CEAC66ED-7797-4F49-A693-703B49C1147E}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
18:39:39.0067 0x11cc \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {58D6C16B-09AF-462C-959D-BE17E7F8EC7E}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0xE8D96000
18:39:39.0067 0x11cc MBR partitions:
18:39:39.0067 0x11cc ============================================================
18:39:39.0084 0x11cc C: <-> \Device\Harddisk0\DR0\Partition3
18:39:39.0084 0x11cc ============================================================
18:39:39.0084 0x11cc Initialize success
18:39:39.0084 0x11cc ============================================================
18:40:03.0724 0x0a38 ============================================================
18:40:03.0724 0x0a38 Scan started
18:40:03.0724 0x0a38 Mode: Manual; SigCheck; TDLFS;
18:40:03.0724 0x0a38 ============================================================
18:40:03.0724 0x0a38 KSN ping started
18:40:03.0825 0x0a38 KSN ping finished: true
18:40:04.0971 0x0a38 ================ Scan system memory ========================
18:40:04.0971 0x0a38 System memory - ok
18:40:04.0971 0x0a38 ================ Scan services =============================
18:40:05.0068 0x0a38 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:40:05.0106 0x0a38 1394ohci - ok
18:40:05.0142 0x0a38 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:40:05.0155 0x0a38 ACPI - ok
18:40:05.0168 0x0a38 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:40:05.0186 0x0a38 AcpiPmi - ok
18:40:05.0305 0x0a38 [ 68E7DEA59FDEF410BAF29FDB5B7A6EEF, B808FCF0C30B465A1330E47947B84FC722A3B4C46260E261C54B1EED725A288F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:40:05.0315 0x0a38 AdobeARMservice - ok
18:40:05.0412 0x0a38 [ 8FC33A20D54FB5CC7FBBA814B4E42A22, 707F61F0CEB9467D9BD1782868403BD53DB46EAB0342772661F370E5174AAD8C ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:40:05.0422 0x0a38 AdobeFlashPlayerUpdateSvc - ok
18:40:05.0448 0x0a38 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:40:05.0461 0x0a38 adp94xx - ok
18:40:05.0474 0x0a38 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:40:05.0486 0x0a38 adpahci - ok
18:40:05.0496 0x0a38 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:40:05.0505 0x0a38 adpu320 - ok
18:40:05.0546 0x0a38 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:40:05.0558 0x0a38 AeLookupSvc - ok
18:40:05.0614 0x0a38 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
18:40:05.0629 0x0a38 AFD - ok
18:40:05.0637 0x0a38 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
18:40:05.0645 0x0a38 agp440 - ok
18:40:05.0784 0x0a38 [ E20C1118524DF19945BCD83A3843E8CF, 90C87096E9E2595DAA503CFD9C24D7D8F9CB2D567ACAB06FBF5527C8A6059409 ] AGSService C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
18:40:05.0830 0x0a38 AGSService - ok
18:40:05.0845 0x0a38 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
18:40:05.0856 0x0a38 ALG - ok
18:40:05.0885 0x0a38 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
18:40:05.0891 0x0a38 aliide - ok
18:40:05.0901 0x0a38 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
18:40:05.0906 0x0a38 amdide - ok
18:40:05.0916 0x0a38 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:40:05.0923 0x0a38 AmdK8 - ok
18:40:05.0938 0x0a38 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
18:40:05.0945 0x0a38 AmdPPM - ok
18:40:05.0985 0x0a38 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:40:05.0992 0x0a38 amdsata - ok
18:40:06.0006 0x0a38 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
18:40:06.0018 0x0a38 amdsbs - ok
18:40:06.0028 0x0a38 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:40:06.0034 0x0a38 amdxata - ok
18:40:06.0138 0x0a38 [ 70EE2EA42E9F20B794C4804454F1A37A, 49B615BF138E2C5AFF04EFDF7928D49117DF41DCD48922683E4D3D3FD0DF9A04 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
18:40:06.0175 0x0a38 AntiVirMailService - ok
18:40:06.0227 0x0a38 [ 9E6642340CC7C685E07981F0B43B661A, A6CC970817B616CB4BBF37089DC687567EABC2DC326CBACBF1E370AC98E5D65A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
18:40:06.0241 0x0a38 AntiVirSchedulerService - ok
18:40:06.0280 0x0a38 [ 9E6642340CC7C685E07981F0B43B661A, A6CC970817B616CB4BBF37089DC687567EABC2DC326CBACBF1E370AC98E5D65A ] AntiVirService C:\Program Files (x86)\Avira\Antivirus\avguard.exe
18:40:06.0291 0x0a38 AntiVirService - ok
18:40:06.0325 0x0a38 [ 96812A05A4C39CC55CF0CD286C3D6B8F, 18F38ACB3E87EFFD9B3A1126B0C4FF6CE3A6F327E01A6FC8AB2DCFFE9BF58953 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
18:40:06.0361 0x0a38 AntiVirWebService - ok
18:40:06.0499 0x0a38 [ 52F8C264D3BF90D2726FDE6642A381D4, 3780CCB0E4B89CAD818C887D65677EAB30F5ACC91FC1E6D0818F792A8D731137 ] AppID C:\Windows\system32\drivers\appid.sys
18:40:06.0506 0x0a38 AppID - ok
18:40:06.0572 0x0a38 [ 2C49C5C911D1BE2A815BC183C0B2FED1, DDF299E05626E40417C135571F7ED78FB8BC4DD78907980316A6A277D0096074 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:40:06.0580 0x0a38 AppIDSvc - ok
18:40:06.0616 0x0a38 [ B46099A534B7989D80330EA82D9092D6, 0CAC09732FAFAE805E55428B6BE001DCC39EBC599539FADE7AA68571A8A554E5 ] Appinfo C:\Windows\System32\appinfo.dll
18:40:06.0625 0x0a38 Appinfo - ok
18:40:06.0657 0x0a38 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
18:40:06.0674 0x0a38 AppMgmt - ok
18:40:06.0695 0x0a38 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
18:40:06.0703 0x0a38 arc - ok
18:40:06.0714 0x0a38 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:40:06.0723 0x0a38 arcsas - ok
18:40:06.0830 0x0a38 [ FB9D84743CAF1B4E98E46FD1FDBBA576, 050992F62D5BAA88FB9A655DAEF37AE7A4150993EAF62D2770F09D60F613A187 ] ArcService C:\Program Files (x86)\Arc\ArcService.exe
18:40:06.0836 0x0a38 ArcService - ok
18:40:06.0931 0x0a38 [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:40:06.0942 0x0a38 aspnet_state - ok
18:40:06.0955 0x0a38 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:40:06.0975 0x0a38 AsyncMac - ok
18:40:07.0012 0x0a38 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
18:40:07.0020 0x0a38 atapi - ok
18:40:07.0089 0x0a38 [ 36322190763845975E0D001E90687BF2, EA3DB2D112015CA5C744C5A84CDEFF6D02CE7D0E7E6E141AE3E527C2FAB5600E ] athur C:\Windows\system32\DRIVERS\athurx.sys
18:40:07.0125 0x0a38 athur - ok
18:40:07.0168 0x0a38 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:40:07.0188 0x0a38 AudioEndpointBuilder - ok
18:40:07.0200 0x0a38 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:40:07.0215 0x0a38 AudioSrv - ok
18:40:07.0264 0x0a38 [ E0304A40460FFFB14F3B067660518B9E, 68885E98ABBE72DC5EA9EEA30D1499B8E97E0963A0F19830C1F2D22689288AD4 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
18:40:07.0274 0x0a38 avgntflt - ok
18:40:07.0309 0x0a38 [ DBEFDCF8A5258A483B672EB9825E5F7F, B36CFC6FD723F43622EDB97157A0CA00494EF0C47D345DF7356B5C17B3D83513 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
18:40:07.0317 0x0a38 avipbb - ok
18:40:07.0389 0x0a38 [ A177265C1777ABE56B22D921F91DDC38, D4E9C5BFC65063EDA015723058805B03C51F5B7456B404A4548CEC8DF6A3F7B7 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
18:40:07.0402 0x0a38 Avira.ServiceHost - ok
18:40:07.0433 0x0a38 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
18:40:07.0439 0x0a38 avkmgr - ok
18:40:07.0470 0x0a38 [ 138A53D17B040F5A3A307D44A89D0905, AD212E430F2DE43F037BECF6A46FCD53270A5EE11427030C7D5CBC3EAAAAA029 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
18:40:07.0482 0x0a38 avnetflt - ok
18:40:07.0515 0x0a38 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:40:07.0530 0x0a38 AxInstSV - ok
18:40:07.0565 0x0a38 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
18:40:07.0579 0x0a38 b06bdrv - ok
18:40:07.0591 0x0a38 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:40:07.0604 0x0a38 b57nd60a - ok
18:40:07.0608 0x0a38 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
18:40:07.0617 0x0a38 BDESVC - ok
18:40:07.0626 0x0a38 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
18:40:07.0650 0x0a38 Beep - ok
18:40:07.0729 0x0a38 [ E543472B75FC78B3205273AE1E8CFE5F, 97CCA65B2BD59DF45B069DE66522E768968CD03B377F797691429E14D448BE9F ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
18:40:07.0756 0x0a38 BEService - ok
18:40:07.0813 0x0a38 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
18:40:07.0831 0x0a38 BFE - ok
18:40:07.0878 0x0a38 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
18:40:07.0925 0x0a38 BITS - ok
18:40:07.0947 0x0a38 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:40:07.0954 0x0a38 blbdrive - ok
18:40:07.0988 0x0a38 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:40:07.0995 0x0a38 bowser - ok
18:40:08.0011 0x0a38 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
18:40:08.0022 0x0a38 BrFiltLo - ok
18:40:08.0032 0x0a38 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
18:40:08.0040 0x0a38 BrFiltUp - ok
18:40:08.0049 0x0a38 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
18:40:08.0059 0x0a38 Browser - ok
18:40:08.0077 0x0a38 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:40:08.0089 0x0a38 Brserid - ok
18:40:08.0098 0x0a38 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:40:08.0107 0x0a38 BrSerWdm - ok
18:40:08.0114 0x0a38 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:40:08.0124 0x0a38 BrUsbMdm - ok
18:40:08.0128 0x0a38 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:40:08.0136 0x0a38 BrUsbSer - ok
18:40:08.0146 0x0a38 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:40:08.0156 0x0a38 BTHMODEM - ok
18:40:08.0174 0x0a38 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
18:40:08.0204 0x0a38 bthserv - ok
18:40:08.0225 0x0a38 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:40:08.0251 0x0a38 cdfs - ok
18:40:08.0278 0x0a38 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:40:08.0287 0x0a38 cdrom - ok
18:40:08.0293 0x0a38 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
18:40:08.0315 0x0a38 CertPropSvc - ok
18:40:08.0329 0x0a38 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
18:40:08.0339 0x0a38 circlass - ok
18:40:08.0380 0x0a38 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
18:40:08.0391 0x0a38 CLFS - ok
18:40:08.0453 0x0a38 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:40:08.0460 0x0a38 clr_optimization_v2.0.50727_32 - ok
18:40:08.0477 0x0a38 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:40:08.0484 0x0a38 clr_optimization_v2.0.50727_64 - ok
18:40:08.0578 0x0a38 [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:40:08.0586 0x0a38 clr_optimization_v4.0.30319_32 - ok
18:40:08.0614 0x0a38 [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:40:08.0622 0x0a38 clr_optimization_v4.0.30319_64 - ok
18:40:08.0628 0x0a38 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
18:40:08.0635 0x0a38 CmBatt - ok
18:40:08.0641 0x0a38 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:40:08.0646 0x0a38 cmdide - ok
18:40:08.0691 0x0a38 [ 3323F76352B0AF14B2CDC4DFBF3E980A, F8E3C3508C37E647497B6889F26819B1DB30275F48A994D1BBFBAA9454E5FD70 ] CNG C:\Windows\system32\Drivers\cng.sys
18:40:08.0706 0x0a38 CNG - ok
18:40:08.0719 0x0a38 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
18:40:08.0725 0x0a38 Compbatt - ok
18:40:08.0734 0x0a38 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
18:40:08.0743 0x0a38 CompositeBus - ok
18:40:08.0754 0x0a38 COMSysApp - ok
18:40:08.0764 0x0a38 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:40:08.0771 0x0a38 crcdisk - ok
18:40:08.0809 0x0a38 [ B1962E21F74697AB442FA4432B970E85, DADE4C90624EC928699246785E3DF73D795B5C68834FCD99D3063AD647423D12 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:40:08.0820 0x0a38 CryptSvc - ok
18:40:08.0842 0x0a38 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
18:40:08.0858 0x0a38 CSC - ok
18:40:08.0906 0x0a38 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
18:40:08.0923 0x0a38 CscService - ok
18:40:08.0969 0x0a38 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch C:\Windows\system32\rpcss.dll
18:40:08.0987 0x0a38 DcomLaunch - ok
18:40:09.0009 0x0a38 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
18:40:09.0038 0x0a38 defragsvc - ok
18:40:09.0044 0x0a38 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:40:09.0067 0x0a38 DfsC - ok
18:40:09.0083 0x0a38 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
18:40:09.0104 0x0a38 Dhcp - ok
18:40:09.0151 0x0a38 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
18:40:09.0180 0x0a38 DiagTrack - ok
18:40:09.0188 0x0a38 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
18:40:09.0210 0x0a38 discache - ok
18:40:09.0246 0x0a38 [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys
18:40:09.0254 0x0a38 Disk - ok
18:40:09.0287 0x0a38 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
18:40:09.0294 0x0a38 dmvsc - ok
18:40:09.0315 0x0a38 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:40:09.0324 0x0a38 Dnscache - ok
18:40:09.0347 0x0a38 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
18:40:09.0374 0x0a38 dot3svc - ok
18:40:09.0395 0x0a38 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
18:40:09.0419 0x0a38 DPS - ok
18:40:09.0457 0x0a38 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:40:09.0463 0x0a38 drmkaud - ok
18:40:09.0520 0x0a38 [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:40:09.0541 0x0a38 DXGKrnl - ok
18:40:09.0553 0x0a38 EagleX64 - ok
18:40:09.0586 0x0a38 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
18:40:09.0609 0x0a38 EapHost - ok
18:40:09.0623 0x0a38 EasyAntiCheat - ok
18:40:09.0697 0x0a38 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
18:40:09.0756 0x0a38 ebdrv - ok
18:40:09.0790 0x0a38 [ 07932D7BA536B0BB58306A156A9AFC31, 315AA4503A9C69E476D796C8DC6D4800A623B942C8707A15A94A892E94D123D9 ] EFS C:\Windows\System32\lsass.exe
18:40:09.0803 0x0a38 EFS - ok
18:40:09.0824 0x0a38 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:40:09.0839 0x0a38 elxstor - ok
18:40:09.0865 0x0a38 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:40:09.0873 0x0a38 ErrDev - ok
18:40:09.0901 0x0a38 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
18:40:09.0926 0x0a38 EventSystem - ok
18:40:09.0939 0x0a38 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
18:40:09.0962 0x0a38 exfat - ok
18:40:09.0975 0x0a38 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:40:10.0001 0x0a38 fastfat - ok
18:40:10.0019 0x0a38 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
18:40:10.0042 0x0a38 fdc - ok
18:40:10.0058 0x0a38 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
18:40:10.0088 0x0a38 fdPHost - ok
18:40:10.0096 0x0a38 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
18:40:10.0122 0x0a38 FDResPub - ok
18:40:10.0148 0x0a38 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:40:10.0155 0x0a38 FileInfo - ok
18:40:10.0163 0x0a38 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:40:10.0185 0x0a38 Filetrace - ok
18:40:10.0215 0x0a38 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
18:40:10.0223 0x0a38 flpydisk - ok
18:40:10.0237 0x0a38 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:40:10.0248 0x0a38 FltMgr - ok
18:40:10.0308 0x0a38 [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache C:\Windows\system32\FntCache.dll
18:40:10.0332 0x0a38 FontCache - ok
18:40:10.0338 0x0a38 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:40:10.0344 0x0a38 FsDepends - ok
18:40:10.0397 0x0a38 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:40:10.0405 0x0a38 Fs_Rec - ok
18:40:10.0453 0x0a38 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:40:10.0463 0x0a38 fvevol - ok
18:40:10.0470 0x0a38 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:40:10.0477 0x0a38 gagp30kx - ok
18:40:10.0615 0x0a38 [ 061CC5C12C39899D7398CFEBFD19F69F, 62319596863A74665FA801C305C952A0F20AAA0F1CDC2195F2F69D662790C80B ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
18:40:10.0639 0x0a38 GfExperienceService - ok
18:40:10.0701 0x0a38 [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll
18:40:10.0721 0x0a38 gpsvc - ok
18:40:10.0785 0x0a38 [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:40:10.0793 0x0a38 gupdate - ok
18:40:10.0798 0x0a38 [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:40:10.0806 0x0a38 gupdatem - ok
18:40:10.0813 0x0a38 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:40:10.0822 0x0a38 hcw85cir - ok
18:40:10.0847 0x0a38 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:40:10.0863 0x0a38 HdAudAddService - ok
18:40:10.0877 0x0a38 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:40:10.0887 0x0a38 HDAudBus - ok
18:40:10.0900 0x0a38 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
18:40:10.0907 0x0a38 HidBatt - ok
18:40:10.0919 0x0a38 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:40:10.0929 0x0a38 HidBth - ok
18:40:10.0947 0x0a38 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
18:40:10.0956 0x0a38 HidIr - ok
18:40:10.0990 0x0a38 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
18:40:11.0009 0x0a38 hidserv - ok
18:40:11.0080 0x0a38 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:40:11.0086 0x0a38 HidUsb - ok
18:40:11.0127 0x0a38 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:40:11.0150 0x0a38 hkmsvc - ok
18:40:11.0166 0x0a38 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:40:11.0175 0x0a38 HomeGroupListener - ok
18:40:11.0186 0x0a38 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:40:11.0196 0x0a38 HomeGroupProvider - ok
18:40:11.0206 0x0a38 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:40:11.0212 0x0a38 HpSAMD - ok
18:40:11.0259 0x0a38 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:40:11.0279 0x0a38 HTTP - ok
18:40:11.0304 0x0a38 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:40:11.0313 0x0a38 hwpolicy - ok
18:40:11.0326 0x0a38 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:40:11.0335 0x0a38 i8042prt - ok
18:40:11.0379 0x0a38 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:40:11.0391 0x0a38 iaStorV - ok
18:40:11.0398 0x0a38 IEEtwCollectorService - ok
18:40:11.0407 0x0a38 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:40:11.0413 0x0a38 iirsp - ok
18:40:11.0459 0x0a38 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
18:40:11.0481 0x0a38 IKEEXT - ok
18:40:11.0511 0x0a38 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
18:40:11.0519 0x0a38 intelide - ok
18:40:11.0534 0x0a38 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:40:11.0542 0x0a38 intelppm - ok
18:40:11.0572 0x0a38 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:40:11.0593 0x0a38 IPBusEnum - ok
18:40:11.0605 0x0a38 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:40:11.0630 0x0a38 IpFilterDriver - ok
18:40:11.0678 0x0a38 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:40:11.0694 0x0a38 iphlpsvc - ok
18:40:11.0710 0x0a38 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:40:11.0718 0x0a38 IPMIDRV - ok
18:40:11.0732 0x0a38 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:40:11.0752 0x0a38 IPNAT - ok
18:40:11.0767 0x0a38 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:40:11.0782 0x0a38 IRENUM - ok
18:40:11.0795 0x0a38 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:40:11.0801 0x0a38 isapnp - ok
18:40:11.0843 0x0a38 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:40:11.0852 0x0a38 iScsiPrt - ok
18:40:11.0860 0x0a38 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:40:11.0866 0x0a38 kbdclass - ok
18:40:11.0876 0x0a38 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:40:11.0883 0x0a38 kbdhid - ok
18:40:11.0890 0x0a38 [ 07932D7BA536B0BB58306A156A9AFC31, 315AA4503A9C69E476D796C8DC6D4800A623B942C8707A15A94A892E94D123D9 ] KeyIso C:\Windows\system32\lsass.exe
18:40:11.0899 0x0a38 KeyIso - ok
18:40:11.0932 0x0a38 [ EB7BB4F58971F4FE099B3CE127346563, 6CE7BF43B5775ABF954508B4B02E441C169990FDFDF35FFE3137C85C1231695B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:40:11.0941 0x0a38 KSecDD - ok
18:40:11.0976 0x0a38 [ 6EBBA531A455E8F1092FD530A8682A97, 658F9ACADD422A2F1D48120FB4FCBB2E8F0CF245C07D439A2611878E82C61A01 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:40:11.0984 0x0a38 KSecPkg - ok
18:40:11.0997 0x0a38 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:40:12.0019 0x0a38 ksthunk - ok
18:40:12.0048 0x0a38 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
18:40:12.0076 0x0a38 KtmRm - ok
18:40:12.0113 0x0a38 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:40:12.0137 0x0a38 LanmanServer - ok
18:40:12.0149 0x0a38 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:40:12.0173 0x0a38 LanmanWorkstation - ok
18:40:12.0190 0x0a38 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:40:12.0210 0x0a38 lltdio - ok
18:40:12.0231 0x0a38 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:40:12.0257 0x0a38 lltdsvc - ok
18:40:12.0271 0x0a38 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:40:12.0293 0x0a38 lmhosts - ok
18:40:12.0317 0x0a38 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:40:12.0324 0x0a38 LSI_FC - ok
18:40:12.0338 0x0a38 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:40:12.0345 0x0a38 LSI_SAS - ok
18:40:12.0355 0x0a38 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
18:40:12.0364 0x0a38 LSI_SAS2 - ok
18:40:12.0374 0x0a38 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:40:12.0381 0x0a38 LSI_SCSI - ok
18:40:12.0402 0x0a38 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
18:40:12.0424 0x0a38 luafv - ok
18:40:12.0432 0x0a38 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
18:40:12.0440 0x0a38 megasas - ok
18:40:12.0448 0x0a38 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
18:40:12.0457 0x0a38 MegaSR - ok
18:40:12.0504 0x0a38 [ 1BC9159CF58BABD89419072EA180A8F6, 6C9AB779C2355A341800A8F93AAAF9B19FAFF444CD6A7BD27C63D53F379A75EF ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys
18:40:12.0513 0x0a38 MEIx64 - ok
18:40:12.0544 0x0a38 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
18:40:12.0567 0x0a38 MMCSS - ok
18:40:12.0577 0x0a38 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
18:40:12.0598 0x0a38 Modem - ok
18:40:12.0633 0x0a38 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:40:12.0643 0x0a38 monitor - ok
18:40:12.0652 0x0a38 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:40:12.0659 0x0a38 mouclass - ok
18:40:12.0679 0x0a38 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:40:12.0688 0x0a38 mouhid - ok
18:40:12.0723 0x0a38 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:40:12.0732 0x0a38 mountmgr - ok
18:40:12.0743 0x0a38 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
18:40:12.0751 0x0a38 mpio - ok
18:40:12.0762 0x0a38 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:40:12.0785 0x0a38 mpsdrv - ok
18:40:12.0809 0x0a38 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:40:12.0849 0x0a38 MpsSvc - ok
18:40:12.0897 0x0a38 [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:40:12.0910 0x0a38 MRxDAV - ok
18:40:12.0951 0x0a38 [ 341C65D6D4E9AB705258AC83511F7ADD, EE3F0874DA79C95DE5E5CEC94B1545C049DE21D8F05F63184F9F5DE9553C96A0 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:40:12.0960 0x0a38 mrxsmb - ok
18:40:12.0979 0x0a38 [ F93EDDF0B69760456C6E0D73405AC078, 9EE64BAA6449A053C152783AD102DE88C3DBC79F8BEF25E5914DC736D495E9F3 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:40:12.0991 0x0a38 mrxsmb10 - ok
18:40:12.0999 0x0a38 [ A558D659B722FE5FB8C6E1BF288F7316, 3E57FF595E9EA9D53881955E7652793888A4E55743190D653A9239FF07653D7B ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:40:13.0007 0x0a38 mrxsmb20 - ok
18:40:13.0038 0x0a38 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
18:40:13.0044 0x0a38 msahci - ok
18:40:13.0054 0x0a38 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:40:13.0066 0x0a38 msdsm - ok
18:40:13.0079 0x0a38 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
18:40:13.0089 0x0a38 MSDTC - ok
18:40:13.0105 0x0a38 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:40:13.0128 0x0a38 Msfs - ok
18:40:13.0133 0x0a38 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:40:13.0157 0x0a38 mshidkmdf - ok
18:40:13.0165 0x0a38 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:40:13.0172 0x0a38 msisadrv - ok
18:40:13.0185 0x0a38 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:40:13.0208 0x0a38 MSiSCSI - ok
18:40:13.0211 0x0a38 msiserver - ok
18:40:13.0229 0x0a38 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:40:13.0253 0x0a38 MSKSSRV - ok
18:40:13.0260 0x0a38 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:40:13.0284 0x0a38 MSPCLOCK - ok
18:40:13.0287 0x0a38 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:40:13.0308 0x0a38 MSPQM - ok
18:40:13.0339 0x0a38 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:40:13.0352 0x0a38 MsRPC - ok
18:40:13.0364 0x0a38 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:40:13.0371 0x0a38 mssmbios - ok
18:40:13.0374 0x0a38 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:40:13.0396 0x0a38 MSTEE - ok
18:40:13.0408 0x0a38 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
18:40:13.0415 0x0a38 MTConfig - ok
18:40:13.0431 0x0a38 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
18:40:13.0439 0x0a38 Mup - ok
18:40:13.0465 0x0a38 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
18:40:13.0495 0x0a38 napagent - ok
18:40:13.0527 0x0a38 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:40:13.0542 0x0a38 NativeWifiP - ok
18:40:13.0591 0x0a38 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:40:13.0613 0x0a38 NDIS - ok
18:40:13.0623 0x0a38 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:40:13.0645 0x0a38 NdisCap - ok
18:40:13.0662 0x0a38 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:40:13.0681 0x0a38 NdisTapi - ok
18:40:13.0691 0x0a38 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:40:13.0710 0x0a38 Ndisuio - ok
18:40:13.0725 0x0a38 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:40:13.0751 0x0a38 NdisWan - ok
18:40:13.0764 0x0a38 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:40:13.0786 0x0a38 NDProxy - ok
18:40:13.0793 0x0a38 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:40:13.0813 0x0a38 NetBIOS - ok
18:40:13.0849 0x0a38 [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:40:13.0867 0x0a38 NetBT - ok
18:40:13.0873 0x0a38 [ 07932D7BA536B0BB58306A156A9AFC31, 315AA4503A9C69E476D796C8DC6D4800A623B942C8707A15A94A892E94D123D9 ] Netlogon C:\Windows\system32\lsass.exe
18:40:13.0881 0x0a38 Netlogon - ok
18:40:13.0923 0x0a38 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
18:40:13.0948 0x0a38 Netman - ok
18:40:13.0986 0x0a38 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:40:13.0994 0x0a38 NetMsmqActivator - ok
18:40:13.0998 0x0a38 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:40:14.0005 0x0a38 NetPipeActivator - ok
18:40:14.0026 0x0a38 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
18:40:14.0055 0x0a38 netprofm - ok
18:40:14.0060 0x0a38 [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:40:14.0072 0x0a38 NetTcpActivator - ok
18:40:14.0205 0x0a38 [ 20EEDD348A664BAD06C4E1D381D1B57C, 32961CC3157227168169A633A75E1208C75F4F0735F0E9AE7CAD08AF6CCB3FDE ] Netzmanager Service C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
18:40:14.0256 0x0a38 Netzmanager Service - detected UnsignedFile.Multi.Generic ( 1 )
18:40:14.0461 0x0a38 Detect skipped due to KSN trusted
18:40:14.0462 0x0a38 Netzmanager Service - ok
18:40:14.0483 0x0a38 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:40:14.0490 0x0a38 nfrd960 - ok
18:40:14.0506 0x0a38 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
18:40:14.0519 0x0a38 NlaSvc - ok
18:40:14.0525 0x0a38 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:40:14.0549 0x0a38 Npfs - ok
18:40:14.0569 0x0a38 npggsvc - ok
18:40:14.0580 0x0a38 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
18:40:14.0601 0x0a38 nsi - ok
18:40:14.0613 0x0a38 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:40:14.0636 0x0a38 nsiproxy - ok
18:40:14.0707 0x0a38 [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:40:14.0741 0x0a38 Ntfs - ok
18:40:14.0748 0x0a38 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
18:40:14.0772 0x0a38 Null - ok
18:40:14.0791 0x0a38 [ C1CBFEA565CB9BF8AE63657EE10DCE73, E908449BFB679D950764A2BA6A2B9875327605E399626F854BA8F968BDC14107 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
18:40:14.0801 0x0a38 NVHDA - ok
18:40:15.0039 0x0a38 [ 98C14B589F567F5880C0B514632949E7, 1445D242B94E2A2228AC91B70C6EBF5A7795999A62430CE8587FD67882E82CB3 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:40:15.0221 0x0a38 nvlddmkm - ok
18:40:15.0368 0x0a38 [ 1E3277F1C9F62F90488D02869A9522B7, 464870ACE9BDF7A6A9C46701209BEED5C33454CFF44CDABEAF871E06F23FEF17 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
18:40:15.0403 0x0a38 NvNetworkService - ok
18:40:15.0416 0x0a38 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:40:15.0424 0x0a38 nvraid - ok
18:40:15.0469 0x0a38 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:40:15.0479 0x0a38 nvstor - ok
18:40:15.0548 0x0a38 [ 59A8DE923619F3DC0C6C63DC33FB231E, 29D20EA3EB9599DE829A0630F2063D5DFD2263E9222CD4E3559725792D1454A5 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
18:40:15.0554 0x0a38 NvStreamKms - ok
18:40:15.0707 0x0a38 [ 9B4B3747C6756F49B986398A46EC1FE0, D0A25F07CBFB39B86DCB148A2EC8F01FDDD9B6D994418C54F49AA2B782CE9811 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
18:40:15.0813 0x0a38 NvStreamNetworkSvc - ok
18:40:15.0921 0x0a38 [ 266512CCC3B2E195CDE3A7A2C98A353A, DCB6C88A32FE3EE11D4FF242DE6E52B3C576C2EA4E4A5A245B4451CDEDCE94B0 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
18:40:16.0003 0x0a38 NvStreamSvc - ok
18:40:16.0055 0x0a38 [ 1BC6175DAFB0BFEAF8C927F109F912BF, EDEAC4AD10518FEDA9E827E60B840F8CBD2E22CC796E798941A8C64268115224 ] nvsvc C:\Windows\system32\nvvsvc.exe
18:40:16.0079 0x0a38 nvsvc - ok
18:40:16.0088 0x0a38 [ 64E8275CEAD43D3CA8E3A311B2F4B64A, 99E683890B9AF3243100B387317760B5F91745EF9F7FF2ABA2DC7B6551A6EAB6 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
18:40:16.0097 0x0a38 nvvad_WaveExtensible - ok
18:40:16.0112 0x0a38 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:40:16.0120 0x0a38 nv_agp - ok
18:40:16.0133 0x0a38 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:40:16.0141 0x0a38 ohci1394 - ok
18:40:16.0249 0x0a38 [ 2906AF02B5D06B0EFCD32382F19B88DB, 52A57816017591AC18693095ED6877EC6187F01A1B075ECC0F7E8FA73543E9D0 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
18:40:16.0286 0x0a38 Origin Client Service - ok
18:40:16.0309 0x0a38 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:40:16.0322 0x0a38 p2pimsvc - ok
18:40:16.0350 0x0a38 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
18:40:16.0366 0x0a38 p2psvc - ok
18:40:16.0376 0x0a38 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
18:40:16.0384 0x0a38 Parport - ok
18:40:16.0421 0x0a38 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:40:16.0427 0x0a38 partmgr - ok
18:40:16.0440 0x0a38 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:40:16.0450 0x0a38 PcaSvc - ok
18:40:16.0459 0x0a38 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
18:40:16.0468 0x0a38 pci - ok
18:40:16.0504 0x0a38 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
18:40:16.0509 0x0a38 pciide - ok
18:40:16.0514 0x0a38 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:40:16.0523 0x0a38 pcmcia - ok
18:40:16.0531 0x0a38 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
18:40:16.0537 0x0a38 pcw - ok
18:40:16.0575 0x0a38 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:40:16.0591 0x0a38 PEAUTH - ok
18:40:16.0635 0x0a38 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
18:40:16.0665 0x0a38 PeerDistSvc - ok
18:40:16.0708 0x0a38 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:40:16.0715 0x0a38 PerfHost - ok
18:40:16.0761 0x0a38 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
18:40:16.0803 0x0a38 pla - ok
18:40:16.0847 0x0a38 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:40:16.0861 0x0a38 PlugPlay - ok
18:40:16.0890 0x0a38 PnkBstrA - ok
18:40:16.0899 0x0a38 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:40:16.0909 0x0a38 PNRPAutoReg - ok
18:40:16.0926 0x0a38 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:40:16.0939 0x0a38 PNRPsvc - ok
18:40:16.0981 0x0a38 [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:40:16.0999 0x0a38 PolicyAgent - ok
18:40:17.0012 0x0a38 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
18:40:17.0038 0x0a38 Power - ok
18:40:17.0057 0x0a38 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:40:17.0085 0x0a38 PptpMiniport - ok
18:40:17.0097 0x0a38 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
18:40:17.0106 0x0a38 Processor - ok
18:40:17.0128 0x0a38 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
18:40:17.0138 0x0a38 ProfSvc - ok
18:40:17.0157 0x0a38 [ 07932D7BA536B0BB58306A156A9AFC31, 315AA4503A9C69E476D796C8DC6D4800A623B942C8707A15A94A892E94D123D9 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:40:17.0164 0x0a38 ProtectedStorage - ok
18:40:17.0177 0x0a38 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:40:17.0202 0x0a38 Psched - ok
18:40:17.0241 0x0a38 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:40:17.0269 0x0a38 ql2300 - ok
18:40:17.0283 0x0a38 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:40:17.0291 0x0a38 ql40xx - ok
18:40:17.0311 0x0a38 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
18:40:17.0327 0x0a38 QWAVE - ok
18:40:17.0331 0x0a38 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:40:17.0340 0x0a38 QWAVEdrv - ok
18:40:17.0367 0x0a38 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:40:17.0389 0x0a38 RasAcd - ok
18:40:17.0404 0x0a38 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:40:17.0425 0x0a38 RasAgileVpn - ok
18:40:17.0437 0x0a38 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
18:40:17.0459 0x0a38 RasAuto - ok
18:40:17.0466 0x0a38 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:40:17.0490 0x0a38 Rasl2tp - ok
18:40:17.0508 0x0a38 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
18:40:17.0537 0x0a38 RasMan - ok
18:40:17.0548 0x0a38 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:40:17.0579 0x0a38 RasPppoe - ok
18:40:17.0587 0x0a38 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:40:17.0609 0x0a38 RasSstp - ok
18:40:17.0699 0x0a38 [ EAD47E3689B1699768A38002810256F1, 12620512ADFD09E7B5B904879E147DDEDE8F21D1604212498D14B93D7FD421FD ] Razer Game Scanner Service C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
18:40:17.0708 0x0a38 Razer Game Scanner Service - ok
18:40:17.0721 0x0a38 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:40:17.0748 0x0a38 rdbss - ok
18:40:17.0761 0x0a38 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:40:17.0772 0x0a38 rdpbus - ok
18:40:17.0788 0x0a38 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:40:17.0809 0x0a38 RDPCDD - ok
18:40:17.0840 0x0a38 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
18:40:17.0848 0x0a38 RDPDR - ok
18:40:17.0851 0x0a38 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:40:17.0871 0x0a38 RDPENCDD - ok
18:40:17.0876 0x0a38 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:40:17.0897 0x0a38 RDPREFMP - ok
18:40:18.0002 0x0a38 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:40:18.0009 0x0a38 RdpVideoMiniport - ok
18:40:18.0054 0x0a38 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:40:18.0064 0x0a38 RDPWD - ok
18:40:18.0079 0x0a38 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:40:18.0089 0x0a38 rdyboost - ok
18:40:18.0107 0x0a38 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:40:18.0132 0x0a38 RemoteAccess - ok
18:40:18.0183 0x0a38 [ 10E4D1F67A369A3F6E9CE00AC4A43BE0, D41D7DD9CBFB718AFE94883AE8E79832D4DA3321878BEAB81F4382DC1DFAB8A7 ] RemoteMouseService C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
18:40:18.0188 0x0a38 RemoteMouseService - detected UnsignedFile.Multi.Generic ( 1 )
18:40:18.0380 0x0a38 Detect skipped due to KSN trusted
18:40:18.0380 0x0a38 RemoteMouseService - ok
18:40:18.0399 0x0a38 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:40:18.0430 0x0a38 RemoteRegistry - ok
18:40:18.0460 0x0a38 [ 5BD6B1EC997FF3DD779D62E05D2079A8, BE4BDE29C134BAEDE4D35C777F2C6195F8C12FEF4583FAD2A442F8D1678B7FF7 ] RMCAST C:\Windows\system32\DRIVERS\RMCAST.sys
18:40:18.0468 0x0a38 RMCAST - ok
18:40:18.0501 0x0a38 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:40:18.0523 0x0a38 RpcEptMapper - ok
18:40:18.0528 0x0a38 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
18:40:18.0536 0x0a38 RpcLocator - ok
18:40:18.0578 0x0a38 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs C:\Windows\system32\rpcss.dll
18:40:18.0592 0x0a38 RpcSs - ok
18:40:18.0603 0x0a38 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:40:18.0628 0x0a38 rspndr - ok
18:40:18.0676 0x0a38 [ 66E06E5B77F2323B1F11EB4C70B78328, D14A6DFF95EC897EA737623A8E60D6DEF12077A54648AC78FBD19BA11985CD77 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
18:40:18.0697 0x0a38 RTL8167 - ok
18:40:18.0729 0x0a38 [ 2ADA9F126235A56EDC9F90C888E4D142, 4CE692D045F6F8A7A1D309376648E81066F6EBAF94580F2ED0B0FFC1FE6FE44E ] RZMAELSTROMVADService C:\Windows\system32\drivers\RzMaelstromVAD.sys
18:40:18.0739 0x0a38 RZMAELSTROMVADService - ok
18:40:18.0775 0x0a38 [ 30A186D6A2A2853EEFAD7011E212E41B, 367B8FCCF29470C9237FC1F0EAEB59AE51E33778BC9914A2730AC7DDBC84942B ] rzpmgrk C:\Windows\system32\drivers\rzpmgrk.sys
18:40:18.0783 0x0a38 rzpmgrk - ok
18:40:18.0809 0x0a38 [ 2229D5A9A92B62DF4DF9CF51F48436F7, 0507D893E3FD2917C81C1DC13CCB22AE5402AB6CA9FB8D89485010838050D08D ] rzpnk C:\Windows\system32\drivers\rzpnk.sys
18:40:18.0819 0x0a38 rzpnk - ok
18:40:18.0884 0x0a38 [ 630BD8493D336E3FF45F1148A26A9819, 8E7FA60F0AB1964E0F5DA4E615672022CDA40056830CEB3251E02091EF6B636B ] RZSURROUNDVADService C:\Windows\system32\drivers\RzSurroundVAD.sys
18:40:18.0889 0x0a38 RZSURROUNDVADService - ok
18:40:19.0181 0x0a38 [ 478D794D1A0B5DA2AB17E305CCA3D58F, 8563B1D95B1075222E90F839855C7882B7FB554C42AF7B630968960DF53CED7F ] RzSurroundVADStreamingService C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
18:40:19.0256 0x0a38 RzSurroundVADStreamingService - detected UnsignedFile.Multi.Generic ( 1 )
18:40:19.0655 0x0a38 Detect skipped due to KSN trusted
18:40:19.0656 0x0a38 RzSurroundVADStreamingService - ok
18:40:19.0677 0x0a38 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
18:40:19.0683 0x0a38 s3cap - ok
18:40:19.0690 0x0a38 [ 07932D7BA536B0BB58306A156A9AFC31, 315AA4503A9C69E476D796C8DC6D4800A623B942C8707A15A94A892E94D123D9 ] SamSs C:\Windows\system32\lsass.exe
18:40:19.0700 0x0a38 SamSs - ok
18:40:19.0720 0x0a38 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:40:19.0728 0x0a38 sbp2port - ok
18:40:19.0741 0x0a38 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:40:19.0766 0x0a38 SCardSvr - ok
18:40:19.0777 0x0a38 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:40:19.0797 0x0a38 scfilter - ok
18:40:19.0850 0x0a38 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
18:40:19.0876 0x0a38 Schedule - ok
18:40:19.0895 0x0a38 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:40:19.0921 0x0a38 SCPolicySvc - ok
18:40:19.0933 0x0a38 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:40:19.0943 0x0a38 SDRSVC - ok
18:40:19.0949 0x0a38 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:40:19.0997 0x0a38 secdrv - ok
18:40:20.0038 0x0a38 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
18:40:20.0045 0x0a38 seclogon - ok
18:40:20.0052 0x0a38 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
18:40:20.0076 0x0a38 SENS - ok
18:40:20.0084 0x0a38 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:40:20.0091 0x0a38 SensrSvc - ok
18:40:20.0103 0x0a38 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
18:40:20.0112 0x0a38 Serenum - ok
18:40:20.0126 0x0a38 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
18:40:20.0134 0x0a38 Serial - ok
18:40:20.0145 0x0a38 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:40:20.0155 0x0a38 sermouse - ok
18:40:20.0172 0x0a38 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
18:40:20.0195 0x0a38 SessionEnv - ok
18:40:20.0210 0x0a38 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:40:20.0219 0x0a38 sffdisk - ok
18:40:20.0228 0x0a38 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:40:20.0241 0x0a38 sffp_mmc - ok
18:40:20.0244 0x0a38 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:40:20.0257 0x0a38 sffp_sd - ok
18:40:20.0260 0x0a38 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:40:20.0267 0x0a38 sfloppy - ok
18:40:20.0292 0x0a38 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:40:20.0319 0x0a38 SharedAccess - ok
18:40:20.0333 0x0a38 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:40:20.0360 0x0a38 ShellHWDetection - ok
18:40:20.0373 0x0a38 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
18:40:20.0379 0x0a38 SiSRaid2 - ok
18:40:20.0386 0x0a38 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:40:20.0393 0x0a38 SiSRaid4 - ok
18:40:20.0461 0x0a38 [ 6749AD471D1D44CBD1F30257C861F77B, D5A554F35E380948F13BFE0673B49F8FD8AE5A438BF3645857522E2560A58685 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:40:20.0473 0x0a38 SkypeUpdate - ok
18:40:20.0496 0x0a38 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:40:20.0519 0x0a38 Smb - ok
18:40:20.0543 0x0a38 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:40:20.0551 0x0a38 SNMPTRAP - ok
18:40:20.0554 0x0a38 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
18:40:20.0560 0x0a38 spldr - ok
18:40:20.0581 0x0a38 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
18:40:20.0597 0x0a38 Spooler - ok
18:40:20.0678 0x0a38 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
18:40:20.0761 0x0a38 sppsvc - ok
18:40:20.0776 0x0a38 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:40:20.0802 0x0a38 sppuinotify - ok
18:40:20.0836 0x0a38 [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:40:20.0850 0x0a38 srv - ok
18:40:20.0890 0x0a38 [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:40:20.0908 0x0a38 srv2 - ok
18:40:20.0945 0x0a38 [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:40:20.0954 0x0a38 srvnet - ok
18:40:20.0965 0x0a38 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:40:20.0990 0x0a38 SSDPSRV - ok
18:40:20.0997 0x0a38 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:40:21.0019 0x0a38 SstpSvc - ok
18:40:21.0117 0x0a38 [ E06AA279D85877268E34E9A9BC41F560, 6EFE7E3850CD19B919053293B6D8CB61CC638D3B1626BB62594C681625132689 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
18:40:21.0147 0x0a38 Steam Client Service - ok
18:40:21.0223 0x0a38 [ 0E952C9DDE28962922CCDEFA0BF8C425, 41AEA8777DDDE907E94B69A0D03D4EAD4983DB1B798CB01A77E4D8E57CA4A9AD ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:40:21.0235 0x0a38 Stereo Service - ok
18:40:21.0258 0x0a38 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
18:40:21.0264 0x0a38 stexstor - ok
18:40:21.0279 0x0a38 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
18:40:21.0298 0x0a38 stisvc - ok
18:40:21.0315 0x0a38 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
18:40:21.0322 0x0a38 storflt - ok
18:40:21.0331 0x0a38 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
18:40:21.0343 0x0a38 StorSvc - ok
18:40:21.0361 0x0a38 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
18:40:21.0368 0x0a38 storvsc - ok
18:40:21.0377 0x0a38 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:40:21.0382 0x0a38 swenum - ok
18:40:21.0401 0x0a38 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
18:40:21.0435 0x0a38 swprv - ok
18:40:21.0498 0x0a38 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
18:40:21.0533 0x0a38 SysMain - ok
18:40:21.0544 0x0a38 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:40:21.0555 0x0a38 TabletInputService - ok
18:40:21.0565 0x0a38 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
18:40:21.0593 0x0a38 TapiSrv - ok
18:40:21.0659 0x0a38 [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:40:21.0695 0x0a38 Tcpip - ok
18:40:21.0733 0x0a38 [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:40:21.0773 0x0a38 TCPIP6 - ok
18:40:21.0816 0x0a38 [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:40:21.0828 0x0a38 tcpipreg - ok
18:40:21.0844 0x0a38 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:40:21.0851 0x0a38 TDPIPE - ok
18:40:21.0883 0x0a38 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:40:21.0891 0x0a38 TDTCP - ok
18:40:21.0928 0x0a38 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:40:21.0937 0x0a38 tdx - ok
18:40:22.0002 0x0a38 [ 4283D7125BA4BD0CB50BB0F78B54257A, A9DBFC45CDF7444BA7AD92734E66E3E4F844BF036AC19FD43F915151191F12C5 ] TelekomNM6 C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys
18:40:22.0008 0x0a38 TelekomNM6 - ok
18:40:22.0022 0x0a38 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:40:22.0031 0x0a38 TermDD - ok
18:40:22.0077 0x0a38 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
18:40:22.0094 0x0a38 TermService - ok
18:40:22.0126 0x0a38 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
18:40:22.0137 0x0a38 Themes - ok
18:40:22.0171 0x0a38 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
18:40:22.0191 0x0a38 THREADORDER - ok
18:40:22.0207 0x0a38 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
18:40:22.0229 0x0a38 TrkWks - ok
18:40:22.0284 0x0a38 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:40:22.0306 0x0a38 TrustedInstaller - ok
18:40:22.0345 0x0a38 [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:40:22.0353 0x0a38 tssecsrv - ok
18:40:22.0395 0x0a38 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:40:22.0405 0x0a38 TsUsbFlt - ok
18:40:22.0439 0x0a38 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
18:40:22.0450 0x0a38 TsUsbGD - ok
18:40:22.0477 0x0a38 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:40:22.0511 0x0a38 tunnel - ok
18:40:22.0523 0x0a38 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:40:22.0532 0x0a38 uagp35 - ok
18:40:22.0550 0x0a38 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:40:22.0575 0x0a38 udfs - ok
18:40:22.0596 0x0a38 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:40:22.0604 0x0a38 UI0Detect - ok
18:40:22.0619 0x0a38 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:40:22.0626 0x0a38 uliagpkx - ok
18:40:22.0642 0x0a38 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:40:22.0649 0x0a38 umbus - ok
18:40:22.0661 0x0a38 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
18:40:22.0669 0x0a38 UmPass - ok
18:40:22.0693 0x0a38 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
18:40:22.0707 0x0a38 UmRdpService - ok
18:40:22.0721 0x0a38 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
18:40:22.0749 0x0a38 upnphost - ok
18:40:22.0792 0x0a38 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
18:40:22.0801 0x0a38 usbaudio - ok
18:40:22.0832 0x0a38 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:40:22.0841 0x0a38 usbccgp - ok
18:40:22.0877 0x0a38 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:40:22.0885 0x0a38 usbcir - ok
18:40:22.0899 0x0a38 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:40:22.0908 0x0a38 usbehci - ok
18:40:22.0921 0x0a38 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:40:22.0932 0x0a38 usbhub - ok
18:40:22.0943 0x0a38 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:40:22.0951 0x0a38 usbohci - ok
18:40:22.0957 0x0a38 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
18:40:22.0966 0x0a38 usbprint - ok
18:40:22.0999 0x0a38 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:40:23.0007 0x0a38 USBSTOR - ok
18:40:23.0021 0x0a38 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:40:23.0031 0x0a38 usbuhci - ok
18:40:23.0066 0x0a38 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
18:40:23.0092 0x0a38 UxSms - ok
18:40:23.0096 0x0a38 [ 07932D7BA536B0BB58306A156A9AFC31, 315AA4503A9C69E476D796C8DC6D4800A623B942C8707A15A94A892E94D123D9 ] VaultSvc C:\Windows\system32\lsass.exe
18:40:23.0104 0x0a38 VaultSvc - ok
18:40:23.0121 0x0a38 VBAudioVACMME - ok
18:40:23.0165 0x0a38 [ 0E3C4F20B2CE21168F3242D9CAC6CBF2, 1BD5E1A2000EBC1C335A8960ACDCD08BDC8230F533A80D086D2EE6FE4990EA02 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
18:40:23.0175 0x0a38 VBoxUSBMon - ok
18:40:23.0181 0x0a38 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:40:23.0188 0x0a38 vdrvroot - ok
18:40:23.0210 0x0a38 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
18:40:23.0239 0x0a38 vds - ok
18:40:23.0253 0x0a38 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:40:23.0261 0x0a38 vga - ok
18:40:23.0272 0x0a38 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:40:23.0298 0x0a38 VgaSave - ok
18:40:23.0314 0x0a38 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:40:23.0323 0x0a38 vhdmp - ok
18:40:23.0363 0x0a38 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
18:40:23.0369 0x0a38 viaide - ok
18:40:23.0396 0x0a38 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
18:40:23.0405 0x0a38 vmbus - ok
18:40:23.0419 0x0a38 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
18:40:23.0426 0x0a38 VMBusHID - ok
18:40:23.0444 0x0a38 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:40:23.0452 0x0a38 volmgr - ok
18:40:23.0461 0x0a38 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:40:23.0472 0x0a38 volmgrx - ok
18:40:23.0489 0x0a38 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:40:23.0501 0x0a38 volsnap - ok
18:40:23.0518 0x0a38 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:40:23.0526 0x0a38 vsmraid - ok
18:40:23.0562 0x0a38 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
18:40:23.0605 0x0a38 VSS - ok
18:40:23.0618 0x0a38 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
18:40:23.0629 0x0a38 vwifibus - ok
18:40:23.0648 0x0a38 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:40:23.0658 0x0a38 vwififlt - ok
18:40:23.0676 0x0a38 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
18:40:23.0685 0x0a38 vwifimp - ok
18:40:23.0702 0x0a38 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
18:40:23.0728 0x0a38 W32Time - ok
18:40:23.0740 0x0a38 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:40:23.0748 0x0a38 WacomPen - ok
18:40:23.0765 0x0a38 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:40:23.0788 0x0a38 WANARP - ok
18:40:23.0793 0x0a38 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:40:23.0814 0x0a38 Wanarpv6 - ok
18:40:23.0848 0x0a38 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
18:40:23.0883 0x0a38 wbengine - ok
18:40:23.0896 0x0a38 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:40:23.0914 0x0a38 WbioSrvc - ok
18:40:23.0933 0x0a38 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:40:23.0949 0x0a38 wcncsvc - ok
18:40:23.0955 0x0a38 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:40:23.0965 0x0a38 WcsPlugInService - ok
18:40:23.0971 0x0a38 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
18:40:23.0977 0x0a38 Wd - ok
18:40:24.0018 0x0a38 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:40:24.0039 0x0a38 Wdf01000 - ok
18:40:24.0068 0x0a38 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:40:24.0079 0x0a38 WdiServiceHost - ok
18:40:24.0084 0x0a38 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:40:24.0092 0x0a38 WdiSystemHost - ok
18:40:24.0126 0x0a38 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
18:40:24.0137 0x0a38 WebClient - ok
18:40:24.0150 0x0a38 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:40:24.0180 0x0a38 Wecsvc - ok
18:40:24.0188 0x0a38 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:40:24.0218 0x0a38 wercplsupport - ok
18:40:24.0234 0x0a38 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
18:40:24.0264 0x0a38 WerSvc - ok
18:40:24.0275 0x0a38 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:40:24.0300 0x0a38 WfpLwf - ok
18:40:24.0321 0x0a38 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:40:24.0327 0x0a38 WIMMount - ok
18:40:24.0336 0x0a38 WinDefend - ok
18:40:24.0350 0x0a38 WinHttpAutoProxySvc - ok
18:40:24.0407 0x0a38 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:40:24.0435 0x0a38 Winmgmt - ok
18:40:24.0498 0x0a38 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
18:40:24.0536 0x0a38 WinRM - ok
18:40:24.0577 0x0a38 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:40:24.0588 0x0a38 WinUsb - ok
18:40:24.0612 0x0a38 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:40:24.0639 0x0a38 Wlansvc - ok
18:40:24.0653 0x0a38 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:40:24.0662 0x0a38 WmiAcpi - ok
18:40:24.0682 0x0a38 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:40:24.0693 0x0a38 wmiApSrv - ok
18:40:24.0705 0x0a38 WMPNetworkSvc - ok
18:40:24.0718 0x0a38 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:40:24.0725 0x0a38 WPCSvc - ok
18:40:24.0739 0x0a38 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:40:24.0750 0x0a38 WPDBusEnum - ok
18:40:24.0765 0x0a38 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:40:24.0793 0x0a38 ws2ifsl - ok
18:40:24.0801 0x0a38 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
18:40:24.0812 0x0a38 wscsvc - ok
18:40:24.0814 0x0a38 WSearch - ok
18:40:24.0895 0x0a38 [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv C:\Windows\system32\wuaueng.dll
18:40:24.0954 0x0a38 wuauserv - ok
18:40:24.0988 0x0a38 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:40:24.0998 0x0a38 WudfPf - ok
18:40:25.0019 0x0a38 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:40:25.0030 0x0a38 WUDFRd - ok
18:40:25.0044 0x0a38 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:40:25.0052 0x0a38 wudfsvc - ok
18:40:25.0087 0x0a38 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
18:40:25.0098 0x0a38 WwanSvc - ok
18:40:25.0108 0x0a38 xhunter1 - ok
18:40:25.0137 0x0a38 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
18:40:25.0144 0x0a38 xusb21 - ok
18:40:25.0158 0x0a38 ================ Scan global ===============================
18:40:25.0186 0x0a38 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
18:40:25.0247 0x0a38 [ B96D67F1BF78F1005B9D77EA7889F2B8, CD4A75C306E5B2A0898849DC8700548AE2771F6D3618ACB2E8A1A1DB04224B49 ] C:\Windows\system32\winsrv.dll
18:40:25.0258 0x0a38 [ B96D67F1BF78F1005B9D77EA7889F2B8, CD4A75C306E5B2A0898849DC8700548AE2771F6D3618ACB2E8A1A1DB04224B49 ] C:\Windows\system32\winsrv.dll
18:40:25.0297 0x0a38 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:40:25.0313 0x0a38 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
18:40:25.0318 0x0a38 [ Global ] - ok
18:40:25.0318 0x0a38 ================ Scan MBR ==================================
18:40:25.0329 0x0a38 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:40:25.0455 0x0a38 \Device\Harddisk0\DR0 - ok
18:40:25.0455 0x0a38 ================ Scan VBR ==================================
18:40:25.0475 0x0a38 [ 1C4185BEECE1EF06B0FB26070D32C511 ] \Device\Harddisk0\DR0\Partition1
18:40:25.0476 0x0a38 \Device\Harddisk0\DR0\Partition1 - ok
18:40:25.0486 0x0a38 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition2
18:40:25.0486 0x0a38 \Device\Harddisk0\DR0\Partition2 - ok
18:40:25.0495 0x0a38 [ 6BB777D5BC757C0F01C60F8672BDEE93 ] \Device\Harddisk0\DR0\Partition3
18:40:25.0497 0x0a38 \Device\Harddisk0\DR0\Partition3 - ok
18:40:25.0497 0x0a38 ================ Scan generic autorun ======================
18:40:25.0624 0x0a38 [ 20C08CA080F650B730B1E3FDEA9AD532, 1D2B0914412378E0B5834A95BDD86F8927B6A8D37F4E044C904CE381F1C19A75 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
18:40:25.0638 0x0a38 AdobeAAMUpdater-1.0 - ok
18:40:25.0743 0x0a38 [ E445C0DB7E5E89C657FC89C0C4CCEDE5, ABD7A9B36CFD6740CE06456B152D9EB1856C11CD7FB2A34E06D63BAD0639B2A0 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
18:40:25.0817 0x0a38 NvBackend - ok
18:40:25.0839 0x0a38 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
18:40:25.0847 0x0a38 ShadowPlay - ok
18:40:25.0939 0x0a38 [ E127B5D81CE968CD3858AF6BDCADEC7C, AF426B8259E2801679A8E3FAE42B617D0DA1D4E834DF0F7B1FD93AB5E64CBE34 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
18:40:25.0947 0x0a38 Avira SystrayStartTrigger - ok
18:40:26.0002 0x0a38 [ 66598E7BC1960E5E57A646B69671182F, A6B5008742A3E5C506C870CBA27711AF6F25B840E7B869FB33E9C080A4917C76 ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
18:40:26.0020 0x0a38 avgnt - ok
18:40:26.0021 0x0a38 Sidebar - ok
18:40:26.0041 0x0a38 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:40:26.0073 0x0a38 mctadmin - ok
18:40:26.0074 0x0a38 Sidebar - ok
18:40:26.0079 0x0a38 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:40:26.0096 0x0a38 mctadmin - ok
18:40:26.0314 0x0a38 [ 63405C389EB81881D68AEEB0E05F3F7D, BBE8D64C600A6FCA4BF4B89EF39B551DEB8ED826C33FD6FB2C7E2F7D773AB0E2 ] C:\Program Files\CCleaner\CCleaner64.exe
18:40:26.0509 0x0a38 CCleaner Monitoring - ok
18:40:26.0608 0x0a38 [ 562A46474509A0F52C5035727207FD40, 47769A2738B11C2A6D459663249BD9CD79ACF4E1178768F1DF5ADEA11B3079E0 ] c:\users\philip\appdata\local\chromium\application\chrome.exe
18:40:26.0627 0x0a38 Chromium - detected UnsignedFile.Multi.Generic ( 1 )
18:40:26.0936 0x0a38 Chromium ( UnsignedFile.Multi.Generic ) - warning
18:40:26.0936 0x0a38 Force sending object to P2P due to detect: c:\users\philip\appdata\local\chromium\application\chrome.exe
18:40:27.0240 0x0a38 Object send P2P result: true
18:40:27.0386 0x0a38 Waiting for KSN requests completion. In queue: 87
18:40:28.0429 0x0a38 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.20.55 ), 0x41000 ( enabled : updated )
18:40:28.0431 0x0a38 Win FW state via NFP2: enabled ( trusted )
18:40:31.0623 0x0a38 ============================================================
18:40:31.0623 0x0a38 Scan finished
18:40:31.0623 0x0a38 ============================================================
18:40:31.0629 0x1858 Detected object count: 1
18:40:31.0629 0x1858 Actual detected object count: 1
18:40:47.0363 0x1858 Chromium ( UnsignedFile.Multi.Generic ) - skipped by user
18:40:47.0363 0x1858 Chromium ( UnsignedFile.Multi.Generic ) - User select action: Skip
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2016.09.18.03
rootkit: v2016.08.15.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18449
Philip :: PHILIP-PC [administrator]
18.09.2016 16:09:40
mbar-log-2016-09-18 (16-09-40).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 308518
Time elapsed: 16 minute(s), 35 second(s)
Memory Processes Detected: 1
C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe (Trojan.Dropper) -> 2096 -> Delete on reboot. [306be291a0fa82b4ed1a905b758fde22]
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 1
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\rtop (Trojan.Dropper) -> Delete on reboot. [306be291a0fa82b4ed1a905b758fde22]
Registry Values Detected: 2
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES| (Hijack.AutoConfigURL.PrxySvrRST) -> Data: 0hxxp://stoppblock.biz/wpad.dat?6ba80ce219a0b44a6786c68f59bafa6215506628 -> Delete on reboot. [f2a98be827734ceac8dce9ca2adab34d]
HKU\S-1-5-21-4121084442-288992259-759938091-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AutoConfigUrl (Hijack.AutoConfigURL.PrxySvrRST) -> Data: hxxp://stoppblock.biz/wpad.dat?6ba80ce219a0b44a6786c68f59bafa6215506628 -> Delete on reboot. [1e7db9ba7426c670d3d204afc63e7d83]
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe (Trojan.Dropper) -> Delete on reboot. [306be291a0fa82b4ed1a905b758fde22]
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2016.09.18.03
rootkit: v2016.08.15.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18449
Philip :: PHILIP-PC [administrator]
18.09.2016 16:43:11
mbar-log-2016-09-18 (16-43-11).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 307640
Time elapsed: 17 minute(s), 50 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
19.09.2016, 19:30
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win7, Pop-up Probleme bei Chrome Bitte Avira deinstallieren. Das Teil empfehlen wir schon seit Jahren aus mehreren Gründen nicht mehr. Ein Grund ist ne rel. hohe Fehlalarmquote, der zweite Hauptgrund ist, dass die immer noch mit ASK zusammenarbeiten (Avira Suchfunktion geht über ASK). Auch andere Freewareanbieter wie AVG, Avast oder Panda sprangen auf diesen Zug auf; so was ist bei Sicherheitssoftware einfach inakzeptabel. Vgl. Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog Gib Bescheid wenn Avira weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
19.09.2016, 20:26
| #5 |
| | Win7, Pop-up Probleme bei Chrome Avira ist jetzt deinstalliert |
|
20.09.2016, 08:45
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win7, Pop-up Probleme bei Chrome Gut, dann weiter mit JRT Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
__________________ --> Win7, Pop-up Probleme bei Chrome |
|
20.09.2016, 10:40
| #7 |
| | Win7, Pop-up Probleme bei ChromeCode:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 7 Professional x64
Ran by Philip (Administrator) on 20.09.2016 at 11:37:40,82
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 51
Successfully deleted: C:\ProgramData\mntemp (File)
Successfully deleted: C:\Users\Philip\AppData\Local\crashrpt (Folder)
Successfully deleted: C:\Users\Philip\AppData\Local\nico mak computing (Folder)
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1BYNBJ5Z (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\616B2EIR (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6BGKP0DW (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9M01D2CL (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A86MTNDT (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BU32VV8S (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CGQ2LMGA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ET3JX4N4 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HSVOI9R0 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JAUYADBT (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P04HB3ZP (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PPFKTDGC (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QGIZZ65M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QLRTGR8I (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R81DMQY2 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\REGN3XEU (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SWMWG3FQ (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XAK4800V (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y8CJX0S4 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YOK89Q9F (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1BYNBJ5Z (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\616B2EIR (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6BGKP0DW (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9M01D2CL (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A86MTNDT (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BU32VV8S (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CGQ2LMGA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ET3JX4N4 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HSVOI9R0 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JAUYADBT (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P04HB3ZP (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PPFKTDGC (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QGIZZ65M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QLRTGR8I (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R81DMQY2 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\REGN3XEU (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SWMWG3FQ (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XAK4800V (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y8CJX0S4 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YOK89Q9F (Temporary Internet Files Folder)
Registry: 2
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.09.2016 at 11:39:47,03
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
20.09.2016, 10:48
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win7, Pop-up Probleme bei Chrome Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.09.2016, 10:51
| #9 |
| | Win7, Pop-up Probleme bei Chrome FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-09-2016
durchgeführt von Philip (Administrator) auf PHILIP-PC (20-09-2016 11:50:27)
Gestartet von C:\Users\Philip\Downloads\Cleantools und Logs
Geladene Profile: Philip (Verfügbare Profile: Philip)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
() C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
(A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1860120 2016-01-12] (NVIDIA Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-08-22] (Razer Inc.)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-4121084442-288992259-759938091-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8722136 2016-06-01] (Piriform Ltd)
HKU\S-1-5-21-4121084442-288992259-759938091-1000\...\Run: [Chromium] => c:\users\philip\appdata\local\chromium\application\chrome.exe [1068544 2016-03-18] (The Chromium Authors)
HKU\S-1-5-21-4121084442-288992259-759938091-1000\...\MountPoints2: {95d9ec57-4cfd-11e5-b1dc-806e6f6e6963} - D:\LaunchU3.exe -a
HKU\S-1-5-21-4121084442-288992259-759938091-1000\...\MountPoints2: {b8943bd8-7869-11e6-b641-d05099767378} - D:\LaunchU3.exe -a
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{87A8199B-4AD4-4FD9-A2C6-CA68A6A8E5BF}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{B72FD6E1-AAB7-4E1B-AD18-2B2FFB6718F6}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{CBF9AD99-F54B-44A9-A1EC-3046EAC462C3}: [DhcpNameServer] 192.168.2.1 192.168.2.1
ManualProxies:
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-4121084442-288992259-759938091-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4121084442-288992259-759938091-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_71\bin\ssv.dll [2016-01-21] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-21] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Arc\Plugins\ArcPluginIE.dll [2016-06-15] (Perfect World Entertainment Inc)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
FireFox:
========
FF ProfilePath: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\YdSozOTI.default
FF Homepage: Google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-18] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-21] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-18] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-10-28] (DivX, LLC)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Arc\Plugins\npArcPluginFF.dll [2016-06-15] (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-09-12] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
FF Extension: (Firefox Hotfix) - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\YdSozOTI.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-17]
FF Extension: (BetterTTV) - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\YdSozOTI.default\Extensions\firefox@betterttv.net.xpi [2016-09-17]
FF Extension: (Adblock Plus) - C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\YdSozOTI.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-09-17]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-02-19]
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.de/
CHR StartupUrls: Default -> "hxxp://google.de/"
CHR Profile: C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default [2016-09-20]
CHR Extension: (Google Präsentationen) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-11]
CHR Extension: (BetterTTV) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2016-09-11]
CHR Extension: (Google Docs) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-11]
CHR Extension: (Google Drive) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-11]
CHR Extension: (YouTube) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-11]
CHR Extension: (Adblock Plus) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-09-13]
CHR Extension: (Google Tabellen) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-11]
CHR Extension: (Google Docs Offline) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-11]
CHR Extension: (Mists of Pandaria) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgekjpcoanfekfacmkppcjkdlnpmnlac [2016-09-11]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-11]
CHR Extension: (Google Mail) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-11]
CHR Extension: (Chrome Media Router) - C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-14]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2159320 2016-08-22] (Adobe Systems, Incorporated)
S3 ArcService; C:\Program Files (x86)\Arc\ArcService.exe [88024 2016-06-15] (Perfect World Entertainment Inc)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1404936 2016-08-02] ()
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [249104 2016-06-28] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation)
R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2868736 2015-06-11] (Deutsche Telekom AG) [Datei ist nicht signiert]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3520872 2015-09-22] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-08-30] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2016-03-27] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187824 2016-07-20] ()
R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [18432 2016-06-25] () [Datei ist nicht signiert]
R2 RzSurroundVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4255232 2016-02-15] (A-Volute) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
S3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [32768 2014-05-23] (Windows (R) Win 7 DDK provider)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-05-07] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [136312 2016-06-27] (Razer, Inc.)
R3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [40640 2016-02-15] (Windows (R) Win 7 DDK provider)
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 VBAudioVACMME; system32\DRIVERS\vbaudio_cable64_win7.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-09-20 11:42 - 2016-09-20 11:50 - 00000000 ____D C:\Users\Philip\Downloads\Cleantools und Logs
2016-09-18 18:39 - 2016-09-18 18:44 - 00202712 _____ C:\TDSSKiller.3.1.0.11_18.09.2016_18.39.31_log.txt
2016-09-18 17:55 - 2016-09-18 18:01 - 00000000 ____D C:\AdwCleaner
2016-09-18 17:10 - 2016-09-20 11:50 - 00000000 ____D C:\FRST
2016-09-18 16:39 - 2016-09-18 16:39 - 00003288 ____N C:\bootsqm.dat
2016-09-18 16:09 - 2016-09-18 17:01 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-09-18 16:09 - 2016-09-18 16:42 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-09-18 16:09 - 2016-09-18 16:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-18 16:08 - 2016-09-18 16:42 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-09-18 14:06 - 2016-09-18 14:06 - 00000000 ____D C:\Users\Philip\AppData\Local\Macromedia
2016-09-18 13:53 - 2016-09-20 11:48 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-09-18 13:53 - 2016-09-18 13:53 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-09-18 13:53 - 2016-09-18 13:53 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-18 13:53 - 2016-09-18 13:53 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-09-18 13:53 - 2016-09-18 13:53 - 00000000 ____D C:\Windows\system32\Macromed
2016-09-17 20:16 - 2016-09-17 20:24 - 00000000 ____D C:\Users\Philip\AppData\Local\Mozilla
2016-09-17 20:16 - 2016-09-17 20:16 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-09-17 20:16 - 2016-09-17 20:16 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-09-17 20:16 - 2016-09-17 20:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-17 20:15 - 2016-09-17 20:15 - 00242296 _____ C:\Users\Philip\Downloads\Firefox Setup Stub 48.0.2.exe
2016-09-15 23:26 - 2016-09-15 23:26 - 00000674 _____ C:\Users\Philip\Desktop\Star Defender 4.lnk
2016-09-15 23:26 - 2016-09-15 23:26 - 00000000 ____D C:\Users\Philip\AppData\Roaming\Awem
2016-09-15 23:26 - 2016-09-15 23:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameTop.com
2016-09-15 23:25 - 2016-09-15 23:26 - 00000000 ____D C:\Users\Philip\Desktop\Star Defender 4
2016-09-15 23:24 - 2016-09-15 23:25 - 13088376 _____ (GameTop Pte. Ltd. ) C:\Users\Philip\Downloads\Star-Defender4.exe
2016-09-15 11:02 - 2016-05-07 00:50 - 00044144 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpmgrk.sys
2016-09-14 09:22 - 2016-09-02 17:35 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-09-14 09:22 - 2016-09-02 17:21 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-09-14 09:22 - 2016-09-01 21:26 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-09-14 09:22 - 2016-09-01 20:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-09-14 09:22 - 2016-09-01 05:18 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-09-14 09:22 - 2016-09-01 05:08 - 20312064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-09-14 09:22 - 2016-09-01 04:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-09-14 09:22 - 2016-09-01 04:46 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-09-14 09:22 - 2016-09-01 04:46 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-09-14 09:22 - 2016-09-01 04:46 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-09-14 09:22 - 2016-09-01 04:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-09-14 09:22 - 2016-09-01 04:34 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-09-14 09:22 - 2016-09-01 04:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-09-14 09:22 - 2016-09-01 04:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-09-14 09:22 - 2016-09-01 04:26 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-09-14 09:22 - 2016-09-01 04:24 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-09-14 09:22 - 2016-09-01 04:24 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-09-14 09:22 - 2016-09-01 04:23 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-09-14 09:22 - 2016-09-01 04:08 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-09-14 09:22 - 2016-09-01 03:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-09-14 09:22 - 2016-09-01 03:57 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-09-14 09:22 - 2016-09-01 03:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-09-14 09:22 - 2016-09-01 03:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-09-14 09:22 - 2016-09-01 03:48 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-09-14 09:22 - 2016-09-01 03:45 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-09-14 09:22 - 2016-09-01 03:34 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-09-14 09:22 - 2016-09-01 03:30 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-09-14 09:22 - 2016-09-01 03:29 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-09-14 09:22 - 2016-09-01 03:29 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-09-14 09:22 - 2016-09-01 03:27 - 13808128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-09-14 09:22 - 2016-09-01 03:24 - 04607488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-09-14 09:22 - 2016-09-01 02:45 - 25770496 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-09-14 09:22 - 2016-09-01 02:43 - 02445824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-09-14 09:22 - 2016-09-01 02:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-09-14 09:22 - 2016-09-01 02:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-09-14 09:22 - 2016-09-01 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-09-14 09:22 - 2016-09-01 02:38 - 01316352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-09-14 09:22 - 2016-09-01 02:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-09-14 09:22 - 2016-09-01 02:24 - 02894336 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-09-14 09:22 - 2016-09-01 02:24 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-09-14 09:22 - 2016-09-01 02:24 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-09-14 09:22 - 2016-09-01 02:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-09-14 09:22 - 2016-09-01 02:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-09-14 09:22 - 2016-09-01 02:16 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-09-14 09:22 - 2016-09-01 02:15 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-09-14 09:22 - 2016-09-01 02:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-09-14 09:22 - 2016-09-01 02:11 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-09-14 09:22 - 2016-09-01 02:11 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-09-14 09:22 - 2016-09-01 02:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-09-14 09:22 - 2016-09-01 02:10 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-09-14 09:22 - 2016-09-01 02:06 - 06047232 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-09-14 09:22 - 2016-09-01 02:03 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-09-14 09:22 - 2016-09-01 01:59 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-09-14 09:22 - 2016-09-01 01:51 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-09-14 09:22 - 2016-09-01 01:50 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-09-14 09:22 - 2016-09-01 01:47 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-09-14 09:22 - 2016-09-01 01:46 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-09-14 09:22 - 2016-09-01 01:44 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-09-14 09:22 - 2016-09-01 01:42 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-09-14 09:22 - 2016-09-01 01:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-09-14 09:22 - 2016-09-01 01:29 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-09-14 09:22 - 2016-09-01 01:28 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-09-14 09:22 - 2016-09-01 01:27 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-09-14 09:22 - 2016-09-01 01:26 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-09-14 09:22 - 2016-09-01 01:15 - 15411712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-09-14 09:22 - 2016-09-01 01:10 - 02921472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-09-14 09:22 - 2016-09-01 00:58 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-09-14 09:22 - 2016-09-01 00:47 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-09-14 09:22 - 2016-08-12 18:26 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-09-14 09:22 - 2016-08-12 18:26 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-09-14 09:22 - 2016-08-12 18:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-09-14 09:21 - 2016-09-02 17:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-09-14 09:21 - 2016-09-02 17:35 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-09-14 09:21 - 2016-09-02 17:35 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-09-14 09:21 - 2016-09-02 17:35 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-09-14 09:21 - 2016-09-02 17:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-09-14 09:21 - 2016-09-02 17:31 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:21 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-09-14 09:21 - 2016-09-02 17:18 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 17:02 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-09-14 09:21 - 2016-09-02 17:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-09-14 09:21 - 2016-09-02 17:02 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-09-14 09:21 - 2016-09-02 17:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-09-14 09:21 - 2016-09-02 16:58 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-09-14 09:21 - 2016-09-02 16:57 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-09-14 09:21 - 2016-09-02 16:55 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-09-14 09:21 - 2016-09-02 16:54 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-09-14 09:21 - 2016-09-02 16:54 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-09-14 09:21 - 2016-09-02 16:53 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-09-14 09:21 - 2016-09-02 16:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-09-14 09:21 - 2016-09-02 16:53 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-09-14 09:21 - 2016-09-02 16:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-09-14 09:21 - 2016-09-02 16:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-09-14 09:21 - 2016-09-02 16:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-09-14 09:21 - 2016-09-02 16:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-09-14 09:21 - 2016-09-02 16:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-09-14 09:21 - 2016-09-02 16:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 16:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 16:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-09-14 09:21 - 2016-09-02 16:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-09-14 09:21 - 2016-08-16 19:36 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-09-14 09:21 - 2016-08-16 04:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-09-14 09:21 - 2016-08-16 04:35 - 03218432 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-09-14 09:21 - 2016-08-06 17:31 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-09-14 09:21 - 2016-08-06 17:15 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-09-14 09:21 - 2016-07-07 17:36 - 01896168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-09-14 09:21 - 2016-07-07 17:36 - 00377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-09-14 09:21 - 2016-07-07 17:36 - 00287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2016-09-14 09:21 - 2016-07-07 17:08 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2016-09-14 09:21 - 2016-07-01 17:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-09-14 09:21 - 2016-07-01 17:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-09-14 09:21 - 2016-07-01 17:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-09-14 09:21 - 2016-07-01 17:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-09-14 09:21 - 2016-06-06 18:50 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-09-14 09:21 - 2016-06-06 18:50 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-09-14 09:21 - 2016-06-06 18:50 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-09-14 09:21 - 2016-06-06 18:50 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-09-14 09:21 - 2016-06-06 17:23 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-09-14 09:21 - 2016-06-06 17:23 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-09-14 09:21 - 2016-06-06 17:23 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-09-14 09:21 - 2016-06-06 17:23 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-09-13 20:02 - 2016-09-13 20:02 - 30533688 _____ C:\Users\Philip\Downloads\vlc-2.2.4-win32 (1).exe
2016-09-11 23:56 - 2016-09-17 02:09 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-11 23:56 - 2016-09-17 02:09 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-11 23:56 - 2016-09-12 00:14 - 00000000 ____D C:\Users\Philip\AppData\Local\chromium
2016-09-11 23:55 - 2016-09-20 11:35 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-11 23:55 - 2016-09-19 23:06 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-11 23:55 - 2016-09-12 00:01 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-09-11 23:55 - 2016-09-12 00:00 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-09-11 23:54 - 2016-09-18 18:01 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-09-11 15:29 - 2016-09-11 15:29 - 00000000 ____D C:\Users\Philip\AppData\Local\Real
2016-09-11 15:28 - 2016-09-11 15:28 - 00000000 ____D C:\Users\Philip\AppData\Roaming\RealNetworks
2016-09-11 15:28 - 2016-09-11 15:28 - 00000000 ____D C:\ProgramData\RealNetworks
2016-09-11 15:27 - 2016-09-11 15:29 - 00000000 ____D C:\ProgramData\Real
2016-09-11 15:26 - 2016-09-11 15:29 - 00000000 ____D C:\Users\Philip\AppData\Roaming\Real
2016-09-03 12:42 - 2016-01-12 06:40 - 00112032 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-09-03 12:41 - 2015-12-18 08:11 - 00047760 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-09-03 12:41 - 2015-12-18 08:10 - 00090768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-09-02 15:58 - 2016-09-12 18:25 - 00000000 ____D C:\Program Files (x86)\Winamp
2016-09-02 15:39 - 2016-09-02 15:39 - 00000000 ____D C:\Program Files\VB
2016-09-01 13:14 - 2016-09-01 13:14 - 00000000 ____D C:\ProgramData\Webitar Production Inc
2016-08-29 14:34 - 2016-08-29 21:21 - 00000000 ____D C:\Program Files (x86)\ClipboardManager
2016-08-29 14:34 - 2016-08-29 14:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClipboardManager
2016-08-29 12:52 - 2016-08-29 12:52 - 00000000 ____D C:\ProgramData\UniqueId
2016-08-29 12:50 - 2016-09-03 09:55 - 00000000 ____D C:\ProgramData\WinZip
2016-08-27 09:24 - 2015-09-16 08:07 - 00127432 _____ (BigNox Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2016-08-27 09:23 - 2015-09-16 05:29 - 00253384 _____ (BigNox Corporation) C:\Windows\system32\Drivers\XQHDrv.sys
2016-08-27 08:57 - 2016-08-27 08:57 - 00000000 __SHD C:\found.000
2016-08-24 23:03 - 2016-09-01 21:16 - 00000000 ____D C:\Program Files\Unity
2016-08-23 12:28 - 2016-08-28 22:28 - 00000000 ____D C:\Users\Philip\AppData\Roaming\TeamViewer
2016-08-23 11:40 - 2016-08-23 11:40 - 00000000 ____H C:\Users\Philip\Documents\Default.rdp
2016-08-22 21:29 - 2016-08-22 21:29 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-09-20 11:48 - 2016-06-12 11:47 - 00000000 _____ C:\Windows\system32\RzSurroundVADAudioDeviceManager_log.txt
2016-09-20 11:45 - 2009-07-14 06:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-20 11:45 - 2009-07-14 06:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-20 11:35 - 2015-08-28 06:37 - 00000000 ____D C:\Program Files (x86)\Avira
2016-09-20 11:35 - 2015-08-28 06:23 - 00000000 ____D C:\ProgramData\NVIDIA
2016-09-20 11:35 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-19 23:29 - 2015-08-27 23:38 - 00000000 ____D C:\Program Files (x86)\Steam
2016-09-19 21:23 - 2015-08-29 14:58 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-19 21:23 - 2015-08-28 06:37 - 00000000 ____D C:\ProgramData\Avira
2016-09-19 00:58 - 2015-08-28 21:42 - 00000000 ____D C:\Users\Philip\AppData\Local\osu!
2016-09-18 18:01 - 2015-08-27 22:56 - 00000997 _____ C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-09-18 17:12 - 2015-09-07 23:46 - 00000000 ____D C:\Users\Philip\Desktop\Tor Browser
2016-09-18 16:28 - 2015-12-25 09:26 - 00000000 ____D C:\Windows\Minidump
2016-09-18 13:58 - 2015-09-04 11:52 - 00000000 ____D C:\Users\Philip\AppData\Local\Adobe
2016-09-18 13:53 - 2016-04-16 21:07 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-09-17 20:16 - 2015-12-14 19:26 - 00000000 ____D C:\Users\Philip\AppData\Roaming\Mozilla
2016-09-15 22:07 - 2015-08-28 23:01 - 00000000 ____D C:\Users\Philip\AppData\Roaming\TS3Client
2016-09-14 23:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-09-14 22:49 - 2011-04-12 09:43 - 00661538 _____ C:\Windows\system32\perfh007.dat
2016-09-14 22:49 - 2011-04-12 09:43 - 00141550 _____ C:\Windows\system32\perfc007.dat
2016-09-14 22:49 - 2009-07-14 07:13 - 01528932 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-14 22:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-09-14 22:43 - 2009-07-14 06:45 - 00337704 _____ C:\Windows\system32\FNTCACHE.DAT
2016-09-14 22:41 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker
2016-09-14 22:41 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-09-14 20:36 - 2015-08-28 16:34 - 00000000 ____D C:\Windows\system32\MRT
2016-09-14 20:31 - 2015-08-28 16:34 - 144199024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-09-13 20:08 - 2015-09-17 20:39 - 00000000 ____D C:\Users\Philip\AppData\Roaming\vlc
2016-09-12 18:25 - 2016-07-20 15:09 - 00000000 ____D C:\Users\Philip\AppData\Local\Nox
2016-09-12 18:25 - 2015-08-27 22:55 - 00000000 ____D C:\Users\Philip
2016-09-11 23:56 - 2015-08-27 23:03 - 00000000 ____D C:\Program Files (x86)\Google
2016-09-11 23:51 - 2016-06-09 15:33 - 00002794 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-09-11 23:49 - 2016-07-10 10:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2016-09-11 23:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2016-09-06 00:08 - 2016-07-20 15:12 - 00000000 ____D C:\Users\Philip\.android
2016-09-06 00:08 - 2016-07-20 15:11 - 00000000 ____D C:\Users\Philip\vmlogs
2016-09-04 21:04 - 2015-08-30 17:35 - 00000726 _____ C:\Users\Philip\Desktop\Neues Textdokument.txt
2016-09-03 12:42 - 2015-08-28 06:25 - 00000000 ____D C:\Users\Philip\AppData\Local\NVIDIA
2016-09-03 12:42 - 2015-08-28 06:17 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-09-01 13:37 - 2015-11-23 20:39 - 00000000 ____D C:\Users\Philip\Documents\PCSX2
2016-09-01 13:15 - 2016-02-05 21:36 - 00001267 _____ C:\Users\Public\Desktop\Play Euro Truck Simulator 2 Multiplayer.lnk
2016-09-01 13:15 - 2015-11-30 21:59 - 00001177 _____ C:\Users\Public\Desktop\Dragon's Prophet.lnk
2016-08-30 16:04 - 2016-08-20 21:29 - 00000000 ____D C:\Users\Philip\BrawlhallaReplays
2016-08-30 11:54 - 2015-08-28 06:25 - 00000000 ____D C:\ProgramData\Origin
2016-08-30 11:54 - 2015-08-27 22:55 - 00000000 ____D C:\Users\Philip\AppData\Local\VirtualStore
2016-08-30 11:08 - 2015-08-28 06:24 - 00000000 ____D C:\Program Files (x86)\Origin
2016-08-27 09:23 - 2016-07-20 19:04 - 00000000 ____D C:\Users\Philip\Desktop\Nox
2016-08-27 09:23 - 2016-07-20 15:10 - 00000000 ____D C:\Program Files\DIFX
2016-08-25 21:20 - 2016-06-16 11:31 - 00001491 _____ C:\Users\Philip\Desktop\Keys.txt
2016-08-25 16:13 - 2016-03-12 13:24 - 00002166 _____ C:\Users\Philip\Desktop\Discord.lnk
2016-08-25 16:13 - 2016-03-12 13:24 - 00000000 ____D C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2016-08-25 16:13 - 2016-03-12 13:24 - 00000000 ____D C:\Users\Philip\AppData\Roaming\discord
2016-08-25 16:13 - 2016-03-12 13:23 - 00000000 ____D C:\Users\Philip\AppData\Local\Discord
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-08-31 02:43 - 2016-07-05 20:41 - 0007631 _____ () C:\Users\Philip\AppData\Local\Resmon.ResmonCfg
Einige Dateien in TEMP:
====================
C:\Users\Philip\AppData\Local\Temp\avgnt.exe
C:\Users\Philip\AppData\Local\Temp\libeay32.dll
C:\Users\Philip\AppData\Local\Temp\msvcr120.dll
C:\Users\Philip\AppData\Local\Temp\SpotifyUninstall.exe
C:\Users\Philip\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-09-15 00:06
==================== Ende von FRST.txt ============================
Addition Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-09-2016
durchgeführt von Philip (20-09-2016 11:50:55)
Gestartet von C:\Users\Philip\Downloads\Cleantools und Logs
Windows 7 Professional Service Pack 1 (X64) (2015-08-27 20:55:07)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4121084442-288992259-759938091-500 - Administrator - Disabled)
Gast (S-1-5-21-4121084442-288992259-759938091-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4121084442-288992259-759938091-1002 - Limited - Enabled)
Philip (S-1-5-21-4121084442-288992259-759938091-1000 - Administrator - Enabled) => C:\Users\Philip
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7 Days to Die (HKLM\...\Steam App 251570) (Version: - The Fun Pimps)
7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-4121084442-288992259-759938091-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version: - Studio Wildcard)
Arma 3 (HKLM\...\Steam App 107410) (Version: - Bohemia Interactive)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
Assassin's Creed® III (HKLM-x32\...\Steam App 208480) (Version: - Ubisoft Montreal)
Aura Kingdom (HKLM-x32\...\Steam App 268420) (Version: - X-Legend)
Avira Launcher (HKLM-x32\...\{6052a753-acc6-4c02-b5a8-70962ff8e0a4}) (Version: 1.2.69.16114 - Avira Operations GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version: - 2K Australia)
Brawlhalla (HKLM\...\Steam App 291550) (Version: - Blue Mammoth Games)
Call of Duty: Black Ops III (HKLM-x32\...\Steam App 311210) (Version: - Treyarch)
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
Chatango Message Catcher (HKLM-x32\...\Chatango) (Version: - )
Cossacks: Back to War (HKLM\...\Steam App 4850) (Version: - GSC Game World)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Crystals of Time (HKLM\...\Steam App 306410) (Version: - RVL Games)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Deponia: The Complete Journey (HKLM\...\Steam App 292910) (Version: - Daedalic Entertainment)
Discord (HKU\S-1-5-21-4121084442-288992259-759938091-1000\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.1.2 - DivX, LLC)
Echo of Soul (HKLM\...\Steam App 290140) (Version: - Nvius)
Epic Games Launcher (HKLM-x32\...\{C34FBCF4-5365-4136-A434-C4E086C9E649}) (Version: 1.1.55.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
Fairy Fencer F (HKLM\...\Steam App 347830) (Version: - Idea Factory)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Ghost in the Shell Stand Alone Complex First Assault Online (HKLM\...\Steam App 369200) (Version: - Neople)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Java 8 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LibreOffice 5.0.2.2 (HKLM-x32\...\{71508AE2-346A-4E56-AE95-DBB8DE692258}) (Version: 5.0.2.2 - The Document Foundation)
Life is Feudal: Your Own (HKLM\...\Steam App 290080) (Version: - Bitbox Ltd.)
Life Is Strange™ (HKLM\...\Steam App 319630) (Version: - DONTNOD Entertainment)
METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM-x32\...\Steam App 287700) (Version: - Konami Digital Entertainment)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
mIRC (HKLM-x32\...\mIRC) (Version: 7.43 - mIRC Co. Ltd.)
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
NARUTO SHIPPUDEN: Ultimate Ninja STORM 3 Full Burst (HKLM-x32\...\Steam App 234670) (Version: - CyberConnect 2)
NARUTO SHIPPUDEN: Ultimate Ninja STORM Revolution (HKLM-x32\...\Steam App 272510) (Version: - CyberConnect2 Co., Ltd.)
Netzmanager (Version: 1.201 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.82 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.82 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{15eb2f2d-51e3-4d74-861d-6ecb8d67a749}) (Version: latest - ppy Pty Ltd)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version: - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.19 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.822 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Riders of Icarus (HKLM\...\Steam App 442080) (Version: - WeMade)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.8 - Rockstar Games)
S4 League (HKLM-x32\...\S4 League) (Version: - )
Saints Row: The Third (HKLM\...\Steam App 55230) (Version: - Volition)
Sanctum 2 (HKLM-x32\...\Steam App 210770) (Version: - Coffee Stain Studios)
Sauerbraten (HKLM-x32\...\Sauerbraten) (Version: - )
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Star Defender 4 (HKLM-x32\...\Star Defender 4_is1) (Version: 1.0 - GameTop Pte. Ltd.)
Star Wars: The Force Unleashed II (HKLM-x32\...\Steam App 32500) (Version: - Aspyr Studios)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
Tom Clancy's Splinter Cell Blacklist (HKLM-x32\...\Steam App 235600) (Version: - Ubisoft Toronto)
Trove (HKLM-x32\...\Steam App 304050) (Version: - Trion Worlds)
Uplay (HKLM-x32\...\Uplay) (Version: 7.4 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Warface (HKLM\...\Steam App 291480) (Version: - Crytek)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {17937C0B-6587-49B8-95E5-06B766B0A4AB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-01] (Piriform Ltd)
Task: {36CB3D2D-3938-4F3B-8935-151A98F0DB6C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-18] (Adobe Systems Incorporated)
Task: {3D164FAE-063E-4F36-BCDC-F1288127F200} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-11] (Google Inc.)
Task: {71C82F22-CFFF-4034-BF7F-5DC785375BE7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {90EA9818-4ACA-429F-BBF7-6BBF28724254} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-11] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Philip\Desktop\Sauerbraten.lnk -> C:\Program Files (x86)\Sauerbraten\sauerbraten.bat ()
ShortcutWithArgument: C:\Users\Philip\Desktop\Tor Browser\Start Tor Browser.lnk -> C:\Users\Philip\Desktop\Tor Browser\Browser\firefox.exe (Mozilla Corporation) -> "hxxp://tech-connect.biz/?ssid=1472728486&a=1003691&src=sh&uuid=46654931-58a0-45d4-b7d5-736f7c21b767,1472728445683"
ShortcutWithArgument: C:\Users\Public\Desktop\Dragon's Prophet.lnk -> C:\Program Files (x86)\Dragon's Prophet\launcher.exe () -> "hxxp://tech-connect.biz/?ssid=1472728486&a=1003691&src=sh&uuid=46654931-58a0-45d4-b7d5-736f7c21b767,1472728445683"
ShortcutWithArgument: C:\Users\Public\Desktop\Play Euro Truck Simulator 2 Multiplayer.lnk -> C:\Program Files (x86)\Euro Truck Simulator 2 Multiplayer\launcher.exe (ETS2MP Team) -> "hxxp://tech-connect.biz/?ssid=1472728486&a=1003691&src=sh&uuid=46654931-58a0-45d4-b7d5-736f7c21b767,1472728445683"
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-06-01 20:15 - 2016-06-01 20:15 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2016-09-03 12:42 - 2016-01-12 06:43 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-03-27 21:19 - 2016-03-27 21:19 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2016-07-20 02:10 - 2016-07-20 02:11 - 00187824 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-07-24 19:54 - 2016-06-25 08:52 - 00018432 _____ () C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
2015-08-28 06:23 - 2016-01-12 06:43 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-17 02:09 - 2016-09-14 02:38 - 01806152 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libglesv2.dll
2016-09-17 02:09 - 2016-09-14 02:38 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libegl.dll
2015-03-17 02:34 - 2015-03-17 02:34 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\AcroTray.deu
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2016-09-14 22:43 - 00002024 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com
Da befinden sich 4 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4121084442-288992259-759938091-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Synchronizer => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Philip\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Chatango => C:\Program Files (x86)\Chatango\Chatango.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Philip\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Philip\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{1FDFD353-DB95-424E-BD39-D1B3F3C51093}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{EB1882BA-AB47-469E-949C-AEA85B50E1EC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{38812632-1CDF-4714-8530-F439F89DDB46}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{63AD4D90-F7DC-4FA9-B7C0-BEA545F5A186}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{64830CE0-6278-4023-AEC0-F5EFBB732124}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{F1017A8C-F000-42D2-8EDD-7CAA17A0E423}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3AF8D9A9-EFD5-4DD4-9F0A-0EC07DFC3DB9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{46457780-E5CA-4021-81D8-9287C19C5A04}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CBF8DA71-277A-49E4-B044-2B3511972661}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DF69578B-EE38-4362-98ED-C6E57CCE0D4F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2804E1B8-3FAC-4A2B-B4E3-05FEEE6EF4C3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{51898237-2680-4E2C-A0B0-6D4A3D70FE3B}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [{FD622B8D-728F-4EA8-B985-8BEA5F6F4E49}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space 3\deadspace3.exe
FirewallRules: [{6FBFC44D-53A6-48C7-9273-A8944C5960E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{2EDB23A8-30E1-431D-B323-AED07DD0A273}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trove\GlyphClient.exe
FirewallRules: [{1F384DCF-16EC-4C43-BF98-512BF4740D5C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{46BA1C88-D8EC-45B6-BE35-83FE48EA5C73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{4D58504E-0BAC-423F-9B18-EFB06AD6657F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{46CD2CD8-5B0A-467B-BDA4-027588DB02DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{0C40983F-0AB3-41A9-8468-EBF5974975CC}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{08EF928C-C2AB-44CF-9E01-BD0988077B03}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{4AEF111F-6B98-48DB-850D-53422EEB844E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9E22EF4C-B998-4318-8762-574D04631EC2}] => (Block) %ProgramFiles%\TeamSpeak 3 Client\ts3client_win64.exe
FirewallRules: [{5222AA72-1D7A-4693-B7B1-674D18335852}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{B56660D6-446F-4862-8A3B-332287DF6902}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{092834C5-AD37-4F0B-8B3D-FBC6AA774FE1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{9BB8FAE7-2375-4518-9C6F-C558C67C3CE3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe
FirewallRules: [{13149D2F-96E1-4CD5-A5E0-927928D8A963}] => (Block) %USERPROFILE%\Desktop\Tor Browser\Browser\firefox.exe
FirewallRules: [{297DD556-E9E7-4290-8E42-C04DF04F4475}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{64D432DC-CE90-445C-9F9A-50A98E57F6A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{058B55BF-C53C-4AF2-9246-53E3D0FEE76C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst\NS3FB_launcher.exe
FirewallRules: [{A86D820E-1BDC-4A18-9059-8FAAFBE83A4E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\NARUTO SHIPPUDEN Ultimate Ninja STORM 3 Full Burst\NS3FB_launcher.exe
FirewallRules: [{B1034079-DB64-45D0-BFD3-BF2A41389460}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{9923AE53-9398-40EB-8A3A-75E51699DAA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{DA6066D9-65B4-42B7-BAE8-63F79ACD1F01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{29F175BC-0902-4EC2-A1FD-411F189F42EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [TCP Query User{F7BC919B-983C-4E8E-9C6A-949EC462DE45}C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [UDP Query User{1EFC927B-F015-4BC9-93B0-BFC28B1D7D63}C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe
FirewallRules: [{0271708C-CD43-4261-A31B-B8C62DB47864}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sanctum2\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{C1C6486E-85DD-472A-99D6-DDC0DF7C15B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sanctum2\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{3C917DBB-0F72-464C-B9F8-E6DA706F84FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed 3\AC3SP.exe
FirewallRules: [{DDB64B8D-F563-4579-A742-95ED72FA8935}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed 3\AC3SP.exe
FirewallRules: [{37448111-DE2F-4381-ADA9-A3C3E0FE94CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Splinter Cell Blacklist\Blacklist_Launcher.exe
FirewallRules: [{6650B79B-5444-4516-9181-D67BEC1F8133}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Splinter Cell Blacklist\Blacklist_Launcher.exe
FirewallRules: [{39BB52BF-5799-4359-9966-001972D2A099}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{FACD69A7-E1AB-456E-B123-1CB0394A1023}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{CDFD58E3-EA29-4455-93A2-5E33F23CC069}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{FD73FD7A-7ADF-4229-AA9D-648046E83090}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{BBB45A82-8728-42EF-853F-0D7A628A8EAF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\gu.exe
FirewallRules: [{08DD4417-CBC0-4147-AE09-867CEB793A62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\gu.exe
FirewallRules: [{B74D0C64-41C0-4484-8582-49D074DD0AEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{16748C60-8A6B-45B5-86F6-38F16737F739}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{9DD8C337-D365-4CF0-AFFB-C4A2D7B09E22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{0C043B48-6B70-4585-BC04-88402EEBDC07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{FD66B1C9-ACF9-43A6-A1CB-D402D4E121B1}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{155C090C-9933-4F3C-8151-A711569DA30A}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{0F27AAE6-8B32-4C12-8CF2-50B0AB0F81D4}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [{38432C91-9C82-4C56-888C-B425FBC8F2C3}] => (Allow) C:\Program Files (x86)\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [TCP Query User{C1D7AB77-B398-4A75-B4FE-4DABDB899AF1}C:\program files (x86)\dragon's prophet\launcher.exe] => (Allow) C:\program files (x86)\dragon's prophet\launcher.exe
FirewallRules: [UDP Query User{B2338360-B006-4876-9CB7-0CB0DBEEF69E}C:\program files (x86)\dragon's prophet\launcher.exe] => (Allow) C:\program files (x86)\dragon's prophet\launcher.exe
FirewallRules: [TCP Query User{C30A60F7-8B0A-4733-A506-7C546EAF2724}C:\program files (x86)\dragon's prophet\dp_x64.exe] => (Allow) C:\program files (x86)\dragon's prophet\dp_x64.exe
FirewallRules: [UDP Query User{664D32F4-272A-4F04-A7DC-4B93127850DB}C:\program files (x86)\dragon's prophet\dp_x64.exe] => (Allow) C:\program files (x86)\dragon's prophet\dp_x64.exe
FirewallRules: [{3CB58306-E6E1-42B9-A54A-DE9C14C6AC0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{B5DF0070-13D1-4C98-BAB8-72430B1821A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [TCP Query User{E253C01D-20E4-4D4A-BC5C-212021361F87}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [UDP Query User{49EB3DC4-487B-4DDE-B452-448324977598}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [{0E26DC39-AA1A-4500-87A2-ED5B4D22E708}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{D53BEEEA-43F3-48E1-A4AF-D1F0CD71EC72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{959C5A7F-4650-4053-A8B0-87D638BA8F54}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{D63A9C68-F8B5-47A2-9B95-4879F8415371}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{53C5812B-C3B7-4CB1-84C7-4F3FDA8FA81C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Wars The Force Unleashed 2\SWTFU2.exe
FirewallRules: [{C6175968-2326-45AD-A00F-607E73116DAD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Wars The Force Unleashed 2\SWTFU2.exe
FirewallRules: [TCP Query User{D480B061-EEEF-42AF-971B-215F96C61BD0}C:\users\philip\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\philip\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{43E0CD6F-D012-48B9-A872-878C21E7A1A5}C:\users\philip\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\philip\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{E53283B4-9283-4232-B698-060DEE66535B}C:\users\philip\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\philip\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{7BE66241-3457-43F4-A115-882A0C49251C}C:\users\philip\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\philip\appdata\local\akamai\netsession_win.exe
FirewallRules: [{B10BE1A0-7233-4C30-91C2-E0509FDC1176}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{DC052E56-F66F-41E5-96B3-4FAB3CE27F0D}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [TCP Query User{B849702B-6943-4A9C-BBB5-89AE278B77E2}C:\program files (x86)\dragon's prophet\launcher.exe] => (Allow) C:\program files (x86)\dragon's prophet\launcher.exe
FirewallRules: [UDP Query User{69831827-B222-4171-BC3B-02D35102C8EC}C:\program files (x86)\dragon's prophet\launcher.exe] => (Allow) C:\program files (x86)\dragon's prophet\launcher.exe
FirewallRules: [TCP Query User{1A960530-0255-4529-B6A2-38E0917F52CA}C:\users\philip\desktop\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\philip\desktop\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{EC653305-BA56-400C-B826-7FCEB205BE33}C:\users\philip\desktop\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\philip\desktop\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{D153DA44-AED3-4FAA-9315-6D2EF6A729F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aura Kingdom\Launcher.exe
FirewallRules: [{548D119A-4A78-46B7-B551-FEDA664C1088}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aura Kingdom\Launcher.exe
FirewallRules: [{60463A6F-5D8D-40AE-AB6F-7CEDF778E310}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aura Kingdom\game.bin
FirewallRules: [{5617CE86-9C74-406F-9499-A774F4A163B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Aura Kingdom\game.bin
FirewallRules: [{24BBD3EB-E6C2-4DDC-9068-8D25BF7A1D32}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Echo of Soul\EOSLauncher.exe
FirewallRules: [{771B3473-B565-4DC3-885F-D6CD9188206A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Echo of Soul\EOSLauncher.exe
FirewallRules: [{50DA3916-B928-432C-B67A-B84349C6C46D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deponia The Complete Journey\deponia.exe
FirewallRules: [{330C87CD-47EA-42DB-8394-FEE2D096EA1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deponia The Complete Journey\deponia.exe
FirewallRules: [{6E22B5BC-3D25-4D42-84C5-891917FA340B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deponia The Complete Journey\VisionaireConfigurationTool.exe
FirewallRules: [{8F16713B-7AAC-4830-BD6B-A4788CE7A1DB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deponia The Complete Journey\VisionaireConfigurationTool.exe
FirewallRules: [{275D274B-16F8-4150-B82E-7AFE3044FAD1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed 3\AC3MP.exe
FirewallRules: [{A2D58140-8FEB-4BBD-8BDB-7588E797DEA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Assassin's Creed 3\AC3MP.exe
FirewallRules: [{45BB9186-2699-45CD-893B-BB8B497B99BF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3ECB58C9-691E-4ED5-8949-A659391D4404}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A3BD4008-8F17-4064-85CF-9B433A0BFD8F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{8456E756-099A-4791-B073-7FA5C0E59B51}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{1083B8C8-BA93-4ED9-999F-907AB98F6BD0}C:\program files\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\javaw.exe
FirewallRules: [UDP Query User{7B9FE7AE-AF7F-485E-B477-4BE13DCCBFA6}C:\program files\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\javaw.exe
FirewallRules: [TCP Query User{14E6410F-0C62-45D2-974E-CAF229AD3A34}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{992FB12E-5132-4BA9-9672-2ED7B6BA9428}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{7F696382-6BD1-4439-9B72-70D42C6FA7DB}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{1EA5DAC5-2AE0-4AFB-AC1D-4352614E92E3}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{490E1FF4-50D6-48EB-A25C-6131B40C2FCD}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{1D4AFD8B-1441-4F08-B70D-38F34DEA94B0}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{2D26D25F-83CF-4ABF-86E9-3BB04347ECE5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{384CA9E3-4DBE-4AD0-8639-143B377827E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{D0488983-66B6-4052-8FD5-885078CE26DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{73F7A57C-62BE-4569-BDEF-D4B5E46E60C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{92E7FB37-47B0-4C9C-8583-CC434B80C6C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{7DA7C2AA-14FE-4E89-930B-F906B8E2C1E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{EC3B2F4E-2379-4A33-B9AC-68CB7D30A0BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crystals of Time\Crystals of Time.exe
FirewallRules: [{D0364108-4134-4818-AD56-EB33BFECBF1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crystals of Time\Crystals of Time.exe
FirewallRules: [{ABF69EF0-EA0F-48F9-95E3-CA5FD2BCF4EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{12EBA18D-8AF1-495F-83B0-E1072534BC3B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe
FirewallRules: [{CF5BFCA0-4ED9-42D4-AE16-5D4A6BE2A046}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\csbtw.exe
FirewallRules: [{07064308-7E0B-41DD-AB98-C950E310A56F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\csbtw.exe
FirewallRules: [{DECFF5AE-B59B-48DE-8613-5BC637392645}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\HView.exe
FirewallRules: [{37C5E968-1654-4C8E-935F-2002AA2245F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\HView.exe
FirewallRules: [{83DC5781-9982-4BEA-B624-0DF580E58F40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\ScenarioEditor.exe
FirewallRules: [{031FCDBF-22BE-4297-B1C3-AADA265DD723}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\ScenarioEditor.exe
FirewallRules: [{C466B301-2373-43C3-9F4C-AD41D5AA2C72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\cshlp.exe
FirewallRules: [{5A647387-1AB8-4065-83FD-86DE2D39C366}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\cshlp.exe
FirewallRules: [{89F930C7-3F59-447A-A61C-F1D2550372E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{F9DADF7D-D962-4B4D-8FA2-F3FAE02FCD7B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{35B3915F-333E-4210-8A38-C4751C09081A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life is Feudal Your Own\yo_cm_client.exe
FirewallRules: [{8566A02C-FDA3-4DF9-BFE6-1E40FE8F1316}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life is Feudal Your Own\yo_cm_client.exe
FirewallRules: [{4E26DFBA-5D32-44C7-9503-908DFB9B2452}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\firstassault\Shipping\GAME.exe
FirewallRules: [{C18243DE-0AD3-44F0-BCBD-B80D4B9EDFDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\firstassault\Shipping\GAME.exe
FirewallRules: [TCP Query User{983BBAE4-F68D-4BA5-9F8B-8CE8C1812CF5}C:\program files (x86)\neverwinter_de\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\neverwinter_de\neverwinter\live\gameclient.exe
FirewallRules: [UDP Query User{BB650065-1A41-4BC7-9A34-AEF38B6606BF}C:\program files (x86)\neverwinter_de\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\neverwinter_de\neverwinter\live\gameclient.exe
FirewallRules: [{91073044-DCE5-4622-94C9-879C23F017C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fairy Fencer F\FairyFencer.exe
FirewallRules: [{3F50690D-B5D0-47A1-87F0-DE5F9D958D64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fairy Fencer F\FairyFencer.exe
FirewallRules: [{FC7A729A-4D3F-4172-9FBC-169726F4B1F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{745B987A-736A-4076-B434-F10404F0E4C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{B6C5C0F6-EEBF-41B3-97FE-2EE05006020F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{A860739D-2D99-4BA3-BA4B-E5DBD8544850}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{08EAD17A-C8F1-4798-A830-8E96DED99B15}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{A2034420-0281-43F9-A373-E20EA192FE90}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{3F2B3038-57C9-4C89-B394-CBAC2D7709BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{B1A3DE32-7C31-48DA-85F3-E1153DE3E4FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{A412A5A9-FE31-4045-8598-450A4325A235}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{F0193371-06B8-439D-B2AA-58D14957F260}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{3112B373-708E-4763-9F4C-4D7422967D24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\dmcr.exe
FirewallRules: [{8E4B95C5-455D-4A89-8EA6-FD285B99AAA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cossacks Back to War\bin\dmcr.exe
FirewallRules: [{5C94A499-E44D-4961-BB6D-F53EE7A611AA}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{E64FAC19-35FF-4FB6-8F40-EBB3CECFA021}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{C1672358-8461-4805-98F2-9B47F3D3EEDD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Riders of Icarus\Bin32\nxsteam.exe
FirewallRules: [{5B5B245A-374E-4BC9-842D-3829224875E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Riders of Icarus\Bin32\nxsteam.exe
FirewallRules: [TCP Query User{0CD3041E-3DDF-4082-A029-032908831161}C:\program files (x86)\steam\steamapps\common\riders of icarus\bin32\launcher32.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\riders of icarus\bin32\launcher32.exe
FirewallRules: [UDP Query User{75178641-3017-4414-89F6-0E84755E082D}C:\program files (x86)\steam\steamapps\common\riders of icarus\bin32\launcher32.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\riders of icarus\bin32\launcher32.exe
FirewallRules: [TCP Query User{98EDC6B9-9EB7-4501-91A7-C6EDEAB94CDA}C:\program files (x86)\steam\steamapps\common\riders of icarus\bin64\launcher.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\riders of icarus\bin64\launcher.exe
FirewallRules: [UDP Query User{A1E979F8-9097-4AF7-9459-2745D215331C}C:\program files (x86)\steam\steamapps\common\riders of icarus\bin64\launcher.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\riders of icarus\bin64\launcher.exe
FirewallRules: [{D15278CA-DD5B-44F8-8F7C-417279107A0F}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{F5B10DF9-9E2B-4BD5-81E3-F5E363FA0F35}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{6DC1F1E3-40D0-40BA-B83E-19A0C04582FB}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
FirewallRules: [{90FFB6C1-7126-4290-ACCD-C6E8343AE034}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
FirewallRules: [TCP Query User{C62204E2-9099-4D79-B9F9-E3DF89B59840}C:\users\philip\desktop\cheat engine\cheat engine 6.5.1\cheatengine-x86_64.exe] => (Block) C:\users\philip\desktop\cheat engine\cheat engine 6.5.1\cheatengine-x86_64.exe
FirewallRules: [UDP Query User{0E9975A0-C91F-499D-9649-8F1F5FB767CB}C:\users\philip\desktop\cheat engine\cheat engine 6.5.1\cheatengine-x86_64.exe] => (Block) C:\users\philip\desktop\cheat engine\cheat engine 6.5.1\cheatengine-x86_64.exe
FirewallRules: [{426A4A15-26C8-4B35-B493-166ED8E4BA53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{67D0D46A-7DCF-42CD-A98F-CFBEAA151E2D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{866B115F-E66B-4337-9E59-795F7F879025}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{A82EC7E6-7F53-4ECE-AE00-67E4F3E93679}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [TCP Query User{06B197DA-27F1-4DBE-AA3E-2A5467988AD8}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{DFFD2C83-1261-4E38-93BB-7BD961EB25FE}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{2755F3AD-8713-47E9-8BED-16F68E1D9E8D}] => (Allow) C:\Users\Philip\Desktop\Nox\Nox\bin\Nox.exe
FirewallRules: [TCP Query User{13487E11-94CA-474E-9DBE-325B2E0B7ED4}C:\users\philip\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\philip\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{DC589DCA-5085-4450-9E40-5EE7AE571125}C:\users\philip\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\philip\appdata\roaming\spotify\spotify.exe
FirewallRules: [{3B22D71D-6120-487A-BE78-2AED19395886}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{C75FC7E7-B01F-49F2-8EAB-A422AA918652}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{D4CC247C-F13A-4A99-BECA-6957B4CC9DCF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{6480F938-5D6F-4D3B-9D20-FE23D914DF77}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{2D4E94A4-6A57-4294-8812-F43626BCC733}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BE0F92E8-52D2-425F-B4DF-8FDE7E9C4250}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B2B7E2E3-4656-4616-A75A-E259214BF05D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B4AE2C42-C816-42D8-93A1-B8DEE2A9FEC0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{C200283D-D233-49C4-A1B4-0846B3A05FBE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\nw.exe
FirewallRules: [{32BBEFF2-C75D-4132-8321-0C9B360A49FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\firstassault\Shipping\nxsteam.exe
FirewallRules: [{14FE985E-C4C7-4CCA-9A19-8AF96EEAC3E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\firstassault\Shipping\nxsteam.exe
==================== Wiederherstellungspunkte =========================
18-09-2016 16:26:29 Malwarebytes Anti-Rootkit Restore Point
20-09-2016 11:37:45 JRT Pre-Junkware Removal
20-09-2016 11:41:27 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/20/2016 11:37:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (09/20/2016 11:35:58 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Users\Philip\AppData\Local\chromium\Application\chrome.exe".
Die abhängige Assemblierung "51.0.2683.0,language="*",type="win32",version="51.0.2683.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (09/19/2016 04:37:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (09/19/2016 04:35:59 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Users\Philip\AppData\Local\chromium\Application\chrome.exe".
Die abhängige Assemblierung "51.0.2683.0,language="*",type="win32",version="51.0.2683.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (09/18/2016 06:03:11 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Users\Philip\AppData\Local\chromium\Application\chrome.exe".
Die abhängige Assemblierung "51.0.2683.0,language="*",type="win32",version="51.0.2683.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (09/18/2016 06:03:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (09/18/2016 04:41:00 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Users\Philip\AppData\Local\chromium\Application\chrome.exe".
Die abhängige Assemblierung "51.0.2683.0,language="*",type="win32",version="51.0.2683.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (09/18/2016 04:40:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (09/18/2016 04:29:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (09/14/2016 10:44:36 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Users\Philip\AppData\Local\chromium\Application\chrome.exe".
Die abhängige Assemblierung "51.0.2683.0,language="*",type="win32",version="51.0.2683.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Systemfehler:
=============
Error: (09/20/2016 11:38:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/20/2016 11:36:10 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (09/19/2016 04:37:26 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (09/18/2016 06:03:07 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom
Error: (09/18/2016 06:01:30 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (09/18/2016 06:01:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/18/2016 06:01:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/18/2016 06:00:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/18/2016 06:00:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "RzSurroundVADStreamingService" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/18/2016 06:00:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "RemoteMouseService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3-4160 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 25%
Installierter physikalischer RAM: 8143.27 MB
Verfügbarer physikalischer RAM: 6057.48 MB
Summe virtueller Speicher: 16284.71 MB
Verfügbarer virtueller Speicher: 14006.05 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:1862.79 GB) (Free:1031.69 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
20.09.2016, 12:21
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win7, Pop-up Probleme bei Chrome FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.09.2016, 12:58
| #11 |
| | Win7, Pop-up Probleme bei ChromeCode:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-09-2016
durchgeführt von Philip (20-09-2016 13:50:54) Run:1
Gestartet von C:\Users\Philip\Downloads\Cleantools und Logs
Geladene Profile: Philip (Verfügbare Profile: Philip)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
emptytemp:
*****************
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10149569 B
Java, Flash, Steam htmlcache => 410209250 B
Windows/system/drivers => 3559019 B
Edge => 0 B
Chrome => 740465979 B
Firefox => 377241961 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 83620 B
systemprofile32 => 548034 B
LocalService => 66228 B
NetworkService => 66228 B
Philip => 48577552 B
RecycleBin => 0 B
EmptyTemp: => 1.5 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 13:51:01 ====
|
|
20.09.2016, 13:02
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win7, Pop-up Probleme bei Chrome Okay, dann Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte: 1. Schritt: MBAM Downloade Dir bitte  Malwarebytes Anti-Malware
2. Schritt: ESET ESET Online Scanner
3. Schritt: SecurityCheck Downloade Dir bitte  SecurityCheck und:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.09.2016, 17:52
| #13 |
| | Win7, Pop-up Probleme bei Chrome mbam Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 20.09.2016 Suchlaufzeit: 14:11 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.09.20.05 Rootkit-Datenbank: v2016.08.15.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Philip Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 303069 Abgelaufene Zeit: 6 Min., 33 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=0493a6bc0165eb4f993590d30c814c96
# end=init
# utc_time=2016-09-20 12:36:49
# local_time=2016-09-20 02:36:49 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 30811
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=0493a6bc0165eb4f993590d30c814c96
# end=updated
# utc_time=2016-09-20 12:40:41
# local_time=2016-09-20 02:40:41 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=0493a6bc0165eb4f993590d30c814c96
# engine=30811
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-09-20 02:48:15
# local_time=2016-09-20 04:48:15 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 18392 226012745 0 0
# scanned=593242
# found=0
# cleaned=0
# scan_time=7653
Code:
ATTFilter Results of screen317's Security Check version 1.009 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Java version 32-bit out of Date! Adobe Flash Player 23.0.0.162 Mozilla Firefox (48.0.2) Google Chrome (53.0.2785.101) Google Chrome (53.0.2785.116) Google Chrome (SetupMetrics...) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Malwarebytes Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` |
|
20.09.2016, 20:09
| #14 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Win7, Pop-up Probleme bei ChromeZitat:
Flash Player: Was Adobe mit seinem Flash Player veranstaltet, ist irgendwo zwischen Frechheit und Inkompetenz einzustufen; in dem Teil werden ständig neue dicke Sicherheitslücken gefunden - für YT reicht meistens HTML5 aus, das ist der Standardplayer wenn der Flash Player inaktiv oder nicht installiert ist; für spezielle Browsergames kann es aber sein, dass du den Flash Player brauchst. Nutze Flash so sparsam wie möglich und wenn dann immer aktuell halten!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.09.2016, 20:37
| #15 |
| | Win7, Pop-up Probleme bei Chrome Deinstalliert. |
|
| Themen zu Win7, Pop-up Probleme bei Chrome |
| adobe, antivirus, avira, chromium, defender, desktop, euro, explorer, firefox, flash player, google, helper, homepage, mozilla, netstat, neustart, problem gelöst, prozesse, registry, scan, secur, services.exe, software, svchost.exe, system, udp, uplay, windows |
Linear-Darstellung
