Seitenladefehler über bestimmten Zeitraum

crtys · 20.10.2016, 14:56

Hallo Trojaner-Board,
seit neustem habe ich das Problem, dass mein Browser Chrome bestimmte Internetseiten nach Start des Computers nicht aufruft. Seiten wie z.B Facebook, Google und YouTube werden problemlos aufgerufen und laufen wie gewohnt. Ebenfalls kann sich Steam nicht mit dem Internet verbinden.
Ich habe dieses Problem die ersten 5-10min nach Start des Computers, danach läuft alles einwandfrei. Die Verbindung mit dem Internet ist vorhanden. Ich freue mich auf eine baldige Hilfe.

Gruß
crtys

M-K-D-B · 20.10.2016, 15:11

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

crtys · 20.10.2016, 15:32

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 17-10-2016
durchgeführt von Alexander (Administrator) auf ALEXANDER-PC (20-10-2016 16:30:22)
Gestartet von C:\Users\Alexander\Downloads
Geladene Profile: Alexander (Verfügbare Profile: Alexander)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM GmbH) C:\Program Files (x86)\FRITZ!Powerline\PowerlineService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel) C:\Program Files (x86)\Common Files\Intel\Schedule2\schedul2.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel) C:\Program Files (x86)\Common Files\Intel\Schedule2\schedhlp.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
(Valve Corporation) D:\Steam\Steam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Valve Corporation) D:\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Spotify Ltd) C:\Users\Alexander\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Razer USA Ltd) C:\Program Files (x86)\Razer\BlackWidow\BlackWidowTray.exe
() C:\Program Files (x86)\Intel\DataMigrationSoftware\DataMigrationSoftwareMonitor.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\OEM\USBDECTION\USBS3S4Detection.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn Inc.) D:\Programme (x99)\x64\hamachi-2.exe
(LogMeIn, Inc.) D:\Programme (x99)\x64\LMIGuardianSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TeamSpeak Systems GmbH) C:\Users\Alexander\AppData\Local\TeamSpeak 3 Client\ts3client_win32.exe
(Google Inc.) C:\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11580520 2010-11-11] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [Intel Scheduler2 Service] => C:\Program Files (x86)\Common Files\Intel\Schedule2\schedhlp.exe [362792 2010-11-19] (Intel)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2465088 2014-11-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [2800296 2014-11-17] (NVIDIA Corporation)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340336 2010-09-28] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-09-18] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-09-18] (Egis Technology Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [38872 2012-07-31] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [620136 2011-01-19] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ApnUpdater] => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
HKLM-x32\...\Run: [Razer Blackwidow Driver] => C:\Program Files (x86)\Razer\BlackWidow\BlackwidowTray.exe [887696 2011-05-16] (Razer USA Ltd)
HKLM-x32\...\Run: [DataMigrationSoftwareMonitor.exe] => C:\Program Files (x86)\Intel\DataMigrationSoftware\DataMigrationSoftwareMonitor.exe [2639552 2010-11-19] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-04-22] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [917584 2016-10-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-08-19] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\...\Run: [[REGKEY]] => "C:\Users\Alexander\AppData\Roaming\[FILENAME].exe"
HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\...\Run: [] => C:\ [0 ] ()
HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [231424 2012-04-05] ()
HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\...\Run: [Steam] => D:\Steam\steam.exe [2860832 2016-10-13] (Valve Corporation)
HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\...\Run: [Spotify Web Helper] => C:\Users\Alexander\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1529456 2016-10-03] (Spotify Ltd)
HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\...\MountPoints2: {3388a92b-a354-11e1-b837-3860775e8b90} - E:\Intuix_Launcher.exe
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
SSODL-x32: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files (x86)\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Alexander\AppData\Local\MEGAsync\ShellExtX64.dll Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Alexander\AppData\Local\MEGAsync\ShellExtX64.dll Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Alexander\AppData\Local\MEGAsync\ShellExtX64.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Alexander\AppData\Local\MEGAsync\ShellExtX32.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Alexander\AppData\Local\MEGAsync\ShellExtX32.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Alexander\AppData\Local\MEGAsync\ShellExtX32.dll Keine Datei

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{082B2073-A999-47A3-B4E7-3CFFCEDBB46F}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{599FAC72-ABD7-4441-89AA-D3E8ED2487E5}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbroKbinxx1-MdIH8F1JqckJx9mqy90E4qCOfPk6NizsuQuVs5Ef0Il8z4-gs0i0YYlLOl5sf-mMwqEc86a-Z2544Od5LZRljF1zpwp9jwbhUB1zwXZsn65exCNMmBKeGfIzAd5IJ04LJ_dkzh46hdLxBDNCnN-PfXA9IgeTX1otw,,
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbroKbinxx1-MdIH8F1JqckJx9mqy90E4qCOfPk6NizsuQuVs5Ef0Il8z4-gs0i0YYlLOl5sf-mMwqEc86a-Z2544Od5LZRljF1zpwp9jwbhUB1zwXZsn65exCNPqpGVVFj9_0HjfwLmI5s5Icl0opj8LrM1MpvZSOwXDZPCEFdDA,,&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbroKbinxx1-MdIH8F1JqckJx9mqy90E4qCOfPk6NizsuQuVs5Ef0Il8z4-gs0i0YYlLOl5sf-mMwqEc86a-Z2544Od5LZRljF1zpwp9jwbhUB1zwXZsn65exCNPqpGVVFj9_0HjfwLmI5s5Icl0opj8LrM1MpvZSOwXDZPCEFdDA,,&q={searchTerms}
HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbroKbinxx1-MdIH8F1JqckJx9mqy90E4qCOfPk6NizsuQuVs5Ef0Il8z4-gs0i0YYlLOl5sf-mMwqEc86a-Z2544Od5LZRljF1zpwp9jwbhUB1zwXZsn65exCNMmBKeGfIzAd5IJ04LJ_dkzh46hdLxBDNCnN-PfXA9IgeTX1otw,,
HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbroKbinxx1-MdIH8F1JqckJx9mqy90E4qCOfPk6NizsuQuVs5Ef0Il8z4-gs0i0YYlLOl5sf-mMwqEc86a-Z2544Od5LZRljF1zpwp9jwbhUB1zwXZsn65exCNPqpGVVFj9_0HjfwLmI5s5Icl0opj8LrM1MpvZSOwXDZPCEFdDA,,&q={searchTerms}
HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbroKbinxx1-MdIH8F1JqckJx9mqy90E4qCOfPk6NizsuQuVs5Ef0Il8z4-gs0i0YYlLOl5sf-mMwqEc86a-Z2544Od5LZRljF1zpwp9jwbhUB1zwXZsn65exCNPqpGVVFj9_0HjfwLmI5s5Icl0opj8LrM1MpvZSOwXDZPCEFdDA,,&q={searchTerms}
URLSearchHook: HKLM-x32 - (Kein Name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - Keine Datei
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbroKbinxx1-MdIH8F1JqckJx9mqy90E4qCOfPk6NizsuQuVs5Ef0Il8z4-gs0i0YYlLOl5sf-mMwqEc86a-Z2544Od5LZRljF1zpwp9jwbhUB1zwXZsn65exCNPqpGVVFj9_0HjfwLmI5s5Icl0opj8LrM1MpvZSOwXDZPCEFdDA,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000 -> ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbroKbinxx1-MdIH8F1JqckJx9mqy90E4qCOfPk6NizsuQuVs5Ef0Il8z4-gs0i0YYlLOl5sf-mMwqEc86a-Z2544Od5LZRljF1zpwp9jwbhUB1zwXZsn65exCNPqpGVVFj9_0HjfwLmI5s5Icl0opj8LrM1MpvZSOwXDZPCEFdDA,,&q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-04-06] (Oracle Corporation)
BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll => Keine Datei
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-30] (Adobe Systems Incorporated)
BHO-x32: Babylon toolbar helper -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\bh\BabylonToolbar.dll => Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-25] (Oracle Corporation)
BHO-x32: Kein Name -> {872b5b88-9db5-4310-bdd0-ac189557e5f5} -> Keine Datei
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2011-05-13] (Microsoft Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll => Keine Datei
BHO-x32: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll => Keine Datei
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-25] (Oracle Corporation)
BHO-x32: SMTTB2009 Class -> {FCBCCB87-9224-4B8D-B117-F56D924BEB18} -> C:\Program Files (x86)\CheatEngine DB Toolbar Toolbar\tbcore3.dll => Keine Datei
Toolbar: HKLM - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll Keine Datei
Toolbar: HKLM-x32 - CheatEngine DB Toolbar Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files (x86)\CheatEngine DB Toolbar Toolbar\tbcore3.dll Keine Datei
Toolbar: HKLM-x32 - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000 -> Kein Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  Keine Datei
Toolbar: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000 -> Kein Name - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} -  Keine Datei
Toolbar: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000 -> Kein Name - {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} -  Keine Datei
Toolbar: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000 -> Kein Name - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} -  Keine Datei
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default [2015-10-29]
FF NewTab: Mozilla\Firefox\Profiles\oxdi5dia.default -> hxxp://search.babylon.com/?affID=113480&tt=3312_2&babsrc=NT_ss&mntrId=b08305a70000000000003860775e8b90
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\oxdi5dia.default -> Search the web (Babylon)
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\oxdi5dia.default -> hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\oxdi5dia.default -> Search the web (Babylon)
FF Homepage: Mozilla\Firefox\Profiles\oxdi5dia.default -> hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=30594faf-35f8-4df7-8fc1-a4ab2190240a&searchtype=hp
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\oxdi5dia.default -> Web Search
FF Keyword.URL: Mozilla\Firefox\Profiles\oxdi5dia.default -> hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=30594faf-35f8-4df7-8fc1-a4ab2190240a&searchtype=ds&q=
FF Extension: (Kein Name) - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\extensions\ich@maltegoetz.de [nicht gefunden]
FF SearchPlugin: C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\searchplugins\conduit.xml [2012-06-16]
FF SearchPlugin: C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\searchplugins\MyStart Search.xml [2012-04-12]
FF SearchPlugin: C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\searchplugins\Web Search.xml [2012-10-14]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_185.dll [2016-10-11] ()
FF Plugin: @java.com/DTPlugin,version=10.2.1 -> C:\Windows\system32\npDeployJava1.dll [2012-04-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-04-06] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-10-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-25] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [2013-11-21] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-09-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2012-09-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-11-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-11-11] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2012-07-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3003065676-2518410820-2162268670-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Alexander\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3003065676-2518410820-2162268670-1000: @talk.google.com/O1DPlugin -> C:\Users\Alexander\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3003065676-2518410820-2162268670-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Alexander\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-3003065676-2518410820-2162268670-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Alexander\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Alexander\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Alexander\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)

Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://www.google.de/","hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=30594faf-35f8-4df7-8fc1-a4ab2190240a&searchtype=hp&installDate=01/01/1970","hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=30594faf-35f8-4df7-8fc1-a4ab2190240a&searchtype=hp&installDate={installDate}","hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=30594faf-35f8-4df7-8fc1-a4ab2190240a&searchtype=hp&installDate=01/01/1970","hxxp://www.delta-search.com/?affID=121562&babsrc=HP_ss&mntrId=B08300FF4E9D6B47","hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=30594faf-35f8-4df7-8fc1-a4ab2190240a&searchtype=hp&installDate="
CHR Plugin: (Shockwave Flash) - C:\Users\Alexander\AppData\Local\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Users\Alexander\AppData\Local\Google\Chrome\Application\53.0.2785.143\gcswf32.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Users\Alexander\AppData\Local\Google\Chrome\Application\53.0.2785.143\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Alexander\AppData\Local\Google\Chrome\Application\53.0.2785.143\pdf.dll => Keine Datei
CHR Plugin: (Babylon ToolBar) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\BabylonChromeToolBar.dll => Keine Datei
CHR Plugin: (Wajam) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Talk Plugin) - C:\Users\Alexander\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Alexander\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll => Keine Datei
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL => Keine Datei
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL => Keine Datei
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll => Keine Datei
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U3) - C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.30.255) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll => Keine Datei
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Facebook Desktop) - C:\Users\Alexander\AppData\Local\Facebook\Messenger\2.1.4590.0\npFbDesktopPlugin.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Users\Alexander\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (iTunes Application Detector) - D:\Programme (x99)\iTunes\Mozilla Plugins\npitunes.dll => Keine Datei
CHR Profile: C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default [2016-10-20]
CHR Extension: (Snap.Do ) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl [2013-11-06]
CHR Extension: (AdBlock) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-10-10]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (Mein Chrome-Design) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2015-08-26]
CHR Extension: (Chrome Media Router) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-22]
CHR HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [amfclgbdpgndipgoegfpkkgobahigbcl] - C:\Users\Alexander\AppData\Local\Smartbar/Application\1Extension.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <kein Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx <nicht gefunden>
StartMenuInternet: Google Chrome.653N5RDONOFFB7P4LY2BNY2ID4 - C:\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1086040 2016-10-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [475232 2016-10-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [475232 2016-10-05] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [324304 2016-08-19] (Avira Operations GmbH & Co. KG)
R2 AVMPowerlineService; C:\Program Files (x86)\FRITZ!Powerline\PowerlineService.exe [139264 2014-05-21] (AVM GmbH) [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1404936 2016-08-01] ()
S3 celavimushost; D:\CSGO Client Beta\CelavimusClientHelper.exe [124120 2015-08-14] (altPUG LLC)
S3 CGVPNCliSrvc; C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2438696 2012-04-26] (mobile concepts GmbH)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-11-17] (NVIDIA Corporation)
R2 Hamachi2Svc; D:\Programme (x99)\x64\hamachi-2.exe [2621448 2016-09-13] (LogMeIn Inc.)
R2 IntSch2Svc; C:\Program Files (x86)\Common Files\Intel\Schedule2\schedul2.exe [1165200 2010-11-19] (Intel)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5124464 2012-12-16] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-11-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19821376 2014-11-17] (NVIDIA Corporation)
S3 Origin Client Service; D:\Programme (x99)\Origin\OriginClientService.exe [2130440 2016-09-11] (Electronic Arts)
S2 Origin Web Helper Service; D:\Programme (x99)\Origin\OriginWebHelperService.exe [2195984 2016-09-11] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-03-20] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6940944 2016-02-16] (TeamViewer GmbH)
R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC)
R2 USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [76320 2009-12-09] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 AntiVirWebService; "C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE" [X]
S2 NOBU; "C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [177432 2016-10-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [145536 2016-10-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-16] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ESEADriver2; C:\Users\Alexander\AppData\Local\Temp\ESEADriver2.sys [316768 2016-01-12] ()
S3 ESLvnic1; C:\Windows\System32\DRIVERS\ESLvnic.sys [25528 2012-01-24] (Turtle Entertainment GmbH)
S3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [62168 2010-09-29] (Logitech)
S3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [377176 2010-09-29] (Logitech)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20800 2014-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
R3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [154624 2011-05-12] (Razer USA Ltd)
R3 SAlphamHid; C:\Windows\System32\DRIVERS\SAlpham64.sys [34944 2011-09-16] (SteelSeries Corporation)
R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] ()
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 WPS; \??\C:\Windows\system32\drivers\wpsdrvnt.sys [X]
S3 WpsHelper; \??\C:\Windows\system32\drivers\WpsHelper.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-20 16:30 - 2016-10-20 16:30 - 00035117 _____ C:\Users\Alexander\Downloads\FRST.txt
2016-10-20 16:29 - 2016-10-20 16:30 - 00000000 ____D C:\FRST
2016-10-20 16:29 - 2016-10-20 16:29 - 02407424 _____ (Farbar) C:\Users\Alexander\Downloads\FRST64.exe
2016-10-20 13:28 - 2016-10-20 13:28 - 00000588 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2016-10-20 13:28 - 2016-10-20 13:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-10-20 13:27 - 2016-10-20 13:27 - 01474568 _____ C:\Users\Alexander\Downloads\Revo Uninstaller - CHIP-Installer.exe
2016-10-12 13:00 - 2016-09-30 22:13 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-10-12 13:00 - 2016-09-30 21:28 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-10-12 13:00 - 2016-09-30 17:37 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-10-12 13:00 - 2016-09-30 17:20 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-10-12 13:00 - 2016-09-30 17:20 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-10-12 13:00 - 2016-09-30 09:55 - 25765376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-10-12 13:00 - 2016-09-30 08:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-10-12 13:00 - 2016-09-30 08:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-10-12 13:00 - 2016-09-30 08:26 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-10-12 13:00 - 2016-09-30 08:25 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-10-12 13:00 - 2016-09-30 08:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-10-12 13:00 - 2016-09-30 08:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-10-12 13:00 - 2016-09-30 08:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-10-12 13:00 - 2016-09-30 08:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-10-12 13:00 - 2016-09-30 08:18 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-10-12 13:00 - 2016-09-30 08:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-10-12 13:00 - 2016-09-30 08:14 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-10-12 13:00 - 2016-09-30 08:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-10-12 13:00 - 2016-09-30 08:13 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-10-12 13:00 - 2016-09-30 08:12 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-10-12 13:00 - 2016-09-30 08:12 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-10-12 13:00 - 2016-09-30 08:09 - 06048256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-10-12 13:00 - 2016-09-30 08:05 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-10-12 13:00 - 2016-09-30 08:02 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-10-12 13:00 - 2016-09-30 07:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-10-12 13:00 - 2016-09-30 07:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-10-12 13:00 - 2016-09-30 07:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-10-12 13:00 - 2016-09-30 07:51 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-10-12 13:00 - 2016-09-30 07:50 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-10-12 13:00 - 2016-09-30 07:47 - 20306944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-10-12 13:00 - 2016-09-30 07:47 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-10-12 13:00 - 2016-09-30 07:46 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-10-12 13:00 - 2016-09-30 07:42 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-10-12 13:00 - 2016-09-30 07:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-10-12 13:00 - 2016-09-30 07:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-10-12 13:00 - 2016-09-30 07:42 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-10-12 13:00 - 2016-09-30 07:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-10-12 13:00 - 2016-09-30 07:38 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-10-12 13:00 - 2016-09-30 07:36 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-10-12 13:00 - 2016-09-30 07:35 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-10-12 13:00 - 2016-09-30 07:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-10-12 13:00 - 2016-09-30 07:33 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-10-12 13:00 - 2016-09-30 07:33 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-10-12 13:00 - 2016-09-30 07:32 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-10-12 13:00 - 2016-09-30 07:32 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-10-12 13:00 - 2016-09-30 07:32 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-10-12 13:00 - 2016-09-30 07:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-10-12 13:00 - 2016-09-30 07:31 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-10-12 13:00 - 2016-09-30 07:31 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-10-12 13:00 - 2016-09-30 07:24 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-10-12 13:00 - 2016-09-30 07:21 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-10-12 13:00 - 2016-09-30 07:19 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-10-12 13:00 - 2016-09-30 07:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-10-12 13:00 - 2016-09-30 07:17 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-10-12 13:00 - 2016-09-30 07:17 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-10-12 13:00 - 2016-09-30 07:15 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-10-12 13:00 - 2016-09-30 07:14 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-10-12 13:00 - 2016-09-30 07:13 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-10-12 13:00 - 2016-09-30 07:12 - 04608512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-10-12 13:00 - 2016-09-30 07:07 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-10-12 13:00 - 2016-09-30 07:05 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-10-12 13:00 - 2016-09-30 07:05 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-10-12 13:00 - 2016-09-30 07:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-10-12 13:00 - 2016-09-30 07:05 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-10-12 13:00 - 2016-09-30 07:03 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-10-12 13:00 - 2016-09-30 06:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-10-12 13:00 - 2016-09-30 06:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-10-12 13:00 - 2016-09-30 06:43 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-10-12 13:00 - 2016-09-30 06:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-10-12 13:00 - 2016-09-15 17:30 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-10-12 13:00 - 2016-09-15 17:30 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-10-12 13:00 - 2016-09-15 17:15 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-10-12 13:00 - 2016-09-15 17:15 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-10-12 13:00 - 2016-09-12 23:13 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-10-12 13:00 - 2016-09-12 23:13 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-10-12 13:00 - 2016-09-12 23:08 - 01465344 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-10-12 13:00 - 2016-09-12 23:08 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-10-12 13:00 - 2016-09-12 23:08 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-10-12 13:00 - 2016-09-12 23:08 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-10-12 13:00 - 2016-09-12 23:08 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-10-12 13:00 - 2016-09-12 23:08 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-10-12 13:00 - 2016-09-12 23:08 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-10-12 13:00 - 2016-09-12 23:08 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-10-12 13:00 - 2016-09-12 23:08 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-10-12 13:00 - 2016-09-12 23:08 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-10-12 13:00 - 2016-09-12 23:08 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-10-12 13:00 - 2016-09-12 23:08 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-10-12 13:00 - 2016-09-12 23:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-10-12 13:00 - 2016-09-12 23:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-10-12 13:00 - 2016-09-12 23:08 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-10-12 13:00 - 2016-09-12 23:08 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-10-12 13:00 - 2016-09-12 23:08 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-10-12 13:00 - 2016-09-12 23:08 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-10-12 13:00 - 2016-09-12 23:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-10-12 13:00 - 2016-09-12 22:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-10-12 13:00 - 2016-09-12 22:49 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-10-12 13:00 - 2016-09-12 22:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-10-12 13:00 - 2016-09-12 22:49 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-10-12 13:00 - 2016-09-12 22:49 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-10-12 13:00 - 2016-09-12 22:49 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-10-12 13:00 - 2016-09-12 22:49 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-10-12 13:00 - 2016-09-12 22:49 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-10-12 13:00 - 2016-09-12 22:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-10-12 13:00 - 2016-09-12 22:49 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-10-12 13:00 - 2016-09-12 22:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-10-12 13:00 - 2016-09-12 22:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-10-12 13:00 - 2016-09-12 22:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-10-12 13:00 - 2016-09-12 22:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-10-12 13:00 - 2016-09-12 22:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-10-12 13:00 - 2016-09-12 22:49 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-10-12 13:00 - 2016-09-12 22:39 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-10-12 13:00 - 2016-09-12 22:37 - 03218944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-10-12 13:00 - 2016-09-12 22:32 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-10-12 13:00 - 2016-09-12 22:32 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-10-12 13:00 - 2016-09-12 22:32 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-10-12 13:00 - 2016-09-12 22:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-10-12 13:00 - 2016-09-12 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-10-12 13:00 - 2016-09-12 22:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-10-12 13:00 - 2016-09-12 21:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-10-12 13:00 - 2016-09-12 20:43 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-10-12 13:00 - 2016-09-12 20:43 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-10-12 13:00 - 2016-09-10 18:19 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-10-12 13:00 - 2016-09-10 17:53 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-10-12 13:00 - 2016-09-09 20:29 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-10-12 13:00 - 2016-09-09 20:26 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-10-12 13:00 - 2016-09-09 20:23 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:01 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-10-12 13:00 - 2016-09-09 20:00 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-10-12 13:00 - 2016-09-09 20:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-10-12 13:00 - 2016-09-09 20:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-10-12 13:00 - 2016-09-09 20:00 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:51 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-10-12 13:00 - 2016-09-09 19:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-10-12 13:00 - 2016-09-09 19:51 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-10-12 13:00 - 2016-09-09 19:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-10-12 13:00 - 2016-09-09 19:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-10-12 13:00 - 2016-09-09 19:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-10-12 13:00 - 2016-09-09 19:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-10-12 13:00 - 2016-09-09 19:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-10-12 13:00 - 2016-09-09 19:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-10-12 13:00 - 2016-09-09 19:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-10-12 13:00 - 2016-09-09 19:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-10-12 13:00 - 2016-09-08 22:34 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-10-12 13:00 - 2016-09-08 22:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-10-12 13:00 - 2016-09-08 22:34 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-10-12 13:00 - 2016-09-08 22:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-10-12 13:00 - 2016-09-08 16:55 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-10-12 13:00 - 2016-09-08 16:55 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-10-12 13:00 - 2016-08-12 19:02 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-10-12 13:00 - 2016-08-12 19:02 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-10-12 13:00 - 2016-08-12 19:02 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-10-12 13:00 - 2016-08-12 19:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-10-12 13:00 - 2016-08-12 19:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-10-12 13:00 - 2016-08-12 18:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-10-12 13:00 - 2016-08-12 18:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-10-12 13:00 - 2016-08-12 18:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-10-12 13:00 - 2016-08-12 18:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-10-12 13:00 - 2016-08-12 18:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-10-12 13:00 - 2016-08-12 18:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-10-12 13:00 - 2016-08-06 17:31 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-10-12 13:00 - 2016-08-06 17:31 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2016-10-12 13:00 - 2016-08-06 17:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-10-12 13:00 - 2016-08-06 17:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-10-12 13:00 - 2016-08-06 17:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2016-10-12 13:00 - 2016-08-06 17:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2016-10-12 13:00 - 2016-08-06 17:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-10-12 13:00 - 2016-08-06 17:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2016-10-12 13:00 - 2016-08-06 17:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-10-12 13:00 - 2016-08-06 17:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-10-12 13:00 - 2016-08-06 17:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2016-10-12 13:00 - 2016-08-06 17:01 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-10-12 13:00 - 2016-08-06 17:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2016-10-12 13:00 - 2016-08-06 16:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2016-10-12 13:00 - 2016-08-06 16:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2016-10-12 13:00 - 2016-08-06 16:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2016-10-12 13:00 - 2016-06-14 19:21 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-10-12 13:00 - 2016-06-14 19:16 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-10-12 13:00 - 2016-06-14 19:11 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2016-10-12 13:00 - 2016-06-14 17:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-10-12 13:00 - 2016-06-14 17:15 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-10-12 13:00 - 2016-06-14 17:15 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-10-12 13:00 - 2016-06-14 17:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-10-12 13:00 - 2016-06-14 17:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-10-12 13:00 - 2016-06-14 17:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-10-12 13:00 - 2016-06-14 17:00 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2016-10-12 13:00 - 2016-06-14 17:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2016-10-12 12:59 - 2016-09-12 23:17 - 00077032 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-10-12 12:59 - 2016-09-12 23:08 - 01226752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-10-12 12:59 - 2016-09-09 17:54 - 01629184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-10-12 12:59 - 2016-09-09 17:54 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-10-12 12:59 - 2016-09-09 17:54 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-10-12 12:59 - 2016-09-09 17:54 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-10-12 12:59 - 2016-09-09 17:54 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-10-12 12:59 - 2016-09-09 17:54 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-10-12 12:59 - 2016-09-09 17:54 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-10-12 12:59 - 2016-08-29 17:31 - 14183424 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-10-12 12:59 - 2016-08-29 17:31 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-10-12 12:59 - 2016-08-29 17:31 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-10-12 12:59 - 2016-08-29 17:12 - 12880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-10-12 12:59 - 2016-08-29 17:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-10-12 12:59 - 2016-08-29 17:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-10-12 12:59 - 2016-08-29 17:04 - 03229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-10-12 12:59 - 2016-08-29 16:55 - 02972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-10-12 12:59 - 2016-08-16 22:40 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2016-10-12 12:59 - 2016-08-16 22:40 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2016-10-12 12:59 - 2016-08-16 22:40 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2016-10-12 12:59 - 2016-08-16 22:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-10-12 12:59 - 2016-08-16 22:40 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2016-10-12 12:59 - 2016-08-16 22:40 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2016-10-12 12:59 - 2016-08-16 22:40 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2016-10-12 12:59 - 2016-07-22 16:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-10-12 12:59 - 2016-07-22 16:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-10-10 22:57 - 2016-10-10 22:57 - 00000590 _____ C:\Users\Public\Desktop\Mz RAM Booster.lnk
2016-10-10 22:57 - 2016-10-10 22:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mz Ultimate Tools
2016-10-10 22:56 - 2016-10-10 22:56 - 01474568 _____ C:\Users\Alexander\Downloads\Mz RAM Booster - CHIP-Installer.exe
2016-10-10 22:24 - 2016-10-10 22:25 - 00000000 ____D C:\Users\Alexander\Desktop\Fix it
2016-10-10 22:23 - 2016-10-10 22:24 - 15549025 _____ C:\Users\Alexander\Downloads\Microsoft_Fix-it-Paket.zip
2016-10-10 22:19 - 2016-10-10 22:19 - 00000025 _____ C:\Users\Alexander\Desktop\skript.vbs
2016-10-10 19:28 - 2016-10-10 19:28 - 00000000 ____D C:\Windows\Symbols
2016-10-10 19:06 - 2016-10-10 19:06 - 00000000 ____D C:\Crash
2016-10-10 19:02 - 2016-10-10 19:05 - 00000000 ____D C:\Users\Alexander\AppData\LocalLow\Daybreak Game Company
2016-10-10 19:02 - 2016-10-10 19:02 - 00000000 ____D C:\Users\Alexander\AppData\Local\SCE
2016-10-10 19:02 - 2016-10-10 19:02 - 00000000 ____D C:\Users\Alexander\AppData\Local\Daybreak Game Company
2016-10-10 15:57 - 2016-10-10 15:57 - 00000202 _____ C:\Users\Alexander\Desktop\H1Z1 King of the Kill.url
2016-10-10 07:56 - 2016-10-10 07:56 - 00000000 ____D C:\Users\Alexander\Documents\mods
2016-10-10 07:55 - 2016-10-10 07:55 - 00000000 ____D C:\Users\Alexander\Documents\ArmA 2 Other Profiles
2016-10-10 07:55 - 2016-10-10 07:55 - 00000000 ____D C:\Users\Alexander\Documents\ArmA 2
2016-10-10 07:54 - 2016-10-10 07:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DZLauncher
2016-10-10 07:53 - 2016-10-10 07:54 - 13927528 _____ (Maca134 ) C:\Users\Alexander\Downloads\setup_dzlauncher.exe
2016-10-10 05:34 - 2016-10-10 05:34 - 02932736 _____ C:\Users\Alexander\Downloads\Dotjosh.DayZCommander.Installer.msi
2016-10-09 15:14 - 2016-10-09 15:14 - 00000000 ____D C:\Users\Alexander\Desktop\runtime
2016-10-09 15:12 - 2016-10-13 01:52 - 00001093 _____ C:\Users\Alexander\Desktop\nativelog.txt
2016-10-09 15:12 - 2016-10-09 15:15 - 00000000 ____D C:\Users\Alexander\Desktop\game
2016-10-05 13:42 - 2016-10-05 13:42 - 00031720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avusbflt.sys
2016-10-05 13:42 - 2016-10-05 13:42 - 00002180 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Knuddels.lnk
2016-10-05 13:42 - 2016-10-05 13:42 - 00002124 _____ C:\Users\Alexander\Desktop\Knuddels.lnk
2016-10-05 13:40 - 2016-10-06 11:24 - 00000000 ____D C:\Users\Alexander\Knuddels-Stapp
2016-10-05 13:40 - 2016-10-05 13:40 - 01994832 _____ C:\Users\Alexander\Downloads\KnuddelsSetup.WI4AY3V.exe
2016-09-24 16:35 - 2016-09-24 16:37 - 65436582 _____ C:\Users\Alexander\Downloads\61e1cd4c-bedd-4b6e-9bcb-676a090232d6.dem.gz
2016-09-21 13:32 - 2016-08-05 17:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-09-21 13:32 - 2016-08-05 17:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-09-20 22:36 - 2016-09-20 22:37 - 00000000 ____D C:\Users\Alexander\AppData\Local\{E52056D3-4414-458E-920C-93D02098D5F6}

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-20 16:17 - 2011-12-25 01:53 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\TS3Client
2016-10-20 16:04 - 2012-08-23 16:17 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3003065676-2518410820-2162268670-1000UA.job
2016-10-20 15:55 - 2012-10-29 13:22 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-20 15:46 - 2012-03-31 12:12 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-20 13:36 - 2012-05-16 17:34 - 00000000 ____D C:\Users\Alexander\AppData\Local\LogMeIn Hamachi
2016-10-20 13:27 - 2009-07-14 06:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-20 13:27 - 2009-07-14 06:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-20 13:25 - 2011-09-21 08:15 - 00702980 _____ C:\Windows\system32\perfh007.dat
2016-10-20 13:25 - 2011-09-21 08:15 - 00150620 _____ C:\Windows\system32\perfc007.dat
2016-10-20 13:25 - 2009-07-14 07:13 - 01629508 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-20 13:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-10-20 13:19 - 2011-12-24 23:27 - 00000000 ____D C:\ProgramData\clear.fi
2016-10-20 13:18 - 2013-10-03 16:09 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-10-20 13:18 - 2012-10-29 13:22 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-20 13:18 - 2011-09-23 13:34 - 00000000 ____D C:\ProgramData\NVIDIA
2016-10-20 13:18 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-19 23:04 - 2012-08-23 16:17 - 00001084 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3003065676-2518410820-2162268670-1000Core.job
2016-10-15 21:25 - 2012-08-30 23:27 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\Spotify
2016-10-15 13:20 - 2012-08-30 23:28 - 00000000 ____D C:\Users\Alexander\AppData\Local\Spotify
2016-10-12 22:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-10-12 20:04 - 2011-12-29 15:49 - 00000000 ____D C:\Users\Alexander\AppData\Local\ElevatedDiagnostics
2016-10-12 17:34 - 2016-08-18 13:20 - 00000000 ____D C:\Windows\rescache
2016-10-12 16:57 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-10-12 16:56 - 2009-07-14 06:45 - 04994848 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-12 16:55 - 2014-12-12 14:33 - 00000000 ____D C:\Windows\system32\appraiser
2016-10-12 16:55 - 2014-05-06 22:09 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-10-12 16:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-10-12 16:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Dism
2016-10-12 14:43 - 2013-08-14 15:45 - 00000000 ____D C:\Windows\system32\MRT
2016-10-12 14:37 - 2013-03-13 18:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-10-12 14:37 - 2012-01-07 10:58 - 143495576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-10-12 14:36 - 2013-03-13 18:21 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-12 14:36 - 2013-03-13 18:21 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-10-11 22:46 - 2012-03-31 12:12 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-10-11 22:46 - 2012-03-31 12:12 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-10-11 22:46 - 2012-01-03 01:31 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-11 22:46 - 2012-01-03 01:31 - 00000000 ____D C:\Windows\system32\Macromed
2016-10-11 22:46 - 2011-03-16 15:49 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-10-10 22:26 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\Downloaded Program Files
2016-10-10 21:40 - 2012-10-06 13:02 - 00000000 ____D C:\ProgramData\Origin
2016-10-10 21:40 - 2011-12-24 20:40 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\Skype
2016-10-10 19:02 - 2013-11-06 17:01 - 00000000 ____D C:\ProgramData\Package Cache
2016-10-05 13:42 - 2013-08-05 22:29 - 00177432 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2016-10-05 13:42 - 2013-08-05 22:29 - 00145536 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-10-05 13:42 - 2013-08-05 22:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-10-05 13:40 - 2011-12-24 20:31 - 00000000 ____D C:\Users\Alexander
2016-10-01 15:06 - 2012-08-29 13:52 - 00002396 _____ C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-24 11:05 - 2012-10-06 13:04 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\Origin

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-02-19 14:09 - 2012-07-03 16:41 - 0168864 _____ () C:\Program Files\Common Files\WireHelpSvc.exe
2012-02-22 21:10 - 2012-02-22 21:10 - 0003584 _____ () C:\Users\Alexander\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-09-23 14:07 - 2011-09-23 14:09 - 0014802 _____ () C:\ProgramData\ArcadeDeluxe5.log
2011-03-16 15:08 - 2010-03-02 23:59 - 0131984 _____ () C:\ProgramData\FullRemove.exe

Einige Dateien in TEMP:
====================
C:\Users\Alexander\AppData\Local\Temp\4c0dbd791b8647ba9e70b8dd39a82ff4Delay.exe
C:\Users\Alexander\AppData\Local\Temp\833bb724e3044ac386c2df6bfa6c00b1Delay.exe
C:\Users\Alexander\AppData\Local\Temp\AskSLib.dll
C:\Users\Alexander\AppData\Local\Temp\avgnt.exe
C:\Users\Alexander\AppData\Local\Temp\BetterInstaller.exe
C:\Users\Alexander\AppData\Local\Temp\CheatEngine62Clean.exe
C:\Users\Alexander\AppData\Local\Temp\conduitinstaller.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.12.0.7335-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.12.1.7342-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.12.1.7351-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.13.0.7366-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.13.0.7376-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.14.0.7387-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.14.1.7394-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.14.2.7403-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.15.0.7430-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.15.1.7442-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.15.2.7446-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.15.3.7454-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.15.4.7479-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.16.0.7619-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.16.0.7631-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.16.0.7636-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.17.0.7639-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.17.1.7657-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.17.2.7687-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.17.3.7769-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.17.3.7977-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.17.3.8001-x64.exe
C:\Users\Alexander\AppData\Local\Temp\ffunzip.exe
C:\Users\Alexander\AppData\Local\Temp\IminentSetup.exe
C:\Users\Alexander\AppData\Local\Temp\jansi-32-git-Bukkit-1.4.7-R1.0-b2624jnks.dll
C:\Users\Alexander\AppData\Local\Temp\jansi-64-106548609565982174.dll
C:\Users\Alexander\AppData\Local\Temp\jansi-64-2429374730397241312.dll
C:\Users\Alexander\AppData\Local\Temp\jansi-64-3343832147921101711.dll
C:\Users\Alexander\AppData\Local\Temp\jansi-64-4549616038957866713.dll
C:\Users\Alexander\AppData\Local\Temp\jansi-64-git-Bukkit-1.4.7-R1.0-b2624jnks.dll
C:\Users\Alexander\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\Alexander\AppData\Local\Temp\jre-7u3-windows-i586-iftw.exe
C:\Users\Alexander\AppData\Local\Temp\jre-7u6-windows-i586-iftw.exe
C:\Users\Alexander\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Alexander\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Alexander\AppData\Local\Temp\libyuv.dll
C:\Users\Alexander\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Alexander\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Alexander\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Alexander\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Alexander\AppData\Local\Temp\nvStereoApiI64.dll
C:\Users\Alexander\AppData\Local\Temp\nvStInst.exe
C:\Users\Alexander\AppData\Local\Temp\OptimizerPro.exe
C:\Users\Alexander\AppData\Local\Temp\opus.dll
C:\Users\Alexander\AppData\Local\Temp\opusJNI.dll
C:\Users\Alexander\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Alexander\AppData\Local\Temp\somoto-master.exe
C:\Users\Alexander\AppData\Local\Temp\sonarinst.exe
C:\Users\Alexander\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Alexander\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\Alexander\AppData\Local\Temp\tbHots.dll
C:\Users\Alexander\AppData\Local\Temp\tmp_minecraft.exe
C:\Users\Alexander\AppData\Local\Temp\vpx.dll
C:\Users\Alexander\AppData\Local\Temp\vpxJNI.dll
C:\Users\Alexander\AppData\Local\Temp\wajam_install.exe
C:\Users\Alexander\AppData\Local\Temp\Winject.exe
C:\Users\Alexander\AppData\Local\Temp\x2blapi.dll
C:\Users\Alexander\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-10-15 00:48

==================== Ende von FRST.txt ============================

--- --- ---

crtys · 20.10.2016, 15:33

FRST Additions Logfile:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-10-2016
durchgeführt von Alexander (20-10-2016 16:30:54)
Gestartet von C:\Users\Alexander\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2011-12-24 18:31:11)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3003065676-2518410820-2162268670-500 - Administrator - Disabled)
Alexander (S-1-5-21-3003065676-2518410820-2162268670-1000 - Administrator - Enabled) => C:\Users\Alexander
Gast (S-1-5-21-3003065676-2518410820-2162268670-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

1912 Titanic Mystery (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117897550}) (Version:  - Oberon Media)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3002 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{C97623E2-0614-4845-B199-8E8BEC8E131C}_is1) (Version: 6.1.0.40497 - Oberon Media, Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0825.2010 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3005 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.185 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Reader 9.5.2 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.2 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.14.1.0 - Ask.com) <==== ACHTUNG
Ask Toolbar Updater (HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.0.20007 - Ask.com) <==== ACHTUNG
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.22.54 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{82dc2ab6-088f-4e0a-8e27-bb829481d3bc}) (Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty: Ghosts - Multiplayer (HKLM-x32\...\Steam App 209170) (Version:  - )
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
CEVO CS:GO Client Beta version 1.0 (HKLM-x32\...\CEVO CS:GO Client Beta_is1) (Version: 1.0 - )
CheatEngine DB Toolbar Toolbar (HKLM-x32\...\CheatEngine DB Toolbar Toolbar) (Version:  - )
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.1720.15 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.1720.15 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.7713 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3009 - Acer Incorporated)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Complément Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Complemento Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Control ActiveX del Windows Live Mesh per a connexions remotes (HKLM-x32\...\{76C064E2-BB99-4453-8FDA-42BC01AD0734}) (Version: 15.4.5722.2 - Microsoft Corporation)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controle ActiveX do Windows Live Mesh para Conexões Remotas (HKLM-x32\...\{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Counter-Strike: Global Offensive - SDK (HKLM-x32\...\Steam App 745) (Version:  - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\{9580813D-94B1-4C28-9426-A441E2BB29A5}) (Version: 1.0.0.0 - Valve)
CPUID HWMonitor 1.19 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Craften Terminal 4.2.1 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 4.2.1 - Craften.de)
CyberGhost VPN (HKLM\...\CyberGhost VPN_is1) (Version:  - CyberGhost S.R.L.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Delta Chrome Toolbar (HKLM-x32\...\Delta Chrome Toolbar) (Version:  - Visual Tools) <==== ACHTUNG
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Doplnok programu Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
DVDVideoSoftTB Toolbar (HKLM-x32\...\DVDVideoSoftTB Toolbar) (Version: 6.9.0.16 - DVDVideoSoftTB)
DZLauncher version 0.1.4.2 (HKLM-x32\...\{1E299AE2-74C8-4CD8-6B17-A86E0ED3C4D2}_is1) (Version: 0.1.4.2 - Maca134)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
ESEA Client (HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\...\ESEA) (Version: 5.0.0.0 - E-Sports Entertainment LLC)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Farm Frenzy 3 Ice Age (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118399487}) (Version:  - Oberon Media)
Flip Words (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110109903}) (Version:  - Oberon Media)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free M4a to MP3 Converter 7.0 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
FRITZ!Powerline (HKLM-x32\...\{F9C9378B-78D5-4CC0-8683-B7915DFEA9C5}) (Version: 01.00.65 - AVM Berlin)
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version:  - Oberon Media)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version:  - Daybreak Game Company)
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3014 - Acer Incorporated)
IconPackager (HKLM-x32\...\IconPackager) (Version:  - Stardock Corporation)
IconPackager (x32 Version: 5.00 - Stardock Corporation) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3006 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Intel® Data Migration Software powered by Acronis (HKLM-x32\...\{BFFC2681-5F7C-45BC-981A-277A29332678}) (Version: 13.0.14134 - Intel)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java 7 Update 9 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.90 - Oracle)
Java(TM) 6 Update 29 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416029FF}) (Version: 6.0.290 - Oracle)
Java(TM) 6 Update 29 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216029FF}) (Version: 6.0.290 - Oracle)
Java(TM) 7 Update 3 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417003FF}) (Version: 7.0.30 - Oracle)
Java(TM) SE Development Kit 7 Update 2 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170020}) (Version: 1.7.0.20 - Oracle)
JavaFX 2.0.2 SDK (HKLM-x32\...\{2222706F-666A-4037-7777-202328764D10}) (Version: 2.0.2 - Oracle Corporation)
JavaFX 2.0.3 (HKLM-x32\...\{1111706F-666A-4037-7777-203328764D10}) (Version: 2.0.3 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 8.1.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.1.0 - )
Knuddels Standalone App (HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\...\Knuddels App ) (Version: "2015.12.6.0" - "Knuddels App")
Kontrola Windows Live Mesh ActiveX za daljinske veze (HKLM-x32\...\{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}) (Version: 15.4.5722.2 - Microsoft Corporation)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.519 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.519 - LogMeIn, Inc.) Hidden
LPT System Updater Service (x32 Version: 1.0.0.0 - LPT) Hidden <==== ACHTUNG
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Assistent (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger kísérő (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Laguna (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Suradnik (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger 分享元件 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger-kumppani (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Small Business Edition 2003 (HKLM-x32\...\{91CA0407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Mozilla Firefox 14.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 14.0.1 (x86 de)) (Version: 14.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 14.0.1 - Mozilla)
MSConfig CleanUp 1.2 (HKLM-x32\...\MSConfig CleanUp_is1) (Version:  - Virtuoza)
MSI Afterburner 2.2.0 (HKLM-x32\...\Afterburner) (Version: 2.2.0 - MSI Co., LTD)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (Version: 4.0.14.11 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.11 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.11 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.11 - Egis Technology Inc.) Hidden
Mz RAM Booster (HKLM\...\MzRAMBooster_is1) (Version: 4.1.0 - Mz RAM Booster)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.12000.21.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.5.10300 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.)
newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.3 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.82 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.82 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.12.2.60376 - Electronic Arts, Inc.)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Play withSIX (HKLM-x32\...\{42DCB650-F003-4535-A5CD-32AD815CD2DD}) (Version: 1.20.0344 - SIX Networks)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pomocnik Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Python 3.4.3 (HKLM-x32\...\{CCD588A7-8D55-49F1-A30C-47FAB40889ED}) (Version: 3.4.16490 - Python Software Foundation)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Razer BlackWidow (HKLM-x32\...\{53744FB0-7D1E-4572-B544-C230E6D23E2C}) (Version: 1.04.04 - Razer USA Ltd.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.36.1224.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6242 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.1 - VS Revo Group, Ltd.)
SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.69 - NVIDIA Corporation) Hidden
Shredder (Version: 2.0.8.7 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.7 - Egis Technology Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.10.9560 - Skype Technologies S.A.)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\...\Spotify) (Version: 1.0.38.171.g5e1cd7b2 - Spotify AB)
Spremljevalec Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Sprill and Ritchie (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117932650}) (Version:  - Oberon Media)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.2.927.31327 - SteelSeries)
Stellar Phoenix Windows Data Recovery-Home (HKLM-x32\...\Stellar Phoenix Windows Data Recovery-Home_is1) (Version: 4.2.0.0 - Stellar Information Systems Ltd)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version:  - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.55321 - TeamViewer)
Theme Resource Changer X64 v1.0 (HKLM\...\Theme Resource Changer X64 v1.0) (Version:  - Bad Ass Apps)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Universal AntiCheat 3 v1.072 R3 (HKLM-x32\...\{99BEB67F-B288-44F5-8B2A-23F5A52FA1AE}_is1) (Version:  - DExUS)
Urruneko konexioetarako Windows Live Mesh ActiveX kontrola (HKLM-x32\...\{7BA6DF02-B094-45D7-A3C9-BE3684253922}) (Version: 15.4.5722.2 - Microsoft Corporation)
UxStyle Core Beta (HKLM\...\{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}) (Version: 0.2.1.1 - The Within Network, LLC)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
VpnOneClick (HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\...\31dfee6c296bca85) (Version: 1.3.6.24 - VpnOneClick)
Wajam (HKLM-x32\...\Wajam) (Version: 2.12 (i2.5) - Wajam) <==== ACHTUNG
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3102 - Acer Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.01 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
yEd Graph Editor 3.14.4 (HKLM-x32\...\3309-7404-0599-8908) (Version: 3.14.4 - yWorks GmbH)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Компаньон Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Помощник на Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
מסייע Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation)
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
ตัวควบคุม ActiveX ใน Windows Live Mesh สำหรับการเชื่อมต่อระยะไกล (ไทย) (HKLM-x32\...\{A2EDAEEB-C981-46D5-8163-CF8F5F640EEE}) (Version: 15.4.5722.2 - Microsoft Corporation)
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Alexander\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Alexander\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Alexander\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Alexander\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Alexander\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Alexander\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Alexander\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Alexander\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Alexander\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Alexander\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Alexander\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Alexander\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Alexander\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Alexander\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Alexander\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {16F4BBB4-39E0-4DD8-883E-61467B147AEB} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3003065676-2518410820-2162268670-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {1B900859-F11D-4246-B98C-A54810DB5489} - System32\Tasks\AdobeAAMUpdater-1.0-Alexander-PC-Alexander => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {3203BBB3-1EFF-4E9E-B303-604E09D7038F} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation)
Task: {4AB4A481-174D-405F-B578-2FDF0C5902F5} - System32\Tasks\{E7B81D0D-774C-4507-84ED-5DA5448C07B6} => pcalua.exe -a "C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WO1AUIO2\jre-6u30-windows-i586-iftw[1].exe" -d C:\Users\Alexander\Desktop
Task: {524FB229-EBF5-40B9-BA03-6BA552231B1E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3003065676-2518410820-2162268670-1000Core => C:\Users\Alexander\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {54B9C276-7539-46B7-B8D2-27ED9C667F9C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {592D4BD6-EAB6-46A6-8269-423B011DBAEA} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe <==== ACHTUNG
Task: {61CB2EAB-96FA-4373-B8E2-D11C9724546D} - System32\Tasks\{ADC4175B-DDD4-4AF2-AE0E-E4FB9C56FF44} => pcalua.exe -a C:\Users\Alexander\AppData\Local\Temp\Shortcut_SweetImSetup.exe -d C:\Users\Alexander\Desktop -c -Shortcut <==== ACHTUNG
Task: {67E42748-3E0B-4A99-8C48-98C195759440} - System32\Tasks\{F600150F-FA83-4A5F-BE04-243E7C929453} => pcalua.exe -a "C:\Program Files (x86)\Fotosizer\uninst.exe"
Task: {74530036-F69C-4315-891A-52E95BDED6B7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {763D3510-53C1-48BD-9EF6-577CB49B9441} - System32\Tasks\{F9EBEBC8-165C-481D-99D4-90045C9C3FB6} => pcalua.exe -a C:\Users\Alexander\Desktop\ARMA2_Build_86734.exe -d C:\Users\Alexander\Desktop
Task: {7CEAD4D2-F4FD-461B-96A1-DB20C916C281} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-11] (Adobe Systems Incorporated)
Task: {84096150-E3A6-4AD1-B694-41E89E7DEF82} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3003065676-2518410820-2162268670-1000UA => C:\Users\Alexander\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {90E25BE0-B2CB-47F7-A786-07F865F5341C} - System32\Tasks\{2608C157-E628-4F04-B02B-C8DC063F47B7} => pcalua.exe -a C:\Users\Alexander\Desktop\A2CO_ACR_LITE.exe -d C:\Users\Alexander\Desktop
Task: {AAB68693-DF4C-42B6-A894-D023E4347C47} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {B51BCF7E-3D06-4E36-8123-BC41739A67D4} - System32\Tasks\{64C53681-7780-46F6-B4A1-20AC5A97A5F6} => pcalua.exe -a C:\Users\Alexander\Downloads\InstallIW4M(2).exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {BC813FD6-0CAB-4ED8-8562-B7FBF08B59B1} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-05-20] (Acer Incorporated)
Task: {C79E3D4B-BB61-4BB9-B36A-26066A1B8EA7} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-05-20] (CyberLink Corp.)
Task: {E18D0AA6-5454-4173-B31D-55B64BA65DF1} - System32\Tasks\{4A9743DD-802B-4DF1-8309-1BEA3B7AE4BE} => pcalua.exe -a C:\Users\Alexander\Desktop\Alex\Minecraft\mod\INSTALLER.exe -d C:\Users\Alexander\Desktop\Alex\Minecraft\mod
Task: {E74D1750-6404-4BB5-9D76-B98EE20F620A} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3003065676-2518410820-2162268670-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {FB17DD3E-F992-4B92-A902-B7B576F241AF} - System32\Tasks\{551CFA7D-1A19-4491-A480-2EF61F761D80} => pcalua.exe -a "C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1BUNQY0K\wmp11-windowsxp-x86-DE-DE.exe" -d C:\Users\Alexander\Desktop
Task: {FDE6C85B-EAFE-44F9-B2EA-687D8FCE77F5} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-05-20] (CyberLink)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3003065676-2518410820-2162268670-1000Core.job => C:\Users\Alexander\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3003065676-2518410820-2162268670-1000UA.job => C:\Users\Alexander\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Meine Websites auf MSN\target.lnk -> hxxp://www.msnusers.com

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2012-05-18 21:38 - 2013-11-11 17:02 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-04-05 11:11 - 2012-04-05 11:11 - 00231424 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
2012-04-05 11:11 - 2012-04-05 11:11 - 00540672 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineLib.dll
2012-04-05 11:11 - 2012-04-05 11:11 - 00169984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DBUtils.dll
2012-04-18 20:37 - 2012-04-18 20:37 - 00089915 _____ () C:\Users\Alexander\AppData\Local\Temp\3d0a1899-e862-43d1-b9db-9650cceb2a80\CliSecureRT64.dll
2012-04-05 11:11 - 2012-04-05 11:11 - 07436800 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineWinGui.dll
2012-04-05 11:11 - 2012-04-05 11:11 - 00229888 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DriverCommunication.dll
2012-04-05 11:11 - 2012-04-05 11:11 - 00138240 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\ISSPlugin.dll
2012-04-05 11:11 - 2012-04-05 11:11 - 00135680 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Logger.dll
2011-09-30 19:23 - 2011-09-30 19:23 - 00047616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\x2api.dll
2012-04-05 11:11 - 2012-04-05 11:11 - 00147968 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Localization.dll
2010-04-18 12:32 - 2010-04-18 12:32 - 01102336 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\System.Data.SQLite.dll
2012-04-05 11:11 - 2012-04-05 11:11 - 00346624 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MousePlugin.dll
2012-04-05 11:11 - 2012-04-05 11:11 - 00168960 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\D3MousePlugin.dll
2012-04-05 11:11 - 2012-04-05 11:11 - 00169984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\KKMousePlugin.dll
2011-01-19 03:08 - 2011-01-19 03:08 - 00620136 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
2010-11-19 11:35 - 2010-11-19 11:35 - 02639552 _____ () C:\Program Files (x86)\Intel\DataMigrationSoftware\DataMigrationSoftwareMonitor.exe
2012-05-02 13:55 - 2013-03-20 16:14 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2009-12-14 04:19 - 2009-12-09 11:24 - 00076320 _____ () C:\OEM\USBDECTION\USBS3S4Detection.exe
2013-03-12 18:10 - 2016-09-08 05:14 - 00784672 _____ () D:\Steam\SDL2.dll
2015-01-21 15:01 - 2016-09-01 03:02 - 04969248 _____ () D:\Steam\v8.dll
2015-01-21 15:01 - 2016-09-01 03:02 - 01563936 _____ () D:\Steam\icui18n.dll
2015-01-21 15:01 - 2016-09-01 03:02 - 01195296 _____ () D:\Steam\icuuc.dll
2014-05-21 19:54 - 2016-10-13 03:58 - 02321696 _____ () D:\Steam\video.dll
2014-08-29 11:41 - 2016-01-27 09:49 - 02549760 _____ () D:\Steam\libavcodec-56.dll
2014-08-29 11:41 - 2016-01-27 09:49 - 00442880 _____ () D:\Steam\libavutil-54.dll
2014-08-29 11:41 - 2016-01-27 09:49 - 00491008 _____ () D:\Steam\libavformat-56.dll
2014-08-29 11:41 - 2016-01-27 09:49 - 00332800 _____ () D:\Steam\libavresample-2.dll
2014-08-29 11:41 - 2016-01-27 09:49 - 00485888 _____ () D:\Steam\libswscale-3.dll
2012-04-26 11:12 - 2016-10-13 03:58 - 00836896 _____ () D:\Steam\bin\chromehtml.DLL
2016-03-10 16:06 - 2016-07-05 00:17 - 00266560 _____ () D:\Steam\openvr_api.dll
2016-10-14 17:00 - 2016-08-04 22:56 - 49825056 _____ () D:\Steam\bin\cef\cef.winxp\libcef.dll
2011-01-19 03:08 - 2011-01-19 03:08 - 00151656 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll
2010-11-19 09:56 - 2010-11-19 09:56 - 00028512 _____ () C:\Program Files (x86)\Intel\DataMigrationSoftware\Common\rpc_client.dll
2011-05-20 11:13 - 2011-05-20 11:13 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2016-05-11 22:59 - 2016-05-11 22:59 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\f1b815cf32572cea383bc47659c174fa\IsdiInterop.ni.dll
2011-09-23 13:39 - 2010-11-05 23:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-04-04 15:15 - 2016-07-24 15:32 - 00149272 _____ () C:\Users\Alexander\AppData\Local\TeamSpeak 3 Client\quazip.dll
2012-01-20 14:27 - 2016-07-24 15:32 - 00089880 _____ () C:\Users\Alexander\AppData\Local\TeamSpeak 3 Client\soundbackends\directsound_win32.dll
2012-01-20 14:27 - 2016-07-24 15:32 - 00103192 _____ () C:\Users\Alexander\AppData\Local\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll
2012-01-20 14:27 - 2016-07-24 15:32 - 00259352 _____ () C:\Users\Alexander\AppData\Local\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2013-09-22 19:13 - 2016-07-24 15:32 - 00373016 _____ () C:\Users\Alexander\AppData\Local\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2016-10-01 15:06 - 2016-09-25 05:47 - 01805416 _____ () C:\Users\Alexander\AppData\Local\Google\Chrome\Application\53.0.2785.143\libglesv2.dll
2016-10-01 15:06 - 2016-09-25 05:47 - 00093288 _____ () C:\Users\Alexander\AppData\Local\Google\Chrome\Application\53.0.2785.143\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:2430E4FC [118]
AlternateDataStreams: C:\ProgramData\Temp:5925E400 [286]
AlternateDataStreams: C:\ProgramData\Temp:5D458568 [129]
AlternateDataStreams: C:\ProgramData\Temp:C3AE45C9 [236]
AlternateDataStreams: C:\ProgramData\Temp:E79EFDA4 [129]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

HKLM\...\regfile\DefaultIcon: C:\Users\Alexander\Desktop\Alex\Camos\JONGHYUNPARK\JONGHYUNPARK Icon 59.ico,0 <===== ACHTUNG
HKLM\...\batfile\DefaultIcon: C:\Users\Alexander\Desktop\Alex\Camos\JONGHYUNPARK\JONGHYUNPARK Icon 52.ico,0 <===== ACHTUNG

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupreg: (default) => 
MSCONFIG\startupreg: ArcadeMovieService => "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
MSCONFIG\startupreg: iTunesHelper => "D:\Programme (x99)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "D:\Programme (x99)\hamachi-2-ui.exe" --auto-start

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{11B37EE8-722D-45C2-A13F-861082A7D288}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{5DCDB6D6-979E-42D7-811B-50E35607523B}] => (Allow) LPort=2869
FirewallRules: [{84D2A64A-DBB7-4E09-9DD0-A9830C6821B3}] => (Allow) LPort=1900
FirewallRules: [{1F2D7344-0165-45BB-921F-3811E810F9C3}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{08454C0D-24D8-42DC-9448-A6FCE23C087B}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe
FirewallRules: [{E47852FB-BE70-4FFD-B4E6-831A35AA5FE1}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
FirewallRules: [{5D2A53C0-FBA4-49D4-A651-973168DF209B}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{0FB49CBC-A0A5-4ED7-8F6F-4D692480F99B}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{0A9A7DE2-E49B-4711-B09A-C759B8966499}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{E14135B9-CF38-4196-9F49-0B9A9D5A0530}] => (Block) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{F6910992-68E9-4EE9-A3D7-FDA37105C208}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\Movie\TouchMovie.exe
FirewallRules: [{C7B6C3C2-935D-4E7B-84D6-7F457B0AB577}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\Movie\TouchMovieService.exe
FirewallRules: [TCP Query User{2639F414-6097-4275-A11B-A6B19AB91444}C:\users\alexander\downloads\aiw-client\iw4mp.exe] => (Allow) C:\users\alexander\downloads\aiw-client\iw4mp.exe
FirewallRules: [UDP Query User{A1F3085E-699D-4613-B8C8-E8A220E9C266}C:\users\alexander\downloads\aiw-client\iw4mp.exe] => (Allow) C:\users\alexander\downloads\aiw-client\iw4mp.exe
FirewallRules: [{A3C80165-34BE-49BE-9F96-7DE8F5EB6FA7}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BE4ABCF0-F475-427B-AA08-1C74183149CC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{93D9BF25-6372-4C2B-905B-AA1B580CC085}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{05C8D030-B884-4F28-912C-1F66C5F56877}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{250AD765-5378-4777-9761-B67E1C80CDDA}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A3A3541D-B49F-4F4F-990B-FD3218CC4DBF}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{38F67701-EFB5-451D-9F3D-4B62968899F8}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{62863EC2-781C-4BC0-B284-D96A3CE567CB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{87701C54-6956-4DEC-AB29-2ABDD153E298}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{99C43397-2A1D-45BD-8A33-DF9FED8640CB}] => (Allow) C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K2QSK8CH\crossfire_downloader.exe
FirewallRules: [{A88A688B-0632-4626-AACB-6B3C5995BB4B}] => (Allow) C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K2QSK8CH\crossfire_downloader.exe
FirewallRules: [TCP Query User{21E3C54B-2D8A-4311-8604-9DEBE6C5A601}C:\users\alexander\desktop\call of duty modern warfare 2\iw4mpold.exe] => (Allow) C:\users\alexander\desktop\call of duty modern warfare 2\iw4mpold.exe
FirewallRules: [UDP Query User{720A90DA-E868-4AB0-ACA3-BF9F40683E0B}C:\users\alexander\desktop\call of duty modern warfare 2\iw4mpold.exe] => (Allow) C:\users\alexander\desktop\call of duty modern warfare 2\iw4mpold.exe
FirewallRules: [TCP Query User{B52B6B45-9065-4489-ACA4-82E0C38BB99F}C:\users\alexander\desktop\call of duty modern warfare 2\iw4mp.dat] => (Allow) C:\users\alexander\desktop\call of duty modern warfare 2\iw4mp.dat
FirewallRules: [UDP Query User{44DD3608-6BDF-44D4-B40A-C8767209AAE6}C:\users\alexander\desktop\call of duty modern warfare 2\iw4mp.dat] => (Allow) C:\users\alexander\desktop\call of duty modern warfare 2\iw4mp.dat
FirewallRules: [TCP Query User{D6697613-2E88-4B57-95C7-6AF1B171D011}C:\users\alexander\desktop\alteriwnet\iw4mpold.exe] => (Allow) C:\users\alexander\desktop\alteriwnet\iw4mpold.exe
FirewallRules: [UDP Query User{02980F90-6D1C-4A3E-AA6B-C9E8B4EC2FCA}C:\users\alexander\desktop\alteriwnet\iw4mpold.exe] => (Allow) C:\users\alexander\desktop\alteriwnet\iw4mpold.exe
FirewallRules: [{CFA4A440-EDB1-49DD-8C06-2EE3E2F855EF}] => (Block) C:\users\alexander\desktop\alteriwnet\iw4mpold.exe
FirewallRules: [{888DAEE4-3683-4241-B70E-D4E2557C5B9B}] => (Block) C:\users\alexander\desktop\alteriwnet\iw4mpold.exe
FirewallRules: [{68D529C6-DBC7-4BA0-8D81-3DD4EEA4E95B}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
FirewallRules: [{B228FB4C-A75B-4C2B-B945-9DA8CEFA6E0E}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
FirewallRules: [{6E69BA96-2073-41C4-9FB5-B30EB3EA6169}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE
FirewallRules: [{8ACBD037-0D8E-4BAD-B211-DA70443B0FDA}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE
FirewallRules: [{4B10E267-9A3F-4F94-AB69-E7931B1184E7}] => (Allow) C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
FirewallRules: [{EE94E8F3-C3F4-438D-A7CA-176D155B9FEE}] => (Allow) C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
FirewallRules: [{B1030E1B-1715-4F21-A72F-D3F2754E6A2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\xicefac\counter-strike source\hl2.exe
FirewallRules: [{C6E7E5E1-72C5-47B7-A846-709EC2BCDF05}] => (Allow) C:\Program Files (x86)\Steam\steamapps\xicefac\counter-strike source\hl2.exe
FirewallRules: [{3CECB255-48E7-4740-856B-89352EC6AAC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [{741014AF-5B42-44BC-84F6-0B839E9D860E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [{6CC0F9D0-2497-4598-BEFE-1647E58D05CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{768230ED-C9E8-43C7-AA0C-32CD4F709DF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{28E0D2CA-66B3-41F0-A18F-418CB3BAD019}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe
FirewallRules: [{078CF807-36C5-41AD-8528-CC461347BFBB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe
FirewallRules: [{5402083D-9F7C-4094-AABE-5E31937ABFFF}] => (Allow) D:\Programme\Steam.exe
FirewallRules: [{68B67299-1E5A-4C64-BF4B-871E2C81332F}] => (Allow) D:\Programme\Steam.exe
FirewallRules: [{5588B6AE-8EE6-4981-BCB2-D7CA3A1873E2}] => (Allow) D:\Programme\SteamApps\common\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [{BAB1AF33-BA7A-4C99-B8CF-891201F17893}] => (Allow) D:\Programme\SteamApps\common\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [{43AC3671-2617-4198-B471-EB8AB698D3EB}] => (Allow) D:\Programme\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{7012D4B8-201C-42B6-B03F-1D3770A0B1CA}] => (Allow) D:\Programme\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{70B6EECC-4019-4CB3-950C-26158FE227F0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{D8AFCDB5-BFB7-448C-9B1D-C052987957B0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{534563B6-4DF7-434C-AAC4-793DA2D60777}] => (Allow) D:\Programme2\ACBMP.exe
FirewallRules: [{04BFBF78-F2D6-4DC2-8103-D129E7A8B19C}] => (Allow) D:\Programme2\ACBMP.exe
FirewallRules: [TCP Query User{9D890753-B05F-413E-B5BA-DFE19C05E371}C:\users\alexander\desktop\alex\alles\client\metin2client.bin] => (Block) C:\users\alexander\desktop\alex\alles\client\metin2client.bin
FirewallRules: [UDP Query User{FD0AB0AD-E6D4-415D-A8F5-A88165FFCBAC}C:\users\alexander\desktop\alex\alles\client\metin2client.bin] => (Block) C:\users\alexander\desktop\alex\alles\client\metin2client.bin
FirewallRules: [TCP Query User{5C30104A-7173-44D6-AF29-503CB087A3CB}D:\metin2\metin2client.bin] => (Allow) D:\metin2\metin2client.bin
FirewallRules: [UDP Query User{B3D9DD47-E053-4202-9B78-D62F43613F31}D:\metin2\metin2client.bin] => (Allow) D:\metin2\metin2client.bin
FirewallRules: [TCP Query User{7376956B-D8B0-4B26-838A-EC0566745C17}D:\steam\steam.exe] => (Allow) D:\steam\steam.exe
FirewallRules: [UDP Query User{E7B32F09-8043-4C91-B7FD-2E2998B3FDFD}D:\steam\steam.exe] => (Allow) D:\steam\steam.exe
FirewallRules: [TCP Query User{94241255-E9C5-4802-BD75-5F1B4A661D11}D:\steam\steamapps\xicefac\counter-strike source\hl2.exe] => (Allow) D:\steam\steamapps\xicefac\counter-strike source\hl2.exe
FirewallRules: [UDP Query User{E4C2D444-76E5-4390-832F-D432673D22C4}D:\steam\steamapps\xicefac\counter-strike source\hl2.exe] => (Allow) D:\steam\steamapps\xicefac\counter-strike source\hl2.exe
FirewallRules: [TCP Query User{79629F07-24ED-4576-A9CD-28A7AB243D60}C:\users\alexander\desktop\hardcore reloadedv3_7\hardcore reloaded\.hardcore reloaded.exe] => (Allow) C:\users\alexander\desktop\hardcore reloadedv3_7\hardcore reloaded\.hardcore reloaded.exe
FirewallRules: [UDP Query User{4F5C4894-9318-4ADA-90B5-9467F0417DB5}C:\users\alexander\desktop\hardcore reloadedv3_7\hardcore reloaded\.hardcore reloaded.exe] => (Allow) C:\users\alexander\desktop\hardcore reloadedv3_7\hardcore reloaded\.hardcore reloaded.exe
FirewallRules: [TCP Query User{CF26E399-0322-4458-844A-2AB1912E63C5}D:\ac brotherhood\acbsp.exe] => (Block) D:\ac brotherhood\acbsp.exe
FirewallRules: [UDP Query User{41916CC5-7B4A-4D96-8182-3C8D9B557B0A}D:\ac brotherhood\acbsp.exe] => (Block) D:\ac brotherhood\acbsp.exe
FirewallRules: [TCP Query User{452CC1AC-03E5-4324-B07F-D3017B501722}D:\ac brotherhood\acbmp.exe] => (Block) D:\ac brotherhood\acbmp.exe
FirewallRules: [UDP Query User{D1ACE826-B119-4B7A-89F1-D3EE75D0B70D}D:\ac brotherhood\acbmp.exe] => (Block) D:\ac brotherhood\acbmp.exe
FirewallRules: [{A66982B2-3A6F-4DE2-A60B-EF0DF46917E5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.524\Agent.exe
FirewallRules: [{13E66A56-E0E0-4ADD-BF95-FBC4F1636FD7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.524\Agent.exe
FirewallRules: [{EDC2A62B-4D04-4447-90E8-3A2C4AD625A1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.998\Agent.exe
FirewallRules: [{806B8396-1312-48CC-BE8A-1CA19C67753B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.998\Agent.exe
FirewallRules: [{EB446500-8CFE-4756-94EB-0AEEA092D8C9}] => (Allow) D:\Diablo 3\Diablo III\Diablo III.exe
FirewallRules: [{6F254EB4-F1B9-4FD8-ACC3-1E629729A5CE}] => (Allow) D:\Diablo 3\Diablo III\Diablo III.exe
FirewallRules: [{0EC3F332-7B28-4F52-B2E8-593E997A0FA0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3DE41F0A-DA6B-489E-8EEE-5CDC64FA9ADC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe
FirewallRules: [{F33C8FF8-519B-46CD-ACA7-EA48CC0E1424}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe
FirewallRules: [TCP Query User{20CF77C0-70FC-4843-A220-8A2A52F25511}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{240944AD-B0BA-4EC8-A869-B7C7CD69990E}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{D762CDF3-F9B5-4735-8B48-88323F223DC7}] => (Allow) C:\Users\Alexander\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{A07FE029-7065-47D7-87CD-5B995B236053}] => (Allow) C:\Users\Alexander\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [TCP Query User{3BA88FB7-8F2A-4D99-8987-181B967149C6}C:\users\alexander\appdata\local\iw4m\iw4m.dat] => (Allow) C:\users\alexander\appdata\local\iw4m\iw4m.dat
FirewallRules: [UDP Query User{629FEDEB-CC22-4E3D-9761-D7FE8FF0354C}C:\users\alexander\appdata\local\iw4m\iw4m.dat] => (Allow) C:\users\alexander\appdata\local\iw4m\iw4m.dat
FirewallRules: [{278B8092-A57F-4BB3-B085-74C0B2D6A746}] => (Allow) D:\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe
FirewallRules: [{A7C23C0C-6DF3-4EDD-AD13-967BCF689D6D}] => (Allow) D:\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe
FirewallRules: [{D9C9541C-3949-4375-B9EE-4421CB1D2FF1}] => (Allow) D:\Steam\SteamApps\common\call of duty black ops\BlackOps.exe
FirewallRules: [{BEA37671-A113-451A-BA05-42CC8E034BFA}] => (Allow) D:\Steam\SteamApps\common\call of duty black ops\BlackOps.exe
FirewallRules: [{6309D003-1583-45A6-8FC2-F1A6EC1CCBCB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1199\Agent.exe
FirewallRules: [{C7349C5F-BBD2-4353-9E64-E75346B43B0D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1199\Agent.exe
FirewallRules: [{9EFDF5EF-6558-43AB-A13F-1B772F969C19}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1225\Agent.exe
FirewallRules: [{2427B07F-9857-4639-9A87-E32D964434FA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1225\Agent.exe
FirewallRules: [{82780407-CDDC-43F3-AEE0-A361E878EAA2}] => (Allow) D:\Steam\SteamApps\common\Hearts of Iron 3\hoi3game.exe
FirewallRules: [{11F9D909-C586-4BBB-9334-A5384ED14F86}] => (Allow) D:\Steam\SteamApps\common\Hearts of Iron 3\hoi3game.exe
FirewallRules: [{F9B1E56D-5E5D-4686-890C-96950B585983}] => (Allow) C:\Users\Alexander\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{572AE503-7ABD-4082-8CDA-7B0E00118983}] => (Allow) C:\Users\Alexander\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{9779655B-4BB3-4803-BA87-30FB9BDDE507}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{09D8CD44-15DD-49AD-BA81-42BC6DB85B9B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [TCP Query User{840971A2-2E17-444A-AC4D-9B607AE80AA2}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [UDP Query User{2CC0A5F8-5F5A-448A-B6EF-6937DF37B790}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [TCP Query User{016B7506-1A2A-46BC-8A64-2DA361A69D43}D:\arma2\bohemia interactive\expansion\beta\arma2oa.exe] => (Allow) D:\arma2\bohemia interactive\expansion\beta\arma2oa.exe
FirewallRules: [UDP Query User{E987A6D1-B8A6-4376-B506-77343DEF930E}D:\arma2\bohemia interactive\expansion\beta\arma2oa.exe] => (Allow) D:\arma2\bohemia interactive\expansion\beta\arma2oa.exe
FirewallRules: [{4F6201E8-7F3E-4DE4-A932-955426AAE704}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [{3C2D8378-4718-4A50-9CB4-335859AB1211}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [TCP Query User{EF961A84-4B92-419F-B0B7-494ED46A2327}C:\users\alexander\desktop\call of duty modern warfare 2\iw4mp.exe] => (Allow) C:\users\alexander\desktop\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [UDP Query User{7B370C56-195E-4E11-B90B-8AAB436B0E0B}C:\users\alexander\desktop\call of duty modern warfare 2\iw4mp.exe] => (Allow) C:\users\alexander\desktop\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [TCP Query User{1320D23D-35BC-4579-9150-BCC1866B17F2}D:\programme (x99)\world_of_tanks\wotlauncher.exe] => (Allow) D:\programme (x99)\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{38CE596B-E1C9-4533-844F-E04B309D71E5}D:\programme (x99)\world_of_tanks\wotlauncher.exe] => (Allow) D:\programme (x99)\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{312C8FDA-AB39-4C9C-9613-9EF33F804785}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{93C8C97F-221F-4532-A6A9-20ADC0DC0386}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{C7E0431E-3C23-4335-BD42-63B43B3D914B}D:\arma2 - dayz\bohemia interactive\expansion\beta\arma2oa.exe] => (Allow) D:\arma2 - dayz\bohemia interactive\expansion\beta\arma2oa.exe
FirewallRules: [UDP Query User{2F0EC599-B195-43B7-87FD-EF09E0E8DA9F}D:\arma2 - dayz\bohemia interactive\expansion\beta\arma2oa.exe] => (Allow) D:\arma2 - dayz\bohemia interactive\expansion\beta\arma2oa.exe
FirewallRules: [{848FBB67-D08A-40FC-96D0-96E4326DA2CD}] => (Allow) D:\Arma2 - DayZ\Bohemia Interactive\ArmA 2 Operation Arrowhead\arma2OA.exe
FirewallRules: [{A15A89C2-E103-4F02-A72B-AA92A15A107D}] => (Allow) D:\Arma2 - DayZ\Bohemia Interactive\ArmA 2 Operation Arrowhead\arma2OA.exe
FirewallRules: [TCP Query User{E4720107-7120-4CA8-AA68-391DDEC38F59}D:\arma2 - dayz\bohemia interactive\arma 2 operation arrowhead\expansion\beta\arma2oa.exe] => (Allow) D:\arma2 - dayz\bohemia interactive\arma 2 operation arrowhead\expansion\beta\arma2oa.exe
FirewallRules: [UDP Query User{5E572369-B369-4E35-831A-80643B2D7189}D:\arma2 - dayz\bohemia interactive\arma 2 operation arrowhead\expansion\beta\arma2oa.exe] => (Allow) D:\arma2 - dayz\bohemia interactive\arma 2 operation arrowhead\expansion\beta\arma2oa.exe
FirewallRules: [{1E56AB9A-48ED-4324-996F-B5292571B787}] => (Allow) D:\Arma2 - DayZ\Bohemia Interactive\arma2.exe
FirewallRules: [{8185073F-A686-4567-933D-EFE64727E7A6}] => (Allow) D:\Arma2 - DayZ\Bohemia Interactive\arma2.exe
FirewallRules: [{982F9DB2-2D26-43DC-87F4-0E2664EE99C8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{0B6C45E3-FA18-4801-933B-651E9009D0AF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{21417770-763A-46F7-8A8E-CEAA18D47305}] => (Allow) D:\Steam\SteamApps\common\ArcticCombat\System\ArcticCombat.exe
FirewallRules: [{9B768081-A495-4B84-9E47-AD998E96545B}] => (Allow) D:\Steam\SteamApps\common\ArcticCombat\System\ArcticCombat.exe
FirewallRules: [{74CDEED9-27BC-435E-AEAC-AADEBD228A1A}] => (Allow) D:\Arma2 - DayZ\Bohemia Interactive\arma2OA.exe
FirewallRules: [{875E914B-3845-496D-85BF-84FA6C732001}] => (Allow) D:\Arma2 - DayZ\Bohemia Interactive\arma2OA.exe
FirewallRules: [{54AE7469-1944-415C-A115-BCA1DCC2DB1A}] => (Allow) D:\Steam\SteamApps\common\Arma 2 Operation Arrowhead\BEsetup\Setup_BattlEyeARMA2OA.exe
FirewallRules: [{295955CA-E7DC-4DA3-9837-913B388283B4}] => (Allow) D:\Steam\SteamApps\common\Arma 2 Operation Arrowhead\BEsetup\Setup_BattlEyeARMA2OA.exe
FirewallRules: [TCP Query User{099605B3-3FC0-4212-BD26-83D3F87DB310}D:\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe] => (Allow) D:\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe
FirewallRules: [UDP Query User{EB0AF3F7-5BB7-4453-A24A-6481C7F818AF}D:\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe] => (Allow) D:\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe
FirewallRules: [{7AB50D9E-6FB2-4A61-AE85-37A1DCDF9C3B}] => (Allow) fifa.exe
FirewallRules: [{D6A828C5-AED2-43B3-9518-E2C6C6EC7020}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe
FirewallRules: [{F347A783-6AA6-4ADA-A6A0-FF2B1ABCFDDF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe
FirewallRules: [{820E099B-948E-427E-BEFD-B0EB7B15D283}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{194923B8-CEC0-4579-BEDC-5BCCBE03ACD3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [TCP Query User{A14A7EDC-BE9E-48C3-BB73-84D8BCB17B21}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [UDP Query User{81E40875-F9BC-43B8-BE94-079165990173}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [TCP Query User{CB0DBF1F-F785-45C9-ADC0-B4DF2598CD17}C:\users\alexander\desktop\playworld3\playworld 3 2011 client1\playworld3.exe] => (Allow) C:\users\alexander\desktop\playworld3\playworld 3 2011 client1\playworld3.exe
FirewallRules: [UDP Query User{E4E5FA7E-20C4-4ECB-A6C3-1C5F8597A595}C:\users\alexander\desktop\playworld3\playworld 3 2011 client1\playworld3.exe] => (Allow) C:\users\alexander\desktop\playworld3\playworld 3 2011 client1\playworld3.exe
FirewallRules: [{D7434D54-4C0C-45B3-8A18-9C77AC40497E}] => (Allow) D:\Programme (x99)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{EF25DEC2-7552-4B9C-B8B0-C06EFE83498A}] => (Allow) D:\Programme (x99)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{F0AD11D0-E78D-4D9F-956B-5443D0DE9CE1}] => (Allow) D:\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [{88D81FE2-6E69-4C94-AE8C-83906B471C45}] => (Allow) D:\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [{921DAA95-C337-4130-9059-1F7C14D51A91}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E06E2A82-C34C-44B7-9B39-468390561965}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{55DA2052-9739-4C1C-92B1-ACDF89605D3E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4FBA0A98-1ABF-49BC-8540-854FEADF2889}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6E360B78-9EF9-4611-8E39-B0BF592E4F2D}] => (Allow) D:\Steam\SteamApps\common\ArcticCombat\GameLauncher_GP\MappingAccount.exe
FirewallRules: [{72372A08-02FB-413F-BBB6-23E09210A7B0}] => (Allow) D:\Steam\SteamApps\common\ArcticCombat\GameLauncher_GP\MappingAccount.exe
FirewallRules: [{00FDB5DB-FE2F-459D-9050-2EEB190D7CA9}] => (Allow) D:\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{42EB7755-743B-4552-9217-87C739169C2F}] => (Allow) D:\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{E0222DFB-66AF-43B4-BCEE-BBE03B78F34C}] => (Allow) D:\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{5475C8CE-DA00-4B90-9164-E9F6A2E49E7E}] => (Allow) D:\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{5CA43B98-28E7-4265-9263-AAE4E69A410B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{E27741F2-E1CA-4992-821D-EDFDDCE9B2B3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{A64E4B60-9D01-4914-9916-06D868E492FF}] => (Allow) D:\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe
FirewallRules: [{805ADEC0-8575-4DCA-919D-63858B974987}] => (Allow) D:\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe
FirewallRules: [TCP Query User{DDD0FE48-22FC-494A-ABE8-9A6B4D123BF0}D:\steam\steamapps\common\arma 2 operation arrowhead\arma2oaserver.exe] => (Allow) D:\steam\steamapps\common\arma 2 operation arrowhead\arma2oaserver.exe
FirewallRules: [UDP Query User{E345C5F3-A646-4A69-BFF0-78AAF493CE14}D:\steam\steamapps\common\arma 2 operation arrowhead\arma2oaserver.exe] => (Allow) D:\steam\steamapps\common\arma 2 operation arrowhead\arma2oaserver.exe
FirewallRules: [TCP Query User{A9C0B9D4-B10F-4D80-8230-0DBD85639F53}C:\users\alexander\documents\arma 2\expansion\beta\arma2oa.exe] => (Block) C:\users\alexander\documents\arma 2\expansion\beta\arma2oa.exe
FirewallRules: [UDP Query User{0CB53001-E326-4FD2-98CE-5ADA8AF5DF1B}C:\users\alexander\documents\arma 2\expansion\beta\arma2oa.exe] => (Block) C:\users\alexander\documents\arma 2\expansion\beta\arma2oa.exe
FirewallRules: [{96970053-3D6D-4114-A4AE-BC0B821B353A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{7BDB3637-C400-4C5C-B4F1-874C67B6BE0B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{91B5B8BA-E5F9-4386-BFBD-35F922D43933}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B9A0ECD9-7ED8-480F-80F1-5892B5E7195A}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{1CDC86F9-1356-4E07-B1ED-93939D1BEE33}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{D3C77103-08EF-44F5-A212-1165A559C965}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{B59B436D-DCD6-4F26-9424-1744ED62C016}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{C8F336C4-4AD9-4FB1-A3A3-2BB7FC5F7BF7}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{1A00A399-8336-49F8-93F7-781410F67D98}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{5FA72236-DF42-4C6D-8B06-5D636820E4D6}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{252757E9-A758-4295-BBB4-F7CF34B75854}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{BA82A20A-E557-4E34-A1AB-D4D64C5000EF}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{7F1EEA55-10DA-46A1-A826-1E1EA4B67468}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{3107F490-628C-4718-906A-A09C941BF63A}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{01A28543-4F7E-4EEB-8D76-C3A2242CDD3C}] => (Allow) D:\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{7D9B3FD9-11D5-4342-8BFA-BBF267791F95}] => (Allow) D:\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{E0BE91CF-FB8E-43DD-B322-8BAE7AAD20EA}] => (Allow) D:\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{47D35828-89CE-4F67-B590-64D89035A2B7}] => (Allow) D:\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{EADA7B16-690A-476A-B803-FA7F3C9CD9E6}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{B6519F2D-B925-4471-B594-D462F60E703F}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{41523347-F568-43FD-913D-D3D1D9D2EF47}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{764A027B-ADEA-4F0F-A562-7B030F815CFB}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{218C8882-AD53-4690-872F-A76132CF1F6A}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{3A12664B-4D8E-4B76-85AD-D05F11ED7AA2}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{4624B943-0D26-4F95-B825-5D7CC86E2EB5}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{C9BBAB24-94AD-4C56-83BB-D74E8762ED49}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{4E643594-62BE-41A3-B59F-2644A40ECD1C}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{4C7FF4F2-8355-495E-BC1C-26DED14E52C2}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{D72017CE-6004-49E2-91AE-90B66D9E7CE6}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{3B0DF9B1-8EA9-45DB-AE51-D4411F1A2064}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{9B8D8FD4-0775-4C10-AFFD-D50E927BF4E1}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{59583278-B152-49F0-B7FF-41A64E1443A9}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E57795CD-10C7-42D0-9EA4-39D38269B763}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{F2A13349-BEA6-4D80-8B0A-B3612E180B58}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{0F786D6A-88C9-4EAB-A235-BB93A68AF1F3}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{849C25E4-3DAE-4B16-8976-79770CC6B0CB}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{CD4C2ECE-2F75-446E-8721-B8B9333FB90B}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{30A77D75-C658-4821-88F4-3357E8BBD45F}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B3CD5C04-75F2-4023-9458-51BB5A1A41FA}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{885CC271-11CB-431F-9084-8A44CAE15195}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{EB94D0CC-5823-4243-842C-A91A3F3CD345}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{18C8C8EC-BA7B-47A3-A9CD-25ED63195E2A}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{5584E3F6-A005-4B0D-A12D-D7E154C564AA}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{1D72EE50-4D09-4F5B-B6FD-5F0242D5AA18}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{CBD36018-EC58-4AEE-AF79-7A0812F579E3}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{DA529D03-8563-4EB5-9033-018A6BB24EAF}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{9F5D749E-A7FA-47C5-B68B-E3157646D320}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{12323ED7-8830-49AF-968A-7BA19F4A9322}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{6E8359A1-7EAE-48AA-8B0F-4813CE97481A}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{B72C798C-0D3E-49E1-889A-9607DB3C8681}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{294889F6-ABBE-4195-B481-39096FD5490A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{3063E471-ABB5-4E3D-94B4-7205FF87B1C8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [TCP Query User{7ABB6FC9-30A1-44C3-B420-2518F5BE33F7}D:\steam\steamapps\common\dayz\dayz.exe] => (Allow) D:\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{F6E6EB79-249A-4C09-9FBF-6B859873E0C4}D:\steam\steamapps\common\dayz\dayz.exe] => (Allow) D:\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{753C94CD-8357-4972-97DC-3C023F044C23}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{40DB2DBB-680D-46B4-87CD-F184A50AE873}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A599D328-9F97-4106-9A43-F02F5E7E773F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{E579C137-B1DB-47B3-8AE2-2A45A4ADE9E7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{55C18A11-75F6-4006-A293-B3E0A5433786}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B037B852-6913-477E-80CE-BEADF5B33D3C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{12C73306-2075-47A3-9E16-BD097007DA7F}] => (Allow) D:\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp_server.exe
FirewallRules: [{6A99606B-177B-4D5F-A7A0-44290444C925}] => (Allow) D:\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp_server.exe
FirewallRules: [{ED770A14-271D-412C-96C3-ACB645F2C1C0}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{C9CB2DA9-5478-4677-AA1B-027A083D2C57}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [TCP Query User{CB5C0FDC-934C-4417-B7F7-E757A0DCDC24}C:\users\alexander\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\alexander\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{6B09DD7E-035C-4CE0-B7E0-6AEC43D96F5F}C:\users\alexander\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\alexander\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{F04A1104-A9D8-4A15-AC83-71437AF0C6FE}] => (Allow) D:\Programme (x99)\Battle.net\Battle.net\Battle.net.exe
FirewallRules: [{FE2D25A9-3198-45D6-BD4F-A3187F0B6169}] => (Allow) D:\Programme (x99)\Battle.net\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{7F4CBEBF-50E0-4C8C-9EE1-DDC732078960}D:\programme (x99)\battle.net\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) D:\programme (x99)\battle.net\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{A2647E2B-6B61-483A-AF85-5668E2566EA9}D:\programme (x99)\battle.net\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) D:\programme (x99)\battle.net\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [{67AE8219-F604-4288-BACD-B886A0F7CC97}] => (Block) D:\programme (x99)\battle.net\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [{EB9F8F57-757D-47B1-97A0-4500666D6B41}] => (Block) D:\programme (x99)\battle.net\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{ADBB86A0-E624-42B2-BF48-63761600749B}C:\users\alexander\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\alexander\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{18AF0267-752B-4325-B199-379F0A89B14C}C:\users\alexander\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\alexander\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{DAA82B47-A383-4D64-85F3-7D72F5C1BC48}] => (Allow) D:\Programme (x99)\iTunes\iTunes.exe
FirewallRules: [{B00ADD8D-C429-486C-BC4E-17F06C6E2690}] => (Allow) D:\Programme (x99)\newz\L.A.B. Productions\TheNewZ\TheNewZ.exe
FirewallRules: [TCP Query User{EADD61E9-D156-4C44-9FFA-5D801C912EE2}C:\users\alexander\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\alexander\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{03F3BC79-9773-4D71-B67F-8523BAA2F056}C:\users\alexander\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\alexander\appdata\roaming\spotify\spotify.exe
FirewallRules: [{A8545984-A98F-4CB7-9025-819618DC335C}] => (Allow) D:\Programme (x99)\newz\L.A.B. Productions\TheNewZ\TheNewZ.exe
FirewallRules: [{EA30AD30-7B13-4693-A923-71C06843420B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1E1DA42E-70E2-4862-A92B-407BA479469B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{14D931C9-3E8E-4191-B84D-AC7F5E8CD368}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E65A2B55-E380-4152-952E-0564A352A4BE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E517E16E-FD1B-4BE9-AD3C-ACD7E2C655B8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CCAB44B4-23F1-40AF-A154-F31FEC8B6088}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BD00C7DF-63DD-454F-BEDC-16AFD52D3E94}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{36479A8B-55EC-4667-819A-7693965FFB5B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{044A0532-CC1F-405D-B290-1059EEFD3464}] => (Allow) C:\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{F24D53AF-897F-4F25-AE51-C0167073360A}C:\users\alexander\knuddels-stapp\commonfiles\java\bin\javaw.exe] => (Block) C:\users\alexander\knuddels-stapp\commonfiles\java\bin\javaw.exe
FirewallRules: [UDP Query User{3A7B4903-725D-4F4E-B6E1-9C956481190F}C:\users\alexander\knuddels-stapp\commonfiles\java\bin\javaw.exe] => (Block) C:\users\alexander\knuddels-stapp\commonfiles\java\bin\javaw.exe
FirewallRules: [{CBEE6F43-7CAD-4F06-8D4A-D997118F0089}] => (Allow) D:\Steam\SteamApps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{F04F4535-0074-4299-9113-82B8BCC0357D}] => (Allow) D:\Steam\SteamApps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [TCP Query User{8A5D3F26-00B1-4148-A947-D0552279D35A}D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [UDP Query User{5CA592DA-95E2-4F37-A4DB-4C488C25A438}D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [{F4171C87-59AD-44C1-851A-45BCB2DBA29F}] => (Block) D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [{CD53CE50-438A-49DA-815A-8E85EE927043}] => (Block) D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager =============

Name: WPS
Description: WPS
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: WPS
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/20/2016 02:03:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 53.0.2785.143, Zeitstempel: 0x57e73b52
Name des fehlerhaften Moduls: chrome.exe, Version: 53.0.2785.143, Zeitstempel: 0x57e73b52
Ausnahmecode: 0x40000015
Fehleroffset: 0x00066e6e
ID des fehlerhaften Prozesses: 0x1dc
Startzeit der fehlerhaften Anwendung: 0x01d22ac587fb4f0b
Pfad der fehlerhaften Anwendung: C:\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe
Pfad des fehlerhaften Moduls: C:\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe
Berichtskennung: 43fa1d56-96bd-11e6-9375-3860775e8b90

Error: (10/20/2016 01:30:05 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {2e9cd09e-48da-42c0-8d27-650d637f6e43}

Error: (10/20/2016 01:19:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (10/20/2016 01:18:48 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1

Error: (10/20/2016 01:18:48 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1

Error: (10/20/2016 01:18:48 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1

Error: (10/20/2016 11:34:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (10/20/2016 11:33:26 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1

Error: (10/20/2016 11:33:26 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1

Error: (10/20/2016 11:33:26 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1


Systemfehler:
=============
Error: (10/20/2016 01:19:28 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
WPS

Error: (10/20/2016 01:19:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (10/20/2016 01:19:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (10/20/2016 01:18:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Norton Online Backup" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (10/20/2016 01:18:42 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "\\?\Volume{d469cb42-e5d6-11e0-bb24-806e6f6e6963}" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.

Error: (10/20/2016 01:18:42 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "\\?\Volume{d469cb41-e5d6-11e0-bb24-806e6f6e6963}" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.

Error: (10/20/2016 11:34:06 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
WPS

Error: (10/20/2016 11:33:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (10/20/2016 11:33:53 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (10/20/2016 11:33:23 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Norton Online Backup" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.


CodeIntegrity:
===================================
  Date: 2015-05-22 23:21:07.651
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\Programme (x99)\ESEA\ESEA_Client\eseaclient.exe" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-22 23:20:46.264
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\Programme (x99)\ESEA\ESEA_Client\eseaclient.exe" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-22 19:18:47.591
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-22 19:13:44.865
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\ALEXAN~1\AppData\Local\Temp\CR_6B733.tmp\setup.exe" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-22 19:13:44.507
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Alexander\AppData\Local\Google\Chrome\Application\42.0.2311.152\Installer\setup.exe" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-22 19:13:44.316
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Alexander\AppData\Local\Google\Update\Install\{2560CEC2-DAFF-4515-95B0-6D4F5E9C5A64}\43.0.2357.65_42.0.2311.152_chrome_updater.exe" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-22 17:41:32.254
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Avira\AntiVir Desktop\ipmgui.exe" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-22 17:25:39.083
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Alexander\AppData\Local\TeamSpeak 3 Client\ts3client_win32.exe" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-22 17:12:09.661
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Alexander\AppData\Roaming\Spotify\SpotifyWebHelper.exe" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-22 17:12:09.486
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Alexander\AppData\Roaming\Spotify\SpotifyCrashService.exe" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz
Prozentuale Nutzung des RAM: 27%
Installierter physikalischer RAM: 8174.47 MB
Verfügbarer physikalischer RAM: 5908.37 MB
Summe virtueller Speicher: 9196.66 MB
Verfügbarer virtueller Speicher: 6105.13 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:99.14 GB) (Free:5.58 GB) NTFS
Drive d: (Data) (Fixed) (Total:916.51 GB) (Free:720.4 GB) NTFS
Drive h: (ASUS_VG248) (CDROM) (Total:0.36 GB) (Free:0 GB) UDF

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 4A648C57)
Partition 1: (Not Active) - (Size=12.6 GB) - (Type=27)
Partition 2: (Active) - (Size=25 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=99.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 556CE3D0)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Not Active) - (Size=916.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

--- --- ---

crtys · 20.10.2016, 15:36

Code:

ATTFilter

16:34:39.0672 0x1f48  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
16:34:44.0812 0x1f48  ============================================================
16:34:44.0812 0x1f48  Current date / time: 2016/10/20 16:34:44.0812
16:34:44.0812 0x1f48  SystemInfo:
16:34:44.0812 0x1f48  
16:34:44.0812 0x1f48  OS Version: 6.1.7601 ServicePack: 1.0
16:34:44.0812 0x1f48  Product type: Workstation
16:34:44.0812 0x1f48  ComputerName: ALEXANDER-PC
16:34:44.0812 0x1f48  UserName: Alexander
16:34:44.0812 0x1f48  Windows directory: C:\Windows
16:34:44.0812 0x1f48  System windows directory: C:\Windows
16:34:44.0812 0x1f48  Running under WOW64
16:34:44.0812 0x1f48  Processor architecture: Intel x64
16:34:44.0812 0x1f48  Number of processors: 4
16:34:44.0812 0x1f48  Page size: 0x1000
16:34:44.0812 0x1f48  Boot type: Normal boot
16:34:44.0812 0x1f48  CodeIntegrityOptions = 0x00000001
16:34:44.0812 0x1f48  ============================================================
16:34:45.0443 0x1f48  KLMD registered as C:\Windows\system32\drivers\69245058.sys
16:34:45.0443 0x1f48  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23564, osProperties = 0x1
16:34:45.0866 0x1f48  System UUID: {0C50784A-6CFC-AF6E-6218-E80CA91D9C30}
16:34:46.0842 0x1f48  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:34:46.0843 0x1f48  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:34:46.0876 0x1f48  ============================================================
16:34:46.0876 0x1f48  \Device\Harddisk0\DR0:
16:34:46.0877 0x1f48  MBR partitions:
16:34:46.0877 0x1f48  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x193D800, BlocksNum 0xC800
16:34:46.0877 0x1f48  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x194A000, BlocksNum 0xC649800
16:34:46.0877 0x1f48  \Device\Harddisk1\DR1:
16:34:46.0877 0x1f48  MBR partitions:
16:34:46.0877 0x1f48  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x72905000
16:34:46.0877 0x1f48  ============================================================
16:34:46.0878 0x1f48  C: <-> \Device\Harddisk0\DR0\Partition2
16:34:46.0921 0x1f48  D: <-> \Device\Harddisk1\DR1\Partition1
16:34:46.0921 0x1f48  ============================================================
16:34:46.0922 0x1f48  Initialize success
16:34:46.0922 0x1f48  ============================================================
16:34:52.0934 0x19d8  ============================================================
16:34:52.0934 0x19d8  Scan started
16:34:52.0934 0x19d8  Mode: Manual; 
16:34:52.0934 0x19d8  ============================================================
16:34:52.0934 0x19d8  KSN ping started
16:35:06.0462 0x19d8  KSN ping finished: true
16:35:06.0772 0x19d8  ================ Scan system memory ========================
16:35:06.0772 0x19d8  System memory - ok
16:35:06.0772 0x19d8  ================ Scan services =============================
16:35:06.0803 0x19d8  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:35:06.0807 0x19d8  1394ohci - ok
16:35:06.0824 0x19d8  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:35:06.0829 0x19d8  ACPI - ok
16:35:06.0832 0x19d8  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:35:06.0833 0x19d8  AcpiPmi - ok
16:35:06.0857 0x19d8  [ 1E30AB3A4D3EB916FF6C1B71B9F2331A, 4D1D703CD16FAE5096A8897DDC69C925FA3BFF1F45E1EA55898BF251AF0D3E9A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:35:06.0861 0x19d8  AdobeFlashPlayerUpdateSvc - ok
16:35:06.0875 0x19d8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
16:35:06.0883 0x19d8  adp94xx - ok
16:35:06.0893 0x19d8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
16:35:06.0899 0x19d8  adpahci - ok
16:35:06.0905 0x19d8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
16:35:06.0908 0x19d8  adpu320 - ok
16:35:06.0913 0x19d8  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:35:06.0915 0x19d8  AeLookupSvc - ok
16:35:06.0928 0x19d8  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
16:35:06.0935 0x19d8  AFD - ok
16:35:06.0939 0x19d8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
16:35:06.0941 0x19d8  agp440 - ok
16:35:06.0945 0x19d8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
16:35:06.0946 0x19d8  ALG - ok
16:35:06.0949 0x19d8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:35:06.0949 0x19d8  aliide - ok
16:35:06.0952 0x19d8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
16:35:06.0953 0x19d8  amdide - ok
16:35:06.0956 0x19d8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
16:35:06.0958 0x19d8  AmdK8 - ok
16:35:06.0961 0x19d8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
16:35:06.0962 0x19d8  AmdPPM - ok
16:35:06.0967 0x19d8  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:35:06.0969 0x19d8  amdsata - ok
16:35:06.0975 0x19d8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
16:35:06.0978 0x19d8  amdsbs - ok
16:35:06.0981 0x19d8  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:35:06.0982 0x19d8  amdxata - ok
16:35:07.0014 0x19d8  [ 1B534F5AE93CA21DBA5FF502F5353B66, DCA07FD29FEF0FD3025DD12E3B047B99D4FAD387E37A84C3859D12C1ECD1080B ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
16:35:07.0030 0x19d8  AntiVirMailService - ok
16:35:07.0045 0x19d8  [ 0511A349A99745B0811B94A008C639BE, E0FA78704957562C66C83E730882560F71C92E297B67DB6A9D2954DA23154826 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
16:35:07.0052 0x19d8  AntiVirSchedulerService - ok
16:35:07.0066 0x19d8  [ 0511A349A99745B0811B94A008C639BE, E0FA78704957562C66C83E730882560F71C92E297B67DB6A9D2954DA23154826 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
16:35:07.0073 0x19d8  AntiVirService - ok
16:35:07.0075 0x19d8  AntiVirWebService - ok
16:35:07.0080 0x19d8  [ 8B73FEE96B60EE597CBCAA735A842A36, AB3FC01FEC62AC115EC766770D8694DEDA2FF2286E0199DC238ABF2493EC1A22 ] AppID           C:\Windows\system32\drivers\appid.sys
16:35:07.0081 0x19d8  AppID - ok
16:35:07.0084 0x19d8  [ F5800413C0DF45C2CA15FD3ACBB1365F, 741E09EED0FF0152B59704729BD700E7D7A671C88F0708884AAB7A56ECCBD8AB ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:35:07.0085 0x19d8  AppIDSvc - ok
16:35:07.0089 0x19d8  [ B46099A534B7989D80330EA82D9092D6, 0CAC09732FAFAE805E55428B6BE001DCC39EBC599539FADE7AA68571A8A554E5 ] Appinfo         C:\Windows\System32\appinfo.dll
16:35:07.0090 0x19d8  Appinfo - ok
16:35:07.0096 0x19d8  [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:35:07.0098 0x19d8  Apple Mobile Device Service - ok
16:35:07.0102 0x19d8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
16:35:07.0104 0x19d8  arc - ok
16:35:07.0108 0x19d8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:35:07.0110 0x19d8  arcsas - ok
16:35:07.0121 0x19d8  [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:35:07.0122 0x19d8  aspnet_state - ok
16:35:07.0125 0x19d8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:35:07.0126 0x19d8  AsyncMac - ok
16:35:07.0129 0x19d8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
16:35:07.0130 0x19d8  atapi - ok
16:35:07.0148 0x19d8  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:35:07.0159 0x19d8  AudioEndpointBuilder - ok
16:35:07.0176 0x19d8  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:35:07.0186 0x19d8  AudioSrv - ok
16:35:07.0194 0x19d8  [ C7255291C3FDA7EC6FB4F928C442E0D4, DFA0CDB1E6DC981A4A7C81098B0A26571C6BFE3A4E186BD592E285C3927E2823 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
16:35:07.0197 0x19d8  avgntflt - ok
16:35:07.0203 0x19d8  [ E745629CBC104D2B446CFB859084BEB5, 3FC86742A44D9867F7CE7FD28DB4591B745495AF6A96E057A5F62ACD87E9E5B5 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
16:35:07.0206 0x19d8  avipbb - ok
16:35:07.0217 0x19d8  [ A177265C1777ABE56B22D921F91DDC38, D4E9C5BFC65063EDA015723058805B03C51F5B7456B404A4548CEC8DF6A3F7B7 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
16:35:07.0222 0x19d8  Avira.ServiceHost - ok
16:35:07.0226 0x19d8  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
16:35:07.0227 0x19d8  avkmgr - ok
16:35:07.0232 0x19d8  [ F161CF8F628130B464E6A908723D488C, 95D40B679C132989B6031CC566235033400DA88006CF258F1CEFFB0D105E3B5B ] AVMPowerlineService C:\Program Files (x86)\FRITZ!Powerline\PowerlineService.exe
16:35:07.0235 0x19d8  AVMPowerlineService - ok
16:35:07.0240 0x19d8  [ 138A53D17B040F5A3A307D44A89D0905, AD212E430F2DE43F037BECF6A46FCD53270A5EE11427030C7D5CBC3EAAAAA029 ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
16:35:07.0241 0x19d8  avnetflt - ok
16:35:07.0246 0x19d8  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:35:07.0248 0x19d8  AxInstSV - ok
16:35:07.0261 0x19d8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
16:35:07.0268 0x19d8  b06bdrv - ok
16:35:07.0277 0x19d8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:35:07.0281 0x19d8  b57nd60a - ok
16:35:07.0289 0x19d8  [ 93EE7D9C35AE7E9FFDA148D7805F1421, 9D88D5CC08F887B35A893FEC80D8CC4A9E4EAAF533E27D0F1B9CC36C171C92DA ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
16:35:07.0292 0x19d8  BBSvc - ok
16:35:07.0297 0x19d8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:35:07.0299 0x19d8  BDESVC - ok
16:35:07.0301 0x19d8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:35:07.0302 0x19d8  Beep - ok
16:35:07.0334 0x19d8  [ E543472B75FC78B3205273AE1E8CFE5F, 97CCA65B2BD59DF45B069DE66522E768968CD03B377F797691429E14D448BE9F ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
16:35:07.0354 0x19d8  BEService - ok
16:35:07.0374 0x19d8  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
16:35:07.0384 0x19d8  BFE - ok
16:35:07.0405 0x19d8  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
16:35:07.0419 0x19d8  BITS - ok
16:35:07.0423 0x19d8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
16:35:07.0424 0x19d8  blbdrive - ok
16:35:07.0436 0x19d8  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:35:07.0443 0x19d8  Bonjour Service - ok
16:35:07.0448 0x19d8  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:35:07.0450 0x19d8  bowser - ok
16:35:07.0452 0x19d8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
16:35:07.0453 0x19d8  BrFiltLo - ok
16:35:07.0456 0x19d8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
16:35:07.0456 0x19d8  BrFiltUp - ok
16:35:07.0461 0x19d8  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
16:35:07.0464 0x19d8  Browser - ok
16:35:07.0472 0x19d8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:35:07.0477 0x19d8  Brserid - ok
16:35:07.0480 0x19d8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:35:07.0481 0x19d8  BrSerWdm - ok
16:35:07.0484 0x19d8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:35:07.0484 0x19d8  BrUsbMdm - ok
16:35:07.0487 0x19d8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:35:07.0487 0x19d8  BrUsbSer - ok
16:35:07.0491 0x19d8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
16:35:07.0492 0x19d8  BTHMODEM - ok
16:35:07.0497 0x19d8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
16:35:07.0499 0x19d8  bthserv - ok
16:35:07.0504 0x19d8  [ 55913573C41CF091F93A1AC07965EA7E, D7C1DEC9A77EA5E2D14A85BFB0F8E9392BE33EF5E71B7A240F63D66FFE3A31D1 ] busenum         C:\Windows\system32\DRIVERS\SteelBus64.sys
16:35:07.0506 0x19d8  busenum - ok
16:35:07.0511 0x19d8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:35:07.0513 0x19d8  cdfs - ok
16:35:07.0518 0x19d8  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:35:07.0520 0x19d8  cdrom - ok
16:35:07.0566 0x19d8  [ 010D2D0B6C3C869D8CDE126743A098E2, C4B78415CE5D1D515453C5D29381898AE4399C320D1E4B8FEE71B442ED67C3DC ] celavimushost   D:\CSGO Client Beta\CelavimusClientHelper.exe
16:35:07.0570 0x19d8  celavimushost - ok
16:35:07.0578 0x19d8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:35:07.0581 0x19d8  CertPropSvc - ok
16:35:07.0654 0x19d8  [ 213B6EC3DE19E35373A1906397588429, C72B74D4840946DC6952B9F6C4A568DA702DD2D6E211AA5BB7F82EF481F449C6 ] CGVPNCliSrvc    C:\Program Files\CyberGhost VPN\CGVPNCliService.exe
16:35:07.0691 0x19d8  CGVPNCliSrvc - ok
16:35:07.0697 0x19d8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
16:35:07.0698 0x19d8  circlass - ok
16:35:07.0708 0x19d8  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
16:35:07.0714 0x19d8  CLFS - ok
16:35:07.0721 0x19d8  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:35:07.0722 0x19d8  clr_optimization_v2.0.50727_32 - ok
16:35:07.0729 0x19d8  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:35:07.0731 0x19d8  clr_optimization_v2.0.50727_64 - ok
16:35:07.0740 0x19d8  [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:35:07.0742 0x19d8  clr_optimization_v4.0.30319_32 - ok
16:35:07.0748 0x19d8  [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:35:07.0750 0x19d8  clr_optimization_v4.0.30319_64 - ok
16:35:07.0753 0x19d8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
16:35:07.0754 0x19d8  CmBatt - ok
16:35:07.0757 0x19d8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:35:07.0758 0x19d8  cmdide - ok
16:35:07.0772 0x19d8  [ 3323F76352B0AF14B2CDC4DFBF3E980A, F8E3C3508C37E647497B6889F26819B1DB30275F48A994D1BBFBAA9454E5FD70 ] CNG             C:\Windows\system32\Drivers\cng.sys
16:35:07.0779 0x19d8  CNG - ok
16:35:07.0782 0x19d8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
16:35:07.0783 0x19d8  Compbatt - ok
16:35:07.0786 0x19d8  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
16:35:07.0787 0x19d8  CompositeBus - ok
16:35:07.0788 0x19d8  COMSysApp - ok
16:35:07.0793 0x19d8  [ C08063F052308B6F5882482615387F30, 523D1D43E896077F32CD9ACAA8E85B513BFB7B013A625E56F0D4E9675D9822BA ] cpuz135         C:\Windows\system32\drivers\cpuz135_x64.sys
16:35:07.0793 0x19d8  cpuz135 - ok
16:35:07.0796 0x19d8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
16:35:07.0797 0x19d8  crcdisk - ok
16:35:07.0804 0x19d8  [ BB724567892383010B8436DCC0A84628, 2768F5FD7A096CB1CEA33F8818EF16F9F5E3E07BB8442949A49A9CF24B62C6E6 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:35:07.0807 0x19d8  CryptSvc - ok
16:35:07.0822 0x19d8  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:35:07.0830 0x19d8  DcomLaunch - ok
16:35:07.0840 0x19d8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
16:35:07.0845 0x19d8  defragsvc - ok
16:35:07.0849 0x19d8  [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:35:07.0851 0x19d8  DfsC - ok
16:35:07.0861 0x19d8  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:35:07.0866 0x19d8  Dhcp - ok
16:35:07.0899 0x19d8  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
16:35:07.0919 0x19d8  DiagTrack - ok
16:35:07.0924 0x19d8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
16:35:07.0925 0x19d8  discache - ok
16:35:07.0929 0x19d8  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
16:35:07.0930 0x19d8  Disk - ok
16:35:07.0937 0x19d8  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:35:07.0940 0x19d8  Dnscache - ok
16:35:07.0947 0x19d8  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:35:07.0952 0x19d8  dot3svc - ok
16:35:07.0958 0x19d8  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
16:35:07.0961 0x19d8  DPS - ok
16:35:07.0963 0x19d8  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:35:07.0964 0x19d8  drmkaud - ok
16:35:07.0986 0x19d8  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:35:08.0001 0x19d8  DXGKrnl - ok
16:35:08.0005 0x19d8  EagleX64 - ok
16:35:08.0010 0x19d8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
16:35:08.0012 0x19d8  EapHost - ok
16:35:08.0079 0x19d8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
16:35:08.0127 0x19d8  ebdrv - ok
16:35:08.0133 0x19d8  [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] EFS             C:\Windows\System32\lsass.exe
16:35:08.0134 0x19d8  EFS - ok
16:35:08.0140 0x19d8  [ 03E6888DA1A85ACF14AC2A3C328A9E62, 120A7A10F6DAC991B91BFEC5430FD9F929E173AB513891B229F19A9BA4EC3998 ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
16:35:08.0143 0x19d8  EgisTec Ticket Service - ok
16:35:08.0162 0x19d8  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:35:08.0172 0x19d8  ehRecvr - ok
16:35:08.0177 0x19d8  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
16:35:08.0179 0x19d8  ehSched - ok
16:35:08.0194 0x19d8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
16:35:08.0202 0x19d8  elxstor - ok
16:35:08.0205 0x19d8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:35:08.0205 0x19d8  ErrDev - ok
16:35:08.0279 0x19d8  [ 6463644F80F3F4807404C371264AD284, 0477A0374E48EBCAFC7D2962C3DA51A1499E1508556EB77B863B3B53C8D4B5FC ] ESEADriver2     C:\Users\ALEXAN~1\AppData\Local\Temp\ESEADriver2.sys
16:35:08.0287 0x19d8  ESEADriver2 - ok
16:35:08.0311 0x19d8  [ C33ACB897AF927D1C1BD84F211FAE75B, D598E1A2372DBA644C411770CFB168AE010F5D8660B2EF2D2E015AD08FB463E4 ] ESLvnic1        C:\Windows\system32\DRIVERS\ESLvnic.sys
16:35:08.0312 0x19d8  ESLvnic1 - ok
16:35:08.0328 0x19d8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
16:35:08.0337 0x19d8  EventSystem - ok
16:35:08.0346 0x19d8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:35:08.0350 0x19d8  exfat - ok
16:35:08.0358 0x19d8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:35:08.0361 0x19d8  fastfat - ok
16:35:08.0379 0x19d8  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
16:35:08.0390 0x19d8  Fax - ok
16:35:08.0393 0x19d8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
16:35:08.0394 0x19d8  fdc - ok
16:35:08.0397 0x19d8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
16:35:08.0398 0x19d8  fdPHost - ok
16:35:08.0401 0x19d8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:35:08.0402 0x19d8  FDResPub - ok
16:35:08.0406 0x19d8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:35:08.0407 0x19d8  FileInfo - ok
16:35:08.0410 0x19d8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:35:08.0411 0x19d8  Filetrace - ok
16:35:08.0414 0x19d8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
16:35:08.0415 0x19d8  flpydisk - ok
16:35:08.0424 0x19d8  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:35:08.0428 0x19d8  FltMgr - ok
16:35:08.0456 0x19d8  [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache       C:\Windows\system32\FntCache.dll
16:35:08.0474 0x19d8  FontCache - ok
16:35:08.0480 0x19d8  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:35:08.0481 0x19d8  FontCache3.0.0.0 - ok
16:35:08.0484 0x19d8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:35:08.0486 0x19d8  FsDepends - ok
16:35:08.0489 0x19d8  [ DC0DCE4EC2C5D2CF6472F9FD6AA9A7DC, 7022722FA38E81F6F4D0EF9F0FBEDD27C09A238B5246A3C36AEAAC11FF76FE07 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
16:35:08.0491 0x19d8  fssfltr - ok
16:35:08.0526 0x19d8  [ 40CDFAD174B3D5E80F95DDA003C0B97F, 2DA149CE42B87681ECDCC8905D0957443F430A9C7002FF78F22A95F9112A7C4C ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
16:35:08.0549 0x19d8  fsssvc - ok
16:35:08.0553 0x19d8  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:35:08.0554 0x19d8  Fs_Rec - ok
16:35:08.0561 0x19d8  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:35:08.0565 0x19d8  fvevol - ok
16:35:08.0569 0x19d8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:35:08.0570 0x19d8  gagp30kx - ok
16:35:08.0575 0x19d8  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:35:08.0576 0x19d8  GEARAspiWDM - ok
16:35:08.0603 0x19d8  [ 024299B2B0E1C11320A4592570D8DE20, 16FB3982E718F2834D1272D400F92AD6319A0C197227C5D61AF87B3C8D2D4759 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
16:35:08.0620 0x19d8  GfExperienceService - ok
16:35:08.0641 0x19d8  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
16:35:08.0654 0x19d8  gpsvc - ok
16:35:08.0658 0x19d8  [ 0191DEE9B9EB7902AF2CF4F67301095D, 9E2E263E84167E1AD3FFCEA84066AF07CD6A653F5D8266A619E4973BC4B25460 ] GREGService     C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
16:35:08.0658 0x19d8  GREGService - ok
16:35:08.0665 0x19d8  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:35:08.0667 0x19d8  gupdate - ok
16:35:08.0673 0x19d8  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:35:08.0675 0x19d8  gupdatem - ok
16:35:08.0678 0x19d8  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
16:35:08.0679 0x19d8  hamachi - ok
16:35:08.0823 0x19d8  [ 9EAFEA01861BDC6AB233381C28369D37, 810CA7D968A2825F2B162F8EFDA7ACE2574592247D8E084B1454E5195E726BA1 ] Hamachi2Svc     D:\Programme (x99)\x64\hamachi-2.exe
16:35:08.0861 0x19d8  Hamachi2Svc - ok
16:35:08.0867 0x19d8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:35:08.0868 0x19d8  hcw85cir - ok
16:35:08.0878 0x19d8  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:35:08.0883 0x19d8  HdAudAddService - ok
16:35:08.0888 0x19d8  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
16:35:08.0890 0x19d8  HDAudBus - ok
16:35:08.0893 0x19d8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
16:35:08.0894 0x19d8  HidBatt - ok
16:35:08.0899 0x19d8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
16:35:08.0900 0x19d8  HidBth - ok
16:35:08.0904 0x19d8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
16:35:08.0905 0x19d8  HidIr - ok
16:35:08.0908 0x19d8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
16:35:08.0910 0x19d8  hidserv - ok
16:35:08.0913 0x19d8  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:35:08.0914 0x19d8  HidUsb - ok
16:35:08.0919 0x19d8  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:35:08.0921 0x19d8  hkmsvc - ok
16:35:08.0929 0x19d8  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:35:08.0933 0x19d8  HomeGroupListener - ok
16:35:08.0940 0x19d8  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:35:08.0944 0x19d8  HomeGroupProvider - ok
16:35:08.0948 0x19d8  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:35:08.0949 0x19d8  HpSAMD - ok
16:35:08.0969 0x19d8  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:35:08.0980 0x19d8  HTTP - ok
16:35:08.0984 0x19d8  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:35:08.0985 0x19d8  hwpolicy - ok
16:35:08.0989 0x19d8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
16:35:08.0991 0x19d8  i8042prt - ok
16:35:09.0003 0x19d8  [ D7921D5A870B11CC1ADAB198A519D50A, 5DF99EB5D5504E9D9EB21658E8B4A58DEE2AD143A1875DB7F9B7BF4877FCB57F ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
16:35:09.0009 0x19d8  iaStor - ok
16:35:09.0014 0x19d8  [ 8FFF9083252C16FE3960173722605E9E, 6546FDA34B9AF94C5E86E5269BBC2F02F1E78D6D4BE5B5EC01F4B284CC934994 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
16:35:09.0014 0x19d8  IAStorDataMgrSvc - ok
16:35:09.0026 0x19d8  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:35:09.0032 0x19d8  iaStorV - ok
16:35:09.0054 0x19d8  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:35:09.0067 0x19d8  idsvc - ok
16:35:09.0071 0x19d8  IEEtwCollectorService - ok
16:35:09.0074 0x19d8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
16:35:09.0075 0x19d8  iirsp - ok
16:35:09.0096 0x19d8  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
16:35:09.0109 0x19d8  IKEEXT - ok
16:35:09.0165 0x19d8  [ 82D0C8C47F6A52B695F405661D1DF50E, 338894EC24CB4D04926DDB2A7E4281D8F0FDBC5E491ACB38132899CA8AA1A608 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:35:09.0203 0x19d8  IntcAzAudAddService - ok
16:35:09.0209 0x19d8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:35:09.0210 0x19d8  intelide - ok
16:35:09.0213 0x19d8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:35:09.0214 0x19d8  intelppm - ok
16:35:09.0242 0x19d8  [ BF5CFDE957047189A16C07903E452934, 861EDFB911438B26F3F562A3BC9B3CFAA5C3EAFA2D5DE00D7FA4E0649C3AF028 ] IntSch2Svc      C:\Program Files (x86)\Common Files\Intel\Schedule2\schedul2.exe
16:35:09.0259 0x19d8  IntSch2Svc - ok
16:35:09.0265 0x19d8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:35:09.0267 0x19d8  IPBusEnum - ok
16:35:09.0271 0x19d8  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:35:09.0273 0x19d8  IpFilterDriver - ok
16:35:09.0288 0x19d8  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:35:09.0297 0x19d8  iphlpsvc - ok
16:35:09.0301 0x19d8  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:35:09.0303 0x19d8  IPMIDRV - ok
16:35:09.0307 0x19d8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:35:09.0309 0x19d8  IPNAT - ok
16:35:09.0328 0x19d8  [ 2208D673C5D4B22EB0235EA1EC6269CC, 3E73032D67B3B740E11CEA0748CDFFBE35619CBF1AC1C3D86EF089CA326D7918 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
16:35:09.0337 0x19d8  iPod Service - ok
16:35:09.0341 0x19d8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:35:09.0342 0x19d8  IRENUM - ok
16:35:09.0344 0x19d8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:35:09.0345 0x19d8  isapnp - ok
16:35:09.0353 0x19d8  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:35:09.0358 0x19d8  iScsiPrt - ok
16:35:09.0361 0x19d8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:35:09.0362 0x19d8  kbdclass - ok
16:35:09.0365 0x19d8  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
16:35:09.0366 0x19d8  kbdhid - ok
16:35:09.0369 0x19d8  [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] KeyIso          C:\Windows\system32\lsass.exe
16:35:09.0370 0x19d8  KeyIso - ok
16:35:09.0375 0x19d8  [ CF11CC2B73D5155533C67354F9188E09, D59C30B9651F8E0952DFF34A010BC60A1D27AE10F5705C54424BF6BB7ADF9F62 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:35:09.0377 0x19d8  KSecDD - ok
16:35:09.0382 0x19d8  [ 2E56D51B184EFB8E353B7AF446299DC8, CE7AAFF89F3A0BFE191DE90430A04C7FB899F5CF3B704AA5A96F47D5F37192B2 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:35:09.0385 0x19d8  KSecPkg - ok
16:35:09.0388 0x19d8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:35:09.0388 0x19d8  ksthunk - ok
16:35:09.0399 0x19d8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:35:09.0405 0x19d8  KtmRm - ok
16:35:09.0409 0x19d8  [ 86DCBF8A41C78561A1DA07AB5E7B1CCC, 5AF276893B8752B5F8DE58491D54A338EE449091F06113EA07580F4461CAEA4E ] LADF_DHP2       C:\Windows\system32\DRIVERS\ladfDHP2amd64.sys
16:35:09.0410 0x19d8  LADF_DHP2 - ok
16:35:09.0421 0x19d8  [ 175C04C7813CE64616B5CB046E5E1383, 20D7BA76FCFDAD785DBFCEAB7069CEF74E142C4F6FE797C38B5BF759173CE32B ] LADF_SBVM       C:\Windows\system32\DRIVERS\ladfSBVMamd64.sys
16:35:09.0427 0x19d8  LADF_SBVM - ok
16:35:09.0434 0x19d8  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:35:09.0439 0x19d8  LanmanServer - ok
16:35:09.0444 0x19d8  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:35:09.0447 0x19d8  LanmanWorkstation - ok
16:35:09.0455 0x19d8  [ 6BCEE9C766815BFFF89DE7D81AF34CE1, E10B9EFAF5D1E6596CFC7E3C9D5C3904EC8E82B16133B59BBC636F5E4D0AEB7F ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
16:35:09.0459 0x19d8  Live Updater Service - ok
16:35:09.0463 0x19d8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:35:09.0464 0x19d8  lltdio - ok
16:35:09.0473 0x19d8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:35:09.0478 0x19d8  lltdsvc - ok
16:35:09.0481 0x19d8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:35:09.0482 0x19d8  lmhosts - ok
16:35:09.0492 0x19d8  [ 50C7CE53EF461870410355F1F2E7D515, D6E84C63D74E4603D37FD7CC88BF51DE23CD17DB1D1AD4ADBED62F949F3C470C ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:35:09.0497 0x19d8  LMS - ok
16:35:09.0502 0x19d8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
16:35:09.0504 0x19d8  LSI_FC - ok
16:35:09.0509 0x19d8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:35:09.0511 0x19d8  LSI_SAS - ok
16:35:09.0514 0x19d8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
16:35:09.0516 0x19d8  LSI_SAS2 - ok
16:35:09.0520 0x19d8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
16:35:09.0522 0x19d8  LSI_SCSI - ok
16:35:09.0527 0x19d8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
16:35:09.0529 0x19d8  luafv - ok
16:35:09.0533 0x19d8  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:35:09.0535 0x19d8  Mcx2Svc - ok
16:35:09.0538 0x19d8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
16:35:09.0539 0x19d8  megasas - ok
16:35:09.0548 0x19d8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
16:35:09.0552 0x19d8  MegaSR - ok
16:35:09.0556 0x19d8  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
16:35:09.0557 0x19d8  MEIx64 - ok
16:35:09.0561 0x19d8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
16:35:09.0563 0x19d8  MMCSS - ok
16:35:09.0566 0x19d8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
16:35:09.0567 0x19d8  Modem - ok
16:35:09.0570 0x19d8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:35:09.0570 0x19d8  monitor - ok
16:35:09.0574 0x19d8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:35:09.0575 0x19d8  mouclass - ok
16:35:09.0578 0x19d8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:35:09.0579 0x19d8  mouhid - ok
16:35:09.0583 0x19d8  [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:35:09.0585 0x19d8  mountmgr - ok
16:35:09.0591 0x19d8  [ 46297FA8E30A6007F14118FC2B942FBC, 40785B7121DBFA411EA922ECF6008BA4A94BC742662E271BFD6B31288ECC1BA4 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:35:09.0593 0x19d8  MozillaMaintenance - ok
16:35:09.0599 0x19d8  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:35:09.0601 0x19d8  mpio - ok
16:35:09.0605 0x19d8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:35:09.0607 0x19d8  mpsdrv - ok
16:35:09.0626 0x19d8  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:35:09.0639 0x19d8  MpsSvc - ok
16:35:09.0645 0x19d8  [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:35:09.0648 0x19d8  MRxDAV - ok
16:35:09.0654 0x19d8  [ FCA01B0C70DAE9BE557577E719469D17, F9868B7B50EF6323BF6690F087A83928A1E82B96A19B27F344E10BF11E520C32 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:35:09.0656 0x19d8  mrxsmb - ok
16:35:09.0665 0x19d8  [ 386BE96797C5B480AD31E8B50CEE337C, 88E826F42BEB38CAA7C84AE6ED4D8EBC4D382A8A37CF9F7B8517B297F168F1B3 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:35:09.0670 0x19d8  mrxsmb10 - ok
16:35:09.0675 0x19d8  [ 841474CF2EB14F826038FBCC7D85B857, 4B1BC8AFDA54D1F16AC2AAB7EDDAE07FBF1E3B65D1658F8901A3E3175AF72800 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:35:09.0677 0x19d8  mrxsmb20 - ok
16:35:09.0681 0x19d8  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:35:09.0681 0x19d8  msahci - ok
16:35:09.0687 0x19d8  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:35:09.0689 0x19d8  msdsm - ok
16:35:09.0695 0x19d8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
16:35:09.0698 0x19d8  MSDTC - ok
16:35:09.0703 0x19d8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:35:09.0704 0x19d8  Msfs - ok
16:35:09.0706 0x19d8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:35:09.0707 0x19d8  mshidkmdf - ok
16:35:09.0709 0x19d8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:35:09.0710 0x19d8  msisadrv - ok
16:35:09.0716 0x19d8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:35:09.0719 0x19d8  MSiSCSI - ok
16:35:09.0721 0x19d8  msiserver - ok
16:35:09.0724 0x19d8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:35:09.0724 0x19d8  MSKSSRV - ok
16:35:09.0727 0x19d8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:35:09.0727 0x19d8  MSPCLOCK - ok
16:35:09.0730 0x19d8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:35:09.0730 0x19d8  MSPQM - ok
16:35:09.0740 0x19d8  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:35:09.0746 0x19d8  MsRPC - ok
16:35:09.0750 0x19d8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
16:35:09.0751 0x19d8  mssmbios - ok
16:35:09.0754 0x19d8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:35:09.0754 0x19d8  MSTEE - ok
16:35:09.0757 0x19d8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
16:35:09.0757 0x19d8  MTConfig - ok
16:35:09.0761 0x19d8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
16:35:09.0762 0x19d8  Mup - ok
16:35:09.0765 0x19d8  [ 9B1EAC6FAF6F37305E822F5588DC8056, AE0DC044159BB03EE8A39AE0682C8F6A78D89AD5A6192E7006D75850ECD50E9D ] mwlPSDFilter    C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
16:35:09.0765 0x19d8  mwlPSDFilter - ok
16:35:09.0768 0x19d8  [ AD55C1524B296280ED9C6E0D730D35DA, 8E5F9652CFCB325E131CEB2E4871126EB6F940DF7894B2E7F8241F1EF69920ED ] mwlPSDNServ     C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
16:35:09.0769 0x19d8  mwlPSDNServ - ok
16:35:09.0773 0x19d8  [ 2B599E6EC8843637BDD62E7F8F3BA201, 51EE657FC6CA4F2BCC24573B27379231EF30920A559423A860A278C59F4B9F98 ] mwlPSDVDisk     C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
16:35:09.0774 0x19d8  mwlPSDVDisk - ok
16:35:09.0788 0x19d8  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
16:35:09.0796 0x19d8  napagent - ok
16:35:09.0806 0x19d8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:35:09.0811 0x19d8  NativeWifiP - ok
16:35:09.0826 0x19d8  [ 9D1CCE440552500DED3A62F9D779CDB4, C6B3B1C891A8BA3F91CC1EC21919C4F80F4C9CAF88971AB6CA11F09820601EBD ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
16:35:09.0833 0x19d8  NAUpdate - ok
16:35:09.0857 0x19d8  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:35:09.0871 0x19d8  NDIS - ok
16:35:09.0875 0x19d8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:35:09.0876 0x19d8  NdisCap - ok
16:35:09.0879 0x19d8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:35:09.0880 0x19d8  NdisTapi - ok
16:35:09.0883 0x19d8  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:35:09.0884 0x19d8  Ndisuio - ok
16:35:09.0890 0x19d8  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:35:09.0893 0x19d8  NdisWan - ok
16:35:09.0896 0x19d8  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:35:09.0898 0x19d8  NDProxy - ok
16:35:09.0902 0x19d8  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl64.sys
16:35:09.0902 0x19d8  Netaapl - ok
16:35:09.0906 0x19d8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:35:09.0907 0x19d8  NetBIOS - ok
16:35:09.0914 0x19d8  [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:35:09.0919 0x19d8  NetBT - ok
16:35:09.0922 0x19d8  [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] Netlogon        C:\Windows\system32\lsass.exe
16:35:09.0923 0x19d8  Netlogon - ok
16:35:09.0933 0x19d8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
16:35:09.0939 0x19d8  Netman - ok
16:35:09.0949 0x19d8  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:35:09.0951 0x19d8  NetMsmqActivator - ok
16:35:09.0957 0x19d8  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:35:09.0959 0x19d8  NetPipeActivator - ok
16:35:09.0972 0x19d8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
16:35:09.0980 0x19d8  netprofm - ok
16:35:09.0985 0x19d8  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:35:09.0987 0x19d8  NetTcpActivator - ok
16:35:09.0992 0x19d8  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:35:09.0994 0x19d8  NetTcpPortSharing - ok
16:35:09.0998 0x19d8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
16:35:09.0999 0x19d8  nfrd960 - ok
16:35:10.0008 0x19d8  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:35:10.0014 0x19d8  NlaSvc - ok
16:35:10.0016 0x19d8  NOBU - ok
16:35:10.0020 0x19d8  [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] npf             C:\Windows\system32\drivers\npf.sys
16:35:10.0021 0x19d8  npf - ok
16:35:10.0024 0x19d8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:35:10.0025 0x19d8  Npfs - ok
16:35:10.0028 0x19d8  npggsvc - ok
16:35:10.0031 0x19d8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
16:35:10.0033 0x19d8  nsi - ok
16:35:10.0035 0x19d8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:35:10.0036 0x19d8  nsiproxy - ok
16:35:10.0073 0x19d8  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:35:10.0106 0x19d8  Ntfs - ok
16:35:10.0109 0x19d8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
16:35:10.0110 0x19d8  Null - ok
16:35:10.0117 0x19d8  [ 554964B900AE2954B8B589B6287034AC, C6C9EA3ADAFEBBF2AF944E4A0656BD795AD37706008CC0CA3F2150BD709476E7 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
16:35:10.0120 0x19d8  NVHDA - ok
16:35:10.0379 0x19d8  [ F554291C0A11F5B713B54C5886D4AA31, 65B7DF4BB3DFF616DC2C863988E30F901E14221C00E2A99A2079E19D91D93BAE ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:35:10.0564 0x19d8  nvlddmkm - ok
16:35:10.0612 0x19d8  [ D6A687B5E24257B5D3991C0D9BC45BBC, EFF23FD2C074A579CAF13C4846D1F0906D014F92517A4C6A359547F560CD296C ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
16:35:10.0638 0x19d8  NvNetworkService - ok
16:35:10.0646 0x19d8  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:35:10.0648 0x19d8  nvraid - ok
16:35:10.0654 0x19d8  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:35:10.0657 0x19d8  nvstor - ok
16:35:10.0660 0x19d8  [ D6E22C63F1F2B2B5B5E95F70BEBDB2BC, 5BE351CB15218EBC7F0C9B5919A8949BD61FEC6182123B589DF50B44C8A3CA9E ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
16:35:10.0661 0x19d8  NvStreamKms - ok
16:35:11.0061 0x19d8  [ C982FE172EA1C7B840C4243C5AB3F8BE, 7CC5BC1F9817E8E0910775FB1EC943345900829D4702538CA7A6138FDF0FAA7F ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
16:35:11.0350 0x19d8  NvStreamSvc - ok
16:35:11.0388 0x19d8  [ 8E99BF264C1F20934A67E91BC9F4FB20, 89AA8823B751F4CEF4E862F1270E7EFDA81A6E5D9C5F72625CBF83C70B312353 ] nvsvc           C:\Windows\system32\nvvsvc.exe
16:35:11.0402 0x19d8  nvsvc - ok
16:35:11.0406 0x19d8  [ 1FE5C1F4CCA8EAEA75C90FB2A85D9CC3, 4C3C36ADC9EC0FDED3E3FFC7918680B643652AD39458FAA8525392DAD0ABD845 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
16:35:11.0407 0x19d8  nvvad_WaveExtensible - ok
16:35:11.0412 0x19d8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:35:11.0414 0x19d8  nv_agp - ok
16:35:11.0418 0x19d8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:35:11.0419 0x19d8  ohci1394 - ok
16:35:11.0503 0x19d8  [ 22A6759ED051B9D1FBF04E1E088ADBBA, 295D2CB3ED59B6689F594ABF3705E4523FDB91325E3C449CD4B45B184328F01B ] Origin Client Service D:\Programme (x99)\Origin\OriginClientService.exe
16:35:11.0535 0x19d8  Origin Client Service - ok
16:35:11.0614 0x19d8  [ 32B5DC6EDBD7E1433F4662110BC2A3F8, C2AC56AB98DF3813425A88BD6CF50BBA6FA4CD7EBC67000B4DD776AAAAC0CB86 ] Origin Web Helper Service D:\Programme (x99)\Origin\OriginWebHelperService.exe
16:35:11.0646 0x19d8  Origin Web Helper Service - ok
16:35:11.0655 0x19d8  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:35:11.0658 0x19d8  ose - ok
16:35:11.0668 0x19d8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:35:11.0674 0x19d8  p2pimsvc - ok
16:35:11.0687 0x19d8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
16:35:11.0695 0x19d8  p2psvc - ok
16:35:11.0699 0x19d8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
16:35:11.0701 0x19d8  Parport - ok
16:35:11.0705 0x19d8  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:35:11.0706 0x19d8  partmgr - ok
16:35:11.0713 0x19d8  [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:35:11.0717 0x19d8  PcaSvc - ok
16:35:11.0723 0x19d8  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
16:35:11.0726 0x19d8  pci - ok
16:35:11.0729 0x19d8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:35:11.0730 0x19d8  pciide - ok
16:35:11.0736 0x19d8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:35:11.0740 0x19d8  pcmcia - ok
16:35:11.0744 0x19d8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:35:11.0745 0x19d8  pcw - ok
16:35:11.0761 0x19d8  [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:35:11.0771 0x19d8  PEAUTH - ok
16:35:11.0789 0x19d8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:35:11.0790 0x19d8  PerfHost - ok
16:35:11.0826 0x19d8  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
16:35:11.0849 0x19d8  pla - ok
16:35:11.0861 0x19d8  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:35:11.0869 0x19d8  PlugPlay - ok
16:35:11.0871 0x19d8  PnkBstrA - ok
16:35:11.0874 0x19d8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:35:11.0875 0x19d8  PNRPAutoReg - ok
16:35:11.0885 0x19d8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:35:11.0890 0x19d8  PNRPsvc - ok
16:35:11.0904 0x19d8  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:35:11.0912 0x19d8  PolicyAgent - ok
16:35:11.0919 0x19d8  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
16:35:11.0923 0x19d8  Power - ok
16:35:11.0928 0x19d8  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:35:11.0930 0x19d8  PptpMiniport - ok
16:35:11.0933 0x19d8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
16:35:11.0935 0x19d8  Processor - ok
16:35:11.0941 0x19d8  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:35:11.0946 0x19d8  ProfSvc - ok
16:35:11.0949 0x19d8  [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:35:11.0950 0x19d8  ProtectedStorage - ok
16:35:11.0955 0x19d8  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:35:11.0957 0x19d8  Psched - ok
16:35:11.0990 0x19d8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
16:35:12.0013 0x19d8  ql2300 - ok
16:35:12.0019 0x19d8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
16:35:12.0021 0x19d8  ql40xx - ok
16:35:12.0029 0x19d8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
16:35:12.0033 0x19d8  QWAVE - ok
16:35:12.0037 0x19d8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:35:12.0038 0x19d8  QWAVEdrv - ok
16:35:12.0040 0x19d8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:35:12.0041 0x19d8  RasAcd - ok
16:35:12.0045 0x19d8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:35:12.0046 0x19d8  RasAgileVpn - ok
16:35:12.0051 0x19d8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
16:35:12.0053 0x19d8  RasAuto - ok
16:35:12.0058 0x19d8  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:35:12.0060 0x19d8  Rasl2tp - ok
16:35:12.0070 0x19d8  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
16:35:12.0076 0x19d8  RasMan - ok
16:35:12.0080 0x19d8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:35:12.0082 0x19d8  RasPppoe - ok
16:35:12.0086 0x19d8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:35:12.0088 0x19d8  RasSstp - ok
16:35:12.0097 0x19d8  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:35:12.0102 0x19d8  rdbss - ok
16:35:12.0105 0x19d8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
16:35:12.0106 0x19d8  rdpbus - ok
16:35:12.0108 0x19d8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:35:12.0109 0x19d8  RDPCDD - ok
16:35:12.0112 0x19d8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:35:12.0113 0x19d8  RDPENCDD - ok
16:35:12.0116 0x19d8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:35:12.0116 0x19d8  RDPREFMP - ok
16:35:12.0123 0x19d8  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:35:12.0127 0x19d8  RDPWD - ok
16:35:12.0134 0x19d8  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:35:12.0138 0x19d8  rdyboost - ok
16:35:12.0142 0x19d8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:35:12.0144 0x19d8  RemoteAccess - ok
16:35:12.0150 0x19d8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:35:12.0154 0x19d8  RemoteRegistry - ok
16:35:12.0158 0x19d8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:35:12.0160 0x19d8  RpcEptMapper - ok
16:35:12.0162 0x19d8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
16:35:12.0163 0x19d8  RpcLocator - ok
16:35:12.0177 0x19d8  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs           C:\Windows\system32\rpcss.dll
16:35:12.0185 0x19d8  RpcSs - ok
16:35:12.0190 0x19d8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:35:12.0191 0x19d8  rspndr - ok
16:35:12.0203 0x19d8  [ 712944C0A377E9B8743F95BD83E882D4, B437396B8D80EC8F121C93F18DE6F83D2DF7FC87D15D3DF8639D47EC28E0D1D4 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
16:35:12.0209 0x19d8  RTL8167 - ok
16:35:12.0216 0x19d8  [ F71EEA505290B0AAD48850F0D750702D, FE3F30A2DCEFD4E6B6D558995FDB24911E089409E1F199EEE0912E045BBC6751 ] RzSynapse       C:\Windows\system32\DRIVERS\RzSynapse.sys
16:35:12.0219 0x19d8  RzSynapse - ok
16:35:12.0222 0x19d8  [ E13D43901EC079280A2A9BAD9A2CCDA7, D74702D49B0EF99FBCED5E16769606ED7977FC8D3ABE1691AE6AFE2B73AC784D ] SAlphamHid      C:\Windows\system32\DRIVERS\SAlpham64.sys
16:35:12.0223 0x19d8  SAlphamHid - ok
16:35:12.0226 0x19d8  [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] SamSs           C:\Windows\system32\lsass.exe
16:35:12.0227 0x19d8  SamSs - ok
16:35:12.0231 0x19d8  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:35:12.0233 0x19d8  sbp2port - ok
16:35:12.0240 0x19d8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:35:12.0243 0x19d8  SCardSvr - ok
16:35:12.0246 0x19d8  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:35:12.0247 0x19d8  scfilter - ok
16:35:12.0273 0x19d8  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
16:35:12.0291 0x19d8  Schedule - ok
16:35:12.0295 0x19d8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:35:12.0297 0x19d8  SCPolicySvc - ok
16:35:12.0303 0x19d8  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:35:12.0307 0x19d8  SDRSVC - ok
16:35:12.0314 0x19d8  [ CC781378E7EDA615D2CDCA3B17829FA4, 137BF83A2A3D69335AD031B8D73473526F782CB8917A34B3CD92F923E7660F2A ] SeaPort         C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
16:35:12.0318 0x19d8  SeaPort - ok
16:35:12.0321 0x19d8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:35:12.0322 0x19d8  secdrv - ok
16:35:12.0325 0x19d8  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
16:35:12.0327 0x19d8  seclogon - ok
16:35:12.0331 0x19d8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
16:35:12.0333 0x19d8  SENS - ok
16:35:12.0336 0x19d8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:35:12.0338 0x19d8  SensrSvc - ok
16:35:12.0341 0x19d8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
16:35:12.0341 0x19d8  Serenum - ok
16:35:12.0346 0x19d8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
16:35:12.0347 0x19d8  Serial - ok
16:35:12.0350 0x19d8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
16:35:12.0351 0x19d8  sermouse - ok
16:35:12.0359 0x19d8  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
16:35:12.0362 0x19d8  SessionEnv - ok
16:35:12.0364 0x19d8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:35:12.0365 0x19d8  sffdisk - ok
16:35:12.0368 0x19d8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:35:12.0368 0x19d8  sffp_mmc - ok
16:35:12.0371 0x19d8  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:35:12.0371 0x19d8  sffp_sd - ok
16:35:12.0374 0x19d8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
16:35:12.0375 0x19d8  sfloppy - ok
16:35:12.0385 0x19d8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:35:12.0391 0x19d8  SharedAccess - ok
16:35:12.0401 0x19d8  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:35:12.0408 0x19d8  ShellHWDetection - ok
16:35:12.0411 0x19d8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
16:35:12.0412 0x19d8  SiSRaid2 - ok
16:35:12.0416 0x19d8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:35:12.0418 0x19d8  SiSRaid4 - ok
16:35:12.0427 0x19d8  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
16:35:12.0432 0x19d8  SkypeUpdate - ok
16:35:12.0436 0x19d8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:35:12.0438 0x19d8  Smb - ok
16:35:12.0449 0x19d8  [ 6BE4695ABDD71DFEEA433EEDC1EE2C62, 4D262EC3598DE67E82CBBE4283C719F4C5D5E30590F73F54FBB07578AA83C298 ] snapman         C:\Windows\system32\DRIVERS\snapman.sys
16:35:12.0453 0x19d8  snapman - ok
16:35:12.0456 0x19d8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:35:12.0457 0x19d8  SNMPTRAP - ok
16:35:12.0461 0x19d8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:35:12.0462 0x19d8  spldr - ok
16:35:12.0476 0x19d8  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
16:35:12.0486 0x19d8  Spooler - ok
16:35:12.0558 0x19d8  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
16:35:12.0611 0x19d8  sppsvc - ok
16:35:12.0617 0x19d8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:35:12.0619 0x19d8  sppuinotify - ok
16:35:12.0632 0x19d8  [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:35:12.0639 0x19d8  srv - ok
16:35:12.0651 0x19d8  [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:35:12.0657 0x19d8  srv2 - ok
16:35:12.0663 0x19d8  [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:35:12.0666 0x19d8  srvnet - ok
16:35:12.0673 0x19d8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:35:12.0677 0x19d8  SSDPSRV - ok
16:35:12.0681 0x19d8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:35:12.0683 0x19d8  SstpSvc - ok
16:35:12.0717 0x19d8  [ 90E22D7CDE08E07446D238A569BCAB7C, 3D4F413D0B0C9CF28D06E0476F24AC6441C8678DF786D9971B39C91C9F9B8020 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
16:35:12.0739 0x19d8  Steam Client Service - ok
16:35:12.0753 0x19d8  [ 49D9C17FDDFAC66F27FA735E94923216, 18C8FE5B794927989CDD3BB7A5500C73CCC23559470EEB37D42FD9AD04098C0D ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:35:12.0760 0x19d8  Stereo Service - ok
16:35:12.0763 0x19d8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
16:35:12.0764 0x19d8  stexstor - ok
16:35:12.0780 0x19d8  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
16:35:12.0790 0x19d8  stisvc - ok
16:35:12.0794 0x19d8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
16:35:12.0794 0x19d8  swenum - ok
16:35:12.0809 0x19d8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
16:35:12.0817 0x19d8  swprv - ok
16:35:12.0859 0x19d8  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
16:35:12.0892 0x19d8  SysMain - ok
16:35:12.0898 0x19d8  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:35:12.0901 0x19d8  TabletInputService - ok
16:35:12.0905 0x19d8  [ F9BE29D5E097F03F81D3CD12B794CB66, 5EC208DEAF7C721F4C36512E7DAD4AC66578AB935B9502A5E1E213BC91BE508C ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
16:35:12.0906 0x19d8  tap0901 - ok
16:35:12.0909 0x19d8  [ B70DF208E97536CA9F29289E609F5B16, 5D2AF3DE64A6DAF8F0EA8C1F05B13660EA9428450516A6B3FA8AB0C3B3218E2D ] taphss          C:\Windows\system32\DRIVERS\taphss.sys
16:35:12.0910 0x19d8  taphss - ok
16:35:12.0920 0x19d8  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:35:12.0926 0x19d8  TapiSrv - ok
16:35:12.0967 0x19d8  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:35:12.0994 0x19d8  Tcpip - ok
16:35:13.0038 0x19d8  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:35:13.0065 0x19d8  TCPIP6 - ok
16:35:13.0072 0x19d8  [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:35:13.0073 0x19d8  tcpipreg - ok
16:35:13.0076 0x19d8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:35:13.0077 0x19d8  TDPIPE - ok
16:35:13.0080 0x19d8  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:35:13.0081 0x19d8  TDTCP - ok
16:35:13.0085 0x19d8  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:35:13.0087 0x19d8  tdx - ok
16:35:13.0240 0x19d8  [ 2E7EFE9F59DA5EF7AAAE5712324FAAFD, 960130B0559F59AF3FF6DA1E6D11CAF663CEA2BCDAC3263699D67D20C1360318 ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
16:35:13.0342 0x19d8  TeamViewer - ok
16:35:13.0351 0x19d8  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
16:35:13.0352 0x19d8  TermDD - ok
16:35:13.0371 0x19d8  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
16:35:13.0382 0x19d8  TermService - ok
16:35:13.0386 0x19d8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
16:35:13.0388 0x19d8  Themes - ok
16:35:13.0392 0x19d8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
16:35:13.0393 0x19d8  THREADORDER - ok
16:35:13.0399 0x19d8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
16:35:13.0402 0x19d8  TrkWks - ok
16:35:13.0410 0x19d8  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:35:13.0413 0x19d8  TrustedInstaller - ok
16:35:13.0417 0x19d8  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:35:13.0418 0x19d8  tssecsrv - ok
16:35:13.0421 0x19d8  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:35:13.0423 0x19d8  TsUsbFlt - ok
16:35:13.0426 0x19d8  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
16:35:13.0427 0x19d8  TsUsbGD - ok
16:35:13.0432 0x19d8  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:35:13.0434 0x19d8  tunnel - ok
16:35:13.0438 0x19d8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
16:35:13.0439 0x19d8  uagp35 - ok
16:35:13.0448 0x19d8  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:35:13.0454 0x19d8  udfs - ok
16:35:13.0459 0x19d8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:35:13.0461 0x19d8  UI0Detect - ok
16:35:13.0465 0x19d8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:35:13.0466 0x19d8  uliagpkx - ok
16:35:13.0469 0x19d8  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:35:13.0471 0x19d8  umbus - ok
16:35:13.0473 0x19d8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
16:35:13.0474 0x19d8  UmPass - ok
16:35:13.0529 0x19d8  [ 374EBDA379A8F38E0CFC2211611E7167, 0D6C3002B28E27C052227488CEE69FA99399421FF777EB48031E6080A759F532 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:35:13.0568 0x19d8  UNS - ok
16:35:13.0573 0x19d8  [ 8F387A1CC015A3F5020700C657A0FC85, 6C3585887858F357C353102CAE5915A26B812C35374BF0126CE2AB1EF4A58EF8 ] UnsignedThemes  C:\Windows\UnsignedThemesSvc.exe
16:35:13.0574 0x19d8  UnsignedThemes - ok
16:35:13.0584 0x19d8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
16:35:13.0591 0x19d8  upnphost - ok
16:35:13.0596 0x19d8  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
16:35:13.0597 0x19d8  USBAAPL64 - ok
16:35:13.0602 0x19d8  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
16:35:13.0604 0x19d8  usbaudio - ok
16:35:13.0608 0x19d8  [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
16:35:13.0610 0x19d8  usbccgp - ok
16:35:13.0615 0x19d8  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:35:13.0616 0x19d8  usbcir - ok
16:35:13.0620 0x19d8  [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
16:35:13.0621 0x19d8  usbehci - ok
16:35:13.0631 0x19d8  [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
16:35:13.0637 0x19d8  usbhub - ok
16:35:13.0640 0x19d8  [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci         C:\Windows\system32\drivers\usbohci.sys
16:35:13.0641 0x19d8  usbohci - ok
16:35:13.0644 0x19d8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
16:35:13.0645 0x19d8  usbprint - ok
16:35:13.0649 0x19d8  [ B5E6C4F280EBF0B16F74A5B415F2E0DF, 4B1F7C95F267A29FC8AE4F285E2B19200C7E3F8505B1E75797A7A9EDE4CD1EDE ] USBS3S4Detection C:\OEM\USBDECTION\USBS3S4Detection.exe
16:35:13.0651 0x19d8  USBS3S4Detection - ok
16:35:13.0655 0x19d8  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
16:35:13.0657 0x19d8  USBSTOR - ok
16:35:13.0660 0x19d8  [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
16:35:13.0661 0x19d8  usbuhci - ok
16:35:13.0664 0x19d8  [ 297EE9C666FC8BB96A232DB0DDBA1E49, C4A3BC7495034E32BB2E0100DB0D9A64EE70F65B0F629F4F099412D03ABE8178 ] uxpatch         C:\Windows\system32\drivers\uxpatch.sys
16:35:13.0665 0x19d8  uxpatch - ok
16:35:13.0669 0x19d8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
16:35:13.0671 0x19d8  UxSms - ok
16:35:13.0673 0x19d8  [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] VaultSvc        C:\Windows\system32\lsass.exe
16:35:13.0674 0x19d8  VaultSvc - ok
16:35:13.0678 0x19d8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:35:13.0679 0x19d8  vdrvroot - ok
16:35:13.0693 0x19d8  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
16:35:13.0702 0x19d8  vds - ok
16:35:13.0705 0x19d8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:35:13.0706 0x19d8  vga - ok
16:35:13.0709 0x19d8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:35:13.0710 0x19d8  VgaSave - ok
16:35:13.0717 0x19d8  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:35:13.0720 0x19d8  vhdmp - ok
16:35:13.0723 0x19d8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:35:13.0724 0x19d8  viaide - ok
16:35:13.0728 0x19d8  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:35:13.0729 0x19d8  volmgr - ok
16:35:13.0740 0x19d8  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:35:13.0746 0x19d8  volmgrx - ok
16:35:13.0755 0x19d8  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:35:13.0759 0x19d8  volsnap - ok
16:35:13.0765 0x19d8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:35:13.0768 0x19d8  vsmraid - ok
16:35:13.0803 0x19d8  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
16:35:13.0827 0x19d8  VSS - ok
16:35:13.0831 0x19d8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
16:35:13.0832 0x19d8  vwifibus - ok
16:35:13.0843 0x19d8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
16:35:13.0849 0x19d8  W32Time - ok
16:35:13.0853 0x19d8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
16:35:13.0854 0x19d8  WacomPen - ok
16:35:13.0859 0x19d8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:35:13.0860 0x19d8  WANARP - ok
16:35:13.0864 0x19d8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:35:13.0866 0x19d8  Wanarpv6 - ok
16:35:13.0895 0x19d8  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
16:35:13.0913 0x19d8  WatAdminSvc - ok
16:35:13.0947 0x19d8  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
16:35:13.0971 0x19d8  wbengine - ok
16:35:13.0979 0x19d8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:35:13.0983 0x19d8  WbioSrvc - ok
16:35:13.0994 0x19d8  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:35:14.0001 0x19d8  wcncsvc - ok
16:35:14.0004 0x19d8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:35:14.0006 0x19d8  WcsPlugInService - ok
16:35:14.0009 0x19d8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
16:35:14.0009 0x19d8  Wd - ok
16:35:14.0028 0x19d8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:35:14.0040 0x19d8  Wdf01000 - ok
16:35:14.0045 0x19d8  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:35:14.0048 0x19d8  WdiServiceHost - ok
16:35:14.0051 0x19d8  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:35:14.0054 0x19d8  WdiSystemHost - ok
16:35:14.0062 0x19d8  [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient       C:\Windows\System32\webclnt.dll
16:35:14.0067 0x19d8  WebClient - ok
16:35:14.0074 0x19d8  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:35:14.0079 0x19d8  Wecsvc - ok
16:35:14.0083 0x19d8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:35:14.0086 0x19d8  wercplsupport - ok
16:35:14.0090 0x19d8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:35:14.0093 0x19d8  WerSvc - ok
16:35:14.0095 0x19d8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:35:14.0096 0x19d8  WfpLwf - ok
16:35:14.0099 0x19d8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:35:14.0100 0x19d8  WIMMount - ok
16:35:14.0102 0x19d8  WinDefend - ok
16:35:14.0105 0x19d8  WinHttpAutoProxySvc - ok
16:35:14.0116 0x19d8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:35:14.0120 0x19d8  Winmgmt - ok
16:35:14.0162 0x19d8  [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM           C:\Windows\system32\WsmSvc.dll
16:35:14.0193 0x19d8  WinRM - ok
16:35:14.0200 0x19d8  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
16:35:14.0201 0x19d8  WinUsb - ok
16:35:14.0223 0x19d8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:35:14.0237 0x19d8  Wlansvc - ok
16:35:14.0243 0x19d8  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:35:14.0244 0x19d8  wlcrasvc - ok
16:35:14.0298 0x19d8  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:35:14.0332 0x19d8  wlidsvc - ok
16:35:14.0337 0x19d8  [ 680A7846370000D20D7E74917D5B7936, 55B77B358039672845D361CA4205F3482D1F30A4654B610FD785A1337EFDC316 ] WmBEnum         C:\Windows\system32\drivers\WmBEnum.sys
16:35:14.0338 0x19d8  WmBEnum - ok
16:35:14.0342 0x19d8  [ 14C35BA8189C6F65D839163AA285E954, 8981AA488320C75E26E1ABDF884B721A4065F5D28F54782598B03F21B8CDC020 ] WmFilter        C:\Windows\system32\drivers\WmFilter.sys
16:35:14.0343 0x19d8  WmFilter - ok
16:35:14.0346 0x19d8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
16:35:14.0346 0x19d8  WmiAcpi - ok
16:35:14.0355 0x19d8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:35:14.0358 0x19d8  wmiApSrv - ok
16:35:14.0360 0x19d8  WMPNetworkSvc - ok
16:35:14.0363 0x19d8  [ 8488DD91A3EE54A8E29F02AD7BB8201E, D428ED991D9E4A8765C240B21884A262854278698D60862117AC5949713231F9 ] WmVirHid        C:\Windows\system32\drivers\WmVirHid.sys
16:35:14.0364 0x19d8  WmVirHid - ok
16:35:14.0368 0x19d8  [ 14802B3A30AA849C97CB968CCC813BF3, 330AD828ABD040ECDBF58F7162978CD61BFC093CAD404FD2BCAC74E3F2EC542A ] WmXlCore        C:\Windows\system32\drivers\WmXlCore.sys
16:35:14.0369 0x19d8  WmXlCore - ok
16:35:14.0372 0x19d8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:35:14.0374 0x19d8  WPCSvc - ok
16:35:14.0378 0x19d8  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:35:14.0381 0x19d8  WPDBusEnum - ok
16:35:14.0385 0x19d8  WPS - ok
16:35:14.0388 0x19d8  WpsHelper - ok
16:35:14.0391 0x19d8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:35:14.0392 0x19d8  ws2ifsl - ok
16:35:14.0396 0x19d8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
16:35:14.0399 0x19d8  wscsvc - ok
16:35:14.0401 0x19d8  WSearch - ok
16:35:14.0456 0x19d8  [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:35:14.0496 0x19d8  wuauserv - ok
16:35:14.0502 0x19d8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:35:14.0504 0x19d8  WudfPf - ok
16:35:14.0511 0x19d8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:35:14.0515 0x19d8  WUDFRd - ok
16:35:14.0519 0x19d8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:35:14.0521 0x19d8  wudfsvc - ok
16:35:14.0529 0x19d8  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:35:14.0534 0x19d8  WwanSvc - ok
16:35:14.0539 0x19d8  [ 38F55D07B1D3391065C40EC065F984E2, 056F5E3034C4C11403D74F44A364964A3A5945608DAE2A03EF025A22F5C31B26 ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
16:35:14.0541 0x19d8  xusb21 - ok
16:35:14.0546 0x19d8  ================ Scan global ===============================
16:35:14.0549 0x19d8  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
16:35:14.0556 0x19d8  [ 20EBCFD94E5F9C801354062991E7257B, 9CD497241559A5D6A8C2C77F1109B6D512BFFA8CC154480A3CDC36B7BB68BFAB ] C:\Windows\system32\winsrv.dll
16:35:14.0566 0x19d8  [ 20EBCFD94E5F9C801354062991E7257B, 9CD497241559A5D6A8C2C77F1109B6D512BFFA8CC154480A3CDC36B7BB68BFAB ] C:\Windows\system32\winsrv.dll
16:35:14.0573 0x19d8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:35:14.0583 0x19d8  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
16:35:14.0589 0x19d8  [ Global ] - ok
16:35:14.0589 0x19d8  ================ Scan MBR ==================================
16:35:14.0591 0x19d8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:35:14.0701 0x19d8  \Device\Harddisk0\DR0 - ok
16:35:14.0703 0x19d8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
16:35:14.0710 0x19d8  \Device\Harddisk1\DR1 - ok
16:35:14.0710 0x19d8  ================ Scan VBR ==================================
16:35:14.0713 0x19d8  [ 28ADF5267C89E0509072D19D435C2F73 ] \Device\Harddisk0\DR0\Partition1
16:35:14.0715 0x19d8  \Device\Harddisk0\DR0\Partition1 - ok
16:35:14.0718 0x19d8  [ 0B5FE987860EE4F2E1F8EE0157BBF36B ] \Device\Harddisk0\DR0\Partition2
16:35:14.0720 0x19d8  \Device\Harddisk0\DR0\Partition2 - ok
16:35:14.0722 0x19d8  [ E6284166E5DB0628F0696E2E8EBDB9E3 ] \Device\Harddisk1\DR1\Partition1
16:35:14.0724 0x19d8  \Device\Harddisk1\DR1\Partition1 - ok
16:35:14.0725 0x19d8  ================ Scan generic autorun ======================
16:35:14.0978 0x19d8  [ B70154747BEB45DAAB358C802F7A9142, 00AD5A8EE5FEDF8D97D6D623362282AEAF8684776D370705659E8526D1E7B57C ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
16:35:15.0209 0x19d8  RtHDVCpl - ok
16:35:15.0230 0x19d8  [ 5447AF432CDA61159ADDE218C468FFD9, 63BD74521F679F195C24C1818267ECCBD8A7F5C2B4CEF3E60EC46B5AE0AC72A8 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
16:35:15.0239 0x19d8  AdobeAAMUpdater-1.0 - ok
16:35:15.0249 0x19d8  [ C8DDBB940B54925B919B3C17711F4F92, 5BBBF3241DD541343B345237188647A8BC493862A0DECAAE1C05ACFD5235E1CA ] C:\Program Files (x86)\Common Files\Intel\Schedule2\schedhlp.exe
16:35:15.0256 0x19d8  Intel Scheduler2 Service - ok
16:35:15.0307 0x19d8  [ 381474F8A4477CF4951553EF530B0ED5, 6C2CB69E072EC2BF8C4EBB93DB400CF9358CC7C4FDA24E3B9B422FFAD089462F ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
16:35:15.0351 0x19d8  NvBackend - ok
16:35:15.0356 0x19d8  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
16:35:15.0359 0x19d8  ShadowPlay - ok
16:35:15.0368 0x19d8  [ 75AD45ED633B866D90AEAA296C21F7E8, 6211E788258298EAE520A0A0510E66BCA0E280F4958B454919C270D0F53931D9 ] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
16:35:15.0373 0x19d8  SuiteTray - ok
16:35:15.0384 0x19d8  [ E7EA57B35951D093A9647D8D5CE3340D, 7F88A5F07CF05E43BFA40A72C74DDDAB480C493E302A2532C2FA2A28D2F3D2D5 ] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
16:35:15.0391 0x19d8  EgisTecPMMUpdate - ok
16:35:15.0397 0x19d8  [ DC1AA3868108B8FF57F6C8045FCD4603, 6D32849D6296ABD24B56628161075299A2E0A5FF2071F3C1FD08DD4876C020F0 ] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
16:35:15.0400 0x19d8  EgisUpdate - ok
16:35:15.0400 0x19d8  Norton Online Backup - ok
16:35:15.0407 0x19d8  [ 0600CB2613BEA0C6C0987B58D56D77B9, BFA2AC5BBC90E49A7A1C4D890C79ED4A757CB4C9C8215174F51430962BF346F4 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
16:35:15.0408 0x19d8  Adobe Reader Speed Launcher - ok
16:35:15.0417 0x19d8  [ 4A73AB8412D3AA6CFAD24051FF9DBFA7, 7C1F6BDECE92F2A58E88FC603F1BEE9B0F72130136AE9A368892323A9A327FD1 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
16:35:15.0421 0x19d8  IAStorIcon - ok
16:35:15.0437 0x19d8  [ 2EA4B2BC3260CF3D20F6A164B362F6D4, 04E9262329F7B326468B6E57502CBD600B6BFF578E63242404FF612C1DBD08DE ] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
16:35:15.0448 0x19d8  Hotkey Utility - ok
16:35:15.0475 0x19d8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:35:15.0499 0x19d8  Sidebar - ok
16:35:15.0503 0x19d8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:35:15.0507 0x19d8  mctadmin - ok
16:35:15.0508 0x19d8  IsMyWinLockerReboot - ok
16:35:15.0535 0x19d8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:35:15.0553 0x19d8  Sidebar - ok
16:35:15.0558 0x19d8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:35:15.0560 0x19d8  mctadmin - ok
16:35:15.0561 0x19d8  IsMyWinLockerReboot - ok
16:35:15.0565 0x19d8  [REGKEY] - ok
16:35:15.0592 0x19d8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:35:15.0609 0x19d8  Sidebar - ok
16:35:15.0614 0x19d8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:35:15.0616 0x19d8  mctadmin - ok
16:35:15.0622 0x19d8  [ 6E9DBF6B982AEA2EC6614F0B81AB2846, BEBD1E26E3C2810B19A71446A2CC5B9BD9436E802DD8CD0432DFC35BFF248593 ] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe
16:35:15.0633 0x19d8  ScrSav - ok
16:35:15.0660 0x19d8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:35:15.0677 0x19d8  Sidebar - ok
16:35:15.0682 0x19d8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:35:15.0684 0x19d8  mctadmin - ok
16:35:15.0690 0x19d8  [ 6E9DBF6B982AEA2EC6614F0B81AB2846, BEBD1E26E3C2810B19A71446A2CC5B9BD9436E802DD8CD0432DFC35BFF248593 ] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe
16:35:15.0692 0x19d8  ScrSav - ok
16:35:15.0719 0x19d8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:35:15.0736 0x19d8  Sidebar - ok
16:35:15.0741 0x19d8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:35:15.0743 0x19d8  mctadmin - ok
16:35:15.0749 0x19d8  [ 6E9DBF6B982AEA2EC6614F0B81AB2846, BEBD1E26E3C2810B19A71446A2CC5B9BD9436E802DD8CD0432DFC35BFF248593 ] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe
16:35:15.0751 0x19d8  ScrSav - ok
16:35:15.0779 0x19d8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:35:15.0795 0x19d8  Sidebar - ok
16:35:15.0801 0x19d8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:35:15.0803 0x19d8  mctadmin - ok
16:35:15.0808 0x19d8  [ 6E9DBF6B982AEA2EC6614F0B81AB2846, BEBD1E26E3C2810B19A71446A2CC5B9BD9436E802DD8CD0432DFC35BFF248593 ] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe
16:35:15.0811 0x19d8  ScrSav - ok
16:35:15.0811 0x19d8  Waiting for KSN requests completion. In queue: 137
16:35:16.0871 0x19d8  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.22.49 ), 0x41000 ( enabled : updated )
16:35:16.0875 0x19d8  Win FW state via NFP2: enabled ( trusted )
16:35:17.0118 0x19d8  ============================================================
16:35:17.0118 0x19d8  Scan finished
16:35:17.0118 0x19d8  ============================================================
16:35:17.0127 0x1990  Detected object count: 0
16:35:17.0127 0x1990  Actual detected object count: 0
16:36:03.0196 0x1c90  Deinitialize success

M-K-D-B · 21.10.2016, 13:18

Servus,

Zukünftig bitte beachten:

Zitat:

Gestartet von C:\Users\Alexander\Downloads

Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.

Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel
- "Prefetch" Dateien
- Proxy
- Winsock
- Internet Explorer Richtlinien
- Chrome Richtlinien
- Chrome Einstellungen
Bestätige die Auswahl mit Ok.
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 4

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die Logdatei von JRT,
die beiden neuen Logdateien von FRST.

crtys · 21.10.2016, 14:19

Hallo Matthias,
ich glaube das Problem hat sich in Luft aufgelöst. Kann wieder unmittelbar nach dem Start des Computers auf alle Netzwerkfunktionen zugreifen. Jedoch vielen Dank für deine Mühe!

Gruß
crtys

M-K-D-B · 21.10.2016, 20:54

Zitat:

Zitat von crtys

ich glaube das Problem hat sich in Luft aufgelöst. Kann wieder unmittelbar nach dem Start des Computers auf alle Netzwerkfunktionen zugreifen. Jedoch vielen Dank für deine Mühe!

Du weißt, dass dein Rechner mit Adware infiziert ist?

Aufgrund der Infizierung schlage ich vor, dass du die Bereinigung mit mir durchziehst, bis wir fertig sind.

crtys · 23.10.2016, 12:07

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v6.030 - Bericht erstellt am 23/10/2016 um 13:05:08
# Aktualisiert am 19/10/2016 von Malwarebytes
# Datenbank : 2016-10-23.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (X64)
# Benutzername : Alexander - ALEXANDER-PC
# Gestartet von : C:\Users\Alexander\Desktop\AdwCleaner_6.030.exe
# Modus: Löschen
# Unterstützung : hxxps://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****

[-] Ordner gelöscht: C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
[-] Ordner gelöscht: C:\Users\Alexander\AppData\Local\PackageAware
[-] Ordner gelöscht: C:\Users\Alexander\AppData\LocalLow\Conduit
[-] Ordner gelöscht: C:\Users\Alexander\AppData\LocalLow\DVDVideoSoftTB
[-] Ordner gelöscht: C:\Users\Alexander\AppData\LocalLow\PriceGong
[-] Ordner gelöscht: C:\Users\Alexander\AppData\LocalLow\Toolbar4
[-] Ordner gelöscht: C:\Users\Alexander\AppData\Roaming\BabSolution
[-] Ordner gelöscht: C:\Users\Alexander\AppData\Roaming\Babylon
[-] Ordner gelöscht: C:\Users\Alexander\AppData\Roaming\OpenCandy
[-] Ordner gelöscht: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
[-] Ordner gelöscht: C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\Smartbar
[-] Ordner gelöscht: C:\ProgramData\Ask
[-] Ordner gelöscht: C:\ProgramData\Babylon
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\Ask
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\Babylon
[-] Ordner gelöscht: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam
[-] Ordner gelöscht: C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
[-] Ordner gelöscht: C:\Users\ALEXAN~1\AppData\Local\Temp\APN-Stub
[-] Ordner gelöscht: C:\Users\ALEXAN~1\AppData\Local\Temp\APNLogs


***** [ Dateien ] *****

[-] Datei gelöscht: C:\END
[#] Datei gelöscht: C:\Users\ALEXAN~1\AppData\Local\Temp\OptimizerPro.exe
[-] Datei gelöscht: C:\user.js
[-] Datei gelöscht: C:\prefs.js


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKCU\Software\96d6dab439bd46
[-] Schlüssel gelöscht: HKLM\SOFTWARE\96d6dab439bd46
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009.3
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Toolbar.CT1561552
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Toolbar.CT2269050
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Toolbar.CT2851647
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Applications\iLividSetup.exe
[-] Schlüssel gelöscht: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\Software\Classes\bndle
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Classes\bndle
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Babylon.dskBnd
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\bbylnApp.appCore
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Prod.cap
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TbHelper.TbRequest
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TbHelper.TbTask
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\bndle
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\Babylon.dskBnd
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\bbylnApp.appCore
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\Prod.cap
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\TbHelper.TbRequest
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\TbHelper.TbTask
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000000-6E41-4FD3-8538-502F5495E5FC}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{338B4DFE-2E2C-4338-9E41-E176D497299E}]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Wert gelöscht: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
[-] Wert gelöscht: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Wert gelöscht: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}]
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
[-] Schlüssel gelöscht: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\Software\BabylonToolbar
[-] Schlüssel gelöscht: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\Software\DataMngr_Toolbar
[-] Schlüssel gelöscht: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\Software\ImInstaller
[-] Schlüssel gelöscht: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\Software\InstallCore
[-] Schlüssel gelöscht: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\Software\Softonic
[-] Schlüssel gelöscht: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\Software\Somoto Toolbar
[-] Schlüssel gelöscht: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\Software\SweetIM
[-] Schlüssel gelöscht: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\Software\Wajam
[-] Schlüssel gelöscht: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\Software\Zugo
[-] Schlüssel gelöscht: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\Software\Spark
[-] Schlüssel gelöscht: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\Software\AppDataLow\Toolbar
[-] Schlüssel gelöscht: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\Software\AppDataLow\Software\PriceGong
[-] Schlüssel gelöscht: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3003065676-2518410820-2162268670-1000\Software\SweetIM
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\BabylonToolbar
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\DataMngr_Toolbar
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\ImInstaller
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\InstallCore
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Softonic
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Somoto Toolbar
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\SweetIM
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Wajam
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Zugo
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Spark
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\StartNow Toolbar
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\AppDataLow\Toolbar
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\AppDataLow\Software\PriceGong
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Babylon
[-] Schlüssel gelöscht: HKLM\SOFTWARE\BabylonToolbar
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Wajam
[-] Schlüssel gelöscht: HKLM\SOFTWARE\systweak
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4627CDA0-4D39-4573-A4B0-B637780DD2AB}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7B0EE1CE-B2EF-49D6-AF4D-EBF8240EF2C2}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3003065676-2518410820-2162268670-1000\Software\SweetIM
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\BabylonToolbar
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\DataMngr_Toolbar
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\ImInstaller
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\InstallCore
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Softonic
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Somoto Toolbar
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\SweetIM
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Wajam
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Zugo
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Spark
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\AppDataLow\Toolbar
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\AppDataLow\Software\PriceGong
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
[#] Schlüssel mit Neustart gelöscht: HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966d4C29D35B1C9
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3003065676-2518410820-2162268670-1000\Products\363FB0CBBA367FF4E81FEAD0F717B142
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966d4C29D35B1C9
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966d4C29D35B1C9
[-] Daten  wiederhergestellt: HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] 
[-] Daten  wiederhergestellt: HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant] 
[-] Wert gelöscht: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[-] Schlüssel gelöscht: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
[-] Daten  wiederhergestellt: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Wert mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
[-] Daten  wiederhergestellt: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Wert mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
[-] Daten  wiederhergestellt: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\search.sidecubes.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\superfish.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\watch4.de
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.watch4.de
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\search.sidecubes.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\superfish.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\watch4.de
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.watch4.de
[-] Wert gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
[#] Schlüssel mit Neustart gelöscht: HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\CLASSES\b


***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
:: Chrome Einstellungen zurückgesetzt: C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default

*************************

C:\Users\Alexander\Desktop\AdwCleaner\AdwCleaner[C0].txt - [31556 Bytes] - [23/10/2016 13:05:08]
C:\Users\Alexander\Desktop\AdwCleaner\AdwCleaner[S0].txt - [29496 Bytes] - [23/10/2016 13:04:24]

########## EOF - C:\Users\Alexander\Desktop\AdwCleaner\AdwCleaner[C0].txt - [31752 Bytes] ##########

--- --- ---

M-K-D-B · 23.10.2016, 12:25

Gut gemacht.

Fehlen nur noch die restlichen Schritte.

crtys · 23.10.2016, 14:25

Rest folgt, habe gerade nach Schritt 2 einen grauen Bildschirm, ist das normal ?

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 23.10.2016
Suchlaufzeit: 13:09
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.10.23.02
Rootkit-Datenbank: v2016.09.26.02
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Alexander

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 420259
Abgelaufene Zeit: 10 Min., 32 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 28
PUP.Optional.QuickShare, HKLM\SOFTWARE\CLASSES\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, In Quarantäne, [cad485178713290d91de781a91715ca4], 
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}, In Quarantäne, [9fff54485b3f03332d58dcb2ad55db25], 
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\INTERFACE\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}, In Quarantäne, [e0be3468a0fa0d29bdc7e6a82bd7f808], 
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}, In Quarantäne, [bde18616d0ca7fb7770d286657ab43bd], 
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\INTERFACE\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}, In Quarantäne, [bde18616d0ca7fb7770d286657ab43bd], 
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\INTERFACE\{706D4A4B-184A-4434-B331-296B07493D2D}, In Quarantäne, [bde18616d0ca7fb7770d286657ab43bd], 
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\INTERFACE\{8BE10F21-185F-4CA0-B789-9921674C3993}, In Quarantäne, [bde18616d0ca7fb7770d286657ab43bd], 
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\INTERFACE\{94C0B25D-3359-4B10-B227-F96A77DB773F}, In Quarantäne, [bde18616d0ca7fb7770d286657ab43bd], 
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\INTERFACE\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}, In Quarantäne, [bde18616d0ca7fb7770d286657ab43bd], 
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\INTERFACE\{B173667F-8395-4317-8DD6-45AD1FE00047}, In Quarantäne, [bde18616d0ca7fb7770d286657ab43bd], 
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\INTERFACE\{B32672B3-F656-46E0-B584-FE61C0BB6037}, In Quarantäne, [bde18616d0ca7fb7770d286657ab43bd], 
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\INTERFACE\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}, In Quarantäne, [bde18616d0ca7fb7770d286657ab43bd], 
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\INTERFACE\{C2996524-2187-441F-A398-CD6CB6B3D020}, In Quarantäne, [bde18616d0ca7fb7770d286657ab43bd], 
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\INTERFACE\{E047E227-5342-4D94-80F7-CFB154BF55BD}, In Quarantäne, [bde18616d0ca7fb7770d286657ab43bd], 
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\INTERFACE\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}, In Quarantäne, [bde18616d0ca7fb7770d286657ab43bd], 
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\INTERFACE\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}, In Quarantäne, [bde18616d0ca7fb7770d286657ab43bd], 
PUP.Optional.BabylonToolBar, HKLM\SOFTWARE\CLASSES\INTERFACE\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}, In Quarantäne, [bde18616d0ca7fb7770d286657ab43bd], 
PUP.Optional.CouponBar, HKLM\SOFTWARE\CLASSES\Toolbar3.ContextMenuNotifier, In Quarantäne, [1b836b31c8d2a78f8a0ed8bed2300bf5], 
PUP.Optional.CouponBar, HKLM\SOFTWARE\CLASSES\Toolbar3.ContextMenuNotifier.1, In Quarantäne, [039b7725e2b8f0462870692d10f2649c], 
PUP.Optional.CouponBar, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Toolbar3.ContextMenuNotifier, In Quarantäne, [039b7725e2b8f0462870692d10f2649c], 
PUP.Optional.CouponBar, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Toolbar3.ContextMenuNotifier.1, In Quarantäne, [039b7725e2b8f0462870692d10f2649c], 
PUP.Optional.CouponBar, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Toolbar3.ContextMenuNotifier, In Quarantäne, [039b7725e2b8f0462870692d10f2649c], 
PUP.Optional.CouponBar, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Toolbar3.ContextMenuNotifier.1, In Quarantäne, [039b7725e2b8f0462870692d10f2649c], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\OpenCandyHelperRunAsStandardUser66C21F85B9F442ADBADF7F6852645DE5, Löschen bei Neustart, [5e4029731a80d75ff848713d7d86c838], 
PUP.Optional.OpenCandy, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\OpenCandyHelperRunOnceA2A9BD43CFE14675B6171B3216CF3402, Löschen bei Neustart, [4757108cf7a3e0568db30da118ebb64a], 
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{420FF7FA-619E-4AA7-8D65-0D2658B8BD67}, In Quarantäne, [dbc35349ff9b12242767d5c7778c0cf4], 
PUP.Optional.SmartBar, HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\amfclgbdpgndipgoegfpkkgobahigbcl, In Quarantäne, [2f6f59433565c571c83996f050b3f50b], 
PUP.Optional.SnapDo, HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\SOFTWARE\SMARTBAR, In Quarantäne, [c0dee1bbf1a9fb3b66eafeb7847f34cc], 

Registrierungswerte: 3
PUP.Optional.SmartBar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, In Quarantäne, [67379a02ceccde58930c32b2788af20e]
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{420FF7FA-619E-4AA7-8D65-0D2658B8BD67}|AppPath, C:\Users\Alexander\AppData\Local\Conduit\CT2269050, In Quarantäne, [dbc35349ff9b12242767d5c7778c0cf4]
PUP.Optional.SnapDo, HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\SOFTWARE\SMARTBAR|publisher, SnapDoForPartners, In Quarantäne, [c0dee1bbf1a9fb3b66eafeb7847f34cc]

Registrierungsdaten: 9
PUP.Optional.SnapDo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbroKbinxx1-MdIH8F1JqckJx9mqy90E4qCOfPk6NizsuQuVs5Ef0Il8z4-gs0i0YYlLOl5sf-mMwqEc86a-Z2544Od5LZRljF1zpwp9jwbhUB1zwXZsn65exCNPqpGVVFj9_0HjfwLmI5s5Icl0opj8LrM1MpvZSOwXDZPCEFdDA,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbroKbinxx1-MdIH8F1JqckJx9mqy90E4qCOfPk6NizsuQuVs5Ef0Il8z4-gs0i0YYlLOl5sf-mMwqEc86a-Z2544Od5LZRljF1zpwp9jwbhUB1zwXZsn65exCNPqpGVVFj9_0HjfwLmI5s5Icl0opj8LrM1MpvZSOwXDZPCEFdDA,,&q={searchTerms}),Ersetzt,[2f6f05973268df57f52e1d5b44c00ef2]
PUP.Optional.SnapDo, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbroKbinxx1-MdIH8F1JqckJx9mqy90E4qCOfPk6NizsuQuVs5Ef0Il8z4-gs0i0YYlLOl5sf-mMwqEc86a-Z2544Od5LZRljF1zpwp9jwbhUB1zwXZsn65exCNMmBKeGfIzAd5IJ04LJ_dkzh46hdLxBDNCnN-PfXA9IgeTX1otw,,, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbroKbinxx1-MdIH8F1JqckJx9mqy90E4qCOfPk6NizsuQuVs5Ef0Il8z4-gs0i0YYlLOl5sf-mMwqEc86a-Z2544Od5LZRljF1zpwp9jwbhUB1zwXZsn65exCNMmBKeGfIzAd5IJ04LJ_dkzh46hdLxBDNCnN-PfXA9IgeTX1otw,,),Ersetzt,[0896b5e75f3b8ea8978a92e6be46d42c]
PUP.Optional.SnapDo, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbroKbinxx1-MdIH8F1JqckJx9mqy90E4qCOfPk6NizsuQuVs5Ef0Il8z4-gs0i0YYlLOl5sf-mMwqEc86a-Z2544Od5LZRljF1zpwp9jwbhUB1zwXZsn65exCNPqpGVVFj9_0HjfwLmI5s5Icl0opj8LrM1MpvZSOwXDZPCEFdDA,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbroKbinxx1-MdIH8F1JqckJx9mqy90E4qCOfPk6NizsuQuVs5Ef0Il8z4-gs0i0YYlLOl5sf-mMwqEc86a-Z2544Od5LZRljF1zpwp9jwbhUB1zwXZsn65exCNPqpGVVFj9_0HjfwLmI5s5Icl0opj8LrM1MpvZSOwXDZPCEFdDA,,&q={searchTerms}),Ersetzt,[2e70dfbd683267cfc35ecfa9986c837d]
PUP.Optional.SnapDo, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbroKbinxx1-MdIH8F1JqckJx9mqy90E4qCOfPk6NizsuQuVs5Ef0Il8z4-gs0i0YYlLOl5sf-mMwqEc86a-Z2544Od5LZRljF1zpwp9jwbhUB1zwXZsn65exCNPqpGVVFj9_0HjfwLmI5s5Icl0opj8LrM1MpvZSOwXDZPCEFdDA,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbroKbinxx1-MdIH8F1JqckJx9mqy90E4qCOfPk6NizsuQuVs5Ef0Il8z4-gs0i0YYlLOl5sf-mMwqEc86a-Z2544Od5LZRljF1zpwp9jwbhUB1zwXZsn65exCNPqpGVVFj9_0HjfwLmI5s5Icl0opj8LrM1MpvZSOwXDZPCEFdDA,,&q={searchTerms}),Ersetzt,[c6d85646debc7bbbed3452267d87c23e]
PUP.Optional.SnapDo, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbroKbinxx1-MdIH8F1JqckJx9mqy90E4qCOfPk6NizsuQuVs5Ef0Il8z4-gs0i0YYlLOl5sf-mMwqEc86a-Z2544Od5LZRljF1zpwp9jwbhUB1zwXZsn65exCNPqpGVVFj9_0HjfwLmI5s5Icl0opj8LrM1MpvZSOwXDZPCEFdDA,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbroKbinxx1-MdIH8F1JqckJx9mqy90E4qCOfPk6NizsuQuVs5Ef0Il8z4-gs0i0YYlLOl5sf-mMwqEc86a-Z2544Od5LZRljF1zpwp9jwbhUB1zwXZsn65exCNPqpGVVFj9_0HjfwLmI5s5Icl0opj8LrM1MpvZSOwXDZPCEFdDA,,&q={searchTerms}),Ersetzt,[336bafed46547db9b0729ddbea1a53ad]
PUP.Optional.SnapDo, HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbroKbinxx1-MdIH8F1JqckJx9mqy90E4qCOfPk6NizsuQuVs5Ef0Il8z4-gs0i0YYlLOl5sf-mMwqEc86a-Z2544Od5LZRljF1zpwp9jwbhUB1zwXZsn65exCNMmBKeGfIzAd5IJ04LJ_dkzh46hdLxBDNCnN-PfXA9IgeTX1otw,,, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbroKbinxx1-MdIH8F1JqckJx9mqy90E4qCOfPk6NizsuQuVs5Ef0Il8z4-gs0i0YYlLOl5sf-mMwqEc86a-Z2544Od5LZRljF1zpwp9jwbhUB1zwXZsn65exCNMmBKeGfIzAd5IJ04LJ_dkzh46hdLxBDNCnN-PfXA9IgeTX1otw,,),Ersetzt,[673715879109a98dad740e6a9173c040]
PUP.Optional.SnapDo, HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbroKbinxx1-MdIH8F1JqckJx9mqy90E4qCOfPk6NizsuQuVs5Ef0Il8z4-gs0i0YYlLOl5sf-mMwqEc86a-Z2544Od5LZRljF1zpwp9jwbhUB1zwXZsn65exCNPqpGVVFj9_0HjfwLmI5s5Icl0opj8LrM1MpvZSOwXDZPCEFdDA,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbroKbinxx1-MdIH8F1JqckJx9mqy90E4qCOfPk6NizsuQuVs5Ef0Il8z4-gs0i0YYlLOl5sf-mMwqEc86a-Z2544Od5LZRljF1zpwp9jwbhUB1zwXZsn65exCNPqpGVVFj9_0HjfwLmI5s5Icl0opj8LrM1MpvZSOwXDZPCEFdDA,,&q={searchTerms}),Ersetzt,[e1bd4d4f04967fb73fe29cdc689c619f]
PUP.Optional.SnapDo, HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbroKbinxx1-MdIH8F1JqckJx9mqy90E4qCOfPk6NizsuQuVs5Ef0Il8z4-gs0i0YYlLOl5sf-mMwqEc86a-Z2544Od5LZRljF1zpwp9jwbhUB1zwXZsn65exCNPqpGVVFj9_0HjfwLmI5s5Icl0opj8LrM1MpvZSOwXDZPCEFdDA,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbroKbinxx1-MdIH8F1JqckJx9mqy90E4qCOfPk6NizsuQuVs5Ef0Il8z4-gs0i0YYlLOl5sf-mMwqEc86a-Z2544Od5LZRljF1zpwp9jwbhUB1zwXZsn65exCNPqpGVVFj9_0HjfwLmI5s5Icl0opj8LrM1MpvZSOwXDZPCEFdDA,,&q={searchTerms}),Ersetzt,[514d217ba0fae155bc658deb84808878]
PUP.Optional.SnapDo, HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbroKbinxx1-MdIH8F1JqckJx9mqy90E4qCOfPk6NizsuQuVs5Ef0Il8z4-gs0i0YYlLOl5sf-mMwqEc86a-Z2544Od5LZRljF1zpwp9jwbhUB1zwXZsn65exCNPqpGVVFj9_0HjfwLmI5s5Icl0opj8LrM1MpvZSOwXDZPCEFdDA,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbroKbinxx1-MdIH8F1JqckJx9mqy90E4qCOfPk6NizsuQuVs5Ef0Il8z4-gs0i0YYlLOl5sf-mMwqEc86a-Z2544Od5LZRljF1zpwp9jwbhUB1zwXZsn65exCNPqpGVVFj9_0HjfwLmI5s5Icl0opj8LrM1MpvZSOwXDZPCEFdDA,,&q={searchTerms}),Ersetzt,[cdd19606eab0d95dc9597ff943c131cf]

Ordner: 4
PUP.Optional.ASK, C:\Windows\Temp\APNLogs, In Quarantäne, [2e702c70d1c9f73f8283ae23a85a4fb1], 
PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub, In Quarantäne, [f7a74458376347efd2dac9fa61a1e31d], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\toolbarImages, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 

Dateien: 117
PUP.Optional.OptimizePro, C:\ProgramData\Avira\Antivirus\TEMP\AVSCAN-20161023-130508-8C30AB75\AVSCAN-20161023-130524-8EF15B49, Löschen bei Neustart, [8b13dbc1b0eaeb4ba62c8e9323dd728e], 
PUP.Optional.Wajam, C:\Users\Alexander\AppData\Local\Temp\wajam_install.exe, In Quarantäne, [0e90b4e87b1ff73f4909c45ea35d847c], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Local\Temp\tbHots.dll, In Quarantäne, [623c5646613989ade50ceea13dc78d73], 
PUP.Optional.Somoto, C:\Users\Alexander\AppData\Local\Temp\BetterInstaller.exe, In Quarantäne, [a8f6adefbfdb56e0753f121b22dfb14f], 
Trojan.RotBrowse, C:\Users\Alexander\AppData\Local\Temp\257D.tmp, In Quarantäne, [e8b60498a3f70a2c8a9239eff90b55ab], 
HackTool.Agent.H, C:\Users\Alexander\AppData\Local\Temp\Winject.exe, In Quarantäne, [66387428a7f31026a577908a20e2ab55], 
PUP.Optional.Conduit, C:\Users\Alexander\AppData\Local\Temp\conduitinstaller.exe, In Quarantäne, [920c009cd3c74ee8ad71d2e3e21f08f8], 
PUP.Optional.Iminent, C:\Users\Alexander\AppData\Local\Temp\IminentSetup.exe, In Quarantäne, [e8b6f3a94f4be0568ae988a33fc2b64a], 
PUP.Optional.Babylon, C:\Users\Alexander\AppData\Local\Temp\is1070216317\MyBabylonTB.exe, In Quarantäne, [6539544856445adc92e1d54b27d9b050], 
PUP.Optional.Wajam, C:\Users\Alexander\AppData\Local\Temp\is1070216317\wajam_download.exe, In Quarantäne, [445a47559ffb0135133fc55d9070c33d], 
PUP.Optional.Conduit, C:\Users\Alexander\AppData\Local\Temp\ct2269050\ffLogic.exe, In Quarantäne, [9b03c3d924760d2986983184ec153cc4], 
PUP.Optional.Conduit, C:\Users\Alexander\AppData\Local\Temp\ct2269050\ieLogic.exe, In Quarantäne, [a4fa6834eab043f35fbf3580e12041bf], 
PUP.Optional.Conduit, C:\Users\Alexander\AppData\Local\Temp\ct2269050\statisticsStub.exe, In Quarantäne, [940a7e1e84160e2843dbd5e0ac558f71], 
PUP.Optional.BabSolution, C:\Users\Alexander\AppData\Local\Temp\bus4826\BUSolution.dll, In Quarantäne, [f6a85a42d4c6e84e4087be6b57aaa45c], 
PUP.Optional.Babylon, C:\Users\Alexander\AppData\Local\Temp\06E8C767-BAB0-7891-9DEA-D2B2CE7441F7\Latest\BabMaint.exe, In Quarantäne, [5945435934663ef84f8066f9d133b54b], 
Trojan.RotBrowse, C:\Users\Alexander\AppData\Local\Temp\06E8C767-BAB0-7891-9DEA-D2B2CE7441F7\Latest\ccp.exe, In Quarantäne, [38665d3fb9e1d165fd1f90980400cb35], 
PUP.Optional.Babylon, C:\Users\Alexander\AppData\Local\Temp\06E8C767-BAB0-7891-9DEA-D2B2CE7441F7\Latest\CrxInstaller.dll, In Quarantäne, [910d7824ebaf4ee8e5e52ffab84926da], 
PUP.Optional.Delta, C:\Users\Alexander\AppData\Local\Temp\06E8C767-BAB0-7891-9DEA-D2B2CE7441F7\Latest\MyDeltaTB.exe, In Quarantäne, [247acbd15644e4525543376c9769936d], 
PUP.Optional.Babylon, C:\Users\Alexander\AppData\Local\Temp\06E8C767-BAB0-7891-9DEA-D2B2CE7441F7\Latest\Setup.exe, In Quarantäne, [f4aaf8a4aaf0be7837390c140000f907], 
Adware.SmartBar, C:\Users\Alexander\AppData\Local\Temp\ae6b6d30-0f48-4ed8-b80f-d01e82cc5ca1\LinkuryInstaller.msi, In Quarantäne, [76288814fb9fc4729654a0077d84f808], 
PUP.Optional.Babylon, C:\Users\Alexander\AppData\Local\Temp\updA12E\BabMaint.x, In Quarantäne, [3f5f9705e8b289ada42b68f7f60e3ac6], 
PUP.Optional.APNToolBar, C:\Windows\Temp\avnwldrtemp\setup\Offercast_AVIRAV7_.exe, In Quarantäne, [1985613be7b366d09d1e5ecba55c1ae6], 
PUP.Optional.SmartBar, C:\Windows\Installer\180ff.msi, In Quarantäne, [b8e6b7e59901ab8bd19e65aff9078878], 
PUP.Optional.ASK, C:\Windows\Temp\APNLogs\ic.log, In Quarantäne, [2e702c70d1c9f73f8283ae23a85a4fb1], 
PUP.Optional.Delta.ShrtCln, C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.delta-search.com_0.localstorage, In Quarantäne, [c6d8019bfb9fd660e4077a699e64b34d], 
PUP.Optional.Delta.ShrtCln, C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.delta-search.com_0.localstorage-journal, In Quarantäne, [3c62900c48521a1cce1de5feee1443bd], 
PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\searchplugins\MyStart Search.xml, In Quarantäne, [a6f809937228ef47e5fa38b504fec739], 
PUP.Optional.Conduit, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\searchplugins\conduit.xml, In Quarantäne, [ecb2336907935dd9b119a4f727dc27d9], 
PUP.Optional.SideCubes, C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.sidecubes.com_0.localstorage, In Quarantäne, [c2dcefad2476d165eecf5460847fe818], 
PUP.Optional.SideCubes, C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.sidecubes.com_0.localstorage-journal, In Quarantäne, [4d51b0ec9208013517a6902492714bb5], 
PUP.Optional.SmartBar, C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_amfclgbdpgndipgoegfpkkgobahigbcl_0.localstorage, In Quarantäne, [326c009c405ad264d50ef1c38e75e719], 
PUP.Optional.SmartBar, C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_amfclgbdpgndipgoegfpkkgobahigbcl_0.localstorage-journal, In Quarantäne, [e6b8bce021792b0b3ca730848a79a55b], 
PUP.Optional.WebSearch, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\searchplugins\Web Search.xml, In Quarantäne, [a5f9b1eb9bff77bf5751d3e8d52e6c94], 
PUP.Optional.SafeFinder.ShrtCln, C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.safefinder.com_0.localstorage, In Quarantäne, [adf10a92306ae056815e0ac520e4b34d], 
PUP.Optional.SafeFinder.ShrtCln, C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.safefinder.com_0.localstorage-journal, In Quarantäne, [9d01b4e85e3cf541b22d468981839a66], 
PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\Stb0416468b-52df-42ca-8c65-d0980e0bb998.log, In Quarantäne, [f7a74458376347efd2dac9fa61a1e31d], 
PUP.Optional.ASK.Gen, C:\Windows\Temp\APN-Stub\Stb3a14e02f-ae95-4a2a-841f-4ea3222a1b3b.log, In Quarantäne, [f7a74458376347efd2dac9fa61a1e31d], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050.1000034.Settings, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050.1000082.currentList, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050.1000082.localStations, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050.1000082.nowPlaying, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050.1000082.publisherStations, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050.128834881989343895.search.selectedEngineId, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050.128834881989343895.search.settings, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050.AlertService, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050.AlertsInfoData, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050.appOptions, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050.cookiesRepo, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050.NotificationSettings, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050.NOTIFICATION_ID.alert_login_service, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050.NOTIFICATION_ID.notifications_serviceMap, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050_RAW.serviceLayer_services_translation, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050_10.10.2.10.serviceLayer_services_toolbarSettings, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050_10.10.2.10.serviceLayer_services_translation, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050_RAW.serviceLayer_services_appsMetadata, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050_RAW.serviceLayer_services_appTrackingFirstTime, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050_RAW.serviceLayer_services_gottenAppsContextMenu, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050_RAW.serviceLayer_services_login, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050_RAW.serviceLayer_services_optimizer, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050_RAW.serviceLayer_services_otherAppsContextMenu, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050_RAW.serviceLayer_services_searchAPI, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050_RAW.serviceLayer_services_serviceMap, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050_RAW.serviceLayer_services_toolbarContextMenu, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\toolbar_initializing_logger.txt, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\uninstallData, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\uninstallUrl, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050.pg_conf_global, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050_10.10.2.10.serviceLayer_services_toolbarContextMenu, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050_RAW.serviceLayer_services_toolbarSettings, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050.savedPositions, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050.searchProtectorData, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050.skin, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050_10.10.2.10.serviceLayer_services_appsMetadata, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050_10.10.2.10.serviceLayer_services_appTrackingFirstTime, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050_10.10.2.10.serviceLayer_services_gottenAppsContextMenu, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050_10.10.2.10.serviceLayer_services_login, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050_10.10.2.10.serviceLayer_services_optimizer, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050_10.10.2.10.serviceLayer_services_otherAppsContextMenu, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050_10.10.2.10.serviceLayer_services_searchAPI, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\CT2269050_10.10.2.10.serviceLayer_services_serviceMap, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\toolbarImages\http___storage_conduit_com_50_226_CT2269050_Images_634382054836300000.png, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\toolbarImages\http___storage_conduit_com_50_226_CT2269050_Images_634067677527028750.png, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\toolbarImages\http___storage_conduit_com_50_226_CT2269050_Images_634084057716610000.png, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\toolbarImages\http___storage_conduit_com_50_226_CT2269050_Images_634084059408641250.png, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\toolbarImages\http___storage_conduit_com_50_226_CT2269050_Images_634084059786610000.png, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\toolbarImages\http___storage_conduit_com_50_226_CT2269050_Images_634084060404266250.png, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\toolbarImages\http___storage_conduit_com_50_226_CT2269050_Images_634262976368243750.png, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\toolbarImages\http___storage_conduit_com_50_226_CT2269050_Images_634265435748037500.png, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\toolbarImages\http___storage_conduit_com_50_226_CT2269050_Images_634382053378175000.png, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\toolbarImages\http___storage_conduit_com_images_ClientImages_radio.gif, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\toolbarImages\http___storage_conduit_com_MarketPlace_07_ddd_07caac71-eac9-4963-9fa6-f6c1cc836ddd_Appearance_634581083935348787.png, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\toolbarImages\http___storage_conduit_com_MarketPlace_d2_909_d2d47f0a-2c1d-48a1-8dba-fdebac043909_Appearance_634726116365249321.png, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.ConduitTB.Gen, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\CT2269050\toolbarImages\storage.conduit.com, In Quarantäne, [48566339bdddc6706b141baac53d3dc3], 
PUP.Optional.Babylon, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "hxxp://search.babylon.com/?affID=113480&tt=3312_2&babsrc=NT_ss&mntrId=b08305a70000000000003860775e8b90");), Ersetzt,[2c722b718d0deb4bd8b499ff947041bf]
PUP.Optional.Babylon, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.admin", false);), Ersetzt,[148a3864cad0989ec7c61f790cf86e92]
PUP.Optional.Babylon, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\prefs.js, Gut: (), Schlecht: (ferences

/* Do not edit this file.
 *
 * If you m), Ersetzt,[e1bdcfcdecae2016701da0f87292966a]
PUP.Optional.Babylon, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\prefs.js, Gut: (), Schlecht: (rences

/* Do not edit this file.
 *
 * If you ma), Ersetzt,[2b730c906e2c0432f09d1b7d54b0f010]
PUP.Optional.Babylon, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\prefs.js, Gut: (), Schlecht: (erences

/* Do not edit this file.
 *
 * If you ma), Ersetzt,[5c42f0ac44567db9b3da9bfdae56b848]
PUP.Optional.Babylon, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\prefs.js, Gut: (), Schlecht: (rences

/* Do not edit this file.
 *
 * If you make changes to this file w), Ersetzt,[e2bcc2da069487afeca162362ed606fa]
PUP.Optional.Babylon, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\prefs.js, Gut: (), Schlecht: ( this file.
 *
 * If you make changes to this file whil), Ersetzt,[67371587178343f3a6e702965fa5956b]
PUP.Optional.Babylon, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\prefs.js, Gut: (), Schlecht: (ces

/* Do not edit this file.
 *
 * If you make ch), Ersetzt,[346a86161c7e4de91b72abed18ec6c94]
PUP.Optional.Babylon, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\prefs.js, Gut: (), Schlecht: (ences

/* Do not edit this file.
 *
 * If you make changes ), Ersetzt,[38662973a5f566d08a03bbdd4db7738d]
PUP.Optional.Babylon, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\prefs.js, Gut: (), Schlecht: (
/* Do not edit this file.
 *
 * If you make changes to ), Ersetzt,[049ab1eb8e0cb77fe2ab1682a95b2ed2]
PUP.Optional.Babylon, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\prefs.js, Gut: (), Schlecht: (es

/* Do not edit this file.
 *
 * If you make c), Ersetzt,[108e38648d0dcc6a5b32900830d4ee12]
PUP.Optional.Babylon, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\prefs.js, Gut: (), Schlecht: (erences

/* Do not edit this file.
 *
 * If you make changes to this file while the application ), Ersetzt,[574724787d1da591f895dcbc828240c0]
PUP.Optional.Babylon, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\prefs.js, Gut: (), Schlecht: ( you make changes to this file while the application is), Ersetzt,[920ce5b7e6b42b0b3b524058eb192ed2]
PUP.Optional.Babylon, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\prefs.js, Gut: (), Schlecht: (ences

/* Do not edit this file.
 *
 * If you make c), Ersetzt,[4a5455473763e452f49944546c9843bd]
PUP.Optional.Babylon, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\prefs.js, Gut: (), Schlecht: (nces

/* Do not edit this file.
 *
 * If you mak), Ersetzt,[07971587425839fdcac3beda32d27a86]
PUP.Optional.Babylon, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\prefs.js, Gut: (), Schlecht: (ferences

/* Do not edit this file.
 *
 * If you make changes to this fi), Ersetzt,[bfdf1f7d792150e6137a27719d67b34d]
PUP.Optional.Babylon, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\prefs.js, Gut: (), Schlecht: (it this file.
 *
 * If you make changes to this file), Ersetzt,[049a029a8713ea4c8607d8c0ec1836ca]
PUP.Optional.Babylon, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\prefs.js, Gut: (), Schlecht: (rences

/* Do not edit this file.
 *
 * If you make changes to this file while the application is running,
 * the changes will be overwritten when the a), Ersetzt,[c4da920ad5c541f57e0f1d7b58ac28d8]
PUP.Optional.Babylon, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\prefs.js, Gut: (), Schlecht: (unning,
 * the changes will be overwritten when the appl), Ersetzt,[76282f6dc6d45dd9fc91ecac6a9aa957]
PUP.Optional.Babylon, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\prefs.js, Gut: (), Schlecht: (ces

/* Do not edit this file.
 *
 * If you make c), Ersetzt,[dfbf76260f8b2c0aaedf0692f311ed13]
PUP.Optional.Babylon, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\prefs.js, Gut: (), Schlecht: (rences

/* Do not edit this file.
 *
 * If you make changes to ), Ersetzt,[a3fb76268317cf678b024c4cb0540ef2]
PUP.Optional.Conduit, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}");), Ersetzt,[237b6834a2f84de94a576f29768ee21e]
PUP.Optional.Conduit, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\prefs.js, Gut: (), Schlecht: (user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=2&q=");), Ersetzt,[9a040894b4e6da5c1193831535cf8977]
PUP.Optional.SnapDo, C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\prefs.js, Gut: (user_pref("browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Schlecht: (user_pref("browser.startup.homepage", "hxxp://feed.snap.do), Ersetzt,[811dc9d3c9d186b080b78b1447bd8878]

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

JRT Logfile:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 7 Home Premium x64 
Ran by Alexander (Administrator) on 23.10.2016 at 15:22:58,68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 118 

Successfully deleted: C:\Users\Alexander\AppData\Local\{0412CB03-A439-47F0-B78C-FB6F470DA5C5} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{05B721B8-C20A-4072-B589-7A017F125735} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{0DF1662B-1457-4A2D-A54A-77B761504D05} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{13F1ABA9-272D-41FD-A61C-666B3FDBAB15} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{1AAEA15F-8CE4-4823-A08B-06E7B9558797} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{1D70133D-3E5D-413B-AFFA-02B605589830} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{1F345ECD-5570-4B54-9A45-ABB5899A3436} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{24013133-E992-419D-A932-46E0EA549C08} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{246644CC-B6FB-4F03-A365-D18545720CB9} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{265A3C6E-973C-42E6-BD7E-B2B3601C81C5} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{28AC366B-BB29-430D-8E3B-27317DAEBA19} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{2A7B4547-BD91-41B2-A7C6-6B2B9BF0FABB} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{2DEC34B3-206E-473C-A455-84E0F6BEE21F} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{3404A9B4-6AEB-4DA5-8E70-B0DBCEDA2E5E} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{3687AF50-11A1-40E9-8FED-F58D166743FA} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{3A93622A-6FBE-4A51-8BAE-6A066BE07A80} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{433B2D53-8BA9-423E-B18D-A340DED38B7C} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{51C35F11-8A6F-4ACF-93D3-AB27073567AE} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{5516E049-25BE-48BA-BB88-08509DC88D7E} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{5E6829CF-98DA-4F22-A26F-7C841B6311FA} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{5EC58A98-15C6-4103-AAB6-67FF8A92645E} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{60C32E62-8FF8-44A6-ABFB-70D14EFAADC1} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{61541CA6-E7F7-479D-91C0-A1D012663531} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{64B7E35D-11C9-4842-8B78-4C69A08B09AB} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{652265D9-2593-4BE4-97F4-DBD2C462FC63} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{68CB2E7A-6B6E-4801-8D8F-9173A312494B} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{73E1828B-BAEF-45A6-97BD-1DD3ED53B588} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{75A5222C-C3AB-4F65-9259-B81D7C71B24C} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{7A22A9AD-0972-4B6F-B9F9-56D158476DE3} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{7D809978-CFB1-4250-9F7B-3F3F76DA34E7} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{7EDA5691-C9D3-488B-95C3-E3F95B12EE44} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{810EC328-A899-4BAE-8D03-766DAA1CDCBB} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{835359CB-E717-43AC-ADEC-5DE160B8D2F0} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{861191E2-68F7-4381-A7A9-2F594243AA5F} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{90821CAF-8DB5-4870-A81D-0BD0B1E4AD6E} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{923C92DD-0A2B-4199-9040-D7C2DB90C5F7} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{96732E58-F389-4DB3-92B8-42D381DD817B} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{988CD262-BDA6-45FF-9557-6E8CFADF1DFE} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{9C0CA195-D007-4BBE-84D3-6A867BF39E7C} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{9EEAEB63-7002-4DE8-8223-A843E40EF062} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{A2D5D59A-43BA-47CC-B081-E456960B9D64} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{A3129365-DE74-4133-A51C-137AF5FCAB41} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{A5C0F895-1133-405E-A357-6C40D13F7C9B} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{A6A71AA0-EF72-4ED7-AC72-4785F4AAA812} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{AEF601B8-9324-4025-BC89-C1DA17359588} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{AF99C04C-9508-471C-8F97-7547E69DF7B2} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{B390009D-A6B9-44C4-96CB-F96627E588E4} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{B8C9043C-4BD5-48F9-B10D-BC83C5E78786} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{BFD3C679-EDDA-4D3E-876C-91E807A7E741} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{C079E50D-5810-46D5-A77E-329DDB657429} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{C80FB23B-F7AE-444F-96E1-CC0282FF5B1F} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{C8B97B92-4030-4A66-B1AD-EBE6010B09FB} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{C93DFECD-CB40-4A10-854A-86574C444DAD} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{C9F43EA7-EA1C-414E-904A-0AFCEBD019BC} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{CBF36783-11F1-4A74-B75C-FF27CA452842} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{CC32D6FA-AE65-4975-ADBA-AD4613752F09} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{D224CB21-6AEC-4CC2-B718-36DB494DE81B} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{D47A989A-CFDC-4D74-A13A-02C34F9441A3} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{D4D547BF-5703-44CA-845C-F1D79714F268} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{E128550A-2F6B-42C2-9757-CF293402BAD0} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{E2FF7DD5-4205-46E0-B7C7-A04034AAFF0B} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{E49A6BD6-567B-4056-82C5-F05A18AE43D4} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{E52056D3-4414-458E-920C-93D02098D5F6} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{EBA6EB4B-17C5-4477-A2FE-D8E6A64C7E3E} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{EC3B9F00-A7D4-4D99-8A3C-4F9883B9B00F} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{EEFA45BA-4CB2-4203-AAB0-C74A203150B3} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{F22E4604-9290-46FD-9F76-86D8E6E811CE} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{F9AC50B0-6E8D-475A-84C8-F6A3F133653B} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\{FEE33CD6-38D8-49CE-B9A9-9BF9C2D086D3} (Empty Folder)
Successfully deleted: C:\Users\Alexander\AppData\Local\crashrpt (Folder) 
Successfully deleted: C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\143DLQML (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1KJCT73I (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1TDQTF74 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\628YN44F (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8VWMQDIV (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B109GGHL (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BAQ2OWL3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CDF2644D (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E1RBYP0H (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EFMDZ0AL (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EJ0BG6X8 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JWPWKJ51 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NW7A5HDD (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q9EFZ8TZ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UEXHPA3I (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UFVP92PS (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VHYQ9R53 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XDR1FDN6 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XHDUFXA6 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\143DLQML (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1KJCT73I (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1TDQTF74 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\628YN44F (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8VWMQDIV (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B109GGHL (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BAQ2OWL3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CDF2644D (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E1RBYP0H (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EFMDZ0AL (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EJ0BG6X8 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JWPWKJ51 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NW7A5HDD (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q9EFZ8TZ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UEXHPA3I (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UFVP92PS (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VHYQ9R53 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XDR1FDN6 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XHDUFXA6 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\SysWOW64\sho4E52.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\shoEE94.tmp (File) 

Deleted the following from C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\prefs.js
user_pref(CT2269050.1000082.isPlayDisplay, true);
user_pref(CT2269050.1000082.state, {\state\:\stopped\,\text\:\Hotmix 108\,\description\:\Hotmix 108\,\url\:\hxxp://67.202.67.18:8082\});
user_pref(CT2269050.1000234.TWC_TMP_city, STUTTGART);
user_pref(CT2269050.1000234.TWC_TMP_country, DE);
user_pref(CT2269050.ENABALE_HISTORY, {\dataType\:\string\,\data\:\true\});
user_pref(CT2269050.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE, {\dataType\:\string\,\data\:\true\});
user_pref(CT2269050.FirstTime, true);
user_pref(CT2269050.FirstTimeFF3, true);
user_pref(CT2269050.UserID, UN42056935406918416);
user_pref(CT2269050.addressBarTakeOverEnabledInHidden, true);
user_pref(CT2269050.autoDisableScopes, -1);
user_pref(CT2269050.browser.search.defaultthis.engineName, true);
user_pref(CT2269050.embeddedsData, [{\appId\:\128834881989343895\,\apiPermissions\:{\crossDomainAjax\:true,\getMainFrameTitle\:true,\getMainFrameUrl\:true,\get
user_pref(CT2269050.enableAlerts, always);
user_pref(CT2269050.firstTimeDialogOpened, true);
user_pref(CT2269050.fixPageNotFoundErrorInHidden, true);
user_pref(CT2269050.isEnableAllDialogs, {\dataType\:\string\,\data\:\true\});
user_pref(CT2269050.isNewTabEnabled, true);
user_pref(CT2269050.isPerformedSmartBarTransition, true);
user_pref(CT2269050.isToolbarShrinked, {\dataType\:\string\,\data\:\false\});
user_pref(CT2269050.keyword, true);
user_pref(CT2269050.navigationAliasesJson, {\EB_MAIN_FRAME_URL\:\about%3Aaddons\,\EB_MAIN_FRAME_TITLE\:\\,\EB_SEARCH_TERM\:\\,\EB_TOOLBAR_SUB_DOMAIN\:\hxxp:/
user_pref(CT2269050.openThankYouPage, FALSE);
user_pref(CT2269050.openUninstallPage, FALSE);
user_pref(CT2269050.search.searchAppId, 128834881989343895);
user_pref(CT2269050.search.searchCount, 0);
user_pref(CT2269050.searchInNewTabEnabledInHidden, true);
user_pref(CT2269050.selectToSearchBoxEnabled, {\dataType\:\string\,\data\:\true\});
user_pref(CT2269050.serviceLayer_service_login_isFirstLoginInvoked, {\dataType\:\boolean\,\data\:\true\});
user_pref(CT2269050.serviceLayer_service_login_loginCount, {\dataType\:\number\,\data\:\4\});
user_pref(CT2269050.serviceLayer_service_toolbarGrouping_activeCTID, {\dataType\:\string\,\data\:\CT2269050\});
user_pref(CT2269050.serviceLayer_service_toolbarGrouping_activeDownloadUrl, {\dataType\:\string\,\data\:\hxxp://DVDVideoSoftTB.OurToolbar.com//xpi\});
user_pref(CT2269050.serviceLayer_service_toolbarGrouping_activeToolbarName, {\dataType\:\string\,\data\:\DVDVideoSoftTB\});
user_pref(CT2269050.serviceLayer_service_toolbarGrouping_invoked, {\dataType\:\string\,\data\:\true\});
user_pref(CT2269050.serviceLayer_service_usage_toolbarUsageCount, {\dataType\:\number\,\data\:\2\});
user_pref(CT2269050.serviceLayer_services_appTrackingFirstTime_lastUpdate, 1339833973098);
user_pref(CT2269050.serviceLayer_services_appTracking_lastUpdate, 1339833974551);
user_pref(CT2269050.serviceLayer_services_appsMetadata_lastUpdate, 1339833972990);
user_pref(CT2269050.serviceLayer_services_gottenAppsContextMenu_lastUpdate, 1339833973827);
user_pref(CT2269050.serviceLayer_services_login_10.10.2.10_lastUpdate, 1339833974395);
user_pref(CT2269050.serviceLayer_services_optimizer_lastUpdate, 1339833973072);
user_pref(CT2269050.serviceLayer_services_otherAppsContextMenu_lastUpdate, 1339833973811);
user_pref(CT2269050.serviceLayer_services_searchAPI_lastUpdate, 1339833972731);
user_pref(CT2269050.serviceLayer_services_serviceMap_lastUpdate, 1339833972321);
user_pref(CT2269050.serviceLayer_services_toolbarContextMenu_lastUpdate, 1339833973785);
user_pref(CT2269050.serviceLayer_services_toolbarSettings_lastUpdate, 1339833972589);
user_pref(CT2269050.serviceLayer_services_translation_lastUpdate, 1339833973726);
user_pref(CT2269050.settingsINI, true);
user_pref(CT2269050.shouldFirstTimeDialog, FALSE);
user_pref(CT2269050.smartbar.CTID, CT2269050);
user_pref(CT2269050.smartbar.Uninstall, 0);
user_pref(CT2269050.smartbar.homepage, true);
user_pref(CT2269050.smartbar.toolbarName, DVDVideoSoftTB );
user_pref(CT2269050.toolbarBornServerTime, 16-6-2012);
user_pref(CT2269050.toolbarCurrentServerTime, 16-6-2012);
user_pref(Smartbar.ConduitHomepagesList, hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=13);
user_pref(Smartbar.ConduitSearchEngineList, DVDVideoSoftTB Customized Web Search);
user_pref(Smartbar.ConduitSearchUrlList, hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=2&q=);
user_pref(Smartbar.SearchFromAddressBarSavedUrl, hxxp://mystart.incredibar.com/mb106/?loc=IB_DS&a=6PQuaZyxg6&&i=26&search=);
user_pref(Smartbar.keywordURLSelectedCTID, CT2269050);
user_pref(browser.search.defaultengine, Ask.com);
user_pref(browser.search.defaultenginename, Search the web (Babylon));
user_pref(browser.search.defaultthis.engineName, DVDVideoSoftTB Customized Web Search);
user_pref(browser.search.order.1, Search the web (Babylon));
user_pref(extensions.BabylonToolbar.aflt, babsst);
user_pref(extensions.BabylonToolbar.dfltLng, en);
user_pref(extensions.BabylonToolbar.excTlbr, false);
user_pref(extensions.BabylonToolbar.id, b08305a70000000000003860775e8b90);
user_pref(extensions.BabylonToolbar.instlDay, 15569);
user_pref(extensions.BabylonToolbar.instlRef, sst);
user_pref(extensions.BabylonToolbar.prdct, BabylonToolbar);
user_pref(extensions.BabylonToolbar.prtnrId, babylon);
user_pref(extensions.BabylonToolbar.tlbrId, tb9);
user_pref(extensions.BabylonToolbar.tlbrSrchUrl, hxxp://www.google.com/search?babsrc=TB_ggl&q=);
user_pref(extensions.BabylonToolbar.vrsn, 1.6.4.6);
user_pref(extensions.BabylonToolbar.vrsni, 1.6.4.6);
user_pref(extensions.BabylonToolbar_i.babExt, );
user_pref(extensions.BabylonToolbar_i.babTrack, affID=113480&tt=3312_2);
user_pref(extensions.BabylonToolbar_i.newTab, true);
user_pref(extensions.BabylonToolbar_i.newTabUrl, hxxp://search.babylon.com/?affID=113480&tt=3312_2&babsrc=NT_ss&mntrId=b08305a70000000000003860775e8b90);
user_pref(extensions.BabylonToolbar_i.smplGrp, none);
user_pref(extensions.BabylonToolbar_i.srcExt, ss);
user_pref(extensions.BabylonToolbar_i.vrsnTs, 1.6.4.619:14:34);
user_pref(extensions.asktb.ff-original-keyword-url, );
user_pref(browser.startup.homepage, hxxps://www.malwarebytes.org/restorebrowser//?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=30594faf-35f8-4df7-8fc1-a4ab21
user_pref(browser.search.selectedEngine, Web Search);
user_pref(keyword.URL, hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=30594faf-35f8-4df7-8fc1-a4ab2190240a&searchtype=ds&q=);



Registry: 4 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\Default_Search_URL (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} (Registry Value) 
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value) 




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23.10.2016 at 15:24:49,34
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

--- --- ---

crtys · 23.10.2016, 14:27

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 17-10-2016
durchgeführt von Alexander (Administrator) auf ALEXANDER-PC (23-10-2016 15:26:12)
Gestartet von C:\Users\Alexander\Desktop
Geladene Profile: Alexander &  (Verfügbare Profile: Alexander)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM GmbH) C:\Program Files (x86)\FRITZ!Powerline\PowerlineService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel) C:\Program Files (x86)\Common Files\Intel\Schedule2\schedul2.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\OEM\USBDECTION\USBS3S4Detection.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn Inc.) D:\Programme (x99)\x64\hamachi-2.exe
(LogMeIn, Inc.) D:\Programme (x99)\x64\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Google Inc.) C:\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11580520 2010-11-11] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [Intel Scheduler2 Service] => C:\Program Files (x86)\Common Files\Intel\Schedule2\schedhlp.exe [362792 2010-11-19] (Intel)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2465088 2014-11-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [2800296 2014-11-17] (NVIDIA Corporation)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340336 2010-09-28] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-09-18] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-09-18] (Egis Technology Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [38872 2012-07-31] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [620136 2011-01-19] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Blackwidow Driver] => C:\Program Files (x86)\Razer\BlackWidow\BlackwidowTray.exe [887696 2011-05-16] (Razer USA Ltd)
HKLM-x32\...\Run: [DataMigrationSoftwareMonitor.exe] => C:\Program Files (x86)\Intel\DataMigrationSoftware\DataMigrationSoftwareMonitor.exe [2639552 2010-11-19] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-04-22] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [917584 2016-10-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-08-19] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\...\Run: [[REGKEY]] => "C:\Users\Alexander\AppData\Roaming\[FILENAME].exe"
HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\...\Run: [] => C:\ [0 ] ()
HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [231424 2012-04-05] ()
HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\...\Run: [Steam] => D:\Steam\steam.exe [2860832 2016-10-13] (Valve Corporation)
HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\...\Run: [Spotify Web Helper] => C:\Users\Alexander\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1483888 2016-10-23] (Spotify Ltd)
HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\...\MountPoints2: {3388a92b-a354-11e1-b837-3860775e8b90} - E:\Intuix_Launcher.exe
HKU\S-1-5-21-3003065676-2518410820-2162268670-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\RunOnce: [ScrSav] => C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [154144 2010-07-29] ()
HKU\S-1-5-21-3003065676-2518410820-2162268670-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Acer.scr [456224 2010-07-29] ()
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
SSODL-x32: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - C:\Program Files (x86)\Stardock\Object Desktop\IconPackager\iprepair.dll (Stardock.net, Inc)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Alexander\AppData\Local\MEGAsync\ShellExtX64.dll Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Alexander\AppData\Local\MEGAsync\ShellExtX64.dll Keine Datei
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Alexander\AppData\Local\MEGAsync\ShellExtX64.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Alexander\AppData\Local\MEGAsync\ShellExtX32.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Alexander\AppData\Local\MEGAsync\ShellExtX32.dll Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Alexander\AppData\Local\MEGAsync\ShellExtX32.dll Keine Datei

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{082B2073-A999-47A3-B4E7-3CFFCEDBB46F}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{599FAC72-ABD7-4441-89AA-D3E8ED2487E5}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000 -> ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-04-06] (Oracle Corporation)
BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll => Keine Datei
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-30] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-25] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2011-05-13] (Microsoft Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll => Keine Datei
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-25] (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01] (Microsoft Corporation.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default [2016-10-23]
FF Extension: (Kein Name) - C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\Profiles\oxdi5dia.default\extensions\ich@maltegoetz.de [nicht gefunden]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_185.dll [2016-10-11] ()
FF Plugin: @java.com/DTPlugin,version=10.2.1 -> C:\Windows\system32\npDeployJava1.dll [2012-04-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-04-06] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-10-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-25] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [2013-11-21] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-09-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2012-09-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-11-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-11-11] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2012-07-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3003065676-2518410820-2162268670-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Alexander\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3003065676-2518410820-2162268670-1000: @talk.google.com/O1DPlugin -> C:\Users\Alexander\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3003065676-2518410820-2162268670-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Alexander\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-3003065676-2518410820-2162268670-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Alexander\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Alexander\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Alexander\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default [2016-10-23]
CHR Extension: (Google Präsentationen) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-23]
CHR Extension: (Google Docs) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-23]
CHR Extension: (Google Drive) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-23]
CHR Extension: (YouTube) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-23]
CHR Extension: (Google Tabellen) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-23]
CHR Extension: (Avira Browserschutz) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-10-23]
CHR Extension: (Google Docs Offline) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-23]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-23]
CHR Extension: (Google Mail) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-23]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <kein Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx <nicht gefunden>
StartMenuInternet: Google Chrome.653N5RDONOFFB7P4LY2BNY2ID4 - C:\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1086040 2016-10-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [475232 2016-10-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [475232 2016-10-05] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [324304 2016-08-19] (Avira Operations GmbH & Co. KG)
R2 AVMPowerlineService; C:\Program Files (x86)\FRITZ!Powerline\PowerlineService.exe [139264 2014-05-21] (AVM GmbH) [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1404936 2016-08-01] ()
S3 celavimushost; D:\CSGO Client Beta\CelavimusClientHelper.exe [124120 2015-08-14] (altPUG LLC)
S3 CGVPNCliSrvc; C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2438696 2012-04-26] (mobile concepts GmbH)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-11-17] (NVIDIA Corporation)
R2 Hamachi2Svc; D:\Programme (x99)\x64\hamachi-2.exe [2621448 2016-09-13] (LogMeIn Inc.)
R2 IntSch2Svc; C:\Program Files (x86)\Common Files\Intel\Schedule2\schedul2.exe [1165200 2010-11-19] (Intel)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5124464 2012-12-16] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-11-17] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19821376 2014-11-17] (NVIDIA Corporation)
S3 Origin Client Service; D:\Programme (x99)\Origin\OriginClientService.exe [2130440 2016-09-11] (Electronic Arts)
S2 Origin Web Helper Service; D:\Programme (x99)\Origin\OriginWebHelperService.exe [2195984 2016-09-11] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-03-20] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6940944 2016-02-16] (TeamViewer GmbH)
R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC)
R2 USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [76320 2009-12-09] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 AntiVirWebService; "C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE" [X]
S2 NOBU; "C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [177432 2016-10-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [145536 2016-10-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-16] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ESEADriver2; C:\Users\Alexander\AppData\Local\Temp\ESEADriver2.sys [316768 2016-01-12] ()
S3 ESLvnic1; C:\Windows\System32\DRIVERS\ESLvnic.sys [25528 2012-01-24] (Turtle Entertainment GmbH)
S3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2amd64.sys [62168 2010-09-29] (Logitech)
S3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMamd64.sys [377176 2010-09-29] (Logitech)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20800 2014-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
R3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [154624 2011-05-12] (Razer USA Ltd)
R3 SAlphamHid; C:\Windows\System32\DRIVERS\SAlpham64.sys [34944 2011-09-16] (SteelSeries Corporation)
R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] ()
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 WPS; \??\C:\Windows\system32\drivers\wpsdrvnt.sys [X]
S3 WpsHelper; \??\C:\Windows\system32\drivers\WpsHelper.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-23 15:26 - 2016-10-23 15:26 - 00024984 _____ C:\Users\Alexander\Desktop\FRST.txt
2016-10-23 15:24 - 2016-10-23 15:24 - 00023145 _____ C:\Users\Alexander\Desktop\JRT.txt
2016-10-23 15:21 - 2016-10-23 15:21 - 00037033 _____ C:\Users\Alexander\Desktop\mbam.txt.txt
2016-10-23 13:08 - 2016-10-23 15:20 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-10-23 13:02 - 2016-10-23 13:02 - 00000000 _____ C:\Users\Alexander\Desktop\clean.txt
2016-10-23 12:59 - 2016-10-23 12:59 - 01631928 _____ (Malwarebytes) C:\Users\Alexander\Desktop\JRT.exe
2016-10-23 12:58 - 2016-10-23 13:33 - 00001104 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-10-23 12:58 - 2016-10-23 12:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-10-23 12:58 - 2016-10-23 12:58 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-10-23 12:58 - 2016-10-23 12:58 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-10-23 12:58 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-10-23 12:58 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-10-23 12:58 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-10-23 12:57 - 2016-10-23 12:58 - 22851472 _____ (Malwarebytes ) C:\Users\Alexander\Downloads\mbam-setup-2.2.1.1043.exe
2016-10-23 12:54 - 2016-10-23 13:05 - 00000000 ____D C:\Users\Alexander\Desktop\AdwCleaner
2016-10-23 12:53 - 2016-10-23 12:53 - 03910208 _____ C:\Users\Alexander\Desktop\AdwCleaner_6.030.exe
2016-10-20 17:07 - 2016-10-20 17:07 - 00006033 _____ C:\Users\Alexander\Downloads\Addition.zip
2016-10-20 16:34 - 2016-10-20 16:36 - 00222056 _____ C:\TDSSKiller.3.1.0.11_20.10.2016_16.34.39_log.txt
2016-10-20 16:34 - 2016-10-20 16:34 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Alexander\Downloads\tdsskiller.exe
2016-10-20 16:30 - 2016-10-20 16:31 - 00095587 _____ C:\Users\Alexander\Downloads\Addition.txt
2016-10-20 16:30 - 2016-10-20 16:31 - 00088238 _____ C:\Users\Alexander\Downloads\FRST.txt
2016-10-20 16:29 - 2016-10-23 15:26 - 00000000 ____D C:\FRST
2016-10-20 16:29 - 2016-10-20 16:29 - 02407424 _____ (Farbar) C:\Users\Alexander\Desktop\FRST64.exe
2016-10-20 13:28 - 2016-10-23 13:33 - 00000588 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2016-10-20 13:28 - 2016-10-20 13:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-10-20 13:27 - 2016-10-20 13:27 - 01474568 _____ C:\Users\Alexander\Downloads\Revo Uninstaller - CHIP-Installer.exe
2016-10-12 13:00 - 2016-09-30 22:13 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-10-12 13:00 - 2016-09-30 21:28 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-10-12 13:00 - 2016-09-30 17:37 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-10-12 13:00 - 2016-09-30 17:20 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-10-12 13:00 - 2016-09-30 17:20 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-10-12 13:00 - 2016-09-30 09:55 - 25765376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-10-12 13:00 - 2016-09-30 08:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-10-12 13:00 - 2016-09-30 08:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-10-12 13:00 - 2016-09-30 08:26 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-10-12 13:00 - 2016-09-30 08:25 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-10-12 13:00 - 2016-09-30 08:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-10-12 13:00 - 2016-09-30 08:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-10-12 13:00 - 2016-09-30 08:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-10-12 13:00 - 2016-09-30 08:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-10-12 13:00 - 2016-09-30 08:18 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-10-12 13:00 - 2016-09-30 08:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-10-12 13:00 - 2016-09-30 08:14 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-10-12 13:00 - 2016-09-30 08:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-10-12 13:00 - 2016-09-30 08:13 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-10-12 13:00 - 2016-09-30 08:12 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-10-12 13:00 - 2016-09-30 08:12 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-10-12 13:00 - 2016-09-30 08:09 - 06048256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-10-12 13:00 - 2016-09-30 08:05 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-10-12 13:00 - 2016-09-30 08:02 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-10-12 13:00 - 2016-09-30 07:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-10-12 13:00 - 2016-09-30 07:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-10-12 13:00 - 2016-09-30 07:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-10-12 13:00 - 2016-09-30 07:51 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-10-12 13:00 - 2016-09-30 07:50 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-10-12 13:00 - 2016-09-30 07:47 - 20306944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-10-12 13:00 - 2016-09-30 07:47 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-10-12 13:00 - 2016-09-30 07:46 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-10-12 13:00 - 2016-09-30 07:42 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-10-12 13:00 - 2016-09-30 07:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-10-12 13:00 - 2016-09-30 07:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-10-12 13:00 - 2016-09-30 07:42 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-10-12 13:00 - 2016-09-30 07:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-10-12 13:00 - 2016-09-30 07:38 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-10-12 13:00 - 2016-09-30 07:36 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-10-12 13:00 - 2016-09-30 07:35 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-10-12 13:00 - 2016-09-30 07:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-10-12 13:00 - 2016-09-30 07:33 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-10-12 13:00 - 2016-09-30 07:33 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-10-12 13:00 - 2016-09-30 07:32 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-10-12 13:00 - 2016-09-30 07:32 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-10-12 13:00 - 2016-09-30 07:32 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-10-12 13:00 - 2016-09-30 07:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-10-12 13:00 - 2016-09-30 07:31 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-10-12 13:00 - 2016-09-30 07:31 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-10-12 13:00 - 2016-09-30 07:24 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-10-12 13:00 - 2016-09-30 07:21 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-10-12 13:00 - 2016-09-30 07:19 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-10-12 13:00 - 2016-09-30 07:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-10-12 13:00 - 2016-09-30 07:17 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-10-12 13:00 - 2016-09-30 07:17 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-10-12 13:00 - 2016-09-30 07:15 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-10-12 13:00 - 2016-09-30 07:14 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-10-12 13:00 - 2016-09-30 07:13 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-10-12 13:00 - 2016-09-30 07:12 - 04608512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-10-12 13:00 - 2016-09-30 07:07 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-10-12 13:00 - 2016-09-30 07:05 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-10-12 13:00 - 2016-09-30 07:05 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-10-12 13:00 - 2016-09-30 07:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-10-12 13:00 - 2016-09-30 07:05 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-10-12 13:00 - 2016-09-30 07:03 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-10-12 13:00 - 2016-09-30 06:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-10-12 13:00 - 2016-09-30 06:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-10-12 13:00 - 2016-09-30 06:43 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-10-12 13:00 - 2016-09-30 06:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-10-12 13:00 - 2016-09-15 17:30 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-10-12 13:00 - 2016-09-15 17:30 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-10-12 13:00 - 2016-09-15 17:15 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-10-12 13:00 - 2016-09-15 17:15 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-10-12 13:00 - 2016-09-12 23:13 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-10-12 13:00 - 2016-09-12 23:13 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-10-12 13:00 - 2016-09-12 23:08 - 01465344 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-10-12 13:00 - 2016-09-12 23:08 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-10-12 13:00 - 2016-09-12 23:08 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-10-12 13:00 - 2016-09-12 23:08 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-10-12 13:00 - 2016-09-12 23:08 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-10-12 13:00 - 2016-09-12 23:08 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-10-12 13:00 - 2016-09-12 23:08 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-10-12 13:00 - 2016-09-12 23:08 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-10-12 13:00 - 2016-09-12 23:08 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-10-12 13:00 - 2016-09-12 23:08 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-10-12 13:00 - 2016-09-12 23:08 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-10-12 13:00 - 2016-09-12 23:08 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-10-12 13:00 - 2016-09-12 23:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-10-12 13:00 - 2016-09-12 23:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-10-12 13:00 - 2016-09-12 23:08 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-10-12 13:00 - 2016-09-12 23:08 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-10-12 13:00 - 2016-09-12 23:08 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-10-12 13:00 - 2016-09-12 23:08 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-10-12 13:00 - 2016-09-12 23:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-10-12 13:00 - 2016-09-12 22:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-10-12 13:00 - 2016-09-12 22:49 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-10-12 13:00 - 2016-09-12 22:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-10-12 13:00 - 2016-09-12 22:49 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-10-12 13:00 - 2016-09-12 22:49 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-10-12 13:00 - 2016-09-12 22:49 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-10-12 13:00 - 2016-09-12 22:49 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-10-12 13:00 - 2016-09-12 22:49 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-10-12 13:00 - 2016-09-12 22:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-10-12 13:00 - 2016-09-12 22:49 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-10-12 13:00 - 2016-09-12 22:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-10-12 13:00 - 2016-09-12 22:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-10-12 13:00 - 2016-09-12 22:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-10-12 13:00 - 2016-09-12 22:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-10-12 13:00 - 2016-09-12 22:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-10-12 13:00 - 2016-09-12 22:49 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-10-12 13:00 - 2016-09-12 22:39 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-10-12 13:00 - 2016-09-12 22:37 - 03218944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-10-12 13:00 - 2016-09-12 22:32 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-10-12 13:00 - 2016-09-12 22:32 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-10-12 13:00 - 2016-09-12 22:32 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-10-12 13:00 - 2016-09-12 22:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-10-12 13:00 - 2016-09-12 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-10-12 13:00 - 2016-09-12 22:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-10-12 13:00 - 2016-09-12 21:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-10-12 13:00 - 2016-09-12 20:43 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-10-12 13:00 - 2016-09-12 20:43 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-10-12 13:00 - 2016-09-10 18:19 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-10-12 13:00 - 2016-09-10 17:53 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-10-12 13:00 - 2016-09-09 20:29 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-10-12 13:00 - 2016-09-09 20:26 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-10-12 13:00 - 2016-09-09 20:23 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 20:01 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-10-12 13:00 - 2016-09-09 20:00 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-10-12 13:00 - 2016-09-09 20:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-10-12 13:00 - 2016-09-09 20:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-10-12 13:00 - 2016-09-09 20:00 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:51 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-10-12 13:00 - 2016-09-09 19:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-10-12 13:00 - 2016-09-09 19:51 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-10-12 13:00 - 2016-09-09 19:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-10-12 13:00 - 2016-09-09 19:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-10-12 13:00 - 2016-09-09 19:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-10-12 13:00 - 2016-09-09 19:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-10-12 13:00 - 2016-09-09 19:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-10-12 13:00 - 2016-09-09 19:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-10-12 13:00 - 2016-09-09 19:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-10-12 13:00 - 2016-09-09 19:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-10-12 13:00 - 2016-09-09 19:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-10-12 13:00 - 2016-09-08 22:34 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-10-12 13:00 - 2016-09-08 22:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-10-12 13:00 - 2016-09-08 22:34 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-10-12 13:00 - 2016-09-08 22:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-10-12 13:00 - 2016-09-08 16:55 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-10-12 13:00 - 2016-09-08 16:55 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-10-12 13:00 - 2016-08-12 19:02 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-10-12 13:00 - 2016-08-12 19:02 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-10-12 13:00 - 2016-08-12 19:02 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-10-12 13:00 - 2016-08-12 19:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-10-12 13:00 - 2016-08-12 19:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-10-12 13:00 - 2016-08-12 18:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-10-12 13:00 - 2016-08-12 18:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-10-12 13:00 - 2016-08-12 18:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-10-12 13:00 - 2016-08-12 18:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-10-12 13:00 - 2016-08-12 18:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-10-12 13:00 - 2016-08-12 18:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-10-12 13:00 - 2016-08-06 17:31 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-10-12 13:00 - 2016-08-06 17:31 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2016-10-12 13:00 - 2016-08-06 17:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-10-12 13:00 - 2016-08-06 17:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-10-12 13:00 - 2016-08-06 17:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2016-10-12 13:00 - 2016-08-06 17:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2016-10-12 13:00 - 2016-08-06 17:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-10-12 13:00 - 2016-08-06 17:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2016-10-12 13:00 - 2016-08-06 17:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-10-12 13:00 - 2016-08-06 17:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-10-12 13:00 - 2016-08-06 17:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2016-10-12 13:00 - 2016-08-06 17:01 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-10-12 13:00 - 2016-08-06 17:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2016-10-12 13:00 - 2016-08-06 16:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2016-10-12 13:00 - 2016-08-06 16:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2016-10-12 13:00 - 2016-08-06 16:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2016-10-12 13:00 - 2016-06-14 19:21 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-10-12 13:00 - 2016-06-14 19:16 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2016-10-12 13:00 - 2016-06-14 19:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-10-12 13:00 - 2016-06-14 19:11 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2016-10-12 13:00 - 2016-06-14 17:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2016-10-12 13:00 - 2016-06-14 17:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-10-12 13:00 - 2016-06-14 17:15 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-10-12 13:00 - 2016-06-14 17:15 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-10-12 13:00 - 2016-06-14 17:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-10-12 13:00 - 2016-06-14 17:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-10-12 13:00 - 2016-06-14 17:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-10-12 13:00 - 2016-06-14 17:00 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2016-10-12 13:00 - 2016-06-14 17:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2016-10-12 12:59 - 2016-09-12 23:17 - 00077032 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-10-12 12:59 - 2016-09-12 23:08 - 01226752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-10-12 12:59 - 2016-09-09 17:54 - 01629184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-10-12 12:59 - 2016-09-09 17:54 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-10-12 12:59 - 2016-09-09 17:54 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-10-12 12:59 - 2016-09-09 17:54 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-10-12 12:59 - 2016-09-09 17:54 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-10-12 12:59 - 2016-09-09 17:54 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-10-12 12:59 - 2016-09-09 17:54 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-10-12 12:59 - 2016-08-29 17:31 - 14183424 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-10-12 12:59 - 2016-08-29 17:31 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-10-12 12:59 - 2016-08-29 17:31 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-10-12 12:59 - 2016-08-29 17:12 - 12880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-10-12 12:59 - 2016-08-29 17:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-10-12 12:59 - 2016-08-29 17:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-10-12 12:59 - 2016-08-29 17:04 - 03229696 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-10-12 12:59 - 2016-08-29 16:55 - 02972672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-10-12 12:59 - 2016-08-16 22:40 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2016-10-12 12:59 - 2016-08-16 22:40 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2016-10-12 12:59 - 2016-08-16 22:40 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2016-10-12 12:59 - 2016-08-16 22:40 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-10-12 12:59 - 2016-08-16 22:40 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2016-10-12 12:59 - 2016-08-16 22:40 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2016-10-12 12:59 - 2016-08-16 22:40 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2016-10-12 12:59 - 2016-07-22 16:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-10-12 12:59 - 2016-07-22 16:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-10-10 22:57 - 2016-10-23 13:33 - 00000590 _____ C:\Users\Public\Desktop\Mz RAM Booster.lnk
2016-10-10 22:57 - 2016-10-10 22:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mz Ultimate Tools
2016-10-10 22:56 - 2016-10-10 22:56 - 01474568 _____ C:\Users\Alexander\Downloads\Mz RAM Booster - CHIP-Installer.exe
2016-10-10 22:24 - 2016-10-10 22:25 - 00000000 ____D C:\Users\Alexander\Desktop\Fix it
2016-10-10 22:23 - 2016-10-10 22:24 - 15549025 _____ C:\Users\Alexander\Downloads\Microsoft_Fix-it-Paket.zip
2016-10-10 22:19 - 2016-10-10 22:19 - 00000025 _____ C:\Users\Alexander\Desktop\skript.vbs
2016-10-10 19:28 - 2016-10-10 19:28 - 00000000 ____D C:\Windows\Symbols
2016-10-10 19:06 - 2016-10-10 19:06 - 00000000 ____D C:\Crash
2016-10-10 19:02 - 2016-10-10 19:05 - 00000000 ____D C:\Users\Alexander\AppData\LocalLow\Daybreak Game Company
2016-10-10 19:02 - 2016-10-10 19:02 - 00000000 ____D C:\Users\Alexander\AppData\Local\SCE
2016-10-10 19:02 - 2016-10-10 19:02 - 00000000 ____D C:\Users\Alexander\AppData\Local\Daybreak Game Company
2016-10-10 15:57 - 2016-10-10 15:57 - 00000202 _____ C:\Users\Alexander\Desktop\H1Z1 King of the Kill.url
2016-10-10 07:56 - 2016-10-10 07:56 - 00000000 ____D C:\Users\Alexander\Documents\mods
2016-10-10 07:55 - 2016-10-10 07:55 - 00000000 ____D C:\Users\Alexander\Documents\ArmA 2 Other Profiles
2016-10-10 07:55 - 2016-10-10 07:55 - 00000000 ____D C:\Users\Alexander\Documents\ArmA 2
2016-10-10 07:54 - 2016-10-10 07:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DZLauncher
2016-10-10 07:53 - 2016-10-10 07:54 - 13927528 _____ (Maca134 ) C:\Users\Alexander\Downloads\setup_dzlauncher.exe
2016-10-10 05:34 - 2016-10-10 05:34 - 02932736 _____ C:\Users\Alexander\Downloads\Dotjosh.DayZCommander.Installer.msi
2016-10-09 15:14 - 2016-10-09 15:14 - 00000000 ____D C:\Users\Alexander\Desktop\runtime
2016-10-09 15:12 - 2016-10-23 01:15 - 00001093 _____ C:\Users\Alexander\Desktop\nativelog.txt
2016-10-09 15:12 - 2016-10-09 15:15 - 00000000 ____D C:\Users\Alexander\Desktop\game
2016-10-05 13:42 - 2016-10-23 13:34 - 00002180 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Knuddels.lnk
2016-10-05 13:42 - 2016-10-23 13:33 - 00002124 _____ C:\Users\Alexander\Desktop\Knuddels.lnk
2016-10-05 13:42 - 2016-10-05 13:42 - 00031720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avusbflt.sys
2016-10-05 13:40 - 2016-10-06 11:24 - 00000000 ____D C:\Users\Alexander\Knuddels-Stapp
2016-10-05 13:40 - 2016-10-05 13:40 - 01994832 _____ C:\Users\Alexander\Downloads\KnuddelsSetup.WI4AY3V.exe
2016-09-24 16:35 - 2016-09-24 16:37 - 65436582 _____ C:\Users\Alexander\Downloads\61e1cd4c-bedd-4b6e-9bcb-676a090232d6.dem.gz

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-10-23 15:04 - 2012-08-23 16:17 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3003065676-2518410820-2162268670-1000UA.job
2016-10-23 14:55 - 2012-10-29 13:22 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-23 14:46 - 2012-03-31 12:12 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-23 13:34 - 2016-02-20 01:04 - 00000975 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-10-23 13:34 - 2015-06-03 19:13 - 00002160 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2016-10-23 13:34 - 2012-08-17 19:19 - 00000854 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
2016-10-23 13:34 - 2012-08-17 19:19 - 00000814 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
2016-10-23 13:34 - 2012-08-17 19:19 - 00000799 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
2016-10-23 13:34 - 2012-04-29 20:46 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-10-23 13:34 - 2012-04-10 21:52 - 00001001 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2016-10-23 13:34 - 2012-03-17 01:05 - 00001150 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-10-23 13:34 - 2012-01-29 08:29 - 00001309 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
2016-10-23 13:34 - 2011-12-24 20:31 - 00001959 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fooz Kids.lnk
2016-10-23 13:34 - 2011-09-23 14:15 - 00002538 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2016-10-23 13:34 - 2011-09-23 14:04 - 00001378 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2016-10-23 13:34 - 2011-09-23 14:00 - 00001494 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2016-10-23 13:34 - 2011-03-16 15:48 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
2016-10-23 13:34 - 2011-03-16 14:58 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-10-23 13:34 - 2011-03-16 14:58 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-10-23 13:34 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-10-23 13:34 - 2009-07-14 06:57 - 00001352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2016-10-23 13:34 - 2009-07-14 06:57 - 00001330 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2016-10-23 13:34 - 2009-07-14 06:57 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2016-10-23 13:34 - 2009-07-14 06:54 - 00001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2016-10-23 13:33 - 2016-09-17 14:00 - 00001136 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-10-23 13:33 - 2016-02-20 00:04 - 00000557 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2016-10-23 13:33 - 2015-09-07 11:57 - 00002693 _____ C:\Users\Public\Desktop\Skype.lnk
2016-10-23 13:33 - 2015-07-06 21:35 - 00000939 _____ C:\Users\Public\Desktop\FRITZ!Powerline.lnk
2016-10-23 13:33 - 2015-03-26 13:14 - 00001560 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-10-23 13:33 - 2015-03-26 00:45 - 00000906 _____ C:\Users\Public\Desktop\Battle.net.lnk
2016-10-23 13:33 - 2015-03-10 20:15 - 00000712 _____ C:\Users\Alexander\Desktop\ESEA Client.lnk
2016-10-23 13:33 - 2014-09-16 20:55 - 00002125 _____ C:\Users\Alexander\Desktop\Skype.lnk
2016-10-23 13:33 - 2012-08-30 23:28 - 00001833 _____ C:\Users\Alexander\Desktop\Spotify.lnk
2016-10-23 13:33 - 2012-08-30 23:28 - 00001819 _____ C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-10-23 13:33 - 2012-08-29 13:52 - 00002396 _____ C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-23 13:33 - 2012-07-06 13:31 - 00001134 _____ C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play IW4M (Modern Warfare 2).lnk
2016-10-23 13:33 - 2012-04-26 11:10 - 00000542 _____ C:\Users\Public\Desktop\Steam.lnk
2016-10-23 13:33 - 2012-02-21 14:42 - 00000355 _____ C:\Users\Alexander\Desktop\Computer.lnk
2016-10-23 13:33 - 2012-01-08 14:36 - 00001429 _____ C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-10-23 13:33 - 2009-07-14 07:01 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2016-10-23 13:33 - 2009-07-14 06:49 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2016-10-23 13:33 - 2009-07-14 06:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-23 13:33 - 2009-07-14 06:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-23 13:31 - 2011-09-21 08:15 - 00702980 _____ C:\Windows\system32\perfh007.dat
2016-10-23 13:31 - 2011-09-21 08:15 - 00150620 _____ C:\Windows\system32\perfc007.dat
2016-10-23 13:31 - 2009-07-14 07:13 - 01629508 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-23 13:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-10-23 13:25 - 2012-05-16 17:34 - 00000000 ____D C:\Users\Alexander\AppData\Local\LogMeIn Hamachi
2016-10-23 13:24 - 2013-10-03 16:09 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-10-23 13:24 - 2012-10-29 13:22 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-23 13:24 - 2012-01-29 08:31 - 00000000 ____D C:\Windows\ro
2016-10-23 13:24 - 2011-12-24 23:27 - 00000000 ____D C:\ProgramData\clear.fi
2016-10-23 13:24 - 2011-09-23 13:34 - 00000000 ____D C:\ProgramData\NVIDIA
2016-10-23 13:24 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-23 13:23 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-10-23 13:02 - 2012-08-30 23:28 - 00000000 ____D C:\Users\Alexander\AppData\Local\Spotify
2016-10-23 12:57 - 2012-08-30 23:27 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\Spotify
2016-10-22 23:48 - 2011-12-25 01:53 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\TS3Client
2016-10-22 23:04 - 2012-08-23 16:17 - 00001084 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3003065676-2518410820-2162268670-1000Core.job
2016-10-12 22:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-10-12 20:04 - 2011-12-29 15:49 - 00000000 ____D C:\Users\Alexander\AppData\Local\ElevatedDiagnostics
2016-10-12 17:34 - 2016-08-18 13:20 - 00000000 ____D C:\Windows\rescache
2016-10-12 16:56 - 2009-07-14 06:45 - 04994848 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-12 16:55 - 2014-12-12 14:33 - 00000000 ____D C:\Windows\system32\appraiser
2016-10-12 16:55 - 2014-05-06 22:09 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-10-12 16:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-10-12 16:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Dism
2016-10-12 14:43 - 2013-08-14 15:45 - 00000000 ____D C:\Windows\system32\MRT
2016-10-12 14:37 - 2013-03-13 18:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-10-12 14:37 - 2012-01-07 10:58 - 143495576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-10-12 14:36 - 2013-03-13 18:21 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-12 14:36 - 2013-03-13 18:21 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-10-11 22:46 - 2012-03-31 12:12 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-10-11 22:46 - 2012-03-31 12:12 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-10-11 22:46 - 2012-01-03 01:31 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-11 22:46 - 2012-01-03 01:31 - 00000000 ____D C:\Windows\system32\Macromed
2016-10-11 22:46 - 2011-03-16 15:49 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-10-10 22:26 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\Downloaded Program Files
2016-10-10 21:40 - 2012-10-06 13:02 - 00000000 ____D C:\ProgramData\Origin
2016-10-10 21:40 - 2011-12-24 20:40 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\Skype
2016-10-10 19:02 - 2013-11-06 17:01 - 00000000 ____D C:\ProgramData\Package Cache
2016-10-05 13:42 - 2013-08-05 22:29 - 00177432 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2016-10-05 13:42 - 2013-08-05 22:29 - 00145536 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-10-05 13:42 - 2013-08-05 22:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-10-05 13:40 - 2011-12-24 20:31 - 00000000 ____D C:\Users\Alexander
2016-09-24 11:05 - 2012-10-06 13:04 - 00000000 ____D C:\Users\Alexander\AppData\Roaming\Origin

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-02-19 14:09 - 2012-07-03 16:41 - 0168864 _____ () C:\Program Files\Common Files\WireHelpSvc.exe
2012-02-22 21:10 - 2012-02-22 21:10 - 0003584 _____ () C:\Users\Alexander\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-09-23 14:07 - 2011-09-23 14:09 - 0014802 _____ () C:\ProgramData\ArcadeDeluxe5.log
2011-03-16 15:08 - 2010-03-02 23:59 - 0131984 _____ () C:\ProgramData\FullRemove.exe

Einige Dateien in TEMP:
====================
C:\Users\Alexander\AppData\Local\Temp\4c0dbd791b8647ba9e70b8dd39a82ff4Delay.exe
C:\Users\Alexander\AppData\Local\Temp\833bb724e3044ac386c2df6bfa6c00b1Delay.exe
C:\Users\Alexander\AppData\Local\Temp\AskSLib.dll
C:\Users\Alexander\AppData\Local\Temp\avgnt.exe
C:\Users\Alexander\AppData\Local\Temp\CheatEngine62Clean.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.12.0.7335-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.12.1.7342-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.12.1.7351-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.13.0.7366-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.13.0.7376-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.14.0.7387-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.14.1.7394-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.14.2.7403-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.15.0.7430-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.15.1.7442-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.15.2.7446-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.15.3.7454-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.15.4.7479-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.16.0.7619-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.16.0.7631-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.16.0.7636-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.17.0.7639-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.17.1.7657-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.17.2.7687-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.17.3.7769-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.17.3.7977-x64.exe
C:\Users\Alexander\AppData\Local\Temp\EslWireSetup-1.17.3.8001-x64.exe
C:\Users\Alexander\AppData\Local\Temp\ffunzip.exe
C:\Users\Alexander\AppData\Local\Temp\jansi-32-git-Bukkit-1.4.7-R1.0-b2624jnks.dll
C:\Users\Alexander\AppData\Local\Temp\jansi-64-106548609565982174.dll
C:\Users\Alexander\AppData\Local\Temp\jansi-64-2429374730397241312.dll
C:\Users\Alexander\AppData\Local\Temp\jansi-64-3343832147921101711.dll
C:\Users\Alexander\AppData\Local\Temp\jansi-64-4549616038957866713.dll
C:\Users\Alexander\AppData\Local\Temp\jansi-64-git-Bukkit-1.4.7-R1.0-b2624jnks.dll
C:\Users\Alexander\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\Alexander\AppData\Local\Temp\jre-7u3-windows-i586-iftw.exe
C:\Users\Alexander\AppData\Local\Temp\jre-7u6-windows-i586-iftw.exe
C:\Users\Alexander\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Alexander\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Alexander\AppData\Local\Temp\libeay32.dll
C:\Users\Alexander\AppData\Local\Temp\libyuv.dll
C:\Users\Alexander\AppData\Local\Temp\msvcr120.dll
C:\Users\Alexander\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Alexander\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Alexander\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Alexander\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Alexander\AppData\Local\Temp\nvStereoApiI64.dll
C:\Users\Alexander\AppData\Local\Temp\nvStInst.exe
C:\Users\Alexander\AppData\Local\Temp\opus.dll
C:\Users\Alexander\AppData\Local\Temp\opusJNI.dll
C:\Users\Alexander\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Alexander\AppData\Local\Temp\somoto-master.exe
C:\Users\Alexander\AppData\Local\Temp\sonarinst.exe
C:\Users\Alexander\AppData\Local\Temp\sqlite3.dll
C:\Users\Alexander\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Alexander\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\Alexander\AppData\Local\Temp\tmp_minecraft.exe
C:\Users\Alexander\AppData\Local\Temp\vpx.dll
C:\Users\Alexander\AppData\Local\Temp\vpxJNI.dll
C:\Users\Alexander\AppData\Local\Temp\x2blapi.dll
C:\Users\Alexander\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-10-15 00:48

==================== Ende von FRST.txt ============================

--- --- ---

crtys · 23.10.2016, 14:28

FRST Additions Logfile:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-10-2016
durchgeführt von Alexander (23-10-2016 15:26:37)
Gestartet von C:\Users\Alexander\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-12-24 18:31:11)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3003065676-2518410820-2162268670-500 - Administrator - Disabled)
Alexander (S-1-5-21-3003065676-2518410820-2162268670-1000 - Administrator - Enabled) => C:\Users\Alexander
Gast (S-1-5-21-3003065676-2518410820-2162268670-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

1912 Titanic Mystery (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117897550}) (Version:  - Oberon Media)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3002 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{C97623E2-0614-4845-B199-8E8BEC8E131C}_is1) (Version: 6.1.0.40497 - Oberon Media, Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0825.2010 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 23 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 23.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.185 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Reader 9.5.2 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.2 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.22.54 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{82dc2ab6-088f-4e0a-8e27-bb829481d3bc}) (Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty: Ghosts - Multiplayer (HKLM-x32\...\Steam App 209170) (Version:  - )
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
CEVO CS:GO Client Beta version 1.0 (HKLM-x32\...\CEVO CS:GO Client Beta_is1) (Version: 1.0 - )
CheatEngine DB Toolbar Toolbar (HKLM-x32\...\CheatEngine DB Toolbar Toolbar) (Version:  - )
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.1720.15 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.1720.15 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.7713 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3009 - Acer Incorporated)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Complément Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Complemento Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Control ActiveX del Windows Live Mesh per a connexions remotes (HKLM-x32\...\{76C064E2-BB99-4453-8FDA-42BC01AD0734}) (Version: 15.4.5722.2 - Microsoft Corporation)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controle ActiveX do Windows Live Mesh para Conexões Remotas (HKLM-x32\...\{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Counter-Strike: Global Offensive - SDK (HKLM-x32\...\Steam App 745) (Version:  - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\{9580813D-94B1-4C28-9426-A441E2BB29A5}) (Version: 1.0.0.0 - Valve)
CPUID HWMonitor 1.19 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Craften Terminal 4.2.1 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 4.2.1 - Craften.de)
CyberGhost VPN (HKLM\...\CyberGhost VPN_is1) (Version:  - CyberGhost S.R.L.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Doplnok programu Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
DZLauncher version 0.1.4.2 (HKLM-x32\...\{1E299AE2-74C8-4CD8-6B17-A86E0ED3C4D2}_is1) (Version: 0.1.4.2 - Maca134)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
ESEA Client (HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\...\ESEA) (Version: 5.0.0.0 - E-Sports Entertainment LLC)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Farm Frenzy 3 Ice Age (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118399487}) (Version:  - Oberon Media)
Flip Words (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110109903}) (Version:  - Oberon Media)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free M4a to MP3 Converter 7.0 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
FRITZ!Powerline (HKLM-x32\...\{F9C9378B-78D5-4CC0-8683-B7915DFEA9C5}) (Version: 01.00.65 - AVM Berlin)
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version:  - Oberon Media)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version:  - Daybreak Game Company)
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3014 - Acer Incorporated)
IconPackager (HKLM-x32\...\IconPackager) (Version:  - Stardock Corporation)
IconPackager (x32 Version: 5.00 - Stardock Corporation) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3006 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Intel® Data Migration Software powered by Acronis (HKLM-x32\...\{BFFC2681-5F7C-45BC-981A-277A29332678}) (Version: 13.0.14134 - Intel)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java 7 Update 9 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.90 - Oracle)
Java(TM) 6 Update 29 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416029FF}) (Version: 6.0.290 - Oracle)
Java(TM) 6 Update 29 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216029FF}) (Version: 6.0.290 - Oracle)
Java(TM) 7 Update 3 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417003FF}) (Version: 7.0.30 - Oracle)
Java(TM) SE Development Kit 7 Update 2 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170020}) (Version: 1.7.0.20 - Oracle)
JavaFX 2.0.2 SDK (HKLM-x32\...\{2222706F-666A-4037-7777-202328764D10}) (Version: 2.0.2 - Oracle Corporation)
JavaFX 2.0.3 (HKLM-x32\...\{1111706F-666A-4037-7777-203328764D10}) (Version: 2.0.3 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 8.1.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.1.0 - )
Knuddels Standalone App (HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\...\Knuddels App ) (Version: "2015.12.6.0" - "Knuddels App")
Kontrola Windows Live Mesh ActiveX za daljinske veze (HKLM-x32\...\{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}) (Version: 15.4.5722.2 - Microsoft Corporation)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.519 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.519 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Assistent (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger kísérő (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Laguna (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Suradnik (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger 分享元件 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger-kumppani (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Small Business Edition 2003 (HKLM-x32\...\{91CA0407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Mozilla Firefox 14.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 14.0.1 (x86 de)) (Version: 14.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 14.0.1 - Mozilla)
MSConfig CleanUp 1.2 (HKLM-x32\...\MSConfig CleanUp_is1) (Version:  - Virtuoza)
MSI Afterburner 2.2.0 (HKLM-x32\...\Afterburner) (Version: 2.2.0 - MSI Co., LTD)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (Version: 4.0.14.11 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.11 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.11 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.11 - Egis Technology Inc.) Hidden
Mz RAM Booster (HKLM\...\MzRAMBooster_is1) (Version: 4.1.0 - Mz RAM Booster)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.12000.21.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.5.10300 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
newsXpresso (HKLM-x32\...\InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}) (Version: 1.0.0.40 - esobi Inc.)
newsXpresso (x32 Version: 1.0.0.40 - esobi Inc.) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3.3 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.82 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.82 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.12.2.60376 - Electronic Arts, Inc.)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Play withSIX (HKLM-x32\...\{42DCB650-F003-4535-A5CD-32AD815CD2DD}) (Version: 1.20.0344 - SIX Networks)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pomocnik Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Python 3.4.3 (HKLM-x32\...\{CCD588A7-8D55-49F1-A30C-47FAB40889ED}) (Version: 3.4.16490 - Python Software Foundation)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Razer BlackWidow (HKLM-x32\...\{53744FB0-7D1E-4572-B544-C230E6D23E2C}) (Version: 1.04.04 - Razer USA Ltd.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.36.1224.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6242 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.1 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.1 - VS Revo Group, Ltd.)
SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.69 - NVIDIA Corporation) Hidden
Shredder (Version: 2.0.8.7 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.7 - Egis Technology Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.10.9560 - Skype Technologies S.A.)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\...\Spotify) (Version: 1.0.39.157.g674ae377 - Spotify AB)
Spremljevalec Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Sprill and Ritchie (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-117932650}) (Version:  - Oberon Media)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.2.927.31327 - SteelSeries)
Stellar Phoenix Windows Data Recovery-Home (HKLM-x32\...\Stellar Phoenix Windows Data Recovery-Home_is1) (Version: 4.2.0.0 - Stellar Information Systems Ltd)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version:  - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.55321 - TeamViewer)
Theme Resource Changer X64 v1.0 (HKLM\...\Theme Resource Changer X64 v1.0) (Version:  - Bad Ass Apps)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Universal AntiCheat 3 v1.072 R3 (HKLM-x32\...\{99BEB67F-B288-44F5-8B2A-23F5A52FA1AE}_is1) (Version:  - DExUS)
Urruneko konexioetarako Windows Live Mesh ActiveX kontrola (HKLM-x32\...\{7BA6DF02-B094-45D7-A3C9-BE3684253922}) (Version: 15.4.5722.2 - Microsoft Corporation)
UxStyle Core Beta (HKLM\...\{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}) (Version: 0.2.1.1 - The Within Network, LLC)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
VpnOneClick (HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\...\31dfee6c296bca85) (Version: 1.3.6.24 - VpnOneClick)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3102 - Acer Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.01 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
yEd Graph Editor 3.14.4 (HKLM-x32\...\3309-7404-0599-8908) (Version: 3.14.4 - yWorks GmbH)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Компаньон Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Помощник на Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
מסייע Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים (HKLM-x32\...\{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}) (Version: 15.4.5722.2 - Microsoft Corporation)
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
ตัวควบคุม ActiveX ใน Windows Live Mesh สำหรับการเชื่อมต่อระยะไกล (ไทย) (HKLM-x32\...\{A2EDAEEB-C981-46D5-8163-CF8F5F640EEE}) (Version: 15.4.5722.2 - Microsoft Corporation)
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Alexander\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Alexander\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Alexander\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Alexander\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Alexander\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Alexander\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Alexander\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Alexander\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Alexander\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Alexander\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Alexander\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Alexander\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Alexander\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Alexander\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Alexander\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {16F4BBB4-39E0-4DD8-883E-61467B147AEB} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3003065676-2518410820-2162268670-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {1B900859-F11D-4246-B98C-A54810DB5489} - System32\Tasks\AdobeAAMUpdater-1.0-Alexander-PC-Alexander => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {3203BBB3-1EFF-4E9E-B303-604E09D7038F} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation)
Task: {4AB4A481-174D-405F-B578-2FDF0C5902F5} - System32\Tasks\{E7B81D0D-774C-4507-84ED-5DA5448C07B6} => pcalua.exe -a "C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WO1AUIO2\jre-6u30-windows-i586-iftw[1].exe" -d C:\Users\Alexander\Desktop
Task: {524FB229-EBF5-40B9-BA03-6BA552231B1E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3003065676-2518410820-2162268670-1000Core => C:\Users\Alexander\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {54B9C276-7539-46B7-B8D2-27ED9C667F9C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {61CB2EAB-96FA-4373-B8E2-D11C9724546D} - System32\Tasks\{ADC4175B-DDD4-4AF2-AE0E-E4FB9C56FF44} => pcalua.exe -a C:\Users\Alexander\AppData\Local\Temp\Shortcut_SweetImSetup.exe -d C:\Users\Alexander\Desktop -c -Shortcut <==== ACHTUNG
Task: {67E42748-3E0B-4A99-8C48-98C195759440} - System32\Tasks\{F600150F-FA83-4A5F-BE04-243E7C929453} => pcalua.exe -a "C:\Program Files (x86)\Fotosizer\uninst.exe"
Task: {74530036-F69C-4315-891A-52E95BDED6B7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {763D3510-53C1-48BD-9EF6-577CB49B9441} - System32\Tasks\{F9EBEBC8-165C-481D-99D4-90045C9C3FB6} => pcalua.exe -a C:\Users\Alexander\Desktop\ARMA2_Build_86734.exe -d C:\Users\Alexander\Desktop
Task: {7CEAD4D2-F4FD-461B-96A1-DB20C916C281} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-11] (Adobe Systems Incorporated)
Task: {84096150-E3A6-4AD1-B694-41E89E7DEF82} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3003065676-2518410820-2162268670-1000UA => C:\Users\Alexander\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {90E25BE0-B2CB-47F7-A786-07F865F5341C} - System32\Tasks\{2608C157-E628-4F04-B02B-C8DC063F47B7} => pcalua.exe -a C:\Users\Alexander\Desktop\A2CO_ACR_LITE.exe -d C:\Users\Alexander\Desktop
Task: {AAB68693-DF4C-42B6-A894-D023E4347C47} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {B51BCF7E-3D06-4E36-8123-BC41739A67D4} - System32\Tasks\{64C53681-7780-46F6-B4A1-20AC5A97A5F6} => pcalua.exe -a C:\Users\Alexander\Downloads\InstallIW4M(2).exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {BC813FD6-0CAB-4ED8-8562-B7FBF08B59B1} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-05-20] (Acer Incorporated)
Task: {C79E3D4B-BB61-4BB9-B36A-26066A1B8EA7} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-05-20] (CyberLink Corp.)
Task: {E18D0AA6-5454-4173-B31D-55B64BA65DF1} - System32\Tasks\{4A9743DD-802B-4DF1-8309-1BEA3B7AE4BE} => pcalua.exe -a C:\Users\Alexander\Desktop\Alex\Minecraft\mod\INSTALLER.exe -d C:\Users\Alexander\Desktop\Alex\Minecraft\mod
Task: {E74D1750-6404-4BB5-9D76-B98EE20F620A} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3003065676-2518410820-2162268670-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {FB17DD3E-F992-4B92-A902-B7B576F241AF} - System32\Tasks\{551CFA7D-1A19-4491-A480-2EF61F761D80} => pcalua.exe -a "C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1BUNQY0K\wmp11-windowsxp-x86-DE-DE.exe" -d C:\Users\Alexander\Desktop
Task: {FDE6C85B-EAFE-44F9-B2EA-687D8FCE77F5} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-05-20] (CyberLink)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3003065676-2518410820-2162268670-1000Core.job => C:\Users\Alexander\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3003065676-2518410820-2162268670-1000UA.job => C:\Users\Alexander\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Meine Websites auf MSN\target.lnk -> hxxp://www.msnusers.com

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-04-22 01:07 - 2016-04-22 01:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2009-01-22 01:45 - 2009-01-22 01:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2011-12-25 16:58 - 2011-05-28 23:05 - 00164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2012-05-02 13:55 - 2013-03-20 16:14 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2009-12-14 04:19 - 2009-12-09 11:24 - 00076320 _____ () C:\OEM\USBDECTION\USBS3S4Detection.exe
2016-05-11 22:59 - 2016-05-11 22:59 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\f1b815cf32572cea383bc47659c174fa\IsdiInterop.ni.dll
2011-09-23 13:39 - 2010-11-05 23:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2016-10-01 15:06 - 2016-09-25 05:47 - 01805416 _____ () C:\Users\Alexander\AppData\Local\Google\Chrome\Application\53.0.2785.143\libglesv2.dll
2016-10-01 15:06 - 2016-09-25 05:47 - 00093288 _____ () C:\Users\Alexander\AppData\Local\Google\Chrome\Application\53.0.2785.143\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:2430E4FC [118]
AlternateDataStreams: C:\ProgramData\Temp:5925E400 [286]
AlternateDataStreams: C:\ProgramData\Temp:5D458568 [129]
AlternateDataStreams: C:\ProgramData\Temp:C3AE45C9 [236]
AlternateDataStreams: C:\ProgramData\Temp:E79EFDA4 [129]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

HKLM\...\regfile\DefaultIcon: C:\Users\Alexander\Desktop\Alex\Camos\JONGHYUNPARK\JONGHYUNPARK Icon 59.ico,0 <===== ACHTUNG
HKLM\...\batfile\DefaultIcon: C:\Users\Alexander\Desktop\Alex\Camos\JONGHYUNPARK\JONGHYUNPARK Icon 52.ico,0 <===== ACHTUNG

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupreg: (default) => 
MSCONFIG\startupreg: ArcadeMovieService => "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
MSCONFIG\startupreg: iTunesHelper => "D:\Programme (x99)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "D:\Programme (x99)\hamachi-2-ui.exe" --auto-start

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{11B37EE8-722D-45C2-A13F-861082A7D288}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{5DCDB6D6-979E-42D7-811B-50E35607523B}] => (Allow) LPort=2869
FirewallRules: [{84D2A64A-DBB7-4E09-9DD0-A9830C6821B3}] => (Allow) LPort=1900
FirewallRules: [{1F2D7344-0165-45BB-921F-3811E810F9C3}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{08454C0D-24D8-42DC-9448-A6FCE23C087B}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe
FirewallRules: [{E47852FB-BE70-4FFD-B4E6-831A35AA5FE1}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
FirewallRules: [{5D2A53C0-FBA4-49D4-A651-973168DF209B}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{0FB49CBC-A0A5-4ED7-8F6F-4D692480F99B}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{0A9A7DE2-E49B-4711-B09A-C759B8966499}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{E14135B9-CF38-4196-9F49-0B9A9D5A0530}] => (Block) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{F6910992-68E9-4EE9-A3D7-FDA37105C208}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\Movie\TouchMovie.exe
FirewallRules: [{C7B6C3C2-935D-4E7B-84D6-7F457B0AB577}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\Movie\TouchMovieService.exe
FirewallRules: [TCP Query User{2639F414-6097-4275-A11B-A6B19AB91444}C:\users\alexander\downloads\aiw-client\iw4mp.exe] => (Allow) C:\users\alexander\downloads\aiw-client\iw4mp.exe
FirewallRules: [UDP Query User{A1F3085E-699D-4613-B8C8-E8A220E9C266}C:\users\alexander\downloads\aiw-client\iw4mp.exe] => (Allow) C:\users\alexander\downloads\aiw-client\iw4mp.exe
FirewallRules: [{A3C80165-34BE-49BE-9F96-7DE8F5EB6FA7}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BE4ABCF0-F475-427B-AA08-1C74183149CC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{93D9BF25-6372-4C2B-905B-AA1B580CC085}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{05C8D030-B884-4F28-912C-1F66C5F56877}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{250AD765-5378-4777-9761-B67E1C80CDDA}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A3A3541D-B49F-4F4F-990B-FD3218CC4DBF}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{38F67701-EFB5-451D-9F3D-4B62968899F8}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{62863EC2-781C-4BC0-B284-D96A3CE567CB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{87701C54-6956-4DEC-AB29-2ABDD153E298}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{99C43397-2A1D-45BD-8A33-DF9FED8640CB}] => (Allow) C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K2QSK8CH\crossfire_downloader.exe
FirewallRules: [{A88A688B-0632-4626-AACB-6B3C5995BB4B}] => (Allow) C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K2QSK8CH\crossfire_downloader.exe
FirewallRules: [TCP Query User{21E3C54B-2D8A-4311-8604-9DEBE6C5A601}C:\users\alexander\desktop\call of duty modern warfare 2\iw4mpold.exe] => (Allow) C:\users\alexander\desktop\call of duty modern warfare 2\iw4mpold.exe
FirewallRules: [UDP Query User{720A90DA-E868-4AB0-ACA3-BF9F40683E0B}C:\users\alexander\desktop\call of duty modern warfare 2\iw4mpold.exe] => (Allow) C:\users\alexander\desktop\call of duty modern warfare 2\iw4mpold.exe
FirewallRules: [TCP Query User{B52B6B45-9065-4489-ACA4-82E0C38BB99F}C:\users\alexander\desktop\call of duty modern warfare 2\iw4mp.dat] => (Allow) C:\users\alexander\desktop\call of duty modern warfare 2\iw4mp.dat
FirewallRules: [UDP Query User{44DD3608-6BDF-44D4-B40A-C8767209AAE6}C:\users\alexander\desktop\call of duty modern warfare 2\iw4mp.dat] => (Allow) C:\users\alexander\desktop\call of duty modern warfare 2\iw4mp.dat
FirewallRules: [TCP Query User{D6697613-2E88-4B57-95C7-6AF1B171D011}C:\users\alexander\desktop\alteriwnet\iw4mpold.exe] => (Allow) C:\users\alexander\desktop\alteriwnet\iw4mpold.exe
FirewallRules: [UDP Query User{02980F90-6D1C-4A3E-AA6B-C9E8B4EC2FCA}C:\users\alexander\desktop\alteriwnet\iw4mpold.exe] => (Allow) C:\users\alexander\desktop\alteriwnet\iw4mpold.exe
FirewallRules: [{CFA4A440-EDB1-49DD-8C06-2EE3E2F855EF}] => (Block) C:\users\alexander\desktop\alteriwnet\iw4mpold.exe
FirewallRules: [{888DAEE4-3683-4241-B70E-D4E2557C5B9B}] => (Block) C:\users\alexander\desktop\alteriwnet\iw4mpold.exe
FirewallRules: [{68D529C6-DBC7-4BA0-8D81-3DD4EEA4E95B}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
FirewallRules: [{B228FB4C-A75B-4C2B-B945-9DA8CEFA6E0E}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
FirewallRules: [{6E69BA96-2073-41C4-9FB5-B30EB3EA6169}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE
FirewallRules: [{8ACBD037-0D8E-4BAD-B211-DA70443B0FDA}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE
FirewallRules: [{4B10E267-9A3F-4F94-AB69-E7931B1184E7}] => (Allow) C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
FirewallRules: [{EE94E8F3-C3F4-438D-A7CA-176D155B9FEE}] => (Allow) C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe
FirewallRules: [{B1030E1B-1715-4F21-A72F-D3F2754E6A2E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\xicefac\counter-strike source\hl2.exe
FirewallRules: [{C6E7E5E1-72C5-47B7-A846-709EC2BCDF05}] => (Allow) C:\Program Files (x86)\Steam\steamapps\xicefac\counter-strike source\hl2.exe
FirewallRules: [{3CECB255-48E7-4740-856B-89352EC6AAC5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [{741014AF-5B42-44BC-84F6-0B839E9D860E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [{6CC0F9D0-2497-4598-BEFE-1647E58D05CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{768230ED-C9E8-43C7-AA0C-32CD4F709DF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{28E0D2CA-66B3-41F0-A18F-418CB3BAD019}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe
FirewallRules: [{078CF807-36C5-41AD-8528-CC461347BFBB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\call of duty modern warfare 3\iw5mp_server.exe
FirewallRules: [{5402083D-9F7C-4094-AABE-5E31937ABFFF}] => (Allow) D:\Programme\Steam.exe
FirewallRules: [{68B67299-1E5A-4C64-BF4B-871E2C81332F}] => (Allow) D:\Programme\Steam.exe
FirewallRules: [{5588B6AE-8EE6-4981-BCB2-D7CA3A1873E2}] => (Allow) D:\Programme\SteamApps\common\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [{BAB1AF33-BA7A-4C99-B8CF-891201F17893}] => (Allow) D:\Programme\SteamApps\common\call of duty modern warfare 3\iw5sp.exe
FirewallRules: [{43AC3671-2617-4198-B471-EB8AB698D3EB}] => (Allow) D:\Programme\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{7012D4B8-201C-42B6-B03F-1D3770A0B1CA}] => (Allow) D:\Programme\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{70B6EECC-4019-4CB3-950C-26158FE227F0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{D8AFCDB5-BFB7-448C-9B1D-C052987957B0}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{534563B6-4DF7-434C-AAC4-793DA2D60777}] => (Allow) D:\Programme2\ACBMP.exe
FirewallRules: [{04BFBF78-F2D6-4DC2-8103-D129E7A8B19C}] => (Allow) D:\Programme2\ACBMP.exe
FirewallRules: [TCP Query User{9D890753-B05F-413E-B5BA-DFE19C05E371}C:\users\alexander\desktop\alex\alles\client\metin2client.bin] => (Block) C:\users\alexander\desktop\alex\alles\client\metin2client.bin
FirewallRules: [UDP Query User{FD0AB0AD-E6D4-415D-A8F5-A88165FFCBAC}C:\users\alexander\desktop\alex\alles\client\metin2client.bin] => (Block) C:\users\alexander\desktop\alex\alles\client\metin2client.bin
FirewallRules: [TCP Query User{5C30104A-7173-44D6-AF29-503CB087A3CB}D:\metin2\metin2client.bin] => (Allow) D:\metin2\metin2client.bin
FirewallRules: [UDP Query User{B3D9DD47-E053-4202-9B78-D62F43613F31}D:\metin2\metin2client.bin] => (Allow) D:\metin2\metin2client.bin
FirewallRules: [TCP Query User{7376956B-D8B0-4B26-838A-EC0566745C17}D:\steam\steam.exe] => (Allow) D:\steam\steam.exe
FirewallRules: [UDP Query User{E7B32F09-8043-4C91-B7FD-2E2998B3FDFD}D:\steam\steam.exe] => (Allow) D:\steam\steam.exe
FirewallRules: [TCP Query User{94241255-E9C5-4802-BD75-5F1B4A661D11}D:\steam\steamapps\xicefac\counter-strike source\hl2.exe] => (Allow) D:\steam\steamapps\xicefac\counter-strike source\hl2.exe
FirewallRules: [UDP Query User{E4C2D444-76E5-4390-832F-D432673D22C4}D:\steam\steamapps\xicefac\counter-strike source\hl2.exe] => (Allow) D:\steam\steamapps\xicefac\counter-strike source\hl2.exe
FirewallRules: [TCP Query User{79629F07-24ED-4576-A9CD-28A7AB243D60}C:\users\alexander\desktop\hardcore reloadedv3_7\hardcore reloaded\.hardcore reloaded.exe] => (Allow) C:\users\alexander\desktop\hardcore reloadedv3_7\hardcore reloaded\.hardcore reloaded.exe
FirewallRules: [UDP Query User{4F5C4894-9318-4ADA-90B5-9467F0417DB5}C:\users\alexander\desktop\hardcore reloadedv3_7\hardcore reloaded\.hardcore reloaded.exe] => (Allow) C:\users\alexander\desktop\hardcore reloadedv3_7\hardcore reloaded\.hardcore reloaded.exe
FirewallRules: [TCP Query User{CF26E399-0322-4458-844A-2AB1912E63C5}D:\ac brotherhood\acbsp.exe] => (Block) D:\ac brotherhood\acbsp.exe
FirewallRules: [UDP Query User{41916CC5-7B4A-4D96-8182-3C8D9B557B0A}D:\ac brotherhood\acbsp.exe] => (Block) D:\ac brotherhood\acbsp.exe
FirewallRules: [TCP Query User{452CC1AC-03E5-4324-B07F-D3017B501722}D:\ac brotherhood\acbmp.exe] => (Block) D:\ac brotherhood\acbmp.exe
FirewallRules: [UDP Query User{D1ACE826-B119-4B7A-89F1-D3EE75D0B70D}D:\ac brotherhood\acbmp.exe] => (Block) D:\ac brotherhood\acbmp.exe
FirewallRules: [{A66982B2-3A6F-4DE2-A60B-EF0DF46917E5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.524\Agent.exe
FirewallRules: [{13E66A56-E0E0-4ADD-BF95-FBC4F1636FD7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.524\Agent.exe
FirewallRules: [{EDC2A62B-4D04-4447-90E8-3A2C4AD625A1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.998\Agent.exe
FirewallRules: [{806B8396-1312-48CC-BE8A-1CA19C67753B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.998\Agent.exe
FirewallRules: [{EB446500-8CFE-4756-94EB-0AEEA092D8C9}] => (Allow) D:\Diablo 3\Diablo III\Diablo III.exe
FirewallRules: [{6F254EB4-F1B9-4FD8-ACC3-1E629729A5CE}] => (Allow) D:\Diablo 3\Diablo III\Diablo III.exe
FirewallRules: [{0EC3F332-7B28-4F52-B2E8-593E997A0FA0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3DE41F0A-DA6B-489E-8EEE-5CDC64FA9ADC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe
FirewallRules: [{F33C8FF8-519B-46CD-ACA7-EA48CC0E1424}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe
FirewallRules: [TCP Query User{20CF77C0-70FC-4843-A220-8A2A52F25511}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{240944AD-B0BA-4EC8-A869-B7C7CD69990E}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{D762CDF3-F9B5-4735-8B48-88323F223DC7}] => (Allow) C:\Users\Alexander\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{A07FE029-7065-47D7-87CD-5B995B236053}] => (Allow) C:\Users\Alexander\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [TCP Query User{3BA88FB7-8F2A-4D99-8987-181B967149C6}C:\users\alexander\appdata\local\iw4m\iw4m.dat] => (Allow) C:\users\alexander\appdata\local\iw4m\iw4m.dat
FirewallRules: [UDP Query User{629FEDEB-CC22-4E3D-9761-D7FE8FF0354C}C:\users\alexander\appdata\local\iw4m\iw4m.dat] => (Allow) C:\users\alexander\appdata\local\iw4m\iw4m.dat
FirewallRules: [{278B8092-A57F-4BB3-B085-74C0B2D6A746}] => (Allow) D:\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe
FirewallRules: [{A7C23C0C-6DF3-4EDD-AD13-967BCF689D6D}] => (Allow) D:\Steam\SteamApps\common\call of duty black ops\BlackOpsMP.exe
FirewallRules: [{D9C9541C-3949-4375-B9EE-4421CB1D2FF1}] => (Allow) D:\Steam\SteamApps\common\call of duty black ops\BlackOps.exe
FirewallRules: [{BEA37671-A113-451A-BA05-42CC8E034BFA}] => (Allow) D:\Steam\SteamApps\common\call of duty black ops\BlackOps.exe
FirewallRules: [{6309D003-1583-45A6-8FC2-F1A6EC1CCBCB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1199\Agent.exe
FirewallRules: [{C7349C5F-BBD2-4353-9E64-E75346B43B0D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1199\Agent.exe
FirewallRules: [{9EFDF5EF-6558-43AB-A13F-1B772F969C19}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1225\Agent.exe
FirewallRules: [{2427B07F-9857-4639-9A87-E32D964434FA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1225\Agent.exe
FirewallRules: [{82780407-CDDC-43F3-AEE0-A361E878EAA2}] => (Allow) D:\Steam\SteamApps\common\Hearts of Iron 3\hoi3game.exe
FirewallRules: [{11F9D909-C586-4BBB-9334-A5384ED14F86}] => (Allow) D:\Steam\SteamApps\common\Hearts of Iron 3\hoi3game.exe
FirewallRules: [{F9B1E56D-5E5D-4686-890C-96950B585983}] => (Allow) C:\Users\Alexander\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{572AE503-7ABD-4082-8CDA-7B0E00118983}] => (Allow) C:\Users\Alexander\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{9779655B-4BB3-4803-BA87-30FB9BDDE507}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{09D8CD44-15DD-49AD-BA81-42BC6DB85B9B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [TCP Query User{840971A2-2E17-444A-AC4D-9B607AE80AA2}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [UDP Query User{2CC0A5F8-5F5A-448A-B6EF-6937DF37B790}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [TCP Query User{016B7506-1A2A-46BC-8A64-2DA361A69D43}D:\arma2\bohemia interactive\expansion\beta\arma2oa.exe] => (Allow) D:\arma2\bohemia interactive\expansion\beta\arma2oa.exe
FirewallRules: [UDP Query User{E987A6D1-B8A6-4376-B506-77343DEF930E}D:\arma2\bohemia interactive\expansion\beta\arma2oa.exe] => (Allow) D:\arma2\bohemia interactive\expansion\beta\arma2oa.exe
FirewallRules: [{4F6201E8-7F3E-4DE4-A932-955426AAE704}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [{3C2D8378-4718-4A50-9CB4-335859AB1211}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [TCP Query User{EF961A84-4B92-419F-B0B7-494ED46A2327}C:\users\alexander\desktop\call of duty modern warfare 2\iw4mp.exe] => (Allow) C:\users\alexander\desktop\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [UDP Query User{7B370C56-195E-4E11-B90B-8AAB436B0E0B}C:\users\alexander\desktop\call of duty modern warfare 2\iw4mp.exe] => (Allow) C:\users\alexander\desktop\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [TCP Query User{1320D23D-35BC-4579-9150-BCC1866B17F2}D:\programme (x99)\world_of_tanks\wotlauncher.exe] => (Allow) D:\programme (x99)\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{38CE596B-E1C9-4533-844F-E04B309D71E5}D:\programme (x99)\world_of_tanks\wotlauncher.exe] => (Allow) D:\programme (x99)\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{312C8FDA-AB39-4C9C-9613-9EF33F804785}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{93C8C97F-221F-4532-A6A9-20ADC0DC0386}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{C7E0431E-3C23-4335-BD42-63B43B3D914B}D:\arma2 - dayz\bohemia interactive\expansion\beta\arma2oa.exe] => (Allow) D:\arma2 - dayz\bohemia interactive\expansion\beta\arma2oa.exe
FirewallRules: [UDP Query User{2F0EC599-B195-43B7-87FD-EF09E0E8DA9F}D:\arma2 - dayz\bohemia interactive\expansion\beta\arma2oa.exe] => (Allow) D:\arma2 - dayz\bohemia interactive\expansion\beta\arma2oa.exe
FirewallRules: [{848FBB67-D08A-40FC-96D0-96E4326DA2CD}] => (Allow) D:\Arma2 - DayZ\Bohemia Interactive\ArmA 2 Operation Arrowhead\arma2OA.exe
FirewallRules: [{A15A89C2-E103-4F02-A72B-AA92A15A107D}] => (Allow) D:\Arma2 - DayZ\Bohemia Interactive\ArmA 2 Operation Arrowhead\arma2OA.exe
FirewallRules: [TCP Query User{E4720107-7120-4CA8-AA68-391DDEC38F59}D:\arma2 - dayz\bohemia interactive\arma 2 operation arrowhead\expansion\beta\arma2oa.exe] => (Allow) D:\arma2 - dayz\bohemia interactive\arma 2 operation arrowhead\expansion\beta\arma2oa.exe
FirewallRules: [UDP Query User{5E572369-B369-4E35-831A-80643B2D7189}D:\arma2 - dayz\bohemia interactive\arma 2 operation arrowhead\expansion\beta\arma2oa.exe] => (Allow) D:\arma2 - dayz\bohemia interactive\arma 2 operation arrowhead\expansion\beta\arma2oa.exe
FirewallRules: [{1E56AB9A-48ED-4324-996F-B5292571B787}] => (Allow) D:\Arma2 - DayZ\Bohemia Interactive\arma2.exe
FirewallRules: [{8185073F-A686-4567-933D-EFE64727E7A6}] => (Allow) D:\Arma2 - DayZ\Bohemia Interactive\arma2.exe
FirewallRules: [{982F9DB2-2D26-43DC-87F4-0E2664EE99C8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{0B6C45E3-FA18-4801-933B-651E9009D0AF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{21417770-763A-46F7-8A8E-CEAA18D47305}] => (Allow) D:\Steam\SteamApps\common\ArcticCombat\System\ArcticCombat.exe
FirewallRules: [{9B768081-A495-4B84-9E47-AD998E96545B}] => (Allow) D:\Steam\SteamApps\common\ArcticCombat\System\ArcticCombat.exe
FirewallRules: [{74CDEED9-27BC-435E-AEAC-AADEBD228A1A}] => (Allow) D:\Arma2 - DayZ\Bohemia Interactive\arma2OA.exe
FirewallRules: [{875E914B-3845-496D-85BF-84FA6C732001}] => (Allow) D:\Arma2 - DayZ\Bohemia Interactive\arma2OA.exe
FirewallRules: [{54AE7469-1944-415C-A115-BCA1DCC2DB1A}] => (Allow) D:\Steam\SteamApps\common\Arma 2 Operation Arrowhead\BEsetup\Setup_BattlEyeARMA2OA.exe
FirewallRules: [{295955CA-E7DC-4DA3-9837-913B388283B4}] => (Allow) D:\Steam\SteamApps\common\Arma 2 Operation Arrowhead\BEsetup\Setup_BattlEyeARMA2OA.exe
FirewallRules: [TCP Query User{099605B3-3FC0-4212-BD26-83D3F87DB310}D:\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe] => (Allow) D:\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe
FirewallRules: [UDP Query User{EB0AF3F7-5BB7-4453-A24A-6481C7F818AF}D:\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe] => (Allow) D:\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe
FirewallRules: [{7AB50D9E-6FB2-4A61-AE85-37A1DCDF9C3B}] => (Allow) fifa.exe
FirewallRules: [{D6A828C5-AED2-43B3-9518-E2C6C6EC7020}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe
FirewallRules: [{F347A783-6AA6-4ADA-A6A0-FF2B1ABCFDDF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe
FirewallRules: [{820E099B-948E-427E-BEFD-B0EB7B15D283}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{194923B8-CEC0-4579-BEDC-5BCCBE03ACD3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [TCP Query User{A14A7EDC-BE9E-48C3-BB73-84D8BCB17B21}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [UDP Query User{81E40875-F9BC-43B8-BE94-079165990173}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe
FirewallRules: [TCP Query User{CB0DBF1F-F785-45C9-ADC0-B4DF2598CD17}C:\users\alexander\desktop\playworld3\playworld 3 2011 client1\playworld3.exe] => (Allow) C:\users\alexander\desktop\playworld3\playworld 3 2011 client1\playworld3.exe
FirewallRules: [UDP Query User{E4E5FA7E-20C4-4ECB-A6C3-1C5F8597A595}C:\users\alexander\desktop\playworld3\playworld 3 2011 client1\playworld3.exe] => (Allow) C:\users\alexander\desktop\playworld3\playworld 3 2011 client1\playworld3.exe
FirewallRules: [{D7434D54-4C0C-45B3-8A18-9C77AC40497E}] => (Allow) D:\Programme (x99)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{EF25DEC2-7552-4B9C-B8B0-C06EFE83498A}] => (Allow) D:\Programme (x99)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{F0AD11D0-E78D-4D9F-956B-5443D0DE9CE1}] => (Allow) D:\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [{88D81FE2-6E69-4C94-AE8C-83906B471C45}] => (Allow) D:\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [{921DAA95-C337-4130-9059-1F7C14D51A91}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E06E2A82-C34C-44B7-9B39-468390561965}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{55DA2052-9739-4C1C-92B1-ACDF89605D3E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4FBA0A98-1ABF-49BC-8540-854FEADF2889}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6E360B78-9EF9-4611-8E39-B0BF592E4F2D}] => (Allow) D:\Steam\SteamApps\common\ArcticCombat\GameLauncher_GP\MappingAccount.exe
FirewallRules: [{72372A08-02FB-413F-BBB6-23E09210A7B0}] => (Allow) D:\Steam\SteamApps\common\ArcticCombat\GameLauncher_GP\MappingAccount.exe
FirewallRules: [{00FDB5DB-FE2F-459D-9050-2EEB190D7CA9}] => (Allow) D:\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{42EB7755-743B-4552-9217-87C739169C2F}] => (Allow) D:\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{E0222DFB-66AF-43B4-BCEE-BBE03B78F34C}] => (Allow) D:\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{5475C8CE-DA00-4B90-9164-E9F6A2E49E7E}] => (Allow) D:\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp.exe
FirewallRules: [{5CA43B98-28E7-4265-9263-AAE4E69A410B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{E27741F2-E1CA-4992-821D-EDFDDCE9B2B3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{A64E4B60-9D01-4914-9916-06D868E492FF}] => (Allow) D:\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe
FirewallRules: [{805ADEC0-8575-4DCA-919D-63858B974987}] => (Allow) D:\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\UDK.exe
FirewallRules: [TCP Query User{DDD0FE48-22FC-494A-ABE8-9A6B4D123BF0}D:\steam\steamapps\common\arma 2 operation arrowhead\arma2oaserver.exe] => (Allow) D:\steam\steamapps\common\arma 2 operation arrowhead\arma2oaserver.exe
FirewallRules: [UDP Query User{E345C5F3-A646-4A69-BFF0-78AAF493CE14}D:\steam\steamapps\common\arma 2 operation arrowhead\arma2oaserver.exe] => (Allow) D:\steam\steamapps\common\arma 2 operation arrowhead\arma2oaserver.exe
FirewallRules: [TCP Query User{A9C0B9D4-B10F-4D80-8230-0DBD85639F53}C:\users\alexander\documents\arma 2\expansion\beta\arma2oa.exe] => (Block) C:\users\alexander\documents\arma 2\expansion\beta\arma2oa.exe
FirewallRules: [UDP Query User{0CB53001-E326-4FD2-98CE-5ADA8AF5DF1B}C:\users\alexander\documents\arma 2\expansion\beta\arma2oa.exe] => (Block) C:\users\alexander\documents\arma 2\expansion\beta\arma2oa.exe
FirewallRules: [{96970053-3D6D-4114-A4AE-BC0B821B353A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{7BDB3637-C400-4C5C-B4F1-874C67B6BE0B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{91B5B8BA-E5F9-4386-BFBD-35F922D43933}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B9A0ECD9-7ED8-480F-80F1-5892B5E7195A}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{1CDC86F9-1356-4E07-B1ED-93939D1BEE33}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{D3C77103-08EF-44F5-A212-1165A559C965}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{B59B436D-DCD6-4F26-9424-1744ED62C016}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{C8F336C4-4AD9-4FB1-A3A3-2BB7FC5F7BF7}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{1A00A399-8336-49F8-93F7-781410F67D98}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{5FA72236-DF42-4C6D-8B06-5D636820E4D6}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{252757E9-A758-4295-BBB4-F7CF34B75854}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{BA82A20A-E557-4E34-A1AB-D4D64C5000EF}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{7F1EEA55-10DA-46A1-A826-1E1EA4B67468}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{3107F490-628C-4718-906A-A09C941BF63A}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{01A28543-4F7E-4EEB-8D76-C3A2242CDD3C}] => (Allow) D:\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{7D9B3FD9-11D5-4342-8BFA-BBF267791F95}] => (Allow) D:\Steam\SteamApps\common\Call of Duty Ghosts\iw6sp64_ship.exe
FirewallRules: [{E0BE91CF-FB8E-43DD-B322-8BAE7AAD20EA}] => (Allow) D:\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{47D35828-89CE-4F67-B590-64D89035A2B7}] => (Allow) D:\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{EADA7B16-690A-476A-B803-FA7F3C9CD9E6}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{B6519F2D-B925-4471-B594-D462F60E703F}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{41523347-F568-43FD-913D-D3D1D9D2EF47}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{764A027B-ADEA-4F0F-A562-7B030F815CFB}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{218C8882-AD53-4690-872F-A76132CF1F6A}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{3A12664B-4D8E-4B76-85AD-D05F11ED7AA2}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{4624B943-0D26-4F95-B825-5D7CC86E2EB5}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{C9BBAB24-94AD-4C56-83BB-D74E8762ED49}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{4E643594-62BE-41A3-B59F-2644A40ECD1C}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{4C7FF4F2-8355-495E-BC1C-26DED14E52C2}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{D72017CE-6004-49E2-91AE-90B66D9E7CE6}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{3B0DF9B1-8EA9-45DB-AE51-D4411F1A2064}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{9B8D8FD4-0775-4C10-AFFD-D50E927BF4E1}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{59583278-B152-49F0-B7FF-41A64E1443A9}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E57795CD-10C7-42D0-9EA4-39D38269B763}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{F2A13349-BEA6-4D80-8B0A-B3612E180B58}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{0F786D6A-88C9-4EAB-A235-BB93A68AF1F3}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{849C25E4-3DAE-4B16-8976-79770CC6B0CB}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{CD4C2ECE-2F75-446E-8721-B8B9333FB90B}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{30A77D75-C658-4821-88F4-3357E8BBD45F}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B3CD5C04-75F2-4023-9458-51BB5A1A41FA}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{885CC271-11CB-431F-9084-8A44CAE15195}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{EB94D0CC-5823-4243-842C-A91A3F3CD345}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{18C8C8EC-BA7B-47A3-A9CD-25ED63195E2A}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{5584E3F6-A005-4B0D-A12D-D7E154C564AA}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{1D72EE50-4D09-4F5B-B6FD-5F0242D5AA18}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{CBD36018-EC58-4AEE-AF79-7A0812F579E3}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{DA529D03-8563-4EB5-9033-018A6BB24EAF}] => (Allow) D:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{9F5D749E-A7FA-47C5-B68B-E3157646D320}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{12323ED7-8830-49AF-968A-7BA19F4A9322}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{6E8359A1-7EAE-48AA-8B0F-4813CE97481A}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{B72C798C-0D3E-49E1-889A-9607DB3C8681}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{294889F6-ABBE-4195-B481-39096FD5490A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{3063E471-ABB5-4E3D-94B4-7205FF87B1C8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [TCP Query User{7ABB6FC9-30A1-44C3-B420-2518F5BE33F7}D:\steam\steamapps\common\dayz\dayz.exe] => (Allow) D:\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{F6E6EB79-249A-4C09-9FBF-6B859873E0C4}D:\steam\steamapps\common\dayz\dayz.exe] => (Allow) D:\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{753C94CD-8357-4972-97DC-3C023F044C23}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{40DB2DBB-680D-46B4-87CD-F184A50AE873}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A599D328-9F97-4106-9A43-F02F5E7E773F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{E579C137-B1DB-47B3-8AE2-2A45A4ADE9E7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{55C18A11-75F6-4006-A293-B3E0A5433786}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B037B852-6913-477E-80CE-BEADF5B33D3C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{12C73306-2075-47A3-9E16-BD097007DA7F}] => (Allow) D:\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp_server.exe
FirewallRules: [{6A99606B-177B-4D5F-A7A0-44290444C925}] => (Allow) D:\Steam\SteamApps\common\call of duty modern warfare 3\iw5mp_server.exe
FirewallRules: [{ED770A14-271D-412C-96C3-ACB645F2C1C0}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{C9CB2DA9-5478-4677-AA1B-027A083D2C57}] => (Allow) D:\Steam\SteamApps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [TCP Query User{CB5C0FDC-934C-4417-B7F7-E757A0DCDC24}C:\users\alexander\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\alexander\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{6B09DD7E-035C-4CE0-B7E0-6AEC43D96F5F}C:\users\alexander\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\alexander\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{F04A1104-A9D8-4A15-AC83-71437AF0C6FE}] => (Allow) D:\Programme (x99)\Battle.net\Battle.net\Battle.net.exe
FirewallRules: [{FE2D25A9-3198-45D6-BD4F-A3187F0B6169}] => (Allow) D:\Programme (x99)\Battle.net\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{7F4CBEBF-50E0-4C8C-9EE1-DDC732078960}D:\programme (x99)\battle.net\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) D:\programme (x99)\battle.net\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{A2647E2B-6B61-483A-AF85-5668E2566EA9}D:\programme (x99)\battle.net\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) D:\programme (x99)\battle.net\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [{67AE8219-F604-4288-BACD-B886A0F7CC97}] => (Block) D:\programme (x99)\battle.net\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [{EB9F8F57-757D-47B1-97A0-4500666D6B41}] => (Block) D:\programme (x99)\battle.net\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{ADBB86A0-E624-42B2-BF48-63761600749B}C:\users\alexander\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\alexander\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{18AF0267-752B-4325-B199-379F0A89B14C}C:\users\alexander\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\alexander\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{DAA82B47-A383-4D64-85F3-7D72F5C1BC48}] => (Allow) D:\Programme (x99)\iTunes\iTunes.exe
FirewallRules: [{B00ADD8D-C429-486C-BC4E-17F06C6E2690}] => (Allow) D:\Programme (x99)\newz\L.A.B. Productions\TheNewZ\TheNewZ.exe
FirewallRules: [TCP Query User{EADD61E9-D156-4C44-9FFA-5D801C912EE2}C:\users\alexander\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\alexander\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{03F3BC79-9773-4D71-B67F-8523BAA2F056}C:\users\alexander\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\alexander\appdata\roaming\spotify\spotify.exe
FirewallRules: [{A8545984-A98F-4CB7-9025-819618DC335C}] => (Allow) D:\Programme (x99)\newz\L.A.B. Productions\TheNewZ\TheNewZ.exe
FirewallRules: [{EA30AD30-7B13-4693-A923-71C06843420B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1E1DA42E-70E2-4862-A92B-407BA479469B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{14D931C9-3E8E-4191-B84D-AC7F5E8CD368}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E65A2B55-E380-4152-952E-0564A352A4BE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E517E16E-FD1B-4BE9-AD3C-ACD7E2C655B8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CCAB44B4-23F1-40AF-A154-F31FEC8B6088}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BD00C7DF-63DD-454F-BEDC-16AFD52D3E94}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{36479A8B-55EC-4667-819A-7693965FFB5B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{044A0532-CC1F-405D-B290-1059EEFD3464}] => (Allow) C:\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{F24D53AF-897F-4F25-AE51-C0167073360A}C:\users\alexander\knuddels-stapp\commonfiles\java\bin\javaw.exe] => (Block) C:\users\alexander\knuddels-stapp\commonfiles\java\bin\javaw.exe
FirewallRules: [UDP Query User{3A7B4903-725D-4F4E-B6E1-9C956481190F}C:\users\alexander\knuddels-stapp\commonfiles\java\bin\javaw.exe] => (Block) C:\users\alexander\knuddels-stapp\commonfiles\java\bin\javaw.exe
FirewallRules: [{CBEE6F43-7CAD-4F06-8D4A-D997118F0089}] => (Allow) D:\Steam\SteamApps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{F04F4535-0074-4299-9113-82B8BCC0357D}] => (Allow) D:\Steam\SteamApps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [TCP Query User{8A5D3F26-00B1-4148-A947-D0552279D35A}D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [UDP Query User{5CA592DA-95E2-4F37-A4DB-4C488C25A438}D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [{F4171C87-59AD-44C1-851A-45BCB2DBA29F}] => (Block) D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [{CD53CE50-438A-49DA-815A-8E85EE927043}] => (Block) D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe

==================== Wiederherstellungspunkte =========================

23-10-2016 14:10:54 Geplanter Prüfpunkt
23-10-2016 15:22:58 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: WPS
Description: WPS
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: WPS
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/23/2016 01:25:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (10/23/2016 01:06:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (10/23/2016 01:06:07 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1

Error: (10/23/2016 01:06:07 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1

Error: (10/23/2016 01:06:07 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1

Error: (10/23/2016 12:53:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (10/22/2016 10:52:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: steamwebhelper.exe, Version: 3.65.13.80, Zeitstempel: 0x57fed9f2
Name des fehlerhaften Moduls: steamwebhelper.exe, Version: 3.65.13.80, Zeitstempel: 0x57fed9f2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00037b59
ID des fehlerhaften Prozesses: 0xcb0
Startzeit der fehlerhaften Anwendung: 0x01d22ca494d65ad5
Pfad der fehlerhaften Anwendung: D:\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Pfad des fehlerhaften Moduls: D:\Steam\bin\cef\cef.winxp\steamwebhelper.exe
Berichtskennung: 835751cb-9899-11e6-929a-3860775e8b90

Error: (10/22/2016 10:41:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (10/22/2016 10:40:44 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1

Error: (10/22/2016 10:40:44 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1


Systemfehler:
=============
Error: (10/23/2016 03:23:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/23/2016 03:23:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/23/2016 01:25:13 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
WPS

Error: (10/23/2016 01:25:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (10/23/2016 01:25:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.

Error: (10/23/2016 01:24:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Norton Online Backup" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (10/23/2016 01:24:26 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "\\?\Volume{d469cb42-e5d6-11e0-bb24-806e6f6e6963}" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.

Error: (10/23/2016 01:24:26 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: Auf dem Volume "\\?\Volume{d469cb41-e5d6-11e0-bb24-806e6f6e6963}" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.

Error: (10/23/2016 01:06:46 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
WPS

Error: (10/23/2016 01:06:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.


CodeIntegrity:
===================================
  Date: 2015-05-22 23:21:07.651
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\Programme (x99)\ESEA\ESEA_Client\eseaclient.exe" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-22 23:20:46.264
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\Programme (x99)\ESEA\ESEA_Client\eseaclient.exe" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-22 19:18:47.591
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Alexander\AppData\Local\Google\Chrome\Application\chrome.exe" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-22 19:13:44.865
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\ALEXAN~1\AppData\Local\Temp\CR_6B733.tmp\setup.exe" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-22 19:13:44.507
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Alexander\AppData\Local\Google\Chrome\Application\42.0.2311.152\Installer\setup.exe" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-22 19:13:44.316
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Alexander\AppData\Local\Google\Update\Install\{2560CEC2-DAFF-4515-95B0-6D4F5E9C5A64}\43.0.2357.65_42.0.2311.152_chrome_updater.exe" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-22 17:41:32.254
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Avira\AntiVir Desktop\ipmgui.exe" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-22 17:25:39.083
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Alexander\AppData\Local\TeamSpeak 3 Client\ts3client_win32.exe" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-22 17:12:09.661
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Alexander\AppData\Roaming\Spotify\SpotifyWebHelper.exe" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-22 17:12:09.486
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Alexander\AppData\Roaming\Spotify\SpotifyCrashService.exe" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz
Prozentuale Nutzung des RAM: 24%
Installierter physikalischer RAM: 8174.47 MB
Verfügbarer physikalischer RAM: 6149.53 MB
Summe virtueller Speicher: 9196.66 MB
Verfügbarer virtueller Speicher: 6883.41 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:99.14 GB) (Free:5.39 GB) NTFS
Drive d: (Data) (Fixed) (Total:916.51 GB) (Free:720.41 GB) NTFS
Drive h: (ASUS_VG248) (CDROM) (Total:0.36 GB) (Free:0 GB) UDF

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 4A648C57)
Partition 1: (Not Active) - (Size=12.6 GB) - (Type=27)
Partition 2: (Active) - (Size=25 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=99.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 556CE3D0)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Not Active) - (Size=916.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

--- --- ---

M-K-D-B · 23.10.2016, 21:03

Servus,

wieso hast du dir diese Icons zugelegt?

Zitat:

HKLM\...\regfile\DefaultIcon: C:\Users\Alexander\Desktop\Alex\Camos\JONGHYUNPARK\JONGHYUNPARK Icon 59.ico,0 <===== ACHTUNG
HKLM\...\batfile\DefaultIcon: C:\Users\Alexander\Desktop\Alex\Camos\JONGHYUNPARK\JONGHYUNPARK Icon 52.ico,0 <===== ACHTUNG

wir entfernen die letzten Reste und kontrollieren nochmal alles.

Hinweis: Der Suchlauf mit ESET kann länger dauern.

Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\...\Run: [[REGKEY]] => "C:\Users\Alexander\AppData\Roaming\[FILENAME].exe"
C:\Users\Alexander\AppData\Roaming\[FILENAME].exe
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000 -> ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <kein Path/update_url>
C:\Users\Alexander\Downloads\*CHIP-Installer.exe
Task: {4AB4A481-174D-405F-B578-2FDF0C5902F5} - System32\Tasks\{E7B81D0D-774C-4507-84ED-5DA5448C07B6} => pcalua.exe -a "C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WO1AUIO2\jre-6u30-windows-i586-iftw[1].exe" -d C:\Users\Alexander\Desktop
Task: {61CB2EAB-96FA-4373-B8E2-D11C9724546D} - System32\Tasks\{ADC4175B-DDD4-4AF2-AE0E-E4FB9C56FF44} => pcalua.exe -a C:\Users\Alexander\AppData\Local\Temp\Shortcut_SweetImSetup.exe -d C:\Users\Alexander\Desktop -c -Shortcut <==== ACHTUNG
Task: {FB17DD3E-F992-4B92-A902-B7B576F241AF} - System32\Tasks\{551CFA7D-1A19-4491-A480-2EF61F761D80} => pcalua.exe -a "C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1BUNQY0K\wmp11-windowsxp-x86-DE-DE.exe" -d C:\Users\Alexander\Desktop
AlternateDataStreams: C:\ProgramData\Temp:2430E4FC [118]
AlternateDataStreams: C:\ProgramData\Temp:5925E400 [286]
AlternateDataStreams: C:\ProgramData\Temp:5D458568 [129]
AlternateDataStreams: C:\ProgramData\Temp:C3AE45C9 [236]
AlternateDataStreams: C:\ProgramData\Temp:E79EFDA4 [129]
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 3
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.

Starte die HitmanPro.exe
Klicke auf
Entferne den Haken bei
Klicke auf
und
Akzeptiere die Lizenzbedingungen und klicke auf
Klicke auf

und auf
Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
und speichere die Logdatei auf Deinem Desktop.
Schließe HitmanPro und poste mir das Log.

Schritt 4

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von ESET,
die Logdatei von HitmanPro,
die beiden neuen Logdateien von FRST,
die Beantwortung der gestellten Fragen.

crtys · 24.10.2016, 00:47

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-10-2016
durchgeführt von Alexander (23-10-2016 23:37:14) Run:1
Gestartet von C:\Users\Alexander\Desktop
Geladene Profile: Alexander &  (Verfügbare Profile: Alexander)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\...\Run: [[REGKEY]] => "C:\Users\Alexander\AppData\Roaming\[FILENAME].exe"
C:\Users\Alexander\AppData\Roaming\[FILENAME].exe
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-3003065676-2518410820-2162268670-1000 -> ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <kein Path/update_url>
C:\Users\Alexander\Downloads\*CHIP-Installer.exe
Task: {4AB4A481-174D-405F-B578-2FDF0C5902F5} - System32\Tasks\{E7B81D0D-774C-4507-84ED-5DA5448C07B6} => pcalua.exe -a "C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WO1AUIO2\jre-6u30-windows-i586-iftw[1].exe" -d C:\Users\Alexander\Desktop
Task: {61CB2EAB-96FA-4373-B8E2-D11C9724546D} - System32\Tasks\{ADC4175B-DDD4-4AF2-AE0E-E4FB9C56FF44} => pcalua.exe -a C:\Users\Alexander\AppData\Local\Temp\Shortcut_SweetImSetup.exe -d C:\Users\Alexander\Desktop -c -Shortcut <==== ACHTUNG
Task: {FB17DD3E-F992-4B92-A902-B7B576F241AF} - System32\Tasks\{551CFA7D-1A19-4491-A480-2EF61F761D80} => pcalua.exe -a "C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1BUNQY0K\wmp11-windowsxp-x86-DE-DE.exe" -d C:\Users\Alexander\Desktop
AlternateDataStreams: C:\ProgramData\Temp:2430E4FC [118]
AlternateDataStreams: C:\ProgramData\Temp:5925E400 [286]
AlternateDataStreams: C:\ProgramData\Temp:5D458568 [129]
AlternateDataStreams: C:\ProgramData\Temp:C3AE45C9 [236]
AlternateDataStreams: C:\ProgramData\Temp:E79EFDA4 [129]
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
         
*****************

Prozess erfolgreich geschlossen.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt
HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\Software\Microsoft\Windows\CurrentVersion\Run\\[REGKEY] => Wert erfolgreich entfernt
"C:\Users\Alexander\AppData\Roaming\[FILENAME].exe" => nicht gefunden.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909}" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} => Schlüssel nicht gefunden. 
HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\ToolbarSearchProviderProgress => Wert erfolgreich entfernt
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk" => Schlüssel erfolgreich entfernt

=========== "C:\Users\Alexander\Downloads\*CHIP-Installer.exe" ==========

C:\Users\Alexander\Downloads\Mz RAM Booster - CHIP-Installer.exe => erfolgreich verschoben
C:\Users\Alexander\Downloads\Revo Uninstaller - CHIP-Installer.exe => erfolgreich verschoben

========= Ende -> "C:\Users\Alexander\Downloads\*CHIP-Installer.exe" ========

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4AB4A481-174D-405F-B578-2FDF0C5902F5}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4AB4A481-174D-405F-B578-2FDF0C5902F5}" => Schlüssel erfolgreich entfernt
C:\Windows\System32\Tasks\{E7B81D0D-774C-4507-84ED-5DA5448C07B6} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E7B81D0D-774C-4507-84ED-5DA5448C07B6}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{61CB2EAB-96FA-4373-B8E2-D11C9724546D}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61CB2EAB-96FA-4373-B8E2-D11C9724546D}" => Schlüssel erfolgreich entfernt
C:\Windows\System32\Tasks\{ADC4175B-DDD4-4AF2-AE0E-E4FB9C56FF44} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{ADC4175B-DDD4-4AF2-AE0E-E4FB9C56FF44}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FB17DD3E-F992-4B92-A902-B7B576F241AF}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB17DD3E-F992-4B92-A902-B7B576F241AF}" => Schlüssel erfolgreich entfernt
C:\Windows\System32\Tasks\{551CFA7D-1A19-4491-A480-2EF61F761D80} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{551CFA7D-1A19-4491-A480-2EF61F761D80}" => Schlüssel erfolgreich entfernt
C:\ProgramData\Temp => ":2430E4FC" ADS erfolgreich entfernt.
C:\ProgramData\Temp => ":5925E400" ADS erfolgreich entfernt.
C:\ProgramData\Temp => ":5D458568" ADS erfolgreich entfernt.
C:\ProgramData\Temp => ":C3AE45C9" ADS erfolgreich entfernt.
C:\ProgramData\Temp => ":E79EFDA4" ADS erfolgreich entfernt.

========= dir "%ProgramFiles%" =========

 Datentr„ger in Laufwerk C: ist Acer
 Volumeseriennummer: B083-05A7

 Verzeichnis von C:\Program Files

15.09.2016  21:33    <DIR>          .
15.09.2016  21:33    <DIR>          ..
24.12.2011  20:31    <DIR>          Accessory Store
16.03.2011  15:45    <DIR>          Acer
12.06.2016  13:53    <DIR>          Bonjour
01.02.2013  14:32    <DIR>          Common Files
12.11.2012  19:50    <DIR>          CyberGhost VPN
21.09.2011  08:15    <DIR>          DVD Maker
16.03.2011  15:44    <DIR>          EgisTec IPS
12.10.2016  16:55    <DIR>          Internet Explorer
21.07.2015  18:43    <DIR>          iPod
06.04.2012  17:20    <DIR>          Java
21.11.2010  09:17    <DIR>          Microsoft Games
12.10.2016  14:36    <DIR>          Microsoft Silverlight
14.07.2009  07:32    <DIR>          MSBuild
03.09.2015  20:26    <DIR>          NVIDIA Corporation
18.08.2012  00:21    <DIR>          Paradox Interactive
16.03.2011  15:50    <DIR>          Preload
23.09.2011  13:47    <DIR>          Realtek
14.07.2009  07:32    <DIR>          Reference Assemblies
19.04.2012  18:27    <DIR>          SteelSeries
26.01.2012  19:23    <DIR>          TeamSpeak 3 Client
30.05.2012  18:44    <DIR>          Theme Resource Changer
11.07.2013  10:07    <DIR>          Windows Defender
29.01.2012  08:06    <DIR>          Windows Live
21.09.2011  08:15    <DIR>          Windows Mail
12.10.2016  16:55    <DIR>          Windows Media Player
24.12.2011  20:31    <DIR>          Windows NT
21.09.2011  08:15    <DIR>          Windows Photo Viewer
21.11.2010  05:31    <DIR>          Windows Portable Devices
21.09.2011  08:15    <DIR>          Windows Sidebar
06.07.2015  21:35    <DIR>          WinPcap
               0 Datei(en),              0 Bytes
              32 Verzeichnis(se),  6.505.861.120 Bytes frei

========= Ende von CMD: =========


========= dir "%ProgramFiles(x86)%" =========

 Datentr„ger in Laufwerk C: ist Acer
 Volumeseriennummer: B083-05A7

 Verzeichnis von C:\Program Files (x86)

23.10.2016  23:34    <DIR>          .
23.10.2016  23:34    <DIR>          ..
23.09.2011  14:13    <DIR>          Acer
29.10.2015  13:22    <DIR>          Acer GameZone
18.04.2012  16:48    <DIR>          Adobe
10.04.2012  21:53    <DIR>          Adobe Media Player
21.12.2014  12:53    <DIR>          AGEIA Technologies
06.07.2015  13:45    <DIR>          Avira
09.02.2014  02:22    <DIR>          Battlelog Web Plugins
12.06.2016  13:53    <DIR>          Bonjour
19.02.2012  18:05    <DIR>          BP DOWNLOADER
26.06.2016  15:17    <DIR>          Common Files
25.06.2016  01:08    <DIR>          Craften Terminal
23.09.2011  14:08    <DIR>          Cyberlink
27.04.2013  15:54    <DIR>          Dotjosh Studios
16.03.2011  15:44    <DIR>          EgisTec IPS
16.03.2011  15:44    <DIR>          EgisTec MyWinLocker
16.03.2011  15:44    <DIR>          EgisTec MyWinLockerSuite
16.03.2011  15:45    <DIR>          EgisTec Shredder
23.10.2016  23:34    <DIR>          ESET
06.07.2015  21:35    <DIR>          FRITZ!Powerline
29.10.2012  13:23    <DIR>          Google
17.04.2012  20:48    <DIR>          Intel
12.10.2016  16:55    <DIR>          Internet Explorer
21.07.2015  18:43    <DIR>          iTunes
24.10.2012  11:31    <DIR>          Java
29.01.2012  07:06    <DIR>          K-Lite Codec Pack
29.10.2015  13:11    <DIR>          Logitech
23.10.2016  12:58    <DIR>           Malwarebytes Anti-Malware 
27.03.2014  11:05    <DIR>          Microsoft
17.04.2014  14:36    <DIR>          Microsoft Office
12.10.2016  14:36    <DIR>          Microsoft Silverlight
23.09.2011  14:03    <DIR>          Microsoft SQL Server Compact Edition
21.05.2012  20:18    <DIR>          Microsoft.NET
19.07.2012  07:05    <DIR>          Mozilla Maintenance Service
14.07.2009  07:32    <DIR>          MSBuild
17.04.2014  14:36    <DIR>          MSECache
25.12.2011  11:40    <DIR>          MSXML 4.0
07.07.2012  23:16    <DIR>          MW2CU
16.03.2011  15:47    <DIR>          Nero
16.03.2011  15:50    <DIR>          newsXpresso
14.06.2013  14:27    <DIR>          Notepad++
03.09.2015  20:26    <DIR>          NVIDIA Corporation
24.12.2011  20:31    <DIR>          OEM
28.04.2013  11:34    <DIR>          OpenOffice.org 3
14.04.2012  23:38    <DIR>          Oracle
20.02.2016  11:57    <DIR>          Pando Networks
10.04.2012  08:52    <DIR>          Razer
18.04.2012  16:44    <DIR>          Real
23.09.2011  13:47    <DIR>          Realtek
14.07.2009  07:32    <DIR>          Reference Assemblies
29.12.2015  14:01    <DIR>          Skype
12.06.2012  20:10    <DIR>          Stardock
02.09.2016  00:05    <DIR>          TeamViewer
12.04.2012  16:33    <DIR>          Video Codec
21.02.2012  20:15    <DIR>          Vlcclassic
11.07.2013  10:07    <DIR>          Windows Defender
29.01.2012  08:52    <DIR>          Windows Live
21.09.2011  08:15    <DIR>          Windows Mail
12.10.2016  16:55    <DIR>          Windows Media Player
14.07.2009  07:32    <DIR>          Windows NT
21.09.2011  08:15    <DIR>          Windows Photo Viewer
21.11.2010  05:31    <DIR>          Windows Portable Devices
21.09.2011  08:15    <DIR>          Windows Sidebar
25.12.2011  16:58    <DIR>          WinRAR
               0 Datei(en),              0 Bytes
              65 Verzeichnis(se),  6.505.857.024 Bytes frei

========= Ende von CMD: =========


========= dir "%ProgramData%" =========

 Datentr„ger in Laufwerk C: ist Acer
 Volumeseriennummer: B083-05A7

 Verzeichnis von C:\ProgramData

25.03.2012  09:37    <DIR>          1912 Titanic Mystery
26.03.2015  13:14    <DIR>          34BE82C4-E596-4e99-A191-52C6199EBF69
16.03.2011  15:23    <DIR>          Acer
07.12.2012  15:06    <DIR>          Adobe
10.09.2014  00:36    <DIR>          Apple
29.06.2012  17:34    <DIR>          Apple Computer
23.09.2011  14:09            14.802 ArcadeDeluxe5.log
12.06.2015  18:28    <DIR>          Avira
09.06.2012  10:33    <DIR>          Battle.net
26.03.2015  04:11    <DIR>          Blizzard Entertainment
03.02.2013  12:00    <DIR>          Bohemia Interactive Studio
19.12.2015  15:49    <DIR>          Celavimus
23.10.2016  13:24    <DIR>          clear.fi
27.12.2011  14:53    <DIR>          CyberLink
21.07.2015  18:43    <DIR>          E1864A66-75E3-486a-BD95-D1B7D99A84A7
20.03.2013  16:04    <DIR>          EA Core
20.03.2013  20:22    <DIR>          EA Logs
23.09.2011  13:36    <DIR>          EgisTec
23.09.2011  13:36    <DIR>          EgisTec IPS
06.10.2012  13:48    <DIR>          Electronic Arts
16.06.2012  17:00    <DIR>          fltk.org
02.03.2010  23:59           131.984 FullRemove.exe
17.04.2012  20:54    <DIR>          Intel
17.04.2012  16:25    <DIR>          LogiShrd
17.10.2013  19:09    <DIR>          LogMeIn
23.10.2016  12:58    <DIR>          Malwarebytes
16.02.2012  20:15    <DIR>          McAfee
18.11.2013  22:10    <DIR>          Microsoft Help
26.04.2012  08:41    <DIR>          Mozilla
16.03.2011  15:47    <DIR>          Nero
16.03.2011  15:50    <DIR>          newsXpresso
23.10.2016  13:24    <DIR>          NVIDIA
21.12.2014  12:54    <DIR>          NVIDIA Corporation
16.03.2011  15:19    <DIR>          OberonGameConsole
24.12.2011  20:33    <DIR>          oem
10.10.2016  21:40    <DIR>          Origin
10.10.2016  19:02    <DIR>          Package Cache
18.04.2012  16:44    <DIR>          Real
10.04.2012  21:56    <DIR>          regid.1986-12.com.adobe
19.02.2016  23:50    <DIR>          Riot Games
20.02.2016  11:58    <DIR>          Skype
29.01.2012  07:36    <DIR>          Sony
27.03.2012  16:47    <DIR>          SplitMediaLabs
19.04.2012  18:28    <DIR>          SteelSeries
24.12.2011  21:37    <DIR>          Sun
12.05.2016  20:05    <DIR>          Temp
01.04.2013  00:42    <DIR>          TuneUp Software
27.07.2012  12:49    <DIR>          Ubisoft
16.06.2012  14:06    <DIR>          {93E26451-CD9A-43A5-A2FA-C42392EA4001}
               2 Datei(en),        146.786 Bytes
              47 Verzeichnis(se),  6.505.852.928 Bytes frei

========= Ende von CMD: =========


========= dir "%Appdata%" =========

 Datentr„ger in Laufwerk C: ist Acer
 Volumeseriennummer: B083-05A7

 Verzeichnis von C:\Users\Alexander\AppData\Roaming

23.10.2016  13:04    <DIR>          .
23.10.2016  13:04    <DIR>          ..
12.07.2016  11:43    <DIR>          .minecraft
29.05.2012  11:20    <DIR>          .minecraft_xray
01.06.2012  21:20    <DIR>          .Nitrous
21.02.2014  19:55    <DIR>          .technic
28.06.2016  12:19    <DIR>          .VoidLauncher
10.04.2012  22:01    <DIR>          Adobe
09.09.2014  19:14    <DIR>          Apple Computer
01.04.2015  11:53    <DIR>          Avira
26.03.2015  00:46    <DIR>          Battle.net
02.08.2016  00:56    <DIR>          Craften Terminal
24.12.2011  20:31    <DIR>          CyberLink
13.08.2016  12:31    <DIR>          discord
26.06.2016  15:17    <DIR>          DVDVideoSoft
16.06.2012  17:00    <DIR>          fltk.org
19.10.2012  18:46    <DIR>          FPSUnlock
09.10.2014  18:31    <DIR>          ftblauncher
24.12.2011  20:33    <DIR>          Identities
17.04.2012  20:49    <DIR>          Intel
24.12.2011  20:33    <DIR>          Intel Corporation
18.03.2015  10:50    <DIR>          java
17.04.2012  16:27    <DIR>          Leadertech
25.12.2011  11:34    <DIR>          LolClient
29.05.2012  11:54    <DIR>          LolClient2
24.12.2011  20:33    <DIR>          Macromedia
02.01.2012  14:01    <DIR>          Mael
29.01.2012  15:24    <DIR>          MAXON
21.11.2010  09:16    <DIR>          Media Center Programs
07.04.2012  13:03    <DIR>          Media Player Classic
12.07.2013  20:46    <DIR>          Minecraft Version Changer
16.12.2015  23:46    <DIR>          Mozilla
12.10.2012  21:37    <DIR>          MW2 FoV Changer
15.04.2012  23:11    <DIR>          MW3 FoV Changer
14.06.2013  14:27    <DIR>          Notepad++
29.01.2012  13:15    <DIR>          NVIDIA
24.12.2011  20:33    <DIR>          OEM
28.04.2013  11:35    <DIR>          OpenOffice.org
24.09.2016  11:05    <DIR>          Origin
23.02.2013  19:43    <DIR>          Play withSIX
07.01.2012  23:09    <DIR>          PowerCinema
29.01.2012  13:15    <DIR>          Publish Providers
04.05.2012  13:42    <DIR>          PunkBuster
05.05.2012  12:25    <DIR>          puush
18.04.2012  16:44    <DIR>          Real
19.02.2016  23:47    <DIR>          Riot Games
10.10.2016  21:40    <DIR>          Skype
18.11.2013  22:07    <DIR>          SoftGrid Client
29.01.2012  13:44    <DIR>          Sony
27.03.2012  16:46    <DIR>          SplitMediaLabs
23.10.2016  12:57    <DIR>          Spotify
03.01.2016  19:44    <DIR>          SprillRichiGerman
22.01.2012  14:20    <DIR>          Stardock
18.04.2012  20:37    <DIR>          SteelSeries
12.07.2016  02:40    <DIR>          TeamViewer
25.03.2012  09:38    <DIR>          TitanicMystery
28.03.2012  12:19    <DIR>          TP
22.10.2016  23:48    <DIR>          TS3Client
01.04.2013  00:42    <DIR>          TuneUp Software
11.11.2012  01:41    <DIR>          wargaming.net
27.12.2011  14:47    <DIR>          WinRAR
28.02.2016  21:45    <DIR>          yWorks
               0 Datei(en),              0 Bytes
              62 Verzeichnis(se),  6.505.848.832 Bytes frei

========= Ende von CMD: =========


========= dir "%LocalAppdata%" =========

 Datentr„ger in Laufwerk C: ist Acer
 Volumeseriennummer: B083-05A7

 Verzeichnis von C:\Users\Alexander\AppData\Local

23.10.2016  22:55    <DIR>          .
23.10.2016  22:55    <DIR>          ..
24.12.2011  20:31    <DIR>          Acer
07.07.2012  08:31    <DIR>          Activision
10.04.2012  22:01    <DIR>          Adobe
29.04.2012  20:46    <DIR>          Apple
09.09.2014  19:14    <DIR>          Apple Computer
08.01.2012  21:13    <DIR>          Apps
27.10.2015  21:02    <DIR>          Arktos
27.10.2015  21:11    <DIR>          Arktos Entertainment
01.04.2015  01:38    <DIR>          Battle.net
26.03.2015  00:45    <DIR>          Blizzard Entertainment
22.07.2015  13:47    <DIR>          CEF
19.12.2015  15:49    <DIR>          Celavimus
24.12.2012  01:39    <DIR>          craften.de
07.06.2013  22:17    <DIR>          Craften_Dev_Team
26.10.2012  21:20    <DIR>          Cyberlink
10.10.2016  19:02    <DIR>          Daybreak Game Company
25.12.2014  01:37    <DIR>          DayZ
10.09.2012  14:37    <DIR>          DayZCommander
22.02.2012  21:10             3.584 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
03.10.2013  20:57    <DIR>          Deployment
12.02.2012  15:23    <DIR>          Diagnostics
13.08.2016  12:32    <DIR>          Discord
23.02.2013  19:43    <DIR>          Downloaded Installations
01.03.2014  10:30    <DIR>          Dxtory Software
06.04.2012  18:59    <DIR>          EgisTec
24.12.2011  20:33    <DIR>          EgisTec IPS
12.10.2016  20:04    <DIR>          ElevatedDiagnostics
20.03.2013  16:05    <DIR>          ESN
28.05.2012  10:48    <DIR>          Facebook
09.10.2014  18:31    <DIR>          ftblauncher
20.02.2016  11:57           117.680 GDIPFONTCACHEV1.DAT
16.09.2015  15:03    <DIR>          Google
02.06.2015  13:02    <DIR>          GWX
24.02.2013  16:07    <DIR>          http___mvc.craften.de
23.02.2013  19:43    <DIR>          IsolatedStorage
26.09.2013  15:48    <DIR>          IW4M
06.10.2012  13:48    <DIR>          Logitech
17.10.2013  19:09    <DIR>          LogMeIn
23.10.2016  13:25    <DIR>          LogMeIn Hamachi
11.06.2012  13:42    <DIR>          Macromedia
13.01.2012  22:23    <DIR>          mcpatcher
27.10.2015  16:05    <DIR>          Mega Limited
11.06.2015  13:46    <DIR>          Microsoft
17.02.2012  15:38    <DIR>          Microsoft Games
21.05.2012  20:17    <DIR>          Microsoft Help
17.03.2012  01:05    <DIR>          Mozilla
17.04.2015  21:47    <DIR>          NVIDIA
17.04.2015  21:47    <DIR>          NVIDIA Corporation
22.01.2012  14:20    <DIR>          ODUI
15.09.2016  12:37    <DIR>          Origin
01.02.2013  14:20    <DIR>          Overwolf
01.07.2015  22:03    <DIR>          pip
23.02.2013  19:45    <DIR>          Play withSIX
27.12.2011  14:53    <DIR>          PowerCinema
19.12.2012  14:41    <DIR>          Programs
20.03.2013  16:06    <DIR>          PunkBuster
10.10.2016  19:02    <DIR>          SCE
29.12.2015  14:01    <DIR>          Skype
10.01.2012  20:49    <DIR>          Software
29.01.2012  07:36    <DIR>          Sony
27.03.2012  16:48    <DIR>          SplitMediaLabs
23.10.2016  13:02    <DIR>          Spotify
13.08.2016  12:40    <DIR>          SquirrelTemp
22.01.2012  14:20    <DIR>          Stardock
07.10.2015  23:20    <DIR>          Steam
18.04.2012  20:40    <DIR>          SteelSeriesEngine
16.02.2012  20:24    <DIR>          Symantec
24.07.2016  15:32    <DIR>          TeamSpeak 3 Client
23.10.2016  23:36    <DIR>          Temp
04.05.2012  17:09    <DIR>          Ubisoft Game Launcher
01.01.2012  15:11    <DIR>          VirtualStore
18.12.2015  00:09    <DIR>          Windows Live
               2 Datei(en),        121.264 Bytes
              72 Verzeichnis(se),  6.505.844.736 Bytes frei

========= Ende von CMD: =========


========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 94776014 B
Java, Flash, Steam htmlcache => 292053620 B
Windows/system/drivers => 1648754606 B
Edge => 0 B
Chrome => 534071284 B
Firefox => 931005272 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 42424230 B
systemprofile32 => 385026 B
LocalService => 66228 B
NetworkService => 890098 B
Alexander => 3030980788 B
UpdatusUser => 0 B
UpdatusUser => 0 B
UpdatusUser => 0 B
UpdatusUser => 0 B

RecycleBin => 0 B
EmptyTemp: => 6.1 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 23:38:00 ====

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=43271e5ad1ef5342b310b7d6662ee7f6
# end=init
# utc_time=2016-10-23 09:34:57
# local_time=2016-10-23 11:34:57 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=43271e5ad1ef5342b310b7d6662ee7f6
# end=init
# utc_time=2016-10-23 09:41:34
# local_time=2016-10-23 11:41:34 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Init
Update Download
Update Finalize
Updated modules version: 31175
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=43271e5ad1ef5342b310b7d6662ee7f6
# end=updated
# utc_time=2016-10-23 09:47:57
# local_time=2016-10-23 11:47:57 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=43271e5ad1ef5342b310b7d6662ee7f6
# engine=31175
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-10-23 11:30:16
# local_time=2016-10-24 01:30:16 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Antivirus'
# compatibility_mode=1815 16777213 100 97 30442 69151782 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776638 100 94 6719 228895266 0 0
# scanned=386471
# found=16
# cleaned=0
# scan_time=6139
sh=B7882522F67D52C1BE517BF49B5470CA13BBE4F8 ft=1 fh=5642acb995cad207 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\Alexander\Downloads\Mz RAM Booster - CHIP-Installer.exe.xBAD"
sh=0D10DC61AD2A3E82E2902D2DB5FDD79BAF70A8CB ft=1 fh=04ccbecdc9dca663 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\Alexander\Downloads\Revo Uninstaller - CHIP-Installer.exe.xBAD"
sh=473BBDE8323570905E9134A8EE0BEE848D0A96F1 ft=0 fh=0000000000000000 vn="Java/TrojanDownloader.Agent.NDW Trojaner" ac=I fn="C:\Users\Alexander\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\48cd1ce2-1cc8d9b6"
sh=FFB5A4D9640B8EC584F1299B8E8FF65F7A0AECDE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Conduit evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Alexander\AppData\Roaming\Mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\utorrentbar_de.jar"
sh=4974808424C550F844383A6677FA1513BF70BBC6 ft=1 fh=19e1361dc1cebc3d vn="Win32/Toolbar.Linkury.D evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Alexander\Desktop\AdwCleaner\quarantine\files\bcwhgdtfahaumnaaukjuqopkubxpqoxt\1.4_0\GoogleChromeRemotePlugin.dll"
sh=A1280B1F085B8284DC157EC359BD1ADA091CFE7E ft=1 fh=d8aa3384d1249a40 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Alexander\Desktop\AdwCleaner\quarantine\files\gvwpqzncmngjxuusslhiftzrsaqfmbnl\ldrtbDVD0.dll"
sh=0460B794834ED78BE69BA5EB9C0E6211EBEAD9B6 ft=1 fh=0f8145e534b0e78b vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Alexander\Desktop\AdwCleaner\quarantine\files\gvwpqzncmngjxuusslhiftzrsaqfmbnl\ldrtbDVDV.dll"
sh=92E84D2216A7763D580E42FA2493CCF67D0D0560 ft=1 fh=e8efc42494afd9f6 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Alexander\Desktop\AdwCleaner\quarantine\files\gvwpqzncmngjxuusslhiftzrsaqfmbnl\tbDVD0.dll"
sh=42C28E041EA5F8B06D4857E8E6FCA75ABD4BCF2F ft=1 fh=b55fe72874790c5f vn="Win32/Toolbar.Conduit.Y evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Alexander\Desktop\AdwCleaner\quarantine\files\gvwpqzncmngjxuusslhiftzrsaqfmbnl\tbDVD1.dll"
sh=8CA209A796CAB152BC9907BCEF283C221AC5F058 ft=1 fh=16efebacbcd5a9c9 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Alexander\Desktop\AdwCleaner\quarantine\files\gvwpqzncmngjxuusslhiftzrsaqfmbnl\tbDVDV.dll"
sh=ABF759CA3BFB16DE62197DD7C417AC5039A43AE0 ft=1 fh=1801af74030ebca1 vn="Variante von Win32/PriceGong.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Alexander\Desktop\AdwCleaner\quarantine\files\gvwpqzncmngjxuusslhiftzrsaqfmbnl\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll"
sh=E0814D0F17EE1122F6D3507DC676030F8E1CC133 ft=1 fh=0e0f46db8e6ee8c4 vn="Win32/Toolbar.Babylon.I evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Alexander\Desktop\AdwCleaner\quarantine\files\ncujidjxpgjevaktnsqzpvqubmmrkpbg\Shared\BabMaint.exe"
sh=829D808C091045F45C513A6E4AB17055A52A9320 ft=1 fh=282fb76e1825b814 vn="Variante von Win32/Toolbar.Babylon.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Alexander\Desktop\AdwCleaner\quarantine\files\uqobaysrtxtwblrrhzstskyumzifvbqr\29FE5BA6144545639D0C52517E5D4BB3\DeltaTB.exe"
sh=FFB5A4D9640B8EC584F1299B8E8FF65F7A0AECDE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Conduit evtl. unerwÃ¼nschte Anwendung" ac=I fn="D:\AlexanderD\Roaming\Mozilla\Firefox\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\chrome\utorrentbar_de.jar"
sh=94ECC36E8E10694FF87C174A16879FC0BEC7881F ft=1 fh=eb11d711e9b315de vn="Variante von Win32/Packed.Themida verdÃ¤chtige Datei" ac=I fn="D:\Arma2 - DayZ\dayz hack\loader.exe"
sh=C65199C7B95DB3973FDF3B83667180DF990989B4 ft=0 fh=0000000000000000 vn="Variante von Win32/Packed.Themida verdÃ¤chtige Datei" ac=I fn="D:\Arma2 - DayZ\dayz hack\virtualloader.zip"

Code:

ATTFilter

HitmanPro 3.7.14.280
www.hitmanpro.com

   Computer name . . . . : ALEXANDER-PC
   Windows . . . . . . . : 6.1.1.7601.X64/4
   User name . . . . . . : Alexander-PC\Alexander
   UAC . . . . . . . . . : Disabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2016-10-24 01:42:18
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 4m 5s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 73

   Objects scanned . . . : 2.333.981
   Files scanned . . . . : 107.303
   Remnants scanned  . . : 721.598 files / 1.505.080 keys

Suspicious files ____________________________________________________________

   C:\Users\Alexander\AppData\Local\PunkBuster\ACB\pb\PnkBstrK.sys
      Size . . . . . . . : 138.536 bytes
      Age  . . . . . . . : 1605.4 days (2012-06-01 17:04:25)
      Entropy  . . . . . : 7.7
      SHA-256  . . . . . : A9F5C52018A3C28CD9CC2E1A1F8BA252D0DADC2F179F0CC8CB6CDDA8633976E3
      RSA Key Size . . . : 1024
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Alexander\AppData\Local\PunkBuster\BF3\pb\dll\wc002317.dll
      Size . . . . . . . : 949.613 bytes
      Age  . . . . . . . : 1313.4 days (2013-03-20 16:14:46)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 15059F09B1D62DEA6B5D22EF9E0D062411C167378D870AE339AAB50B0BDC7FC0
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Alexander\AppData\Local\PunkBuster\BF3\pb\dll\wc002325.dll
      Size . . . . . . . : 959.376 bytes
      Age  . . . . . . . : 1313.4 days (2013-03-20 16:32:57)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : A85592ACDCFDA7C0293504A5F5279C2654ACC0E6D2398ED8958F6E03F05DCEB5
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Alexander\AppData\Local\PunkBuster\BF3\pb\dll\wc002331.dll
      Size . . . . . . . : 963.480 bytes
      Age  . . . . . . . : 1087.1 days (2013-11-01 22:57:46)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 4693498864B2A4C15EECDD4D132FFDFEDE3F9E4BAFA427F77BC87046A7352D1E
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Alexander\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
      Size . . . . . . . : 963.480 bytes
      Age  . . . . . . . : 988.0 days (2014-02-09 02:23:26)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 4693498864B2A4C15EECDD4D132FFDFEDE3F9E4BAFA427F77BC87046A7352D1E
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Alexander\AppData\Local\PunkBuster\BF3\pb\pbclold.dll
      Size . . . . . . . : 963.480 bytes
      Age  . . . . . . . : 1313.4 days (2013-03-20 16:06:59)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 4693498864B2A4C15EECDD4D132FFDFEDE3F9E4BAFA427F77BC87046A7352D1E
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Alexander\AppData\Local\PunkBuster\BF3\pb\PnkBstrK.sys
      Size . . . . . . . : 140.072 bytes
      Age  . . . . . . . : 1313.4 days (2013-03-20 16:07:24)
      Entropy  . . . . . : 7.7
      SHA-256  . . . . . : CC3F4E453FC246B64C09E81BB73741CECC897C805C13815336647E986A60301E
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Alexander\AppData\Local\PunkBuster\COD4\pb\dll\wc002301.dll
      Size . . . . . . . : 967.213 bytes
      Age  . . . . . . . : 1609.5 days (2012-05-28 13:03:36)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 4BD30C84D354E3B8B5236F48F62718D6E4F2A6DAA303365B6DFCE45D21DFE853
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Alexander\AppData\Local\PunkBuster\COD4\pb\dll\wc002318.dll
      Size . . . . . . . : 967.165 bytes
      Age  . . . . . . . : 1493.2 days (2012-09-21 21:58:32)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : B1B32990F47ED2E39EB18AEA0839D9521B87E9ED18C0BCA8E2C6873FBA9D6494
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Alexander\AppData\Local\PunkBuster\COD4\pb\pbcl.dll
      Size . . . . . . . : 967.165 bytes
      Age  . . . . . . . : 1267.5 days (2013-05-05 14:24:44)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : B1B32990F47ED2E39EB18AEA0839D9521B87E9ED18C0BCA8E2C6873FBA9D6494
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Alexander\AppData\Local\PunkBuster\COD4\pb\pbclold.dll
      Size . . . . . . . : 967.165 bytes
      Age  . . . . . . . : 1635.5 days (2012-05-02 13:54:18)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : B1B32990F47ED2E39EB18AEA0839D9521B87E9ED18C0BCA8E2C6873FBA9D6494
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Alexander\AppData\Local\PunkBuster\COD4\pb\pbcls.dll
      Size . . . . . . . : 956.558 bytes
      Age  . . . . . . . : 1635.5 days (2012-05-02 13:54:18)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 567AB086A18F5447AB036192A40837C4FB9679BDB54BE2DCF99F90F4BA83BCC9
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Alexander\AppData\Local\PunkBuster\COD4\pb\PnkBstrK.sys
      Size . . . . . . . : 139.832 bytes
      Age  . . . . . . . : 1635.5 days (2012-05-02 13:55:29)
      Entropy  . . . . . : 7.7
      SHA-256  . . . . . : 3CB5C8CB071375FDE6E9269000B78E65DB29D585B2775E66C8B9F6E47E0012D1
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Alexander\AppData\Local\Temp\3d0a1899-e862-43d1-b9db-9650cceb2a80\CliSecureRT64.dll
      Size . . . . . . . : 89.915 bytes
      Age  . . . . . . . : 0.1 days (2016-10-23 23:39:02)
      Entropy  . . . . . : 6.4
      SHA-256  . . . . . : CC33B28F106AC23FB073962236B2DAB95AF9434E226D2E05D2A5637229CC07B9
      Product
      LanguageID . . . . : 0
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Program is running but currently exposes no human-computer interface (GUI).
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
         The file is in use by one or more active processes.
         Program contains PE structure anomalies. This is not typical for most programs.
      Forensic Cluster
         -10.8s C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl
         -10.8s C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTUBPM.etl
         -9.7s C:\ProgramData\NVIDIA\Resource.dat
         -9.7s C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
         -9.7s C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
         -8.8s C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTkerberos.etl
         -8.7s C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagtrack-Listener.etl
         -8.6s C:\ProgramData\Avira\Antivirus\EVENTDB\Temp\tmp.edb
         -3.9s C:\Users\Alexander\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.tmp
         -2.9s C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\
         -2.9s C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Sqm\
         -2.9s C:\Users\Alexander\AppData\Local\Microsoft\Windows\History\History.IE5\container.dat
         -0.6s C:\Users\Alexander\AppData\Local\Temp\AdobeARM.log
         -0.6s C:\Users\Alexander\AppData\Local\Temp\jusched.log
          0.0s C:\Users\Alexander\AppData\Local\Temp\3d0a1899-e862-43d1-b9db-9650cceb2a80\
          0.0s C:\Users\Alexander\AppData\Local\Temp\3d0a1899-e862-43d1-b9db-9650cceb2a80\CliSecureRT64.dll
          2.3s C:\ProgramData\Avira\Antivirus\TEMP\scaninfo(1948).tmp
          3.0s C:\Users\Alexander\AppData\Local\Temp\WPDNSE\
          6.9s C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTSteam Event Tracing.etl
          7.7s C:\ProgramData\Avira\Antivirus\TEMP\AVGUARD_580d2dfe\
         12.9s C:\Users\Alexander\AppData\Local\Temp\FXSAPIDebugLogFile.txt
         12.9s C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\
         13.1s C:\Users\Alexander\AppData\Local\Steam\htmlcache\Visited Links
         13.4s C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\30bcec14a86ee83e.customDestinations-ms
         13.5s C:\Users\Alexander\AppData\Local\Temp\clear.fiClient\
         13.5s C:\Users\Alexander\AppData\Local\Temp\clear.fiClient\cabarc.exe
         13.5s C:\Users\Alexander\AppData\Local\Temp\clear.fiClient\PackageInfo.xml
         13.6s C:\Users\Alexander\AppData\Local\Temp\clear.fiClient\DeviceInfo.xml
         13.6s C:\Users\Alexander\AppData\Local\Temp\clear.fiClient\computer.ico
         13.6s C:\Users\Alexander\AppData\Local\Temp\clear.fiClient\WindowsInfo.xml
         22.7s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\lockfile
         22.8s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\History
         22.8s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\History-journal
         22.8s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache\index
         22.8s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0
         22.8s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1
         22.8s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2
         22.8s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3
         23.2s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Visited Links
         23.8s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\GPUCache\index
         23.8s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_0
         23.8s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
         23.8s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_2
         23.8s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_3
         23.9s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal
         23.9s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal
         24.3s C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\15c377b52c570eddd08ff03206c2b680_e8f89e98-64bd-4c82-b19b-ca82b998cbe7
         24.4s C:\Windows\Temp\HamachiSetup.log
         25.3s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Current Session
         27.8s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cookies
         27.8s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cookies-journal
         28.2s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\QuotaManager-journal
         28.4s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Session Storage\032827.ldb
         29.5s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\e6622492fa163609ddd4212f54512baa07929ed3\2937dead-2699-4e01-a1c8-b09ceb1ba6de\fb2efbeeca60a958_0
         29.9s C:\Users\Alexander\AppData\Local\Steam\htmlcache\Cookies
         29.9s C:\Users\Alexander\AppData\Local\Steam\htmlcache\Cookies-journal
         30.0s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\e6622492fa163609ddd4212f54512baa07929ed3\2937dead-2699-4e01-a1c8-b09ceb1ba6de\e5edb5e0bb3f276c_0
         33.1s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Shortcuts-journal
         33.1s C:\Users\Alexander\AppData\Local\Temp\etilqs_jBOk1oFDqNvTa2O
         34.0s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000005
         34.6s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000006
         36.2s C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc\
         36.4s C:\ProgramData\Microsoft\Search\Data\Applications\Windows\tmp.edb
         38.0s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Top Sites-journal
         39.1s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pkedcjkdefgpdelpbcmbmeomcjbeemfm_0.localstorage
         39.1s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pkedcjkdefgpdelpbcmbmeomcjbeemfm_0.localstorage-journal
         39.5s C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows Media Player NSS\3.0\Icon Files\7A-79-19-7E-00-AE.png
         39.5s C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows Media Player NSS\3.0\Icon Files\wbTLmJv1d+4PAPCCYtanWAklydyNyjtxuqp2E+Gua1I.png
         41.5s C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\e78c13680006c28e.customDestinations-ms
         43.3s C:\Users\Alexander\AppData\Local\Steam\htmlcache\ChromeDWriteFontCache
         44.9s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000007
         44.9s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000008
         46.8s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Login Data-journal
         48.5s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\e6622492fa163609ddd4212f54512baa07929ed3\2937dead-2699-4e01-a1c8-b09ceb1ba6de\fb2efbeeca60a958_1
         48.5s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\e6622492fa163609ddd4212f54512baa07929ed3\2937dead-2699-4e01-a1c8-b09ceb1ba6de\e5edb5e0bb3f276c_1
         49.2s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000a
         49.9s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000c
         50.7s C:\Users\Alexander\AppData\Roaming\Microsoft\Windows\Cookies\container.dat
         51.7s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00000f
         51.9s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000010
         53.4s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000011
         53.5s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000012
         53.6s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000013
         53.8s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000014
         53.9s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000015
         54.1s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000016
         54.2s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000017
         54.5s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000018
         55.2s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000019
         55.2s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001a
         55.2s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001b
         55.3s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001c
         55.4s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001d
         56.1s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001e
         56.3s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00001f
         56.4s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000020
         57.1s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000022
         57.6s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000023
         57.8s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000024
         58.2s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage
         58.2s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.facebook.com_0.localstorage-journal
         58.2s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000025
         58.5s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000026
         58.9s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000027
         59.0s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000028
         59.2s C:\Users\Alexander\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal
         61.4s C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2E5KNKTS\
         61.4s C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1SAD1NI1\
         61.4s C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OUL17BJ0\
         61.4s C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\05XU3LCX\
         61.4s C:\Users\Alexander\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\container.dat
         62.4s C:\Windows\Prefetch\ADOBEARM.EXE-F9223367.pf
         62.4s C:\Windows\Prefetch\CSC.EXE-F8803EEA.pf

   C:\Users\Alexander\Desktop\FRST64.exe
      Size . . . . . . . : 2.407.424 bytes
      Age  . . . . . . . : 3.4 days (2016-10-20 16:29:31)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : D716445A0AECB02C49F5E33D9D8B0BC34AA0F0BAF4DFAFBD51ABFBC7C36A39B7
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.


Potential Unwanted Programs _________________________________________________

   HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}\ (FLV Player)
   HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}\ (FLV Player)
   HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}\ (FLV Player)
   HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}\ (FLV Player)
   HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}\ (FLV Player)
   HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}\ (FLV Player)
   HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}\ (CouponBar)
   HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}\ (CouponBar)
   HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}\ (CouponBar)
   HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}\ (CouponBar)
   HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}\ (CouponBar)
   HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}\ (CouponBar)
   HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}\ (CouponBar)
   HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}\ (Funmoods)
   HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}\ (Funmoods)
   HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}\ (Funmoods)
   HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}\ (Funmoods)
   HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}\ (AskBar)
   HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}\ (Funmoods)
   HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}\ (Funmoods)
   HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}\ (Funmoods)
   HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}\ (CouponBar)
   HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}\ (Funmoods)
   HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}\ (Funmoods)
   HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}\ (AskBar)
   HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}\ (CouponBar)
   HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}\ (Funmoods)
   HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}\ (Funmoods)
   HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}\ (Funmoods)
   HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}\ (Funmoods)
   HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}\ (AskBar)
   HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}\ (CouponBar)
   HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}\ (CouponBar)
   HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}\ (CouponBar)
   HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}\ (Babylon)
   HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}\ (Funmoods)
   HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}\ (Funmoods)
   HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}\ (CouponBar)
   HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}\ (CouponBar)
   HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}\ (Funmoods)
   HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}\ (Funmoods)
   HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1\ (CouponBar)
   HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl\ (CouponBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}\ (CouponBar)
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}\ (AskBar)
   HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Search\Default_Search_URL (Snap.do)
   HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Search\SearchAssistant (Snap.do)
   HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Search\Default_Search_URL (Snap.do)
   HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Search\SearchAssistant (Snap.do)
   HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\Software\IM\ (Sweetpacks)
   HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} (Claro)
   HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{98889811-442D-49DD-99D7-DC866BE87DBC} (Claro)
   HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration\{AE07101B-46D4-4A98-AF68-0333EA26E113} (FLV Player)
   HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}\ (AskBar)
   HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\SnapDo.exe (FLV Player)
   HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectNewTabPageShow (22Find)
   HKU\S-1-5-21-3003065676-2518410820-2162268670-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectShowTabsWelcome (22Find)

23.10.2016, 12:25	#10
M-K-D-B /// TB-Ausbilder	Seitenladefehler über bestimmten Zeitraum Gut gemacht. Fehlen nur noch die restlichen Schritte.

Seitenladefehler über bestimmten Zeitraum

Plagegeister aller Art und deren Bekämpfung: Seitenladefehler über bestimmten Zeitraum